RSA CONFERENCE 2022 – If cloud services weren’t complicated enough for the typical business today to properly configure and secure, there’s also a lesser-known layer of middleware that cloud providers run that can harbor hidden security flaws. Researchers from Wiz.io last week at RSA Conference in San Francisco unveiled an open source, cloud middleware database…

Lacework, the data-driven cloud security company, today announced new features added to the Polygraph® Data Platform which provide enhanced visibility and protection in Kubernetes environments. Through Kubernetes audit log monitoring, integration with the Kubernetes admission controller, and Infrastructure as Code (IaC) security, Lacework customers can now further minimize risks in build time and automate discovery…

Apache Log4j vulnerabilities disclosed in December 2021, including the one tracked as Log4Shell, can allow attackers to remotely execute arbitrary code and take control of vulnerable systems. In response to these flaws, AWS released multiple hot patches – each suitable for a different environment, including servers, Kubernetes, Elastic Container Service (ECS) and Fargate – that…

Following the massive infusion of cash, investors are valuing the company at $8.3 billion. San Francisco, California-based Lacework was founded in 2015 by Mike Speiser (managing director of Sutter Hill Ventures) Sanjay Kalra (now founder and CEO at ShiftRight), and Vikram Kapoor (CTO). It was built on the principal that cloud security is fundamentally a…

The company’s agentless CNAPP solution aims to secure multi-cloud IaaS and PaaS environments, as well as containers and data, through a single, unified interface. Founded in February 2021, the Santa Clara, California-based company offers support for major cloud infrastructure providers, including AWS, Azure, Google, IBM, and Oracle. Microsec.ai claims to provide visibility into containers, microservices,…

Amazon Web Services (AWS) has made available three new S3 (Simple Storage Service) security and access control features: Object Ownership Bucket Owner Condition Copy API via Access Points Object Ownership Object Ownership is a permission that can be set when creating a new object within an S3 bucket, to enforce the transfer of new object…