Blog

If You Can See It, You Can Secure It: Anomaly Detection in the Cloud

No matter what you sell to customers, you are in the data business. Data is used to help your people make better decisions, deliver better products and services, and maintain competitive advantages. The trove of data you’re sitting on includes all kinds of private information, including payment card details, employee records, health data, and various […]

Read More…

An Unauthenticated RCE Gold Rush: A Look at Attacks Exploiting Confluence CVE-2019-3396

The recent Confluence vulnerability (CVE-2019-3396) created a gold rush for threat actors. Attackers are exploiting it for cryptojacking, DDoS attacks, and ransomware. We observed some of these attacks in the wild and via our honeypots. In this blog we will share interesting details from the attacks. CVE-2019-3396 On March 20th, 2019 the vulnerability was announced […]

Read More…

Effective Compliance Requires a Security-First Approach

In the cloud, compliance and security are highly reliant upon one another, and they share a common goal: responsibility for keeping an organization’s data, users, resources, and intellectual property safe and usable. While some organizations see these two as separate activities, smart enterprises recognize how effective compliance and security are tightly connected. The key, however, […]

Read More…

Visibility is Critical for Workload Threat Defense

The dynamic nature of public cloud and hybrid environments expose applications to new forms of threats and cyber-attacks. Unfortunately, legacy security solutions are unequipped to handle these new threat vectors. Often, threats evade detection for extended periods of time. Longer threat detection cycles not only raises the organization’s risk profile, but it also impacts the bottom-line. […]

Read More…

Why Container Security Isn’t Enough

How is it cloud container security is not ensuring data integrity or preventing data compromise?  What is Container Security? Container security has familiar controls such as: Access to build/update container software, code, deployment. Operating system security including patches and operating systems. Container labels (see table below for container definitions) which ensure services and replication across […]

Read More…

Citrix’ Undetected Hackers Are Why You Need Anomaly Detection

It’s been reported that Citrix’ internal networks were attacked for six months before the breach was discovered. Citrix officials stated that the hackers “removed files from our systems, which may have included files containing information about our current and former employees and, in limited cases, information about beneficiaries and/or dependents.” Apparently, that information may have […]

Read More…

80 Million Personal Records Discovered on Open Microsoft Database

An open database with private information on 80 million American families was discovered on a Microsoft cloud server. It is not known what company owned the 24GB worth of data that was exposed, but researchers are tracking down that information. The magnitude of the breach is huge, representing more than half the total number of […]

Read More…