Amazon FSx for Windows File Server is a fully managed file storage service built on Windows Server. Migrating on-premise Windows file systems to a managed service like FSx enables organizations to reduce operational overhead and take advantage of the flexibility and scalability of the cloud. But having visibility into file access activity across their environment is key for security and compliance requirements, particularly in sectors such as financial services and healthcare.

It’s time to update the list of security incidents caused by misconfiguration of cloud storage resources since the last couple of weeks have unfortunately been quite prolific. The shared responsibility model continues to be overlooked, or simply misunderstood by too many organizations, and as a consequence tons of sensitive data is leaked from the cloud on a daily basis, putting thousands of individuals (and dozens of municipalities) at risk of fraud, identity theft, and phishing campaigns.

People love to talk about zero trust right now, for a number of reasons. It has the word “zero” in there, which has some history in the information security world (e.g., zero-day vulnerabilities). It’s also a simple and eye-catching phrase, so it fits well into product marketing exercises.

Major sporting events, like the World Cup or the Olympics, are usually targets of cybercriminals that take advantage of the event’s popularity. During the 2018 World Cup, for example, an infected document disguised as a “game prediction” delivered malware that stole sensitive data from its victims, including keystrokes and screenshots.

In any case, by using the MITRE ATT&CK framework to model and implement your cloud IaaS security, you will have a head start on any compliance standard since it guides your cybersecurity and risk teams to follow the best security practices. As it does for all platforms and environments, MITRE came up with an IaaS Matrix to map the specific Tactics, Techniques, and Procedures (TTPs) that advanced threat actors could possibly use in their attacks on Cloud environments.

Cloud compliance is more important than ever, especially as businesses and organizations continue to engage in remote and digital work practices due to COVID-19. Even before the pandemic, more and more companies were migrating to the cloud. But what exactly is cloud compliance, and what are some best practices you should keep in mind if you’re shopping for a provider or looking to enhance your current computing system?

The following is an excerpt from Netskope’s recent white paper How to Design a Cloud Data Protection Strategy written by James Christiansen and David Fairman.

Hybrid clouds are an elegant and adaptable technology solution for combining public and private cloud storage with more traditional IT infrastructure. While the hybrid cloud model provides a number of benefits, it requires a different security approach than private data storage options. Keep reading to learn more about the pros and cons of hybrid cloud computing, as well as the best security measures for protecting the data stored there.

Google Forms is one of the preferred tools used by cybercriminals to quickly set up and deliver phishing pages. We have seen examples of Google Forms pages mimicking Microsoft Office 365 logins (one of the preferred imitated applications), financial institutions like American Express, and in general any applications. Despite the naïve layout, the tool is flexible enough to build an (un)realistic login page with few clicks.

TModern data protection has five key drivers, all of which an organization must seek to understand. These drivers equally apply to cloud and non-cloud related data and should form the basis of any robust data protection strategy.

In the first part of this blog series, we explored deploying Amazon EKS with Terraform, and looked at how to secure the initial RBAC implementation along with securing the Instance Metadata Service. In this second post, we’ll look at more best practices to harden Amazon EKS security, including the importance of dedicated continuous delivery IAM roles, multi-account architecture for Amazon EKS cluster isolation, and how to encrypt your secrets in the control plane.

The July 2021 Netskope Cloud and Threat Report is the latest installment of our research analyzing critical trends in enterprise cloud use, cloud-enabled threats, and cloud data transfers.  Enterprise cloud usage continues to rise, driven by collaboration and consumer apps, a continuation of a trend that started at the beginning of the COVID-19 pandemic and continues through today, as 70% of users on the Netskope Security Cloud continue to work remotely.  At the same time, attackers continu

As the only cloud-native logging and security analytics platform that enables organizations to take full advantage of all of their data to run and secure their business, Devo is committed to working with other leading security technology providers to bring advanced capabilities to our customers. That’s why we’re pleased to announce an integration with Google Cloud IDS.

There are many important factors to consider when choosing a cloud provider for your cloud use cases. For organizations in heavily regulated industries, compliance with relevant regulations is one of the most important things to think about. Whether you’re planning for a single cloud workload or a hybrid multi-cloud setup, maintaining compliance for sensitive data in the cloud is imperative.

Netskope recently announced that we have closed a new round of financing of 300 million dollars, which was led by ICONIQ Capital and a group of existing investors, including Base Partners, a technology-focused expansion capital investment firm based in São Paulo, Brazil. Following this over-subscribed round of funding, Netskope achieves a post-payment valuation of $ 7.5 billion.

Hancitor continues to exploit fake DocuSign emails to lure new victims. Researchers from Cofense have discovered yet another campaign distributing it, and apparently, that’s not the only one.

2020 was a tough year. As security leaders, we faced new challenges in protecting applications and users who were shifting rapidly off-premises and into the cloud, and our security teams’ workloads grew at an unprecedented rate. In 2021 and 2022, CISOs need to prioritize ensuring that we’re focused on the right things.

Over the last year and a half, we all went through the monumental disruption of having just about everyone work from remote locations. We strained VPN infrastructure and out of necessity split tunnels became the norm, not the exception. Even if it meant the users were a bit more exposed, you really had no choice, as Zoom/Webex/Teams meetings can eat up bandwidth like nobody’s business. But now the users are starting to come back into the office, what’s the big deal?

Over the last year, we’ve published a number of blogs talking about NewEdge, the network or infrastructure upon which we deliver the Netskope Security Cloud services, and comparing it to other approaches cloud security vendors have taken.

There are multitudes of advantages that the cloud has to offer to companies. These include making the task of security management more accessible. However, there are still many gray areas associated with the cloud and its implications for an organization’s overall security.

Governance, risk, and compliance (GRC) are major inhibitors for organizations moving to the cloud—and for good reason. Cloud environments are complex, and even a single misconfigured security group can result in a serious data breach. In fact, misconfigurations were the leading cause of cloud security breaches in 2020. This puts a lot of pressure on developer and operations teams to properly secure their services and maintain regulatory compliance.

In my previous post, I discussed cloud-computing security challenges identified in our new report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits. Based on a survey conducted by Enterprise Strategy Group (ESG), the report found that while cloud computing does initially introduce security challenges and increased complexity, it’s worth it in the end. That said, CISOs need to strategically invest time and resources to achieve better security outcomes.

IndigoZebra is a Chinese state-sponsored actor mentioned for the first time by Kaspersky in its APT Trends report Q2 2017, targeting, at the time of its discovery, former Soviet Republics with multiple malware strains including Meterpreter, Poison Ivy, xDown, and a previously unknown backdoor called “xCaon.” Now, security researchers from Check Point have discovered a new campaign by Indigo Zebra, targeting the Afghan National Security Council via a new version of the xCaon backdoor, dubbed

Protecting the data of an organization is a complex task. Data is the crown jewel of any organization which the adversaries continuously seek to get their hands on. Data is threatened both by external attackers and internal threats. Sometimes the threats are malicious, and in many cases, they are accidental. Both these cases have to be addressed by modern enterprise security departments.

Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them against data loss and/or downtime, as an issue in one environment won’t necessarily spill over into another.

Misconfigurations in infrastructure as code (IaC) can be just as dangerous as vulnerabilities in code. Small mistakes in configuration can lead to the sensitive data being readable on the internet, or private endpoints and dashboard accessible to the anonymous users and abused as the initial point of compromise. Recent security research findings indicate the rise in malware targeting the Kubernetes platform which showcases the need for secure configuration.

CloudCasa is a simple, scalable, and inexpensive cloud backup service for protecting your Kubernetes and cloud native applications. We worry about protecting your Kubernetes environment so that you don’t have to! Since the introduction of CloudCasa in November of last year, we’ve been making improvements and adding new features at a steady rate. The CloudCasa team has been very busy this spring, and we’re now pleased to announce yet another major release of new service features!

The REvil ransomware (a.k.a Sodinokibi) is a threat group that operates in the RaaS (Ransomware-as-a-Service) model, where the infrastructure and the malware are supplied to affiliates, who use the malware to infect target organizations. On July 2, the REvil threat group launched a supply chain ransomware attack using an exploit in Kaseya’s VSA remote management software. REvil claims to have infected more than one million individual devices around the world.

2020 saw a number of things that rose more than 1500%: Let’s focus on the latter. According to a new threat intelligence report from Nuspire, and their threat intelligence partner Recorded Future, in Q1 2021, “there was a 1,916% increase in attacks against Fortinet’s SSL-VPN and a 1,527% increase in Pulse Connect Secure VPN. These vulnerabilities allow a threat actor to gain access to a network. Once they are in, they can exfiltrate information and deploy ransomware.”

Google recently released the new Cloud Security Foundations Guide. We’re going to take apart Google’s guide and show you what’s worth looking into. First, an introduction. “This comprehensive guide helps you build security into your Google Cloud deployments.” – Google What’s going on: Google Cloud Services are out there, being deployed in the wild, untamed. This guide is Google’s self-proclaimed “opinionated” view on keeping them safe.

The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the seventh, and final, in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture.

Cybersecurity has a bad rap for getting in the way of business. Many CIOs & CISOs dedicate a lot of time to minimizing security solutions’ performance drag on their network traffic while ensuring that the solutions continue to do their job keeping the network secure. The move to the cloud exacerbates this challenge.