- Organizations need a clear way to identify security gaps and tools available to address them. To tackle this Sounil Yu, former Chief Security Scientist at Bank of America and current CISO and Head of Research at JupiterOne has released The Cyber Defense Matrix eBook. It’s been called “an important strategic tool to help CISOs implement a high confidence security program.” Industry leaders have shared that Sounil’s classification system helps both security leaders and investors alike understand the true value and operational potential of cybersecurity solutions, providing much-needed guidance for making responsibly informed decisions around highly technical and often overlapping products. You can download the ebook here
- If you have been following Cloud Security Podcast and Cloud Security News, you are probably very familiar with Cloud Security Alliance AKA as CSA, an organization known for defining standards, certifications and best practices to help ensure a secure cloud computing environment. You can learn more about them here. In collaboration with CrowdStrike, Okta, and Zscaler they have launched the Zero Trust Advancement Center. CSA in their press release shared that the industry currently does not have access to quality education that explains Zero Trust in a vendor-agnostic setting and the creation of this is an effort to address this gap. The Zero Trust Advancement Center builds upon several existing CSA projects and organizations can register their interest and participate in the program. You can read their press release here and find out more about the program here.
- Microsoft has recently released a security update to address the vulnerability in Microsoft Defender for Endpoint. Microsoft shared that with their March security update release, they are further hardening Microsoft Defender for Endpoint by addressing the ability for attackers to spoof information between the client and the service. The vulnerability impacts all platforms and the update should be deployed just like any other security update. At time of publication, Microsoft confirmed that it was not aware of any attacks that have leveraged this vulnerability. In addition to the security update, Microsoft has released detections for possible exploit activity which it encourages customers to monitor. Read more about this here.
- If you use Google Cloud’s Anthose Service Mesh – which is their suite of tools that helps you monitor and manage service mesh on-prem or on Google Cloud. The Istio control plane, istiod, reported a high severity vulnerability this week that allows a malicious attacker to send a specially crafted message which results in the control plane crashing when the validating webhook for a cluster is exposed publicly. This endpoint is served over TLS port 15017 but does not require any authentication from the attacker. Google has issued a mitigation update sharing that If you’re using Anthos Service Mesh v1.9 or below, your release has reached end of life and is no longer supported. These CVE fixes have not been backported and that you should upgrade to Anthos Service Mesh 1.10 or above. Read more about this here
