Security News

How can we apply Pareto's principle to cloud security? Within your security activities, what is the key 20 percent that will produce 80 percent of your results when it comes to reducing risk? Exposed data was the most cited cloud security incident and the biggest overall concern of leaders in Cybersecurity Insider's 2019 Cloud Security Report.

In an interview at RSA 2020, Greg Young, the vice present of cybersecurity at Trend Micro, said that companies need to focus on cloud security posture management to make sure all cloud instances...

The increasing use of containers and orchestration tools, such as Kubernetes, are driving demand for new cloud security and application deployment processes, according to research from the Cloud Security Alliance presented Monday at the RSA 2020 conference in San Francisco. "As we have seen with the use of containers and micro-services and compliance, when you further segment things off, there's a functionality benefit from that," Yeoh tells Information Security Media Group.

As a leader in WAF and API security technology, F5 delivers application security with consistent policies and controls across hybrid- and multi-cloud environments. "Our security strategy is rooted in what customers are trying to accomplish-optimum app performance with maximized uptime, lower overall costs, and reduced losses due to fraud or abuse," said John Morgan, VP and GM of Security at F5. "Security remains a key area where we see conflict between increasing business velocity and implementing adequate protections. F5's application security solutions free developers to focus on the application business logic and customer experience while also providing world-class threat protection with policy and control consistency across on-prem and cloud environments."

Anitian, a leading cloud security and compliance automation provider, announced Documentation Automation, an enhancement to its Cloud Security Platform that automates documentation for the most stringent compliance standards. "The automation of security and compliance documentation represents a final frontier in automating a company's journey to the cloud," said Andrew Plato, Anitian Chairman and CEO. "What used to take 12 to 18 months and teams of people to complete can now be done in days, even hours, with Anitian's Vision Portal."

Google's reCAPTCHA Enterprise and Web Risk API get a general release; Chronicle Security gets boosts from new threat detection and timelining features. Google has made a number of security announcements at RSA 2020, including upgrades to its Chronicle Security platform and the general release of its reCAPTCHA Enterprise and Web Risk API tools.

On Wednesday, cybercriminals posted the information of more than 10 million MGM Hotel customers on a hacker forum, exposing their personal data to thousands of criminals nearly a year after the initial breach. In a statement to ZDNet, an MGM spokesperson said: "Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter." The hackers dumped the personal details-which include full names, home addresses, phone numbers, emails and dates of birth-for 10,683,188 former hotel guests, including Justin Beiber and Twitter CEO Jack Dorsey.

Perimeter 81, a leading Zero Trust network provider for enterprises and organizations, announced a new Secure Access Service Edge platform that combines its Network as a Service offering with advanced cloud security capabilities from SonicWall, a Francisco Partners portfolio company. Identified by Gartner as one of the most promising emerging technologies in enterprise networking, SASE is a cloud-native architecture model that supports dynamic secure access to organizational assets by combining multiple network technologies delivered as a service, including Secure Web Gateway, Cloud Access Security Broker, Firewall-as-a-Service and Zero Touch Network Access with WAN capabilities.

Cloud security company Netskope on Thursday announced that it has raised $340 million in a Series G funding round, valuing the firm at nearly $3 billion. "We'll use this investment to continue to execute on our plan to dominate the largest market in security and accelerate global security transformation by innovating our platform and network and product set, and advancing our efforts to make our sales, marketing and post-sale efforts industry best," Sanjay Beri, CEO and founder of Netskope, told SecurityWeek.

Threat Stack, the leader in cloud security and compliance for infrastructure and applications, announced a partnership with Tevora, a specialized management consultancy focused on cybersecurity, risk, and compliance services. The Threat Stack Cloud Security Platform extends security observability across the cloud management console, host, containers, and application layers to help customers understand the full picture of their cloud environment, quickly respond to incidents, and proactively reduce risk.