Blog

Misconfigured Servers Leave 2.3 Billion Private Files Exposed

OVERVIEW A report filed over the weekend detailed research that discovered more than 2 billion files exposed online from a variety of sources, including cloud servers, network-based storage, and company-owned date repositories. The discovery includes a massive trove of credit card information, medical records, private photographs, and details of intellectual property patents. While not all […]

Read More…

Automation Enables Security for DevOps and Run-Time

DevOps teams are driven by a constant need to develop, integrate, push, and innovate. IT consumerization is now essential for organizations who want to respond quickly to market demands, and it’s increasingly a critical element of competitive differentiation and market viability. It’s because of this that DevOps teams are adopting modern aspects of development, including […]

Read More…

4 Ways Lacework Detects Confluence Attacks

Last week we blogged about attacks exploiting a Confluence vulnerability (CVE-2019-3396). You may be wondering how Lacework detects these attacks? In this blog, we answer that question! If you recall, CVE-2019-3396 is an unauthenticated remote code execution (RCE) vulnerability. It’s exploited with a specially crafted HTTP POST request to a vulnerable Confluence Server. In the […]

Read More…

The Benefits of a Host-Based IDS for Cloud Environments

There are significant benefits to using a Host-Based Intrusion Detection System (HIDS) to monitor system activities in cloud environments. Traditionally, most organizations struggled to choose between deploying a Host Based Intrusion Detection System (HIDS) and a Network Based Intrusion Detection System (NIDS). Each of these intrusion detection systems provided strengths and weaknesses. However, today’s cloud-based […]

Read More…