The secrets of successful cloud-first strategies
Today’s cloud strategies revolve around two distinct poles: the “lift and shift” approach, in which applications and associated data are moved to the cloud without being redesigned; and the “cloud-first” approach, in which applications are developed or redesigned specifically for the cloud. By far the fastest approach is to lift and shift the whole environment,…
Software-Developer Security Vendor Snyk Buys Cloud Security Company
In its fifth acquisition in 18 months, Snyk entered the cloud security sector via its announced acquisition today of cloud security and compliance firm Fugue. Snyk ultimately plans to fold Fugue’s cloud security posture and policy management technology into its Snyk Developer Security Platform. In the meantime, it will begin integrating Fugue’s technologies for DevSecOps,…
Security Analytics Firm Securonix Scores $1 Billion+ Growth Investment
The Addison, TX-based company offers a SaaS-based, multi-tenant security analytics, operations and response platform that provides visibility and advanced detection and response. According to Securonix, the massive funding will allow it to make significant investments in talent acquisition across engineering, cloud operations, threats labs, and sales and marketing. “We solve a very tough problem that…
Dynatrace Adds Real-Time Attack Detection and Blocking, Advancing Cloud Application Security
Software intelligence company Dynatrace (NYSE: DT) announced today that it has enhanced its Application Security Module to provide real-time, automatic attack detection and blocking to protect against injection attacks that exploit critical vulnerabilities, such as Log4Shell. This builds on existing capabilities, which include automatic detection of runtime vulnerabilities in cloud-native applications and container workloads. As…
Crypto Agility: Solving for the Inevitable
Security today relies on cryptography, an information-protection technology that uses algorithms to transform messages into a form that is difficult for a third party to decipher. For decades, computers and networks have relied on cryptography to provide confidentiality and integrity, and for common tasks like authentication. Arguably, it has become the backbone of modern cybersecurity…
Trends that will shape the security industry in 2022
Entering 2022, the world continues to endure the pandemic. But the security industry has, no doubt, continued to shift, adapt, and develop in spite of things. Several trends have even accelerated. Beyond traditional “physical security,” a host of frontiers like AI, cloud computing, IoT, and cybersecurity are being rapidly pioneered by entities big and small…
Recorded Future Acquires SecurityTrails in $65M Deal
With this transaction, Somerville, Mass.-based Recorded Future gets a direct entry into the competitive continuous Attack Surface Management (ASM) business and new technology to help organizations with real-time visibility into networks and servers exposed to malicious actors. The $65 million deal comes less than a year after Recorded Future announced an early-stage investment in SecurityTrails…
VMware Plugs Security Holes in Workstation, Fusion and ESXi
Tracked as CVE-2021-22045 (CVSS score of 7.7), the security vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. In an advisory, VMWare said the security defect could be exploited by attackers with access to a virtual machine that has CD-ROM device emulation enabled. An attacker capable of combining the security error…
Google Acquires Siemplify in Ambitious Cybersecurity Push
Financial terms of the transaction were not released but reports out of Israel peg the price tag in the range of $500 million. Google plans to pair Siemplify’s SOAR technology with its own home-built Chronicle security analytics platform to “change the rules on how organizations hunt, detect, and respond to threats,” according to Sunil Potti,…
VMware Patches Vulnerabilities in Workspace ONE Access
Two new vulnerabilities were fixed, the most severe of which is CVE-2021-22057 (CVSS score of 6.6), an authentication bypass that affects VMware Verify two factor authentication. By exploiting the vulnerability, a malicious actor who has gained knowledge of the first-factor authentication, may provide it to obtain second-factor authentication from VMware Verify, VMware says. Tracked as…
