In the first two blogs in this series, we discussed properly setting up IAM and avoiding direct internet access to AWS resources. In this blog, we’ll tackle encrypting AWS in transit and at rest.
Increased cloud adoption has introduced new security risks; organizations need to protect invaluable, sensitive data that can be accessed from anywhere. Traditional methods no longer suffice - today’s security operations teams must adopt innovative solutions and streamlined processes to effectively manage the increase in complexity and ensure mission-critical cloud loads are safeguarded.
Our most recent Cloud and Threat Report highlighted how threat actors abuse cloud services (with a special focus on cloud storage apps) to deliver malicious content (and yes, OneDrive leads the chart of the most exploited apps). To confirm that this trend will likely continue in 2023, researchers at Trend Micro have discovered an active campaign, launched by a threat actor named Earth Bogle.
Recently, Amazon accidentally exposed information on Amazon Prime Video viewing habits to the public. In addition, Thomson Reuters news and media company admitted that their servers had compromised 3TB of data by public-facing ElasticSearch databases. Well, these are the type of news we often see on the front page of cybersecurity forums. But if you dig a bit deeper, you will find that these data leaks are caused by misconfiguration, not cyber attacks.
Editor's note: This is the first in five-part series authored by Ed Amoroso, founder and CEO of TAG Cyber, which will focuses on how the Corelight platform reduces network security risks to the so-called Everywhere Cloud (EC). Such security protection addresses threats to devices and assets on any type of network, including both perimeter and zero-trust based.
Cybersecurity professionals are tasked with the difficult job of protecting their organization's data from malicious actors. To achieve this goal, zero trust security has become an essential tool for organizations. But what exactly is zero trust? In this post, we’re going to separate signal and noise by disambiguating the term zero trust. We’ll talk about what it is, why it matters, and key takeaways you should have regarding the state of cybersecurity in 2023.
Google Cloud Provider (GCP) Filestore is a good place to keep lots of rich, unstructured data, such as graphic designs, video editing files, and other media workflows that use files as input and output. Having GCP Filestore backups enables users to protect themselves against the rare case of inaccessibility, accidental changes, ransomware attacks, or other types of disasters.
Adopting cloud technologies is one of the most common tech strategies followed by modern organizations. This may be due to various reasons depending on the nature of the business. But there are a few standard components that span across most domains, not least the fact that cloud vendors allow developers to easily create and take down resources on the cloud with minimal effort.
