With Complex Cloud Integrations, Small Errors Lead to Major Compromises
Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.
The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces.
The General Services Administration is planning to use automation to speed up the process to determine which cloud services federal agencies are allowed to buy.
The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.
Combining both approaches using a cloud-native application protection platform helps organizations make their cybersecurity holistic by tapping into richer automation and prioritization features.
Infrastructure as code lets organizations manage cloud infrastructure with the same versioning, testing, and automation processes they use for application code.
New capability streamlines automated testing of cybersecurity and anti-fraud features in android and iOS apps in virtual and cloud testing suites.
Web sites, cloud services, and API servers are seeing ever more automated traffic — or bots, as they are known — forcing companies to find ways to separate the digital wheat from the chaff.
With the fresh capital, Scrut aims to focus on simplifying risk management and infosec compliance for cloud-native SaaS, Fintech, and Healthtech companies
The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger.
The company emerges from stealth with an automated security remediation product identifies and remediates cloud misconfigurations.
Extends cyber asset attack surface management solution to multi-cloud environments,
New open source Cloud Hunter tool, developed through Lacework Labs research, helps customers get better visibility to reduce response times for incident investigations.
DeepSurface’s Tim Morgan explains how network complexity and cloud computing have contributed to the challenge, and how automation can help.
Lacework's Mark Nunnikhoven joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about AI and cloud security.
Acquisition will leverage Forescout’s automated cybersecurity with Cysiv's cloud-native platform to deliver data-powered analytics for 24/7 threat detection and response.
Acquisition of cloud-based alert security company will help Sophos automate tasks bogging down security teams, the company says.
New integrations enable Contrast capabilities to be delivered to Red Hat OpenShift users.
Swimlane’s Asia-Pacific presence grows 173%, highlighting rising demand for low-code security automation.