Cloud encryption is the process of transforming data into a secure format that's unreadable to anyone who doesn't have the key to decode it.| wiz.io
Configuration drift is when operating environments deviate from a baseline or standard configuration over time. Let’s take a closer look.| wiz.io
Discover the top 11 cloud security vulnerabilities and real-world examples so you can learn how to protect your cloud environment, customers, and business.| wiz.io
L’analyse des vulnérabilités est le processus de détection et d’évaluation des failles de sécurité dans les systèmes informatiques, les réseaux et les logiciels. Les scanners de vulnérabilités sont des outils qui recherchent en permanence les vulnérabilités connues des systèmes, y compris les mises à jour de sécurité manquantes, les erreurs de configuration et les secrets exposés.| wiz.io
Tips and tricks for handling the fact that conference talks and engineering blogs are often quilted from small omissions and half-truths.| High Signal Security
A talk expanding on the ideas first shared in ramimac.me/scorecarding| High Signal Security
Learn how AWS VPC Endpoint CloudTrail logs can help you troubleshoot endpoint policies and strengthen your network's security against data exfiltration.| High Signal Security
Shadow data is any data that is created, stored, or shared outside of an organization's formal IT environment and management policies.| wiz.io
Data classification is the process of organizing and categorizing data based on its importance and sensitivity to protect your most critical assets.| wiz.io
The shared responsibility model is a framework establishing cloud security responsibilities between cloud service providers (AWS, GCP, Azure) and customers.| wiz.io
A security misconfiguration is when incorrect security settings are applied to devices, applications, or data in your infrastructure. Learn more in this guide.| wiz.io
CIEM is a specialized access management approach that provides visibility and control for cloud environments. IAM manages user identities, permissions, and roles across your organization's IT resources.| wiz.io
Master vulnerability scanning with this detailed guide. You’ll learn about scanning types, how scanning works, how to pick the right scanning tool, and more.| wiz.io
In this post, we’ll find out why the sensitive data discovery process is so important—along with some of the main challenges. We’ll see how companies tackle the daunting task of classifying their data.| wiz.io
A cloud operating model is a set of practices and procedures that organizations follow for effective management of their cloud resources.| wiz.io
IAM security consists of policies and technologies designed to ensure that only authorized individuals gain access to the relevant resources within an organization.| wiz.io
In this article, we will explore the challenges of managing permissions, the risks associated with improper access controls, and how major cloud providers handle permissions.| wiz.io
Data leakage is the unchecked exfiltration of organizational data to a third party. It occurs through various means such as misconfigured databases, poorly protected network servers, phishing attacks, or even careless data handling.| wiz.io
🎉1 Million Views in my Blog 🎉 When I started writing my blog, it was more of a personal notebook for what I considered important. The amount of information in the field has been exhausting for many…| Sam's Corner
Cloud security controls are a set of measures and best practices to protect your cloud environment from security threats.| wiz.io
Uncover major cloud security issues like data breaches, misconfigurations, account hijacking, insider threats, limited visibility, evolving attack surfaces, and more.| wiz.io
Learn the foundations and strategies for cloud security and how managers and teams can maintain the triad of confidentiality, integrity, and availability.| wiz.io
A cloud security strategy is the combination of the measures, tools, policies, and procedures used to secure cloud data, applications, and infrastructure.| wiz.io
Cloud Security Posture Management (CSPM) continuously detects and remediates risks in cloud environments and services (e.g. S3 buckets w/ public read access).| wiz.io
The principle of least privilege (PoLP) is a security concept that grants users, programs, or processes the minimal access needed to perform their tasks.| wiz.io
Data security posture management (DSPM) is a solution designed to continuously monitor an organization's data security policies and procedures to detect vulnerabilities and potential risks.| wiz.io
Cloud infrastructure entitlement management (CIEM) is a security process that helps organizations manage and control access rights to cloud resources.| wiz.io
An attack surface is refers to all the potential entry points an attacker could exploit to gain unauthorized access to a system, network, or data.| wiz.io
As we approach the fourth anniversary of the Entra ID Attack and Defense Playbook in October 2024, it’s a perfect time to reflect on its evolution and the collective effort that has made it a valuable resource (based on the feedback) for security professionals. The playbook began as a vision to consolidate common attack scenarios […]| Sam's Corner
CNAPP is a an end-to-end cloud-native security solution combines key functionalities like posture management, workload protection, runtime protection, and data security.| wiz.io
Last spring, I teamed up with the amazing Raghavendra Boddu on a book project that consumed our days and nights for nine months, starting in July 2023 and ending in March 2024. During that time we …| Sam's Corner
Azure storage services offer a variety of options for storing and managing data in the cloud. However, storing data in the cloud also comes with some security risks and challenges that organizations should be aware of. Common questions around Azure Storage Accounts are: In this blog post, I will demonstrate how to monitor Azure Storage […]| Sam's Corner