- Microsoft is extending its native cloud security posture management (CSPM) and workload protection capabilities to Amazon Web Services (AWS) – yes you heard that right! within a suite called Microsoft Defender for Cloud. This was previously know as Azure Security Center and Azure DefenderAt their annual conference Ignite 2021, their focus was enterprise cloud protection, specially multi cloud environments. Microsoft Defender for Cloud will now let organizations secure AWS and Azure environments from one place without depending on the AWS Security Hub. We will bring you the highlights from Ignite 2021 next week, you can check out the event virtually here
- For folks who have been waiting on better security services support for Linux on Microsoft Azure – they recently announced the expansion of the Defender for Endpoint on Linux capabilities. Defender for Endpoint is a cloud-based product that includes vulnerability management and assessment, and endpoint detection and response (EDR) on Linux servers. This has been welcomed by security researcher community considering Linux OSs dominates on Microsoft’s Azure cloud landscape and will let their customers focus on securing Linux-based cloud apps.
- Are you wondering about Oracle Cloud and what they are upto? Oracle Cloud most recently trying to stand out amongst its competitors by broadening the range of built-in and add-on cybersecurity features in Oracle Cloud Infrastructure. Oracle said the new features are intended not only to simplify management but also to address the problem misconfiguration and user error. If you want to find out more – you can check out their new Oracle Cloud Infrastructure Web Application Firewall for Flexible Load Balancers, Oracle Cloud Infrastructure Vulnerability Scanning Service, Oracle Cloud Infrastructure Bastion and Oracle Cloud Infrastructure Certificates
- If you use Crowdstrike, this ones for you. The popular real-time detection and automated response software, Crowstrike is making some big moves in the Cloud Space, doubling down on zero trust. They have invested in JumpCloud along with other popular names like Atlassian Ventures. Jumpcloud is a directory platform that enables companies to enable Zero-Trust across their organistion, by providing a single identity for users across trusted devices, identity and network. Crowdstrike also is set to acquire security-as-a-service vendor SecureCircle which provides Zero trust security to securely share data like your Source Code and more across endpoints.
- The National Security Agency (NSA) and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement. This document provides recommendations for mitigating lateral movement attempts by threat actors who have gained initial access to cloud infrastructures. You can check out the report here
- If you have been reading about Robinhood being hacked, this one wasn’t a cloud security breach however a good old social engineering attack which if your interested to know more about, you can read here
