|
By Gabriel Avner
AWS and other cloud infrastructure exposed to after attacks uncovered in the wild Cloud networking solutions provider Aviatrix has published a new vulnerability (CVE-2024-50603) in its controller. This vulnerability allows unauthenticated actors to run arbitrary commands. This Remote Code Execution (RCE) vulnerability, rated CVSS 10 (critical), has been exploited in the wild. A patch is already available on GitHub. Alternatively, users can update to the secure versions 7.1.4191 or 7.2.4996.
|
By Rom Carmel
Even the simplest mistakes can leave your data wide open to cyber threats. If the worst happens and there’s an attack, cybercriminals gain free-for-all access to your cloud resources. They tamper with your data, disrupt workflows, and steal sensitive information, meaning the need for Privileged Access Management (PAM) best practices are more indispensable than ever for any robust cloud security strategy.
|
By Ofir Stein
It’s 9:00 AM, and your team is ready to tackle the day. But before they can start, access issues rear their ugly head. A developer can’t get into the staging server and IT is buried under a mountain of permission requests. Sounds familiar? Employees lose up to five hours weekly on IT access issues, while IT teams spend 48% of their time handling manual provisioning. These inefficiencies cost both time and valuable progress. So, how do you fix it?
|
By The Apono Team
In this edition, Rom discusses four essential capabilities to consider when using a solution to manage cloud privileges and access to resources. He emphasizes the importance of visibility across all cloud access, planning for scale upfront, speaking the language of both security and DevOps, and ensuring easy onboarding and fast adoption. These four points are a great starting point for making the right PAM buying decision.
|
By The Apono Team
We recently started a new blog series featuring our CEO and co-founder Rom Carmel. In this series, we discuss real issues from the field. So, check out what Rom Carmel has to say about the three complaints he hears the most in access management.
|
By Ofir Stein
Recent studies indicate that more than 80% of organizations have experienced security breaches related to their CI/CD processes, highlighting the critical need for comprehensive access management strategies.
|
By Rom Carmel
Organizations lose $16.2 million annually (up from $15.4 million) due to insider threats. Many businesses still can’t prevent these threats effectively. Malicious or negligent employees continue to risk sensitive data and systems despite strong external security measures. Security professionals must solve a big challenge – protecting against insider threats while keeping operations running smoothly.
|
By Ofir Stein
It’s not that often that a story about a Joiner-Mover-Leaver (JML) failure makes the international news. But throw in an insider threat actor making potentially life threatening changes to the impacted systems and it becomes quite the doozy. Especially when the company at the center of the story is Disney.
|
By Rom Carmel
With an average of more than 5 data breaches globally a day, it’s clear companies need a way to prevent data loss. This is where a data loss prevention policy comes into play. A data loss prevention policy serves as a crucial safeguard against unauthorized access, data breaches, and compliance violations. This comprehensive framework outlines strategies and procedures to identify, monitor, and protect valuable data assets across an organization’s network, endpoints, and cloud environments.
|
By Rom Carmel
Apono, the leader in privileged access for the cloud, today announced the appointment of Dan Parelskin as Senior Vice President of Sales and the hire of Stephen Lowing as Vice President of Marketing and Following the company’s successful Series A funding round in September, these appointments are significant steps forward for Apono as it positions itself to capitalize on the increasing demand for cloud privileged access solutions across markets.
|
By Apono
Hear Labelbox’s Sr. DevOps Engineer Aaron Bacchi share his experience of building out a smarter break-glass infrastructure to respond to incidents by using PagerDuty and Apono.
|
By Apono
A 2-minute demo on how super simple it is to approve access requests on Slack with Apono.
|
By Apono
Apono's just-in-time access governance solution supports requesting – and approving – access to cloud resources directly within Slack. Bonus: It’s really, really simple.
|
By Apono
ICYMI: In the last video demo of @Okta + Apono, we showed you how to integrate your Okta resources with Apono through SCIM. (It’s super simple!) Once the integration is done, Okta users or group members can easily request temporary access to different cloud resources using our just-in-time capability. That includes temporary access to Okta group membership If you're managing your developer-on-duty, customer data access, or any other use case with Okta groups, you don’t want to miss out on this one.
|
By Apono
Slack and Teams apps can improve efficiency and DevX, but downtime that's out of your control can be a major concern. That's why Apono just released our end-user web portal.
|
By Apono
Approvers can review requests awaiting their approval.. Slack or Teams downtime? No problem! Developers can still gain access into critical systems without compromising business processes and production maintenance, all with superior UX.
- January 2025 (2)
- December 2024 (3)
- November 2024 (3)
- October 2024 (3)
- September 2024 (1)
- August 2024 (3)
- July 2024 (4)
- June 2024 (4)
- May 2024 (5)
- December 2023 (1)
- November 2023 (3)
- October 2023 (2)
- September 2023 (5)
- May 2023 (1)
- March 2023 (1)
- February 2023 (2)
- January 2023 (1)
Securely manage permissions and adhere to compliance requirements, while allowing employees to benefit from a frictionless user experience.
Apono, led by cybersecurity and DevOps experts. “Apono” is the Hawaiian word for “approve”. The Apono platform is loved by DevOps, trusted by Security - supports customers like OpenWeb, Cybereason, HiredScore, Tomorrow.io and many more in automating permission management. Providing a frictionless experience for users with the visibility and compliance needed by security to win more business.
Turn Manual Permission Management Into Automated Contextual Access Flows:
- Remove Permission Bottlenecks: Turn manual permission management tasks to automated contextual Apono Access Flows.
- Leave No Permissions Behind: Take advantage of auto-expiring permissions.
- Satisfy Customer Requirements: Grant access to specific namespaces or resources with a comprehensive audit log.
- Prevent Human Errors in Production: Tailor access duration and resources to the task at hand.
Automatic granular permissions needed to keep your business running and secure.