Security News

IBM has announced a definitive agreement to acquire cloud cybersecurity posture management solutions provider Spanugo. Spanugo's technology allows organizations to demonstrate compliance in real time, while also helping them continuously improve their cloud security to ensure that attacks can be repelled.

FireEye, the intelligence-led security company, announced the availability of FireEye Cloudvisory, a control center for cloud security management across any security environment - private, public and hybrid. Fully integrated into the broader FireEye cloud security portfolio, Cloudvisory now offers customers instant deployment across their cloud infrastructures, and further capabilities in security analytics through FireEye Helix and advanced threat detection through FireEye Detection On Demand.

Cloud security company Ermetic emerged from stealth mode this week with a platform that automates detection and remediation of identity and access-based risks. The company's analytics-based platform, which is available immediately, is designed to automatically discover all identities in the cloud, and analyzes policies and permissions in an effort to identify and remediate access risks.

Companies are increasingly dealing with a slew of security and compliance issues across cloud services and containers - from AWS to Azure to Google Cloud. Infrastructure-as-Code security capabilities can help companies shift their cloud security "Left" to improve developer productivity, avoid misconfigurations and prevent policy violations.

Boston-based security analytics and automation solutions provider Rapid7 said on Tuesday that it has agreed to acquire DivvyCloud, a provider of security and compliance automation solutions for public cloud and container infrastructure. Rapid7 will pay roughly $145 million in cash and stock to acquire the company.

Cloud security company Accurics on Tuesday emerged from stealth mode with $5 million in funding and a free tool that allows organizations to quickly assess their risk posture. "Our goal in developing the Accurics platform was to protect the full cloud native stack throughout the DevOps lifecycle, from the moment it's defined in code and throughout the lifecycle of infrastructure being employed in production," said Piyush Sharrma, co-founder and CTO of Accurics, who previously served as head of engineering at Symantec.

CloudKnox Security, the leading permissions management platform for security and infrastructure operations, announced that the company has been granted patents related to the CloudKnox Cloud Security Platform. The second patent, "Method and system to detect discrepancy in infrastructure security configurations from translated security best practice configurations in heterogeneous environments," relates to the Anomaly Detection capability in the CloudKnox platform and leveraging activity-based authorization for security and compliance controls.

As most companies make the rapid shift to work-from-home to stem the spread of COVID-19, a significant percentage of IT and cloud professionals are concerned about maintaining the security of their cloud environments during the transition, according to a survey conducted by Fugue. Preventing cloud misconfiguration remains a significant challenge for cloud engineering and security teams.

With the acquisition, Zscaler will provide its customers industry-leading data protection coverage in the Zscaler Cloud Security Platform. "Cloudneeti augments Zscaler's data protection capabilities and will dramatically improve organizations' cloud security by discovering and eliminating some of the most common causes of data breaches and compliance violations," said Jay Chaudhry, Chairman and CEO of Zscaler.

So how do we explain the ever-increasing number of data breaches? According to Cloud Security Risks & How to Mitigate Them.Insufficient access management and account hijacking.