Blog

Without Security Visibility and Analysis, BlueKeep Keeps on Keeping On

Without Security Visibility and Analysis, BlueKeep Keeps on Keeping On

BlueKeep, a severe security vulnerability (CVE-2019-0708) that affects the Remote Desktop Protocol (RDP) service in Windows XP, Windows Vista, and other older Windows OS versions, is spreading rapidly, due in part to its ability to be remotely exploitable. While this has the structure of a classic attack, it’s also unique because its wicked efficiency essentially […]

Read More…

If You Can See It, You Can Secure It: Anomaly Detection in the Cloud

If You Can See It, You Can Secure It: Anomaly Detection in the Cloud

No matter what you sell to customers, you are in the data business. Data is used to help your people make better decisions, deliver better products and services, and maintain competitive advantages. The trove of data you’re sitting on includes all kinds of private information, including payment card details, employee records, health data, and various […]

Read More…

Visibility is Critical for Workload Threat Defense

Visibility is Critical for Workload Threat Defense

The dynamic nature of public cloud and hybrid environments expose applications to new forms of threats and cyber-attacks. Unfortunately, legacy security solutions are unequipped to handle these new threat vectors. Often, threats evade detection for extended periods of time. Longer threat detection cycles not only raises the organization’s risk profile, but it also impacts the bottom-line. […]

Read More…

Why Process-to-Process Visibility Is So Important

Why Process-to-Process Visibility Is So Important

One of the challenges in securing processes operating in cloud environments is the visibility limitations imposed either by the cloud service provider or the customer’s solution architecture. In the case of the cloud service provider, because the environment is shared by everyone who has access to that cloud service, including many thousands of their customers […]

Read More…

GOING TO RSA? HERE’S YOUR PRE-SHOW CHECKLIST FOR AWS SECURITY

First, develop a clear picture of what you have – and don’t have – for AWS security today. The NIST Cybersecurity Framework is a good way to think this through: Identify: Do you have a clear picture of what your organization has deployed on AWS? Do you know how many AWS Accounts are active at your […]

Read More…

Survey Highlights Top Four Trends in Cloud Security Adoption

  Lacework worked with Hurwitz and Associates to survey the market and learn about the current state of cloud security, challenges and learnings from early adopters of the cloud. The results (and Hurwitz’s expert analysis) paint a picture of an industry that’s rapidly moving beyond its initial growing pains – even if there are still […]

Read More…

Visibility: A Technical Chauffeur of Data, Part III

This is part 3 of 4 in a blog series on key trends in securing the public cloud. Gaining visibility into the operational data you need is often underestimated when organizations deploy to the public cloud. It’s not like you can simply deploy a layer 2 span port and see all traffic in a single […]

Read More…