Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This blog will explain how Falco’s Cloudtrail plugin rules can be aligned with MITRE ATT&CK Framework for Cloud. One important note is that the team at MITRE has developed several different matrices to address the unique risk associated with adversaries in the cloud, in containerized workloads as well as on mobile devices.

Multi-tenancy can maximize the number of resources that are utilized in a cluster by sharing these resources between different groups, teams, or customers. However, boundaries must be placed to avoid problems associated with resource-sharing. On top of that, in a multi-tenant cluster, the number of security policies might gradually grow to the point where a slight misconfiguration could cause major security problems, performance issues, and service disruptions.

Cloud technology has become a crucial aspect of modern-day businesses due to its scalability and efficiency, making it a popular choice for organizations across all industries. However, the increased surface area for attacks and the different ways they can be executed has left many organizations vulnerable to threats and data breaches. The cloud threat landscape has been rapidly evolving, so adopting a robust cloud security strategy is essential for organizations of all sizes.

Organizations are progressively moving towards a predominantly cloud-based computing environment. What this means is that essentially all of their back-end infrastructure, systems, and client-facing applications can be accessed and distributed through the cloud. Modern cloud computing goes a step further than simply being present in a virtual environment.

The Sumo Logic Threat Labs team previously outlined the risks associated with unprotected cloud credentials found on Windows endpoints. This article builds on that work by providing detection and hunting guidance in the context of endpoints that run the Linux operating system. Although workloads that support business functionality are increasingly moving to the cloud, these workloads are often managed through an endpoint that is often found on premises.

Application dependencies occur when technology components, applications, and servers depend on each other to provide a business solution or service. Developers have a specific technology stack in mind when building solutions. This can typically include operating systems, database engines, and development frameworks (such as.Net or Java), as well as other infrastructure.

As an AWS Partner, One Identity is proud to announce that it is now even easier to leverage your existing AWS tooling with your OneLogin data. We are among the first partners to offer a new integration that joins tools, such as our previously released AWS EventBridge webhook. Now, AWS and One Identity have teamed to deliver an integration with AWS CloudTrail Lake, which allows you to store your OneLogin event data in AWS along with all your other data.