Why I’m Excited About the Future of Application Security

October 21, 2024 at 10:04AM The text discusses advancements in application security, emphasizing the proactive approach of Application Detection and Response (ADR). It highlights how ADR enhances real-time visibility, enabling quicker identification of vulnerabilities and better integration of security with development teams. This shift is crucial for addressing evolving threats in complex environments. **Meeting Takeaways … Read more

New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining

August 15, 2024 at 01:57AM Cybersecurity researchers have identified a new variant of the Gafgyt botnet that targets devices with weak SSH passwords, employing their GPU computational power to mine cryptocurrency. This variant specifically aims at cloud native environments, expanding its scale by exploiting poorly secured servers and propagating the malware. The botnet employs the … Read more

Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud

August 6, 2024 at 08:48PM RAD Security aims to address cloud-native platform challenges by citing statistics and offering a behavioral cloud detection and response solution. The company’s “behavioral workload fingerprinting” approach detects anomalous activity and drift events, and it is being positioned as the standard for cloud security detection and response. As a Black Hat … Read more

Ctera Raises $80 Million From PSG Equity

July 18, 2024 at 09:03AM Ctera, a hybrid cloud data management provider, secures $80 million in funding from private investor PSG Equity, bringing total funding to over $100 million. The New York-based firm, founded in 2008, offers a cloud-native global file system for data services, with a focus on hybrid cloud file storage. The company … Read more

Checkmarx Application Security Posture Management and Cloud Insights Offer Enterprises Code-to-Cloud Visibility

June 11, 2024 at 05:39PM Checkmarx, a leading cloud-native application security provider, has launched Checkmarx Application Security Posture Management (ASPM) and Cloud Insights to offer unparalleled visibility into organizations’ application security posture from code to cloud. These new solutions empower enterprises to reduce application and business risk and prioritize remediation efforts effectively. For more information, … Read more

The Fundamentals of Cloud Security Stress Testing

May 8, 2024 at 07:06AM John Lambert from Microsoft defines the different mindsets of defenders and attackers in IT systems. Defenders focus on listing and eliminating security gaps, while attackers aim to breach by targeting the weakest link. Embracing the attacker’s perspective through penetration testing is crucial, especially in cloud environments. The article also highlights … Read more

5 Hard Truths About the State of Cloud Security 2024

April 23, 2024 at 05:07PM Cloud security has progressed but still has a long way to go, with breaches costing organizations heavily. John Kindervag, a zero trust security proponent, emphasizes that simply moving to the cloud doesn’t make organizations more secure. Meanwhile, native security controls are hard to manage, and identity alone won’t save the … Read more

Wiz Acquires Gem Security to Expand Cloud Detection and Response Offering

April 10, 2024 at 05:15PM Wiz has acquired New York-based startup Gem Security for $10 billion. This aims to enhance Wiz’s Cloud Detection and Response (CDR) capabilities and consolidate its Cloud Native Application Protection Platform (CNAPP). The deal sees Gem’s technology and employees joining Wiz, positioning Wiz as the world’s leading cloud security platform with … Read more

Reconsider Your CNAPP Strategy Using These 5 Scenarios

April 5, 2024 at 08:04AM Multicloud security presents complex challenges, demanding correlation of numerous daily security alerts across platforms. Prioritizing native solutions like cloud-native application protection platforms (CNAPPs), enables seamless integration and robust protection for cloud workloads. CNAPPs offer solutions for monitoring, detecting threats, scalable coverage, integrating with pipelines, and maintaining access-related risks, making them … Read more

How Pentesting-as-a-Service can Reduce Overall Security Costs

March 28, 2024 at 11:47AM Traditional penetration testing, while important, can lead to hidden costs and inefficiencies. Penetration Testing as a Service (PTaaS) offers continuous monitoring, real-time testing, and enhanced collaboration. It provides more significant ROI and reduces the total costs of security. Outpost24’s PTaaS solution is a robust alternative to traditional pen testing, better … Read more