“In its current CWS offering, the vendor has great CSPM capabilities for Azure, including detecting overprivileged admins and enforcing storage least privilege and encryption, virtual machine, and network policy controls.” – The Forrester Wave™: Cloud Workload Security, Q1 2022 CrowdStrike is excited to announce we have been named a “Strong Performer” in The Forrester Wave:™ … [Read more...] about Forrester Wave Names CrowdStrike Strong Performer For Cloud Workload Security
cloud
CrowdStrike and Cloud Security Alliance Enable Pervasive Zero Trust
The security problems that plague organizations today actually haven’t changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tormented the industry for years and persist to this day. What’s changed is the speed and sophistication at which today’s adversary can weaponize these weaknesses. There’s a misperception that … [Read more...] about CrowdStrike and Cloud Security Alliance Enable Pervasive Zero Trust
Cyber Asset Attack Surface Management with Cisco Secure Cloud Insights: Beyond CSPM
In today’s digital-first world having enterprise grade information, services, and workloads in the cloud is becoming increasingly important for success. Nonetheless the lack of asset visibility that haunted private networks has not disappeared in the cloud era; it has been transferred, or some may say even aggravated. In its Hype Cycle for Security Operations, Gartner has … [Read more...] about Cyber Asset Attack Surface Management with Cisco Secure Cloud Insights: Beyond CSPM
Defense-in-depth Principles for Protecting Cloud Workloads
Migrating to the cloud has allowed many organizations to reduce costs, innovate faster and deliver business results more effectively. However, as businesses expand their cloud investments, they must adapt their security strategies to stay one step ahead of threats that target their expanded environment. Managing, securing and having visibility across endpoints, networks and … [Read more...] about Defense-in-depth Principles for Protecting Cloud Workloads
5 factors to consider when migrating Elastic to the cloud
As organizations continue migrating to the cloud to benefit from a flexible, affordable and scalable infrastructure, they need to examine all the interdependencies and consider several factors to ensure a smooth transition.When you migrate your Elastic workloads to the cloud, you should take several factors into consideration so you can maximize your investments and minimize … [Read more...] about 5 factors to consider when migrating Elastic to the cloud
Relevant and Extended Detection with SecureX, Part Four: Secure Cloud Analytics Detections
In part one of this Relevant and Extended Detection with SecureX series, we introduced the notion of risk-based extended detection with Cisco SecureX – the idea that a user can prioritise detections into incidents based on their idea of what constitutes risk in their environments and then extend those detections with enrichments from other products. In subsequent posts we’ve … [Read more...] about Relevant and Extended Detection with SecureX, Part Four: Secure Cloud Analytics Detections
How to Protect Cloud Workloads from Zero-day Attacks
Protecting cloud workloads from zero-day vulnerabilities like Log4Shell is a challenge that every organization faces. When a vulnerability is published, organizations can try to identify impacted artifacts through software composition analysis, but even if they’re able to identify all impacted areas, the patching process can be cumbersome and time-consuming. As we saw with … [Read more...] about How to Protect Cloud Workloads from Zero-day Attacks
Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware
Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans (RATs) such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, which commenced in October 2021, have primarily targeted entities located in the … [Read more...] about Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware
Why You Need an Adversary-focused Approach to Stop Cloud Breaches
It should come as little surprise that when enterprise and IT leaders turned their attention to the cloud, so did attackers. Unfortunately, the security capabilities of enterprises have not always kept up with the threat landscape. Poor visibility, management challenges and misconfigurations combine with other security and compliance issues to make protecting cloud environments … [Read more...] about Why You Need an Adversary-focused Approach to Stop Cloud Breaches
Automate Your Cloud Operations With Humio and Fylamynt
This blog was originally published Dec. 2, 2021 on humio.com. Humio is a CrowdStrike Company. A new API integration for Humio and Fylamynt helps joint customers improve the efficiency of their cloud operations teams by automating repetitive and manual operations tasks. Fylamynt, a low-code platform that delivers a developer’s approach to ITOps with site reliability engineering … [Read more...] about Automate Your Cloud Operations With Humio and Fylamynt