On Wednesday, October 18, 2023, we discovered attacks on our system that we were able to trace back to Okta – threat actors were able to leverage an authentication token compromised at Okta to pivot into Cloudflare’s Okta instance. While this was a troubling security incident, our Security Incident Response Team’s (SIRT) real-time detection and prompt response enabled containment and minimized the impact to Cloudflare systems and data.
Mobile devices have become critical endpoints for accessing enterprise applications, systems and data. Adversaries know this all too well, as evidenced by the growing numbers of attacks that target mobile devices. Verizon’s 2022 Mobile Security Index found almost half (45%) of enterprises had recently suffered a mobile-related compromise involving devices in the last 12 months — almost double the amount compared to the year prior.
Amazon’s Elastic Kubernetes Service (EKS) is a popular managed Kubernetes option that allows customers to benefit from both an offloaded Kubernetes management plane, and the wide range of services that AWS offers. Managed or unmanaged, securing cluster traffic is always critical and, although AWS Security Groups can secure the cluster nodes, securing pod traffic requires something closer to the application data-path.
Today’s guest is Charles Chu, CyberArk’s General Manager of Cloud Security, who’s spent more than a decade at the forefront of cloud security. Chu joins host David Puner for a conversation that delves into secure cloud access and the concept of zero standing privileges (ZSP), a dynamic approach to securing identities in multi-cloud environments.
In an evolving era of Artificial Intelligence (AI) and Large Language Models (LLMs), innovative tools like GitHub's Copilot are transforming the landscape of software development. In a prior article, I published about the implications of this transformation and how it extends to both the convenience offered by these intelligently automated tools and the new set of challenges it brings to maintaining robust security in our coding practices.
Ready to revolutionise your business with the power of IoT? As the digital world advances, IoT solutions bring countless possibilities to transform industries, streamline processes, and enhance customer experiences. Let’s dive into the world of IoT and explore how it can revolutionise your business, in 2023 and beyond!
The intersection of privilege escalation and identity is taking on new dimensions with the advent of Artificial Intelligence (AI). As AI becomes increasingly integrated into our lives, it both challenges and reinforces existing notions of privilege and identity. In this blog, we'll explore what privilege escalation means in the context of AI and how it influences our understanding of personal and societal identities.
In today’s digital age, businesses rely heavily on technology to drive their operations efficiently and effectively. This dependence on technology has brought about new challenges and risks, particularly in the realm of cybersecurity. As organisations strive to ensure operational resilience, they must recognize the integral role of cyber resilience in safeguarding their digital assets and operations. Cyber threats have become a persistent concern for businesses of all sizes.
Security Magazine reported more than 2,200 daily cyberattacks, which translates to roughly one cyberattack occurring every 39 seconds! As these stakes in cybersecurity continue to reach higher and higher levels, it becomes even more crucial to emphasize securing the very bedrock of elements upon which our digital existence is built.
