Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2020

Dangerous Docs: Surge in Cloud-delivered Malicious Office Documents

The global pandemic caused an abrupt shift to remote work among enterprise knowledge workers, which in turn resulted in an increase in risky behavior. Attackers immediately tried to capitalize on the pandemic, with COVID-19-themed phishing emails, scams, and Trojans. At the same time, techniques used in more sophisticated cyberattacks continued to evolve.

Leaky Images: Accidental Exposure and Malware in Google Photos and Hangouts

Did you know that the default link sharing option in Google Photos allows anyone with the link to view the files and all images shared in Google Hangouts that are publicly accessible? In this edition of our leaky app series, we will cover how image link sharing in Google Hangouts and Google Photos can lead to the accidental public exposure of sensitive data. We will also look at the threat detection capabilities of Google Photos and Google Hangouts.

SASE and TLS 1.3, Part 1: What does it mean to "support" TLS 1.3?

TLS is the most important protocol for secure communication with web sites and cloud services. Any vendor with ambitions in the SASE (Secure Access Service Edge) market has to be able to proxy TLS at scale. That requires considerable sophistication in terms of designing the computing and networking infrastructure for a SASE “security cloud,” but it also requires attention to the details of TLS itself.

Forging Better Security Outcomes with Integrated Threat Intelligence

For most companies, security and IT systems are growing in complexity, breadth of scope, and coverage, which consumes budget and staff time. The rapid breakdown of the traditional perimeter in this “new normal” world increases the challenges IT teams and remote users face on a daily basis.

Risky Business: How COVID-19 changed user behavior

The COVID-19 pandemic caused an abrupt change — a sudden and lasting shift to remote work for the majority of knowledge workers. The number of people working remotely more than doubled in the span of a few weeks. Among the many challenges that security organizations faced during this transition was a change in user behavior.

Leaving Bastion Hosts Behind Part 3: Azure

This post is the third in a series about alternatives to bastion hosts in each of the major cloud providers. The first post covered an introduction to bastion hosts, the SSH multiplexing attack, some disadvantages to managing your own bastions, and an alternative solution in GCP. The second post covered the Session Manager service provided by AWS.

Why Network Peering & Interconnections Matter

In previous blogs on the Netskope NewEdge network, we’ve discussed concepts including Secure Access Service Edge (SASE) architecture and why counting data centers alone is meaningless when trying to understand cloud service coverage. Now that we’ve laid the foundation it seems like a good time to get into what’s needed in terms of architecting the actual network and the connections required.

Migrating from On-prem Proxies to the Cloud

Recently, a Fortune 500 customer asked us to migrate 5 million lines of URL policies into our cloud solution. This configuration included frequently used websites like Office.com, Linkedin.com, and Box.com as well as hundreds of other URLs and domains that were no longer reachable or registered anymore. Our first question to the customer was, “Help us understand why you would want to do that?”, in the context of migrating their entire configuration.