Druva launched Dru Investigate, a gen AI-powered tool that guides data security investigations using a natural language interface. With Dru Investigate, users across IT, security, legal, and privacy teams can swiftly identify and mitigate data risks, without needing to write complicated queries. Built on Amazon Bedrock, an AWS service to easily build and scale generative AI applications with foundation models, Dru Investigate leverages Druva’s insights from protected data to streamline cyber and legal investigations. Data … More →
The post Dru Investigate simplifies cyber investigations and helps users uncover data threats appeared first on Help Net Security.
Written by: Rupanjana Mukherjee, Jon Sabberton
In the era of multi-cloud adoption, where organizations leverage diverse cloud platforms to optimize their operations, a new wave of security challenges have emerged. The expansion of attack surfaces beyond traditional on-premises environments, coupled with complex permission structures and the prevalence of overly permissive accounts, has created fertile ground for sophisticated cyberattacks.
Our white paper, Standardizing Privileged Access Architecture for Multi-Cloud, explores the critical risks associated with multi-cloud environments, and provides a practical framework for establishing a robust security posture.
This Mandiant paper delves into the intricacies of managing disparate cloud identities, roles, and access control models, highlighting the vulnerabilities that arise from misconfigurations and fragmented security practices. Additionally, this paper examines real-world attack scenarios observed by Mandiant, demonstrating how threat actors exploit these weaknesses to compromise sensitive data, disrupt operations, and gain unauthorized control.
To counter these evolving threats, Mandiant introduces a cloud agnostic tiered security model revolving the following controls, to protect privileged access to critical assets in the cloud:
Resource tiering within cloud platforms
Limiting lateral movement through credential tiering
Enforcing strict access controls through a zero-trust approach
Apply scalable security configurations and governance for all resources
Consistent monitoring and analytics practices
This paper discusses an architecture for cloud agnostic tiering, and how it will help protect a hybrid multi-cloud environment from various modern cyberattacks. By implementing the proactive measures outlined in this paper, organizations can effectively mitigate risks associated with a hybrid multi-cloud environment, limit paths of lateral movement, and protect their critical assets in the dynamic multi-cloud landscape.
For organizations exploring multi-cloud deployments and those attempting to secure their current cloud resources, this paper serves as a vital guidance to harden their environment against cloud-based attacks.
Read the paper today. To hear more about the topics discussed in this paper, watch our “Standardizing a Privileged Access Model for a Multi-Cloud Environment” session from mWISE Conference 2024.
The investment will drive the company’s advancement of scalable workload access management for enterprises Aembit, the leading non-human identity and access management (IAM) company, has secured $25 million in Series A funding, bringing its total capital raised to nearly $45 million. Acrew Capital led the round, with participation from existing investors Ballistic Ventures, Ten Eleven […]
The post Aembit Raises $25 Million in Series A Funding for Non-Human Identity and Access Management appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
NETSCOUT announced updates to its advanced, scalable deep packet inspection-based Omnis Cyber Intelligence Network Detection and Response (NDR) platform. New MITRE ATT&CK behavioral analytics enable earlier detection of advanced threats like ransomware, suspicious traffic, or unauthorized access attempts while improving remediation to help meet industry and country compliance requirements. “Digital resilience allows enterprises to continuously operate and quickly leverage digital opportunities to serve their customers, especially during economically challenging times,” stated Fernando Montenegro, senior principal … More →
The post NETSCOUT enhances Omnis Cyber Intelligence platform with MITRE ATT&CK behavioral analytics appeared first on Help Net Security.