Cado Security, provider of a cloud-native digital forensics platform, has secured $10 million in Series A funding, which brings the total amount raised by the company to date to $11.5 million.Founded in April 2020, the London, United Kingdom-based security firm helps enterprises investigate and respond to cyber-incidents in cloud environments.Providing autom

Today’s cloud security requires a new way of looking at threat models. Making a threat model can support your security teams before problems start. It helps them develop a strategy for handling existing risks, instead of detecting incidents at a later stage. Let’s walk through how to create a threat model that works for your cloud landscape. The

Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes even more complicated if those malicious processes are hidden. A malware using open source tools to evade detection has been reported. The open source project used by the malware is libprocesshider, a tool cre

There is a lot of talk about ‘modern’ data security. Organizations want a data security strategy that aligns with a digitally transformative vision. Tech can sometimes drown in buzzwords. What do modernization and vision actually refer to? And what do modern data security solutions really require?  Both terms refer to end-to-end data s

The quick pivot to the cloud for remote support also ushered in risks.Business leaned hard into the cloud during the start of the COVID-19 pandemic after widepread work-from-home support became critical. But organizations struggled to migrate to the cloud and properly secure their employees working remotely, according to research released today by Unit 42.Re

A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface f

VMware has addressed a critical authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance. VMware has addressed a critical vulnerability, tracked as CVE-2021-21982, in the VMware Carbon Black Cloud Workload appliance that could be exploited by attackers to bypass authentication. VMWare fixed an authentication bypass (CVE-

Traditional data center approaches aren't built for securing modern cloud applications.We are living through an application development renaissance. Organizations are changing both where applications live and how they are built.Apps Live in the Public CloudApps are being built on public cloud platforms at a rapid pace as enterprises accelerate their cloud mi

It wasn’t too long ago when the question many enterprises wrestled with was whether migrating to the cloud was a worthwhile endeavor. Aside from a few stray server-huggers, enterprises have resoundingly answered in the affirmative and moved beyond that basic question.Now, though, as the COVID-19 pandemic and resulting widespread transitioning to remote

Cloud service providers typically only secure the infrastructure itself, while customers are responsible for their data and application security. In the last year, most organizations have accelerated adoption of cloud services far more rapidly than they originally planned to, but that doesn't mean that everything is moving to the cloud. Most organi

Lateral movement is a growing concern with cloud security. That is, once a piece of your cloud infrastructure is compromised, how far can an attacker reach? What often happens in famous attacks to Cloud environments is a vulnerable application that is publicly available can serve as an entry point. From there, attackers can try to move inside the cloud en

Implementing the AWS Foundations CIS Benchmarks will help you improve your cloud security posture in your AWS infrastructure. What entry points can attackers use to compromise your cloud infrastructure? Do all your users have multi-factor authentication setup? Are they using it? Are you providing more permissions that needed? Those are some quest

Implementing effective threat detection for AWS requires visibility into all of your cloud services and containers. An application is composed of a number of elements: hosts, virtual machines, containers, clusters, stored information, and input/output data streams. When you add configuration and user management to the mix, it’s clear that there is a lot to

Organizations of every type and size are looking to the cloud for a multitude of benefits, including agility, quick time-to-value, cost savings and scalability. But enterprise-scale deployments can make this process complex, more so as it relates to identity and access management (IAM). Protections through the cloud are often a web of permissions that,

With SOC teams running services on multiple cloud platforms, their big concern is how to roll up configuration of 200+ servers in a comprehensive way. There have been problems with organizational silos forever, namely with siloed teams not working together well. That might be why siloes began. But one of the most common organizational disconnects I've seen o