Tech worker Paige A. Thompson has been charged with computer fraud for compromising the data of 106 million Capital One customers.
Thompson took advantage of a firewall misconfiguration to access data stored in a Capital One cloud server.
The cloud provider was confirmed as Amazon Web Services. Thompson was also revealed to be a former Amazon Web Services employee.
Source: SoftwareReviews Amazon Web Services Scorecard, accessed August 14, 2019
In their statement, Capital One said that “this type of vulnerability is not specific to the cloud.” What this means is that the data breach had nothing to do with security vulnerabilities of Amazon Web Services itself. The problem instead lay with a misconfigured firewall internal to Capital One.
Indeed, the relevant takeaway from this story is probably not to do with the security of Amazon Web Services. It is instead to do with why Capital One’s own Cloud Custodian – an open source governance, security, and compliance engine for cloud services – overlooked this firewall misconfiguration.
As always, clients should ensure that data stored anywhere (either in the cloud or otherwise) is protected by secure firewalls. Info-Tech’s security blueprints offer effective strategies to ensure clients can appropriately select and implement firewalls, alongside specific information on cloud security.
Source: Info-Tech Research Group Ensure Cloud Security in IaaS, PaaS, and SaaS Environments
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
For organizations that experience time-sensitive incidents that must be resolved in the most optimal and efficient manner, Bomgar (Beyond Trust) and BMC Software may have the solution. The two vendors have teamed up to address a reduction in the time it takes to resolve problematic tickets and assist in lessening the impact of cyber threats to which all organizations are subjected.
Microsoft’s cloud Security Incident Event Management (SIEM) solution leverages modern day enhancements such as Security Orchestration Automated Response (SOAR), Machine Learning (ML), and Artificial Intelligence (AI).
In today’s world many security teams require a simplified holistic method to consolidate disparate log data, threat anomalies, and responses. Due to these pressured requirements, organizations across the world are adopting or considering cloud-native Security Information and Event Management (SIEM) solutions.
KBV Research released its Global Security Information and Event Management (SIEM) Market Forecast report last month. In light of the recent COVID-19 pandemic, the SIEM market report highlights continued growth for the security solution and offers insights into how SIEM will continue to be essential for enterprises going forward.
As the Security Information and Event Management (SIEM) market continues to grow, organizations now have more options than ever to decide which SIEM is right for them. While SIEM vendors continue to innovate, the final decision often comes down to price. In the second of this five-part series on SIEM pricing, we will dive into pricing by data volume.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.
With its announcement of SvKMS, StorMagic, known for leading-edge storage solutions, has officially entered the security marketplace. SvKMS provides key management for any application that requires encryption in any location – edge, datacenter, or cloud – the proverbial magic bullet for KMS.
We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.