Collaborate Disseminate
Skyhigh is essentially the last piece of the puzzle created by Symphony Technology Group’s shakeup of several big cybersecurity brands.
The post Private equity firm that created Trellix spins off another cyber business, Skyhigh Security appeared first on CyberScoop.
Virsec reported significant momentum in the first half of 2021 with solid revenue growth, strategic customer validation and testing, and prominent industry acceptance of its non-traditional approach to reducing cyber threats. To further drive business … Continue reading Virsec expands executive team to further drive business acceleration
McAfee is offering free security services to election offices in all 50 states, the company announced on Wednesday, in order to protect voter data stored in the cloud. The offering comes by way of Skyhigh Networks, a cloud security startup that McAfee acquired last year. The product, McAfee Skyhigh Security Cloud, provides monitoring and threat detection tools for cloud software-as-a-service products (such as Microsoft Office 365, Box, Amazon Web Services and others), which are widely used by enterprises including state election offices. McAfee is giving officials a free 12-month license of the product. Since states and localities run federal elections in the U.S., officials are scrambling to make sure that their systems are secure ahead of the November general election. Observers fear that things like voter registration systems, election reporting websites and other sensitive aspects of election infrastructure could be targets. “We believe the McAfee Cloud for Secure Elections Program will […]
The post McAfee offers state election officials a year of free cloud security tools appeared first on Cyberscoop.
Continue reading McAfee offers state election officials a year of free cloud security tools
McAfee and Skyhigh Networks announced a definitive agreement to combine businesses, with McAfee acquiring Skyhigh Networks for an undisclosed amount. Skyhigh Networks and McAfee will complement each other’s portfolio and mission, allowing customers to … Continue reading McAfee acquires Skyhigh Networks
A stealthy group of hackers is using cloud infrastructure to attempt “low and slow” brute force attacks on Microsoft Office 365 logins of senior executives at a broad swath of Fortune 2000 companies, according to recent research. The cloud-on-cloud attacks, spotted earlier this year by Skyhigh Networks, appear to be an early example of a criminal or espionage group leveraging cloud infrastructure to hide not only their identity and the origins of their attack; but also the attack itself. The research highlights the increased complexity of security issues companies face when they move to the cloud. The attacks “came from multiple [cloud] providers and targeted multiple [Skyhigh] customers over a period of time,” explained Slawomir Ligier, the company’s senior vice president of engineering. “They were low and slow … designed to get under the radar.” In fact, Ligier said, Skyhigh only detected the attacks because they were able to correlate Office 365 API […]
The post Hackers use ‘cloud-on-cloud’ attacks to evade detection, attribution appeared first on Cyberscoop.
Continue reading Hackers use ‘cloud-on-cloud’ attacks to evade detection, attribution
Some security experts have described the recent exposure of sensitive information of 198 million Americans — nearly all registered voters — as “the mother load of all leaks.” Deep Root Analytics, the data analytics firm that left its AWS database exposed on the public internet for two weeks, is now facing its first class-action lawsuit. The uproar over the leak will likely continue for a long time. More than anything, this security incident highlighted the need for organizations to protect their often-overlooked Infrastructure-as-a-Service systems like AWS. The Deep Root Analytics data repository was in an S3 bucket without protected access, accessible to anyone who would navigate to a six-character Amazon subdomain. Implementing the right security strategy can prevent this kind of leak in the future. It would also help protect data from other threats. Although Amazon Web Services has invested heavily in security, the platform is not impenetrable. For example, […]
The post 10 ways to secure sensitive information on AWS appeared first on Cyberscoop.
Continue reading 10 ways to secure sensitive information on AWS
New approach to continuous Docker container security NeuVector’s solution for container security is itself a container. The application automatically learns and whitelists normal behavior to protect environments even as containers scale up and down. Through this built-in continuous application and network intelligence, it provides application layer segmentation that isolates container traffic. Any abnormal connections can then be detected and blocked before causing harm. NeuVector completes its solution with runtime vulnerability scanning across all running containers … More → Continue reading New infosec products of the week: February 3, 2017
Despite the average company using 1,427 cloud services to upload an average of 18.5 TB of data to cloud applications each month, less than 9 percent of cloud providers are taking the strict data security and privacy steps recommended for a modern enterprise, according to Skyhigh Networks. Companies specifically struggle with securing employee behavior, accurately detecting threats and enforcing cloud governance. Securing the new systems of record Now that companies trust enterprise cloud service providers … More → Continue reading The transformative impact of cloud adoption
Organizations globally believe they are their own worst enemy when it comes to cybersecurity, with 45 percent saying they are ill-equipped to cope with the threat of malicious insiders and twice as many, 90 percent, calling malicious insiders a major threat to the organizations’ security, according to Mimecast. “Companies’ IT security priorities usually change depending on different factors, among which the budget and the threat vectors are the most important for most. If last week … More → Continue reading Organizations still unprepared for malicious insiders