Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Monitor Google Workspace with Datadog

Google Workspace (formerly G Suite) is a collection of cloud-based productivity and collaboration tools developed by Google. Today, millions of teams use Google Workspace (e.g., Gmail, Drive, Hangouts) to streamline their workflows. Monitoring Google Workspace activity is an essential part of security monitoring and audits, especially if these applications have become tightly integrated with your organization’s data.

Create an API Specification Scan

Traditionally Veracode Dynamic Analysis has targeted applications with a Web user interface. But increasingly, web applications are composed of many small microservices, many of which have Representational State Transfer (REST) interfaces with which the UI layer communicates. With API scanning, you can now scan the APIs of your microservices earlier in the software development process, before they are integrated into a web application.

It's Time to Get Rid of Passwords in Our Infrastructure

Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file. Other times, they take the form of API keys, tokens, cookies or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, copy to CI/CD systems and code linters. Eventually someone leaks, intercepts or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.

Malicious Office Documents: Multiple Ways to Deliver Payloads

Several malware families are distributed via Microsoft Office documents infected with malicious VBA code, such as Emotet, IceID, Dridex, and BazarLoader. We have also seen many techniques employed by attackers when it comes to infected documents, such as the usage of PowerShell and WMI to evade signature-based threat detection. In this blog post, we will show three additional techniques attackers use to craft malicious Office documents.

Cloud Applications: A Zero Trust Approach To Security For Healthcare

Accelerated adoption of the cloud has driven healthcare organizations to rely more heavily on cloud-based productivity suites and apps that enable both employees and patients to access data from anywhere. Compound this use of managed and unmanaged mobile devices in a world where the network perimeter is being eroded and you have a real challenge at hand. AGENDA: Zero Trust - How to apply a dynamic and contextual approach to applications and data access in the cloud.

Cloud Threats Memo: Scary Examples of Weaponizing Google Drive

The abuse of Google Drive to deliver malicious content continues, and two recent examples remind us how the flexibility of this cloud storage tool can be easily weaponized by malicious actors. And the spectrum of content that can be distributed, and victims that can be targeted is surprising.

The Top Business Technology Trends for 2021-2022

With the new year just around the corner, the world of business is set to see great change. From 5G and the Internet of Things to the blockchain, new technology trends are creating a digital transformation for companies on a global level. In this article, we’ll take a look at the latest trends in technology to keep an eye out for in 2022 and beyond.

Lookout CASB Named a Major Player in 2021 IDC MarketScape Cloud Security Gateways

I am excited to share a major milestone for our company: the Lookout Cloud Access Security Broker (CASB) has been named a Major Player in the 2021 IDC MarketScape Worldwide Cloud Security Gateways (CSG) Vendor Assessment (Doc # US48334521, November 2021). When Lookout acquired CipherCloud back in March 2021, the two companies came together with a mission to build a platform that provides intelligent Zero Trust access by leveraging in-depth telemetry from endpoint to cloud.

Corelight & Microsoft Defender for IoT: Through an XDR lens

What is the XDR paradox? It’s the hottest term in security but there is no consensus yet on the right definition. Why is that? Many organizations have deployed EDR and are benefiting from it, but also looking to the gaps that EDR can’t address such as unmanaged / compromised devices or network-centric TTPs. Likewise, many vendors of EDR/SIEM products have realized they have the same general workflow (analyze data, present an alert, triage it, etc).