ZTNA vs VPN: Secure Remote Work & Access – SASE Part 2

ZTNA vs VPN: Secure Remote Work & Access – SASE Part 2

ZTNA vs. VPN While VPNs served their purpose in a strictly on-prem world, the accelerated migration to the cloud has revealed its limitations and new technologies are being ushered in. Amongst those, ZTNA is largely considered the evolution of VPN remote access due to several factors: Reducing the attack surfaceVPNs extend the network fabric across multiple differently located sites, which now includes notoriously insecure home offices. This expands the organization’s attack surface by connecting secure…

Read More

4 Cybersecurity Budget Management Tips

4 Cybersecurity Budget Management Tips

It’s never an ‘easy’ day for cybersecurity teams. On one hand, they’re facing the potential concerns related to an economic downturn, especially tech start-ups. And on the other hand, organizations of every size are experiencing a significant cybersecurity skills gap paired with budget cuts despite the fact that there’s more malicious cyber activity than ever, including state-sponsored attacks on US businesses. The good news is that history shows that cybersecurity teams are very unlikely to…

Read More

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets Cloud While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows. By: David Fiser, Alfredo Oliveira August 17, 2022 Read time:  ( words) The use of environment variables is a common practice in the DevOps community as it provides easy access to configuration properties. It comes in handy…

Read More

Protecting S3 from Malware: The Cold Hard Truth

Protecting S3 from Malware: The Cold Hard Truth

Cloud object storage is a core component of any modern application. When files move through your applications, it’s critical to protect your systems and users from malicious files. Trend Micro has provided cloud-native, scalable file protection for our customers since 2020. We’re now starting to see other vendors try to catch up by bringing similar capabilities to the market, but frankly I’m underwhelmed with their offerings. I love the cloud security space because there is…

Read More

What Exposed OPA Servers Can Tell You About Your Applications

What Exposed OPA Servers Can Tell You About Your Applications

With the proper request or token, an attacker could obtain even more information about these services and look for vulnerabilities or other entry points to get into an organization’s systems. We highly recommend that companies currently leveraging OPA as their policy-as-code solution to ensure that they are not unwittingly exposing their APIs and policies online. In certain cases, companies could be using OPA without them realizing it; multiple providers for Kubernetes-managed services rely on OPA for…

Read More

Cyber Insurance Coverage Checklist: 5 Security Items

Cyber Insurance Coverage Checklist: 5 Security Items

Carriers who require EDR as a security control should accept XDR as a solution. And with the main objective being to improve security maturity, organizations should be looking to enhance detection and response capabilities beyond EDR with XDR. XDR is simply an extension of EDR. Whereas EDR only detects at the endpoint level, XDR can collect and correlate threat activity data across endpoints plus servers, cloud, networks, and email. Done well, XDR can help to…

Read More

Improve Threat Detection & Response with OCSF

Improve Threat Detection & Response with OCSF

Trend Micro has always been a team player. Over the past three decades and more, we’ve worked closely with law enforcement, industry solution providers, academics and others to strengthen our collective hand against a common adversary. Yet while we’ve been breaking down barriers through this collaborative approach, the cybersecurity industry sometimes unwittingly puts more up. That’s why we’re thrilled to join a new open source initiative designed to make it easier for organizations to detect…

Read More

A Secure Access Service Edge (SASE ) Guide for Leaders

A Secure Access Service Edge (SASE ) Guide for Leaders

Why SASE? What started out as a temporary business solution to the pandemic is here to stay. ESG’s 2021 SASE Trends report found that 62% of respondents will work remotely or in a hybrid manner. To support this “new normal,” enterprises have adopted the cloud in staggering numbers—98% of respondents stated they use public cloud services. Now, CISOs and security leaders are tasked with securing a growing attack surface in complex, distributed network environments. Users…

Read More

Facebook’s Metaverse is Expanding the Attack Surface

Facebook’s Metaverse is Expanding the Attack Surface

Thirty years ago, Paramount trademarked the name “Holodeck.” An artifact of Star Trek: The Next Generation, the holodeck was a magical, computer-generated world where characters lived in another realm – either a historical place or an entirely fictious domain, based on old movies, books, or a character’s imagination. As in much science fiction, the holodeck’s inner workings were never explained, except when dealing with a malfunction: the safety protocols stopped working, an alien took over the…

Read More

Cyber Insurance Market 2022: FAQs & Updates with iBynd

Cyber Insurance Market 2022: FAQs & Updates with iBynd

Q: What are the most important cyber insurance policy coverages for businesses? Notification and expense coverageAfter customer data is compromised, there are state-regulated notification requirements an organization must follow. Cyber insurance companies help navigate and handle the notifications and expenses associated with them such as hiring a forensics expert to identify the cause of the breach, monitoring the affected individuals’ credit score, and paying costs to restore stolen identities. Business interruptionRemember when Kaseya, a US…

Read More
1 8 9 10 11 12 18