|
By By: Becca Gomby
Cloud native applications are dominating the tech landscape for modern enterprises. A garden-variety cloud native application consists of microservices deployed in containers orchestrated with Kubernetes, and these microservices interact together via APIs. Netflix, Salesforce, and Atlassian products like Jira and Confluence are all common examples of cloud native applications.
|
By By: Becca Gomby
Modern software development teams will have individual preferences about whether to use IDEs or which testing framework or coding convention to adopt. However, for teams that want to deliver high-quality software at a rapid pace, continuous integration and continuous delivery (CI/CD) is a must-have. Mature, high-performing dev teams lean heavily on their CI/CD pipeline. Because of this heavy dependence on CI/CD, ensuring the security of your CI/CD pipeline is incredibly important.
|
By By: Becca Gomby
Enterprises are increasingly adopting multi-cloud environments to take advantage of the flexibility and scalability of different cloud platforms. However, this shift has also introduced a major security challenge: the rise of identity-based threats. With 82% of data breaches now involving cloud-stored data, securing cloud identities has become a critical need. The complexity of managing identities and permissions across multiple cloud platforms only amplifies the risks.
|
By By: Becca Gomby
Securing complex cloud environments is as crucial as it is challenging. The surface area for attack is vast. With the elastic nature of cloud resources, a single compromised service could allow attackers to take over large portions of your infrastructure, often lurking undetected for extended periods. This presents a significant risk to your organization, as your dynamic and ever-evolving cloud environment makes it difficult to maintain control over who has access to what.
|
By By: Shweta Khare
Consider a modern software application as a constellation of cities that dot the landscape. These cities are components such as databases, authentication services, business logic engines, and more. Requests travel between components carrying data just as citizens travel between cities carrying their belongings. The highways that connect the cities on this map are your APIs. Cities get the most attention, often receiving the security and protection they need.
|
By Shweta Khare
Wednesday, Sep 11th, 2024 DevSecOps: It sounds like a dream team, right? But the reality is often a bit more... challenging. When companies try to bring together development and security, it's like trying to mix oil and water. There are organizational roadblocks, cultural clashes, and technical headaches that can make the whole process feel like a never-ending uphill battle. The challenges of adopting DevSecOps may seem insurmountable. Is adopting DevSecOps worth the effort? Yes. One hundred percent.
|
By Gui Alvarenga
Wednesday, Jul 31st, 2024 Data breaches are a constant threat in today’s cybersecurity landscape, putting organizations’ sensitive information at risk. As businesses move to cloud-native environments, securing data becomes even more crucial. Data Security Posture Management (DSPM) is a proactive approach that helps organizations manage and protect their data assets.
|
By Tim Szigeti
Friday, Jul 19th, 2024 In this blog, we're going to discuss how you can protect your business from data leaks that can result from insecure application programming interfaces. Cloud native applications are composed of loosely coupled microservices, which are predominantly intercommunicating via APIs.
|
By By: Tim Szigeti
Cryptojacking is rapidly emerging as the most popular type of attack on cloud native applications and infrastructure. Care to guess how many cryptojacking attacks were recording in 2023? As a reference point, in the year before (2022), there were 139M cryptojacking attacks. However, this number jumped 659% the following year (2023) to 1.06B! That averages nearly 3M cryptojacking attacks every day, on average.
|
By Gui Alvarenga
Imagine a scenario where an attacker, unnoticed, gains access to your cloud infrastructure, manipulating identities and permissions to steal sensitive data or disrupt operations. In the rapidly evolving world of cloud computing, managing and securing cloud identities has become more critical than ever. Identity-based threats are growing exponentially, and traditional security measures are no longer sufficient.
|
By Panoptica
Cisco Research hosted a virtual summit on GenAI security, bringing together researchers to explore GenAI security challenges. The summit includes presentations from university professors and students collaborating with the Cisco Research team, including Tianlong Chen (University of North Carolina-Chapel Hill), Ruoxi Jia (Virginia Tech), Xialoin Xu (Northeastern University), and Xun Xian (University of Minnesota).
|
By Panoptica
In this edition of The Shift, Outshift’s quarterly newsletter, we focus on all things AI — including an exclusive interview with SVP Vijoy Pandey on what the future of AI has in store and an announcement of an exciting new partnership with our GenAI product Motific.
|
By Panoptica
Welcome to Cloud Unfiltered! In this episode, host Michael Chenetz is joined by Erika Dietrick, a Developer Advocate at Cisco DevNet, fresh off her experience at Black Hat and DEF CON in Las Vegas. Erika dives into the evolving world of AI and its practical applications in development, with a focus on AI coding assistants like GitHub Copilot. Together, they explore.
|
By Panoptica
API attacks are predicted to become the most frequent attack vector for cloud ecosystems. How can organizations address API security risks? In this video, Tim Szigeti, Distinguished Technical Marketing Engineer at Outshift by Cisco, shares a quick demo of Panoptica’s API security dashboard. See how you can use the Panoptica CNAPP to get the full picture of your overall security posture, including internal, external, and third-party APIs, evaluate findings, and take next steps to secure your cloud.
|
By Panoptica
Personal Identifiable Information (PII) includes sensitive data such as social security and passport numbers, as well as biometric data like faces and fingerprints. When training or refining Large Language Models (LLMs), there’s a risk of accidentally including PII, leading to significant real-world consequences like identity theft, privacy violations, and financial losses.
|
By Panoptica
Welcome to “Cloud Unfiltered,” where we tackle everything about platform engineering and the cloud-first world! Today’s episode features an insightful chat with Abby Bangser, a Principal Engineer from Syntasso. Dive into the complexities of modern software development and the strategies that aid in streamlining operations in the tech-dominated business environment.
|
By Panoptica
Any vulnerability in the software supply chain has serious potential to wreak havoc around the globe. What can security teams do? Cisco Research brought together leading researchers to explore supply chain challenges and discuss opportunities for solving those challenges now and in the future.
|
By Panoptica
Welcome to another insightful episode of Cloud Unfiltered! In this episode, host Michael Chenetz is joined by Jerry Gebel, VP of Product and Standards at Strata Identity, to delve into the crucial topics of identity orchestration and authorization. Outshift is Cisco’s incubation engine, innovating what's next and new for Cisco products and sharing our expertise on emerging technologies. Discover the latest on cloud native applications, cloud application security, generative AI, quantum networking and security, future-forward tech research, our latest open source projects and more.
|
By Panoptica
Shannon Williams and Darren Shepherd discuss their new open source solution called, GPTScript and how the exciting world of AI is evolving. Outshift is Cisco’s incubation engine, innovating what's next and new for Cisco products and sharing our expertise on emerging technologies. Discover the latest on cloud native applications, cloud application security, generative AI, quantum networking and security, future-forward tech research, our latest open source projects and more.
|
By Panoptica
As AI models become more accurate, they are becoming much larger, requiring a significant amount of computing power to run. How can we make the future of AI more scalable and sustainable? Cisco Research hosted a virtual summit on efficient AI, bringing together researchers to explore efficient AI challenges and discuss opportunities for solving those challenges now and into the future. The Cisco Research team has been working on efficient AI initiatives for several years, contributing research papers and incorporating their work into an open-source project called ModelSmith.
|
By Panoptica
Explore the truth behind cloud security myths. Learn why focusing beyond common vulnerabilities is crucial, delve into application security strategies, and discover the power of bug bounties. Shift your perspective to secure from the inside-out and fortify your multi-cloud presence.
|
By Panoptica
In this cutting-edge eBook, explore an extensive analysis of the cloud threat landscape, derived from over 500 diverse cloud environments from Panoptica's own unique data set. Gain unparalleled insight into the evolving cloud threat landscape, while deep diving into attack path analysis, and trends across cloud service providers, CVEs, and Kubernetes coverage. This eBook reveals interesting trends in the market to help inform your own organization's cloud security posture and navigate the multi and hybrid cloud environments with increased confidence.
|
By Panoptica
In the ever-evolving landscape of multi-cloud environments, the future of cloud security demands a paradigm shift. In this eBook, dive into the details of how looking at cloud environments from the perspective of an attacker to identify and prioritize critical security risks, can improve your cloud security. The power of the attack path is not just about surfacing findings; it's about visualizing them in a way that brings clarity to complexity, empowering you to make informed decisions swiftly.
|
By Panoptica
Unlock the secrets of Amazon S3 bucket security with our comprehensive guide. Learn about S3 basics, access control methods, and the potential risks of misconfigurations. Discover real-world examples, best practices, and how to safeguard your data from breaches and vulnerabilities.
|
By Panoptica
Learn about the power of leveraging graph-based cloud security technology to improve cloud security teams' ability to navigate and assess critical risks in multi-cloud environments. This whitepaper reveals why modern security teams are turning towards graph-based technology to accurately discover and prioritize cloud risks. Understand the nuances, benefits, and the need for a graph-driven approach alongside attack path analysis capabilities, to better secure multi-cloud ecosystems.
- November 2024 (1)
- October 2024 (4)
- September 2024 (3)
- August 2024 (5)
- July 2024 (6)
- June 2024 (10)
- May 2024 (12)
- April 2024 (16)
- March 2024 (6)
- February 2024 (9)
- January 2024 (3)
- December 2023 (2)
- November 2023 (6)
- October 2023 (4)
- September 2023 (3)
- August 2023 (2)
Panoptica is a cloud-native security platform designed to protect the Kubernetes orchestration environment and containers, microservices, APIs, serverless functions, and the software supply chain. It simplifies the job of comprehensively securing your cloud-native application development lifecycle—from build pipelines to workload runtimes running in one or more clouds.
Panoptica provides visibility, prioritizes risk, and offers remediation guidance to take policy-driven action to protect your applications from security attacks. It enables frictionless collaboration among DevSecOps and supports open-source innovations using sigstore and the OpenClarity portfolio.
Best-in-class application security:
- Cloud native application security solution: Reduce tools and vendors as you create secure, compliant cloud native apps.
- Attack path analysis: Look at paths from diverse angles and get help with risk mitigation and resolution.
- Code & CI/CD security: Get real-time vulnerability detection from development to runtime.
- Cloud security posture management (CSPM): Scan, monitor, and remediate critical attack paths in your cloud stack instantly.
Panoptica lets you innovate your modern cloud-native applications faster and reduces time to market by driving security automation through the entire application development process.