- May 27, 2020
Between January and April amid the COVID-19 pandemic, McAfee found usage of cloud collaboration apps and attacks seeking to steal account credentials both skyrocketed.
- January 24, 2020
Google Cloud's new Secret Manager service augments its cloud security capabilities with an eye toward the needs of DevOps teams.
- January 23, 2020
Microsoft exposed 250 million customer support records on five Elasticsearch servers that had misconfigured Azure security rules, a Comparitech security research team found.
- December 12, 2019
Cloud security posture management, container images vulnerability scanning and DevOps integration are among features included in McAfee Mvision Cloud for Containers.
- December 03, 2019
Amazon Web Services introduced the Access Analyzer tool at its re:Invent event. The new option aims to help users avoid accidentally exposing data stored in S3 buckets.
Sponsored by Akamai - Visiting a website today, users gain access to a rich, interactive experience that is often customized to their preferences and enhanced for their convenience. See More
Sponsored by Akamai - At a time when many businesses have their resources stretched to the limit, the scourge of distributed denial-of-service (DDoS) attacks has continued unabated and added to the difficulties faced by many during this ongoing pandemic. See More
Sponsored by Akamai - With modern web pages relying heavily on scripts to run services and access data, attackers are exploiting those scripts as a new attack vector to steal sensitive customer information. See More
Sponsored by Akamai - With limited security expertise, protecting your web applications is a daunting task. Web Application Protector provides automated web application firewall (WAF) and distributed denial-of-service (DDoS) protection that’s designed to offload the complexity associated with a traditional WAF. See More
- June 28, 2019
UpGuard security researchers found publicly exposed Amazon S3 buckets from data management firm Attunity, which included company credentials and data from enterprise clients.
- June 27, 2019
AWS re:Inforce, the cloud provider's inaugural security conference, addressed the problems of misconfigurations and data exposures with new tools, like Control Tower.
- June 20, 2019
Threat Stack Application Security Monitoring will bring security, visibility and protection to cloud-based architecture and applications, according to the vendor.
- June 03, 2019
With its latest release, McAfee intends to improve Amazon RDS security and prevent cyberattacks with its new McAfee Database Security suite of cloud security products.
- May 30, 2019
Palo Alto Networks has launched its new cloud security suite called Prisma, comprised of four platforms -- Prisma Access, Prisma Public Cloud, Prisma SaaS and VM-Series.
- May 22, 2019
Google disclosed two separate incidents in which G Suite passwords were stored insecurely, and in one of those incidents, the passwords were stored improperly for 14 years.
- May 21, 2019
Coalfire has launched Secure Cloud Automation Services and Cloud Security Strategy and Maturity Assessment programs to build out its cloud security services.
- December 07, 2018
News roundup: A critical Kubernetes vulnerability was found in the system's API server and could have a wide reach. Plus, ESET found 21 new Linux malware families, and more.
- October 04, 2018
Palo Alto Networks looks to bolster its cloud security portfolio with a $173 million acquisition of cloud security startup RedLock and integrate it with Evident.io technologies.
- August 09, 2018
At Black Hat 2018, a Netflix security engineer introduced a new open source tool designed to more effectively monitor AWS credentials in large cloud environments, like Netflix's.
- June 12, 2018
Security researchers discovered an unsecured Kubernetes console leading to a Weight Watchers exposure, but, allegedly, no personal data was leaked as a result of the issue.
- June 08, 2018
Amazon Web Services and Google Groups have seen data exposures due to poor configurations by users. Now, some have accidentally shared passwords on Trello boards.
- April 25, 2018
At RSA Conference 2018, SentinelOne CEO Tomer Weingarten talks with SearchSecurity about his company's shift to the cloud and what it means for endpoint security.
- April 23, 2018
At RSA Conference 2018, CyberArk researchers described how threat actors are able to gain access to cloud environments and elevate privileges through 'shadow admins.'
- April 17, 2018
Why are enterprises still struggling with identity and access management in the cloud? Experts at RSA Conference discuss the issue and the risks posed by compromised credentials.
- February 01, 2018
A new study on cloud data security provides insights into the shaken confidence in the cloud. Despite its increased use, payment and customer data still appears to be at risk.
- January 17, 2018
Cloudflare takes inspiration from Google's BeyondCorp with a new service called Cloudflare Access, which aims to replace corporate VPNs and embrace perimeter-less security.
- November 28, 2017
In its first big post-Intel move, McAfee agreed to acquire Skyhigh Networks, a leading cloud access security broker, to strengthen its presence in the cloud security market.
- July 25, 2017
G Suite security faced similar issues to Amazon Web Services, as misconfigured access permissions could have exposed sensitive information from hundreds of Google Groups.
- July 19, 2017
Following a number of data leaks related to improper AWS S3 bucket policies, Amazon has begun sending warning emails to users with public permissions.
- February 14, 2017
At RSA Conference 2017, Tenable Network Security introduced a cloud-based vulnerability management platform called Tenable.io that allows users to import and export vulnerability data.
- February 13, 2017
At RSA Conference 2017, Skyhigh Networks explained how it expanded its cloud access security broker model to include IaaS platforms and custom enterprise applications.
- February 13, 2017
The Cloud Security Alliance unveiled new research at RSA Conference 2017 that shows custom enterprise applications are creating shadow cloud computing risks for organizations.
- September 30, 2016
Microsoft's 'million-dollar bug detector' on offer in preview of Project Springfield, an Azure-based fuzz testing service announced at Ignite 2016.
- September 19, 2016
At its OpenWorld Conference in San Francisco, Oracle announced an agreement to acquire cloud access security broker startup Palerra to get into the CASB market.
- September 14, 2016
Netskope cloud report reveals growth in threat from cloud ransomware as infected enterprises average 26 files carrying malware, over half of infected files shared publicly.
- September 12, 2016
Cloud POS provider Lightspeed reports a 'security incident,' reminds customers to change passwords and developers to implement OAuth 2.0 for improved authentication.
- September 08, 2016
Phishing campaigns appear to be gearing up as email addresses and hashed passwords for more than 68 million Dropbox accounts circulate on dark web sites.
- September 01, 2016
Confirming that 68 million Dropbox passwords were exposed in 2012, the cloud provider continued to urge users to update their credentials and enable two-factor authentication.
- August 31, 2016
SearchCloudSecurity's interview with Ping Identity CEO Andre Durand explores how distributed ledgers can be used for identity and access management.
- August 30, 2016
Ping Identity CEO Andre Durand talks with SearchCloudSecurity about the benefits of identity as a service as well as the issues holding back greater enterprise adoption of IDaaS.
- August 30, 2016
Cloud storage provider warns longtime users that it's time to change Dropbox passwords, as a precaution, after discovering an old set of Dropbox credentials was exposed -- in 2012.
- August 08, 2016
At Black Hat 2016, Fireglass researchers demonstrated how attackers can take advantage of AWS account jumping and abuse CloudTrail to hide their presence.
- July 15, 2016
The U.S. Court of Appeals ruled in favor of Microsoft regarding a controversial email privacy case with the U.S. government that involves data stored in an offshore data center.
- July 13, 2016
Cloud apps and cloud customers face challenges in complying with the EU GDPR as the new data protection regulation is set to take effect in less than two years.
- June 30, 2016
Cisco made a big move to increase its cloud security business with a $293 million acquisition of CloudLock, a startup in the cloud access security broker space.
- June 28, 2016
New Cloud Security Alliance research shows growing fatigue with security alerts and endpoint agents, as well as growing adoption of IaaS and positive signs for Microsoft Azure.
- June 24, 2016
At the 2016 Cloud Identity Summit, security experts discussed how fears of nation-state attackers and APT groups are spurring a renewed focus on identity and access management.
- June 07, 2016
SearchCloudSecurity talks with Frank Abagnale of Catch Me If You Can fame about the dangers of cybercrime and his work with the FBI as well as a new security startup.
- May 20, 2016
RSA Security's Rashmi Knowles spoke with SearchCloudSecurity about how new ransomware attacks are targeting cloud service providers and what enterprises can do about it.
- April 28, 2016
Chase Cunningham of Armor spoke with SearchCloudSecurity at RSA Conference 2016 about the value of secure cloud hosting services, threat intelligence and more.
- March 21, 2016
Netskope earned a patent for its CASB services delivery method, which intelligently "steers" enterprise traffic to cloud apps and applies security controls to those apps.
- March 04, 2016
Several CISOs discussed why cloud access security brokers are imperative to their respective enterprises during a panel discussion at RSA Conference 2016.
- March 02, 2016
Cloud access security brokers are dominating the cloud security conversation at this year's RSA Conference. Here's what vendors are saying about CASBs.
- March 02, 2016
Trend Micro's Mark Nunnikhoven said enterprises are often forced to deploy distinct cloud security controls for each type of service they deploy, making security unmanageable.
- March 01, 2016
During a panel discussion at RSA Conference 2016, representatives from top cloud providers such as Google and Microsoft discussed the legal battle between Apple and the FBI over encrypted data.
- February 29, 2016
During the CSA Summit at At RSA’s 2016 Conference, Netskope warned how cloud synchronization services can spread malware infection throughout an enterprise.
- February 10, 2016
Now that enterprise data is stored in clouds of all shapes and sizes, IT needs to provide more security options than ever. This ezine supplement focuses on the issue of cloud safety and zones in on three of the latest cloud developments and their ...
- February 03, 2016
The EU and U.S. agree on Privacy Shield as the replacement for the Safe Harbor framework for transatlantic data flows, though questions remain over privacy protection details.
- February 01, 2016
What companies and cloud security products do organizations consider when they see to reduce their cloud vulnerabilities?
- January 28, 2016
An advocacy group representing cloud providers such as Hewlett Packard Enterprise and IBM has criticized FedRAMP and called on the government to fix the cloud certification program.
- January 22, 2016
The security researcher behind the LostPass phishing attack on LastPass has criticized the company's reaction and responses to his findings.
- January 19, 2016
A new proof-of-concept attack presented at ShmooCon 2016 exploits security weaknesses in cloud-based password manager LastPass and could allow attackers to gain control of users' accounts.
- January 13, 2016
RSA President Amit Yoran discusses how the security vendor is changing its focus and explains how cloud security will play an important role in RSA's new strategy.
- December 16, 2015
Security researchers at Zscaler discovered a new Spy Banker Trojan campaign that's leveraging Google's public cloud services as a hosting platform.
- December 10, 2015
Following its split from Juniper Networks, Pulse Secure looks to take on cloud access and authentication problems with a new product.
- December 03, 2015
FireEye researchers discovered an advanced persistent threat group that used Dropbox to launch a spear phishing campaign against Hong Kong media companies.
- November 24, 2015
After acquiring two cloud access security brokers this year, Blue Coat Systems has united CASB capabilities with its Web gateway security technology under a new cloud security strategy.
- November 10, 2015
After acquiring Perspecsys this summer, Blue Coat Systems makes another CASB deal for Elastica to further strengthen its cloud security presence.
- November 06, 2015
Dropbox stepped up its security offerings this week with the introduction of Dropbox Enterprise and several new cloud security controls for business customers.
- October 30, 2015
A critical Xen hypervisor security flaw that allows attackers to access host operating systems and had gone undiscovered for several years was finally patched this week.
- October 28, 2015
Intel Security unexpectedly moved several McAfee SaaS endpoint and email security products to end of life just prior to announcing a new corporate strategy this week.
- October 23, 2015
The negative effects of U.S. government surveillance have put cloud providers in a tough spot and left security vendors scrambling for better privacy protections.
- October 02, 2015
Following its shift to a managed cloud services model, Rackspace has moved into the managed security and compliance services space.
- October 01, 2015
Brian Krebs, Art Coviello and Kris Lovejoy tackle government conflicts and cybersecurity shortcomings at the Privacy. Security. Risk. 2015 event.
- September 30, 2015
Skyhigh Networks' patented method for providing cloud access security broker services uses a reverse proxy mode to provide authentication and policy controls.
- September 25, 2015
Former RSA chairman Art Coviello said the U.S. government and cybersecurity industry need to work together to solve growing issues around cloud security and privacy.
- September 18, 2015
Palo Alto Networks has launched its own CASB offering called Aperture, which aims to provide SaaS security controls for enterprises.
- September 10, 2015
In recent CASB market news, Microsoft confirms a major acquisition and Netskope raises its biggest round of venture capital funding yet.
- September 03, 2015
Security researchers discovered a new type of iOS malware that targets jailbroken devices and can allow attackers to take over the devices via iCloud.
- August 11, 2015
Startups are dominating the suddenly-hot cloud access security broker market. Now larger vendors are eager to join the party, but will they buy a CASB or build their own cloud security gateway?
- July 24, 2015
Microsoft reportedly agreed to acquire cloud security startup Adallom for $320 million, which analysts say could spark major growth for the cloud security gateway market.
- July 17, 2015
Healthcare organizations are increasing their cloud service usage, but is the cloud making them safer or creating more security issues?
- July 09, 2015
Researchers at Elastica recently discovered an Indian government agency had its employees' email addresses and passwords exposed through Google Drive.
- June 30, 2015
Cisco added another major piece to its growing security portfolio with an agreement to acquire cloud security provider OpenDNS.
- June 30, 2015
Open standards around identity and authentication are gaining popularity. So what -- and who -- is driving the movement?
- June 19, 2015
A new report from Netskope finds copious DLP violations in enterprises' cloud apps due to insufficient cloud storage security.
- June 16, 2015
LastPass, a cloud-based password manager, disclosed that it had suffered a data breach and that customer email addresses, password hashes and other information were compromised.
- June 09, 2015
At the Cloud Identity Summit this week, Ping introduced a new platform as well as support for the Apple Watch and Yubico's YubiKey.
- June 08, 2015
A new study from cloud access security broker Elastica shows a growing amount of shadow data is leaking out of enterprises via cloud services.
- June 02, 2015
Symantec looks to strengthen cloud security presence by launching Data Loss Prevention 14 and teaming up with Box.
- May 28, 2015
A vulnerability in a cloud sync application was disclosed this week that could allow hackers to gain control of OS X systems.
- May 13, 2015
Tor Project shuts down its AWS bridge effort, Tor Cloud, but encouraged developers to set up their own Tor bridges to promote anonymous cloud usage.
- May 13, 2015
CrowdStrike security researchers discovered a major bug that could impact a wide range of commonly-used virtualization platforms.
- May 08, 2015
Cloud access security brokers Adallom and Elastica recently struck major partnerships with Hewlett-Packard and Cisco, respectively, to improve SaaS security and cloud visibility.
- May 01, 2015
Azure CTO Mark Russinovich offered a behind-the-scenes look at Microsoft's cloud security practices and customer case studies at RSA Conference 2015.
- April 23, 2015
At RSA Conference 2015 Microsoft expanded its bug bounties. The program will now include three new products, including Azure and Hyper-V.
- April 22, 2015
At RSA Conference 2015 security officials from Microsoft, Google and more discussed cloud security and privacy improvements and top threats today.
- April 21, 2015
At RSA Conference 2015, Microsoft's Scott Charney said cloud security products are the future, but to gain the trust of enterprise customers, they need to offer better cloud computing transparency and control.
- April 21, 2015
Amazon, Google, Microsoft and others discussed a range of cloud security issues during a panel discussion at RSA Conference 2015.
- April 21, 2015
Qualys introduced three new offerings at RSA Conference 2015, including an improved Web application firewall and a new cloud agent platform.
- April 20, 2015
The Cloud Security Alliance and the International Information Systems Security Certification Consortium introduced a new, jointly developed cloud security certification.
- April 17, 2015
Top venture capital firms and IT companies have invested more than $200 million total on several cloud security startups in recent weeks, particularly the emerging field of cloud access security brokers.
- April 09, 2015
CipherCloud's new Global Compliance Resource Center aims to clear up the confusion around global compliance and data privacy protection laws as they pertain to the cloud.
- April 02, 2015
In the cloud security realm, experts say improved cloud visibility and big data analytics are expected to be major themes at this year's RSA Conference.