Cloud Security

Cloud Security | News, how-tos, features, reviews, and videos

Russian hammer and sickle / binary code
News Analysis

Russian cyberspies target cloud services providers and resellers to abuse delegated access

noops code developer devops html web developer by mazimusnd getty
Feature

NIST's new devsecops guidance to aid transition to cloud-native apps

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms
Feature

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

Team members with laptop and mobile phone are superimposed with abstract statistics, data and charts
News Analysis

Google forms Cybersecurity Action Team to support customer security transformation

Google’s initiative will offer security and compliance services to guide governments, critical infrastructure, enterprises, and small businesses through digital transformation.

network security / network traffic scanning
News

AT&T launches managed XDR suite to provide endpoint-to-cloud security

AT&T is combining security tools including its threat intelligence and detection platform USM Anywhere with endpoint and network security services from partners to roll out a cloud-based, managed XDR platform for end-to-end detection...

Threat assessment > Differentiating elements / good vs. bad / angel vs. devil amid abstract data.
Feature

7 deadly sins of Salesforce security

Your Salesforce system holds a lot of sensitive customer data. Don’t fall victim to one of these common sins, errors, and blindspots.

A broken link in a digital chaing / weakness / vulnerability
Feature

4 lessons from recent Microsoft Azure cloud vulnerabilities

The discovery of serious vulnerabilities in Azure's Cosmos database and Linux VM shows you can't take cloud security for granted. Here's how to reduce the risk from current and future vulnerabilities.

keeping the cloud secure cloud security lock padlock private cloud
Feature

CISA's Cloud Security Technical Reference Architecture: Where it succeeds and where it falls short

CISA's reference architecture will help federal government agencies improve cloud security, but it relies too much on outdated guidance.

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.
Feature

8 top cloud security certifications

Cloud security skills are in high demand. These certs will help you demonstrate your cloud security know-how.

software development / application testing / planning / flow chart / diagram
Opinion

The case for a SaaS bill of material

A SaaSBOM will provide greater visibility into the components of cloud-based software infrastructure. This proposal shows how to begin to develop one.

iot security startups hot highlights planets rocket lock security
Feature

18 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...

container ship storage transport colorful containers diversity outsourcing
Feature

Kubernetes hardening: Drilling down on the NSA/CISA guidance

The new guidance gives a solid foundation for hardening Kubernetes container environments. These are its key components and why they are important.

cloud security expert casb binary cloud computing cloud security by metamorworks getty
Feature

Certified Cloud Security Professional (CCSP): Exam, cost, and requirements

Get answers to your burning questions about this cloud security certification and whether it's the right cert for you.

programmer certification skills code devops glasses student by kevin unsplash
Cybersecurity SnippetsBy

7 key data points on the cybersecurity skills shortage

The global cybersecurity skills shortage is as bad as it has ever been, and most organizations are feeling the pinch, new research finds. But cybersecurity professionals have many recommendations for addressing this situation.

saas
Feature

Why you need a SaaS governance plan, and what should be in it

The rapid proliferation of authorized and unauthorized software-as-a-service solutions presents significant security risks. Now is the time for a strategy to manage those risks.

Mark Odom, vice president and CISO, Jefferson Health
Feature

How Jefferson Health enhanced cybersecurity via its cloud transformation

Jefferson Health CISO Mark Odom discusses the healthcare provider's shift to a cloud-first strategy and shares how it has created a more efficient, agile, and risk-focused security approach.

cyber attack alert
Feature

The most dangerous (and interesting) Microsoft 365 attacks

APT groups are developing new techniques that allow them to avoid detection and exfiltrate hundreds of gigabytes of data from emails, SharePoint, OneDrive, and other applications.

keeping the cloud secure cloud security lock padlock private cloud
News Analysis

NSA, CISA release Kubernetes hardening guidance following Colonial Pipeline, other attacks

The guidance seeks to educate IT administrators about cloud security risks and best practices for implementing and maintaining Kubernetes.

google cloud ciso phil venables on the future of cloud security
Interview

Google Cloud CISO Phil Venables on the future of cloud security

Can cloud providers help lift security's burden of endless compliance checklists and certifications?

Hands use a keyboard at a desktop display showing lines of code in a dimly lit workspace.
Feature

Securing infrastructure as code: Perils and best practices

Some organizations are leaving themselves vulnerable when they adopt an infrastructure-as-code approach. Here's how to avoid misconfigurations and insecure templates.

Load More