September 10, 2024 at 10:47AM Summary: Endpoint privilege management (EPM) is crucial for cybersecurity, aiming to reduce attack surfaces and insider threats. EPM offers pros like enhanced compliance and improved incident response, but also brings cons such as operational overhead and user productivity impact. The debate over granting administrative rights to end users persists, emphasizing … Read more
September 10, 2024 at 10:06AM Platform engineering’s success hinges on prioritizing operational and application security. Embracing a “security-first” approach minimizes toil, enhances efficiency, and limits the impact of potential attacks. Key strategies include implementing least privilege access, secure defaults in configuration management, integrating security into CI/CD pipelines, and adopting GitOps for enhanced version control and … Read more
August 22, 2024 at 05:43PM Qilin ransomware group deployed a custom stealer to harvest Google Chrome credentials, constituting a concerning shift in ransomware tactics. The attack involved gaining network access, 18 days of reconnaissance, credential theft via PowerShell script, event logs deletion, and ransomware deployment. Organizations are advised to prohibit browser secret storage, implement multi-factor … Read more
April 15, 2024 at 07:39AM Summary: Just-in-Time (JIT) privileged access minimizes privilege misuse by granting temporary access only when needed, reducing the attack surface and preventing privilege escalation. Implementing JIT provisioning with Safeguard and Active Roles enhances security by automating account activation, group management, and attribute synchronization. This approach mitigates security threats and strengthens privileged … Read more
February 20, 2024 at 09:01AM A new security advisory cautions Salesforce users with customized instances to be wary of common programming errors and misconfigurations. The advisory emphasizes the vulnerability of the Apex programming language, citing instances where leaked data and vulnerable sites were identified. Recommendations include avoiding certain configurations and conducting thorough security assessments of … Read more
February 7, 2024 at 10:27AM As remote work becomes more prevalent, organizations need to move away from traditional trust models and embrace a zero trust approach for secure access. This involves rigorous authentication for every user, device, and network component. Implementing the principle of least privilege and using multifactor authentication are recommended strategies to bolster … Read more
December 4, 2023 at 06:54AM During the end-of-year period, it’s crucial to review and adjust SaaS application user roles and permissions, ensuring only necessary access is retained, and offboarded users are removed. This process, including the right-sizing of permissions and elimination of dormant accounts, enhances security and saves on licensing fees. Using a SaaS Security … Read more
November 3, 2023 at 08:41AM Oracle now requires multifactor authentication (MFA) for all instances in its cloud environment, Oracle Cloud Infrastructure. New tenancies have MFA enabled by default for cloud administrators, and preexisting systems have a default policy to enforce MFA. Oracle provides tools for managing configuration and access control policies, including the ability to … Read more