Security News

You need to recognize the most critical cloud security challenges and develop a strategy for minimizing these risks. With that in mind, let's dive into the five most pressing cloud security challenges faced by modern organizations.

The latest release includes considerable security improvements to their Cloud PAM application, bolstering one of the only solutions to converge Identity Governance, Application Governance-Risk Management-and Compliance, and Privileged Access Management into a unified Identity Platform built for the cloud. The latest release of Saviynt's Cloud PAM provides improved governance, analytics, and access to privileged assets across enterprise applications and platforms including Google Cloud Platform.

Trend Micro has demonstrated the strength of its collaboration with AWS since 2012 with a deep understanding of customer use cases and by integrating with leading AWS security services at launch. Most recently, Trend Micro Cloud One offerings have been natively integrated with AWS Control Tower and AWS Systems Manager Distributor.

SecurityWeek will host its 2020 Cloud Security Summit virtual event on Thursday, August 13, 2020. Through a fully immersive virtual environment, attendees will be able to interact with leading solution providers and other end users tasked with securing various cloud environments and services.

SecurityWeek will host its 2020 Cloud Security Summit virtual eventon Thursday, August 13, 2020.

There are unrealized gaps between the rate of implementation or operation and the effective use of cloud security access brokers within the enterprise, according to a global Cloud Security Alliance survey of more than 200 IT and security professionals from a variety of organization sizes and locations. "CASB solutions have been underutilized on all the pillars but in particular on the compliance, data security, and threat protection capabilities within the service," said Hillary Baron, lead author and research analyst, Cloud Security Alliance.

The public cloud provides great flexibility and cost management for organizations, but what about security?

Capital One must pay a trivial $80m fine for its shoddy public cloud security - yes, the US banking giant that was hacked last year by a miscreant who stole personal information on 106 million credit-card applicants in America and Canada. "The OCC took these actions based on the bank's failure to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank's failure to correct the deficiencies in a timely manner," the watchdog said in a statement on Thursday.

Extending the observability provided by the Threat Stack Cloud Security Platform to AWS Fargate tasks can help Threat Stack customers detect threats and maintain compliance across all areas of their cloud infrastructure. The Threat Stack Cloud Security Platform collects and correlates security telemetry from the cloud management console, host, containers, orchestration, managed container services and applications, giving Threat Stack customers a view into their entire cloud environment.

It's no secret misconfiguration is now the cloud's biggest security worry, although tying IaC to specific cloud security incidents is much harder to assess - misconfiguration can happen via any interface and not only IaC. One way to grasp the scale of the issue is to infer the answer by looking at the IaC templates on public repositories such as GitHub - an approach used by Palo Alto's Unit 42 earlier this year when it uncovered 199,000 insecure templates, including many high and medium-level flaws that would lead to serious misconfigurations. "Misconfigured cloud resources are likely the main root cause for unintended exposure of sensitive data for cloud native companies. Misconfigured public interfaces, exposed secrets, and encrypted databases are just a few very common examples where companies have made bad calls when configuring their cloud infrastructure."