Shared Responsibility and Configuration Management in the Cloud: SecTor 2020

A number of high-profile data breaches have resulted directly from misconfigured permissions or unpatched vulnerabilities. For instance, the 2017 Equifax breach was the result of exploiting an unpatched flaw in Apache Struts allowing remote code execution. More recently, the Capital One breach last year stemmed from a misconfigured web application firewall. Verizon’s 2020 DBIR reported […]

Continue Reading

Podcast Episode 9 – Cloud Misconfigurations: Simple Mistakes, Big Consequences

Tripwire’s Brent Holder and Stephen Wood discuss recent study findings that provide a snapshot of what organizations are doing (and not doing) to secure their cloud. Spotify: https://open.spotify.com/episode/5wXKv9DiQjfsZNf6heXg67 Stitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcast RSS: https://tripwire.libsyn.com/rss YouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3 The following is an edited excerpt from a recent episode of Tripwire’s Cybersecurity Podcast. Tim Erlin: Welcome everyone to the Tripwire […]

Continue Reading

Survey: 76% of IT Pros Say It’s Difficult to Maintain Security Configs in the Cloud

Cloud misconfigurations are no laughing matter. In its “2020 Cloud Misconfigurations Report,” DivvyCloud revealed that 196 separate data breaches involving cloud misconfigurations had cost companies a combined total of approximately $5 trillion between January 1, 2018 and December 31, 2019. The problem is that those costs could be even higher; as reported by ZDNet, 99% […]

Continue Reading

Gérer la configuration des Firewalls : un élément clé de la politique de cybersécurité

La sécurisation des systèmes d’information représente un enjeu clé pour les entreprises et structures publiques qui sont exposées à des cyberattaques toujours plus impactantes. Dans ce contexte, les différentes organisations semblent enfin prendre la mesure des tâches à mettre en œuvre pour limiter leur exposition aux risques cyber. Cela se matérialise notamment par des investissements […]

Continue Reading

Une mauvaise configuration constitue le risque N°1 en matière de sécurité des environnements Cloud

Trend Micro rappelle l’importance de prendre en compte l’ensemble des niveaux de l’IT lors d’une migration vers le Cloud. Trend Micro Incorporated, entreprise japonaise parmi les leaders mondiaux en matière de solutions de cyber-sécurité, publie les résultats d’une étude sur la sécurité du Cloud. Cette dernière met en évidence deux vecteurs d’attaques, qui ouvrent la […]

Continue Reading