The New School of Security: Using the Cloud to Secure the Cloud

Legacy security was built on the premise of a moat; keep people and data away from the infrastructure, and they can’t attack it. Firewalls, intrusion detection systems, or intrusion prevention systems –  these tools delivered “network-centric” solutions and aimed to keep access at a safe distance. Originally, firewalls performed the task of preventing unwanted, and […]

Read More…

Facebook Exposes User Data Through Unprotected AWS S3 Buckets

Two repositories of unprotected Facebook user data sitting in Amazon S3 buckets have been discovered. More than 540 million files with personal data were exposed, potentially leaking hundreds of millions of records about users, including their names, passwords, comments, interests, and likes. The data sets had been uploaded to Amazon’s cloud system by two different […]

Read More…

File integrity monitoring Lacework

File Integrity Monitoring: Using Lacework’s SaaS Solution for SaaS Environments

One of the critical distinctions about Lacework is in our approach. While all security vendors talk about things like security posture and identification of threats, we have actually constructed a methodology that is tactically applied to finding issues, alerting on them, and preventing issues. We also realize that the best way to deliver security is […]

Read More…

Cloud Security This Week – March 29, 2019

New From Lacework Security Relevance Can’t Be Bought Surprisingly, some security vendors see the confusion in the problem and apply confusion to the solution. Palo Alto Networks has taken the approach that variety and inconsistency make for a compelling security story.  Avoiding Limitations of Traditional Approaches to Security To get a better understanding of the […]

Read More…

Ways to get cloud security wrong blog

There Are a Lot of Ways to Get Cloud Security Wrong

In a previous blog on new approaches to security, we looked at how traditional data center defenses were designed to protect a defined perimeter by monitoring and controlling data that moves in and out of the network environment. Defending the perimeter requires a layered defense strategy that typically includes routers, firewalls, antivirus protection, and access/ID […]

Read More…