Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Application Security Report: Q2 2023

Cloudflare has a unique vantage point on the Internet. From this position, we are able to see, explore, and identify trends that would otherwise go unnoticed. In this report we are doing just that and sharing our insights into Internet-wide application security trends. This report is the third edition of our Application Security Report. The first one was published in March 2022, with the second published earlier this year in March, and this is the first to be published on a quarterly basis.

Three Ways to Enhance Your Cloud Security with External Attack Surface Management

The IT future is a cloudy one. Organizations are increasingly relying on cloud servers, as today’s IT environments use a combination of public and private clouds alongside on-premise infrastructure. Gartner® estimates that by 2026, 75% of organizations will adopt a digital transformation model predicated on the cloud as the fundamental underlying platform.

Spending, Security, and Expertise Are the Top 3 Cloud Challenges - But They Don't Have to Be Yours

Cloud computing has become ubiquitous in modern business, enabling organizations to store and access data and applications from anywhere. However, as the use of cloud services continues growing, so do the challenges that come with it. According to the 2023 Flexera State of the Cloud Report, security, spending, and expertise are among the top concerns for organizations leveraging cloud services.

Securing your Cloud Infrastructure with AWS

In the first instalment of "Tines, securing your cloud infrastructure" we look at two stories designed to save money and resources and close potential security gaps in your AWS environment. Our first story monitors AWS IAM access keys and automatically deactivates any that are older than 30 days. Our second story looks at automatically stopping and starting EC2 instances that may have been spun up for testing purposes.

4 Business Advantages of the Cloud for Financial Services

Financial institutions, banks, accounting firms, credit unions, and hedge funds may struggle to stay compliant and protect themselves from cyberattacks’ rising frequency. While data security may be top of mind for financial organization teams, they can gain peace of mind and set themselves up for long-term growth by partnering with a managed cloud services provider.

5-Step Guide on Securing Serverless Architectures in the Cloud with RASP

Serverless architecture has increased in recent years, and is anticipated to grow by nearly 25% over the next decade, According to one source, the serverless architecture market was worth over $9 billion in 2022, with its compound annual growth rate projected to increase. The market could be worth over $90 billion by 2032. This indicates the immense amount of potential that this industry carries, influenced by the increasing adoption of DevOps by organizations.

Changes to Datadog Cloud Security Management

In order to better meet organizations’ specific requirements for securing their environments, we are making changes to our Cloud Security Management product. On August 1, Datadog introduced new offerings in Cloud Security Management: CSM Pro and CSM Enterprise. Alongside Datadog Cloud Workload Security, these distinct packages provide customers with security capabilities tailored to their particular use cases and needs.

Securing your cloud networks: Strategies for a resilient infrastructure

What exactly is resilience? According to the U.S. National Institute of Standards and Technology, the goal of cyber resilience is to “enable mission or business objectives that depend on cyber resources to be achieved in a contested cyber environment.” In other words, when you’re at odds with cybercriminals and nation-state actors, can you still get your job done? If not, how quickly can you get back up and running?

How to revoke access for unwanted guests in Azure Active Directory

Do your house guests still have access to your home after they’ve left, or overstayed their welcome? No, right? You would throw them out or take the keys back because they no longer require access. Guests in Azure are like house guests. Once they no longer need access, it's then time to take back the key so they no longer have access to the company's data and connected apps. Yet many organizations are inadvertently leaving themselves at risk of supply chain attacks.

Introducing Cloudflare's 2023 phishing threats report

After shutting down a ‘phishing-as-a-service’ operation that impacted thousands of victims in 43 countries, INTERPOL recently noted, “Cyberattacks such as phishing may be borderless and virtual in nature, but their impact on victims is real and devastating.” Business email compromise (BEC), a type of malware-less attack that tricks recipients into transferring funds — for example — has cost victims worldwide more than $50 billion, according to the FBI.