Security News

Boston-based security analytics and automation solutions provider Rapid7 said on Tuesday that it has agreed to acquire DivvyCloud, a provider of security and compliance automation solutions for public cloud and container infrastructure. Rapid7 will pay roughly $145 million in cash and stock to acquire the company.

Cloud security company Accurics on Tuesday emerged from stealth mode with $5 million in funding and a free tool that allows organizations to quickly assess their risk posture. "Our goal in developing the Accurics platform was to protect the full cloud native stack throughout the DevOps lifecycle, from the moment it's defined in code and throughout the lifecycle of infrastructure being employed in production," said Piyush Sharrma, co-founder and CTO of Accurics, who previously served as head of engineering at Symantec.

CloudKnox Security, the leading permissions management platform for security and infrastructure operations, announced that the company has been granted patents related to the CloudKnox Cloud Security Platform. The second patent, "Method and system to detect discrepancy in infrastructure security configurations from translated security best practice configurations in heterogeneous environments," relates to the Anomaly Detection capability in the CloudKnox platform and leveraging activity-based authorization for security and compliance controls.

As most companies make the rapid shift to work-from-home to stem the spread of COVID-19, a significant percentage of IT and cloud professionals are concerned about maintaining the security of their cloud environments during the transition, according to a survey conducted by Fugue. Preventing cloud misconfiguration remains a significant challenge for cloud engineering and security teams.

With the acquisition, Zscaler will provide its customers industry-leading data protection coverage in the Zscaler Cloud Security Platform. "Cloudneeti augments Zscaler's data protection capabilities and will dramatically improve organizations' cloud security by discovering and eliminating some of the most common causes of data breaches and compliance violations," said Jay Chaudhry, Chairman and CEO of Zscaler.

So how do we explain the ever-increasing number of data breaches? According to Cloud Security Risks & How to Mitigate Them.Insufficient access management and account hijacking.

How can we apply Pareto's principle to cloud security? Within your security activities, what is the key 20 percent that will produce 80 percent of your results when it comes to reducing risk? Exposed data was the most cited cloud security incident and the biggest overall concern of leaders in Cybersecurity Insider's 2019 Cloud Security Report.

In an interview at RSA 2020, Greg Young, the vice present of cybersecurity at Trend Micro, said that companies need to focus on cloud security posture management to make sure all cloud instances...

The increasing use of containers and orchestration tools, such as Kubernetes, are driving demand for new cloud security and application deployment processes, according to research from the Cloud Security Alliance presented Monday at the RSA 2020 conference in San Francisco. "As we have seen with the use of containers and micro-services and compliance, when you further segment things off, there's a functionality benefit from that," Yeoh tells Information Security Media Group.

As a leader in WAF and API security technology, F5 delivers application security with consistent policies and controls across hybrid- and multi-cloud environments. "Our security strategy is rooted in what customers are trying to accomplish-optimum app performance with maximized uptime, lower overall costs, and reduced losses due to fraud or abuse," said John Morgan, VP and GM of Security at F5. "Security remains a key area where we see conflict between increasing business velocity and implementing adequate protections. F5's application security solutions free developers to focus on the application business logic and customer experience while also providing world-class threat protection with policy and control consistency across on-prem and cloud environments."