Security News
CloudKnox Security, the leading permissions management platform for security and infrastructure operations, announced that the company has been granted patents related to the CloudKnox Cloud Security Platform. The second patent, "Method and system to detect discrepancy in infrastructure security configurations from translated security best practice configurations in heterogeneous environments," relates to the Anomaly Detection capability in the CloudKnox platform and leveraging activity-based authorization for security and compliance controls.
As most companies make the rapid shift to work-from-home to stem the spread of COVID-19, a significant percentage of IT and cloud professionals are concerned about maintaining the security of their cloud environments during the transition, according to a survey conducted by Fugue. Preventing cloud misconfiguration remains a significant challenge for cloud engineering and security teams.
With the acquisition, Zscaler will provide its customers industry-leading data protection coverage in the Zscaler Cloud Security Platform. "Cloudneeti augments Zscaler's data protection capabilities and will dramatically improve organizations' cloud security by discovering and eliminating some of the most common causes of data breaches and compliance violations," said Jay Chaudhry, Chairman and CEO of Zscaler.
So how do we explain the ever-increasing number of data breaches? According to Cloud Security Risks & How to Mitigate Them.Insufficient access management and account hijacking.
How can we apply Pareto's principle to cloud security? Within your security activities, what is the key 20 percent that will produce 80 percent of your results when it comes to reducing risk? Exposed data was the most cited cloud security incident and the biggest overall concern of leaders in Cybersecurity Insider's 2019 Cloud Security Report.
In an interview at RSA 2020, Greg Young, the vice present of cybersecurity at Trend Micro, said that companies need to focus on cloud security posture management to make sure all cloud instances...
The increasing use of containers and orchestration tools, such as Kubernetes, are driving demand for new cloud security and application deployment processes, according to research from the Cloud Security Alliance presented Monday at the RSA 2020 conference in San Francisco. "As we have seen with the use of containers and micro-services and compliance, when you further segment things off, there's a functionality benefit from that," Yeoh tells Information Security Media Group.
As a leader in WAF and API security technology, F5 delivers application security with consistent policies and controls across hybrid- and multi-cloud environments. "Our security strategy is rooted in what customers are trying to accomplish-optimum app performance with maximized uptime, lower overall costs, and reduced losses due to fraud or abuse," said John Morgan, VP and GM of Security at F5. "Security remains a key area where we see conflict between increasing business velocity and implementing adequate protections. F5's application security solutions free developers to focus on the application business logic and customer experience while also providing world-class threat protection with policy and control consistency across on-prem and cloud environments."
Anitian, a leading cloud security and compliance automation provider, announced Documentation Automation, an enhancement to its Cloud Security Platform that automates documentation for the most stringent compliance standards. "The automation of security and compliance documentation represents a final frontier in automating a company's journey to the cloud," said Andrew Plato, Anitian Chairman and CEO. "What used to take 12 to 18 months and teams of people to complete can now be done in days, even hours, with Anitian's Vision Portal."
Google's reCAPTCHA Enterprise and Web Risk API get a general release; Chronicle Security gets boosts from new threat detection and timelining features. Google has made a number of security announcements at RSA 2020, including upgrades to its Chronicle Security platform and the general release of its reCAPTCHA Enterprise and Web Risk API tools.