Shipping services firm Pitney Bowes has recently joined the growing ranks of businesses targeted by high-impact ransomware attacks—in their case, the Ryuk virus. The Ryuk virus has also been named as the culprit in recent data breaches spanning both global…
Recent Posts
LIDS and FIM Templates for Security Vigilance and Integrity
CloudPassage recently released new templates for Windows 2019 Log-based Intrusion Detection System (LIDS) and File Integrity Monitoring (FIM). In this article, I will go over some use cases and how organizations can use the templates to protect and secure their…
Security Visibility is Mission-Critical
IaaS has continued to evolve and make it easier for companies to set up public cloud infrastructure faster than ever. Many are doing just that and moving more and more workloads to cloud environments. Although in these new, dynamic environments…
Security Mistakes and the Culture of Innovation
We live in a culture of rapid innovation, but that innovation can result in a variety of cloud security mistakes. Businesses must innovate quickly to compete in today’s markets, and software and public cloud infrastructure, or IaaS, are significant enablers…
Real-time Vulnerability Alerting
Here at CloudPassage, we’ve been researching how public data can be used for real-time vulnerability alerting using principles from the United States Tsunami Warning Center. I am excited to announce that we will be presenting and demonstrating initial results from…
Preventing a Capital One Cloud Data Breach
On July 29, it was announced that there was a Capital One cloud data breach. A hacker had accessed about 100 million credit card applications, and investigators say thousands of Social Security and bank account numbers were also taken. This…
What the 2019 AWS Security Report Tells Us About Preventing a Cloud Data Breach
In the wake of the recent Capital One security breach in their cloud environment on AWS, the security community is taking another look at how we approach cloud security. CloudPassage recently shared guidance in our blog, “Capital One Data Breach:…
Capital One Data Breach: Non-Technical Tips To Not Be A Headline
In the last 48 hours, we’ve received dozens of messages asking about the recent Capital One data breach, detailed in this New York Times article. A similar data breach happened in April involving half a billion Facebook records in another…
Why IaaS requires cloud security automation
Public cloud infrastructure is a significant and powerful part of an enterprise’s competitive arsenal but to protect such fast-moving environments requires such as Iaas require cloud security automation. In our cloud-driven economy, software has become the battleground of innovation, and…
4 key takeaways from the AWS Cloud Security Report 2019
Many knowledgeable opinions, four key takeaways, one gathering of pros. The very first AWS re:Inforce conference is upon us. Thousands of attendees, speakers, and vendors will descend on the Boston Convention Center for the very first AWS-centric security event. If…