Security Service Edge (SSE) describes the evolving security stack crucial to a Secure Access Service Edge (SASE) journey, with core platform requirements that include CASB, SWG, and ZTNA capabilities. SASE is an architecture—really, a long-term journey that will change how we all think about security and networking. But SSE, as part of SASE, is a set of cloud-delivered security services you can acquire and make the most of today.
In November of 2021, we described several techniques used by attackers to deliver malware through infected Microsoft Office files. In addition to exploits like CVE-2021-40444, these infected documents frequently abuse VBA (Visual Basic for Applications) to execute their techniques, regardless of the final payload. Attackers also often use extra layers of protection to evade signature-based detections, like constructing PowerShell scripts and WMI namespaces at runtime, as done by Emotet.
Every functioning security team has an incident response plan. Advance strategizing and preparation are absolutely imperative to ensure a quick response to data breaches, ransomware, and numerous other challenges, but most companies first developed that plan years, if not decades, ago and now only revisit it periodically. This is a problem. How many organizations have developed a separate incident response plan to address the unique risks of the software-as-a-service (SaaS) era? Far too few.
Naming themselves Night Sky, a new ransomware family was spotted on the first day of 2022, by the MalwareHunterTeam. They appear to work in the RaaS (Ransomware-as-a-Service) model, similar to other ransomware groups like REvil, LockBit, and Hive, publishing stolen data exfiltrated throughout the attack in a deep web site if the ransom is not paid by the victim. Currently, there are two companies listed on their deep web site, where the group has published the victim’s allegedly stolen data.
In recent blogs, we’ve explored the role of Security Service Edge (SSE) technologies as part of a SASE architecture, and the key differences between SSE and SASE. But so far, we’ve focused more on overall functionality than on its realization and what SSE means from a cloud design and implementation perspective. In this post, we shift gears to put a spotlight on networking and infrastructure as it relates to security clouds.
President Biden’s Executive Order 14028 to improve the nation’s cybersecurity and protect federal government networks, was released more than half a year ago. At the time, one of the most exciting aspects about it was the multiple uses of the term “zero trust,” as Netskope discussed in a blog at the time. However, it’s clear that federal agencies are still working out the specifics of how to actually approach implementing zero trust.
