Sep 21, 2021 | Recent News
Late last month, researchers from cloud security firm Wiz found a new vulnerability that allows Azure users to access cloud databases of other users, breaking the principle of secure multitenancy. They dubbed it ChaosDB. Read more…
Sep 20, 2021 | Recent News
Threat actors have started to actively exploit critical Microsoft Azure vulnerabilities, just days after Microsoft disclosed them during September’s Patch Tuesday. Read more…
Sep 20, 2021 | Cloud security, DevOps, Recent News
Developers are starting to embrace the idea that threat modeling is a best practice as part of the secure development lifecycle (SDLC). And if it is, it can no longer be seen as a project. It must evolve into a process. A Project vs a Process Projects and processes...
Sep 17, 2021 | Recent News
Just a few days after the four OMIGOD vulnerabilities were discovered in Microsoft Azure, researchers on Friday reported that Mirai botnets are either scanning or actively exploiting OMIGOD. Read more…
Sep 17, 2021 | Recent News
Cybercriminals are targeting Linux-based servers running Microsoft’s Azure public cloud environment that are vulnerable to flaws after Microsoft didn’t automatically apply a patch on affected clients in its infrastructure. Read more… If you’d like to learn more...
Sep 17, 2021 | Recent News
No sooner had the Open Management Infrastructure (OMI) software agent silently installed by Microsoft on more than half of all Azure instances been revealed then threat actors were already on the case, exploiting the flaws. “Mirai botnet is exploiting #OMIGOD—they...
Sep 13, 2021 | Cloud security, DevOps, Recent News
When considering the evolution of the software development lifecycle, the first thing that comes to mind is the shift from waterfall to agile. The shift to agile was driven by the need for software development to be, well, more agile. From Catalyst Investors, “The...
Aug 30, 2021 | Cloud security, DevOps, Recent News
NIST and the FDA think so. It’s hard to find a medical device today that doesn’t use software, have an app or connect to the cloud. And the FDA knows it. So much so that it’s now recommending threat modeling (TM) as a best practice when developing medical devices and...
Aug 24, 2021 | Cloud security, DevOps, Recent News
Every developer wants to create secure applications. Unfortunately, there are always some limitations to developing secure applications. And since no one in DevOps seems to be able to wish a secure application into existence, they are stuck following a simple two-step...
Jul 21, 2021 | Cloud security, DevOps, Recent News
Security during cloud migration would be a challenge even if it were done all at once. Since smart cloud migration is done in steps, security during cloud migration becomes even more challenging. Not only are you dealing with two architectures—one on-premises and one...
