It’s been a banner week for us here at CloudPassage! In this season of Grammys, Globes, Oscars, Spammies, and so many more, we’ve garnered four technical excellence awards for Halo. While this may not impress Patriots fans, we’re extremely gratified…
Tag: IDS
WordPress vulnerability – Privilege Escalation and Content Injection
On Thursday January 26th, 2017 the WordPress support team released WordPress 4.7.2. On Wednesday February 1st, 2017 they disclosed an additional vulnerability within the REST API of WordPress that had been fixed with the 4.7.2 release. The vulnerability we are…
Video: Why it’s critical to foster a relationship with your cloud provider (Black Hat 2016)
Guest blog by David Spark, Spark Media Solutions If you want better security in the cloud, “develop a relationship with the security team at the cloud provider,” said Craig Rosen, CISO, AppDynamics in our conversation at the 2016 Black Hat…
Video: Regulations will keep hybrid cloud around a long time (BSidesLV 2016)
Guest blog by David Spark, Spark Media Solutions “[Hybrid cloud is] definitely a way we’re doing business for now and forever because there are some companies where regulations require that they keep things local, that they can’t put everything on…
Drivers for organizations to adopt and embrace agile security
Cyber threats against enterprises continue to rise, as more people are connected to the Internet, the criminal underworld continues to grow and mature, and state-sponsored attacks are on the rise. Regulations of cyber security continue to grow. And IT organizations…
Survey results: 2016 Cloud Security Spotlight report
On Tuesday we announced results of the 2016 Cloud Security Spotlight report, which gathered intel from more than 300,000 members of the Information Security Community on LinkedIn. Participants in the survey were professionals from a broad range of organizations and questions…
CloudPassage demonstrates compliance with Cloud Security Alliance (CSA) best practices
We’re excited to announce that CloudPassage is now listed on CSA’s Security, Trust & Assurance Registry (STAR) with a Level 1 certification. According to CSA, “STAR is a publicly available registry that details the security controls, assurance requirements, and maturity…
Behind the Numbers on Why Universities Lag Behind in Cybersecurity Education
Last week, we published the results of a study we conducted on the state of cybersecurity education in American undergraduate university computer science programs. Our findings revealed that the majority of top-ranked universities in the U.S. are not prioritizing cybersecurity…
Why Old FIM Tools Fail In Agile IT Models
File integrity monitoring (or FIM) tools can be an important part of intrusion detection and configuration security. When combined with other tools, FIM gives you vital information about your servers for compliance and security. But too often these tools fall…
U.S. Universities Get “F” For Cybersecurity Education
In recent remarks by Commerce Secretary Penny Pritzker at Montgomery College, she noted that there are an “estimated 210,000 open and unfilled cybersecurity jobs in the United States today.” This is a remarkable statistic, but not all that surprising since most…