Technology

Container Image Scanning for Azure Pipelines with Sysdig

Sep 19, 2022 By Eduardo Mínguez In Sysdig

Scanning a container image for vulnerabilities or bad practices in your Azure Pipelines using Sysdig Secure is a straightforward process. This article demonstrates a step by step example on how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner in Azure Pipelines. Although possible, it is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

Read Post

Sysdig

Read more about Container Image Scanning for Azure Pipelines with Sysdig

How to Build Your Cloud Migration Security Strategy

Sep 16, 2022 By Kroll In Kroll

Moving to the cloud is becoming a business necessity. Cloud technologies are flexible and scalable and less expensive to maintain than on-premises solutions, allowing companies to easily adapt as business needs change. The only real barrier to making the move is concerns about cloud migration security.

Read Post

Kroll

Read more about How to Build Your Cloud Migration Security Strategy

Why misconfigurations continue to plague public cloud network services and how to avoid them

Sep 15, 2022 By Oren Amiram, Director of Product In AlgoSec

Cloud security as a strategy is constantly evolving to meet the needs of organizations for scale, agility, and security. If your organization is weighing the merits of the use of public cloud versus private cloud, here are a few facts to keep in mind.

Read Post

AlgoSec

Read more about Why misconfigurations continue to plague public cloud network services and how to avoid them

Improve security and compliance for your AWS infrastructure with Teleport

Sep 15, 2022 By Teleport In Teleport

Easily control who can provision and access your critical AWS resources while improving security and compliance. Watch this webinar as Allen Vailliencourt from Teleport discusses how to.

View Video

Teleport

Read more about Improve security and compliance for your AWS infrastructure with Teleport

Attackers Continue to Abuse Google Sites and Microsoft Azure to Host Cryptocurrency Phishing

Sep 15, 2022 By Gustavo Palazolo In Netskope

On August 9, 2022, we released a blog post about a phishing campaign where attackers were abusing Google Sites and Microsoft Azure Web Apps to steal cryptocurrency wallets and accounts from different targets, namely Coinbase, MetaMask, Kraken, and Gemini. The attackers were abusing SEO techniques to spread the pages and using advanced techniques to steal data, such as using live chats to interact with victims.

Read Post

Netskope

Read more about Attackers Continue to Abuse Google Sites and Microsoft Azure to Host Cryptocurrency Phishing

Privacy, SSE Adoption: My Takeaways From the 2022 Gartner SRM in London

Sep 15, 2022 By Matt Walmsley In Lookout

After a two-year hiatus, the Gartner Security and Risk Management, London is back! I had the privilege of attending a number of sessions, spending time talking with analysts and digesting some of the latest cybersecurity trends and strategies, including the Top Cybersecurity Predictions for 2022-2023 from Gartner. Two themes that stood out to me were security service edge (SSE) and extended detection and response (XDR) Below are some of my key takeaways from this year’s conference.

Read Post

Lookout

Read more about Privacy, SSE Adoption: My Takeaways From the 2022 Gartner SRM in London

APIs: Risks and security solutions

Sep 15, 2022 By Stefanie Shank In AT&T Cybersecurity

APIs have become a vital part of doing business. Organizations increasingly rely on the use of APIs for day-to-day workflows, particularly as cloud applications become something of a mainstay. A recent report found that the average number of APIs per company increased by 221% in 2021. Not only are APIs impossible to ignore, but the need to invest in API security cannot be overlooked. The trend in usage is closely followed by opportunists seeking ways to exploit vulnerabilities for their gain.

Read Post

AT&T Cybersecurity

Read more about APIs: Risks and security solutions

Cyber Attack on IHG Disrupts Hotel Booking System | Concerns on Private Data Leakage

Sep 15, 2022 By Shivani Dhiman In Appknox

IHG Hotels & Resorts, the hotel group that owns the Holiday Inn and Intercontinental brands, experienced a cyber attack in the first week of September. The attack has impacted the central hotel’s booking system and mobile apps, causing a service outage for several days. Loyalty program members could not log in or create new bookings during this time.

Read Post

Appknox

Read more about Cyber Attack on IHG Disrupts Hotel Booking System | Concerns on Private Data Leakage

6 best practices to stay secure in the hybrid cloud

Sep 15, 2022 By AlgoSec

Every year we witness more organizations of all sizes investing more in the cloud. A recent report by the Cloud Security Alliance and AlgoSec shows that over half of organizations are running 41% or more of their workload in the public cloud, and 62% of organizations are running multi-cloud environments. With organizations running workloads in complex hybrid networks - public, private, and on-premises networks - the security landscape is getting even more complex. There are actions you can take, though, to help you dissolve the complexities.

Get EBook

AlgoSec

Read more about 6 best practices to stay secure in the hybrid cloud

Strong Authentication Considerations for Digital, Cloud-First Businesses

Sep 14, 2022 By Tripwire Guest Authors In Tripwire

Authentication as a baseline security control is essential for organizations to know who and what is accessing corporate resources and assets. The Cybersecurity and Infrastructure Security Agency (CISA) states that authentication is the process of verifying that a user’s identity is genuine.

Read Post