Cloud environments, in all their dynamic complexity, demand careful monitoring by DevOps and security teams. But the sheer abundance of telemetry data associated with the thousands of resources, users, and roles that comprise these environments can make monitoring a formidable task, causing security risks and other issues to be all too easily overlooked.
In this blog post, we'll cover some best practices for managing AWS secrets when using the AWS SDK in Python.
Cloud computing is the most cost-effective way to store and manage data and meet growing business demands today. However, the rapid rise of cloud usage means you need to stay alert to potential cloud security insider threats that can compromise your sensitive data and security posture. In this post, we discuss the insider threat landscape, explore several types of cloud insider threats, and examine the best practices to combat these threats.
Security Week 2023 is officially in the books. In our welcome post last Saturday, I talked about Cloudflare’s years-long evolution from protecting websites, to protecting applications, to protecting people. Our goal this week was to help our customers solve a broader range of problems, reduce external points of vulnerability, and make their jobs easier. We announced 34 new tools and integrations that will do just that.
Cloudflare offers many security features like WAF, Bot management, DDoS, Zero Trust, and more! This suite of products are offered in the form of rules to give basic protection against common vulnerability attacks. These rules are usually configured and monitored per domain, which is very simple when we talk about one, two, maybe three domains (or what we call in Cloudflare’s terms, “zones”).
We are thrilled to announce the full support of wildcard and multi-hostname application definitions in Cloudflare Access. Until now, Access had limitations that restricted it to a single hostname or a limited set of wildcards. Before diving into these new features let’s review Cloudflare Access and its previous limitations around application definition.
There’s an important shift happening in the cloud security industry: organizations are looking for an integrated platform that connects the dots between several key security use cases from source through production. Whether it is for tool consolidation, consistent end-to-end experience, or “one throat to choke,” customers are increasingly choosing a platform-based approach to address critical cloud security risks.
During every Innovation Week, Cloudflare looks at our network’s performance versus our competitors. In past weeks, we’ve focused on how much faster we are compared to reverse proxies like Akamai, or platforms that sell serverless compute that compares to our Supercloud, like Fastly and AWS. This week, we’d like to provide an update on how we compare to other reverse proxies as well as an update to our application services security product comparison against Zscaler and Netskope.
I recently had the pleasure of participating in a great panel discussion at the San Diego Cyber Security Summit, entitled “Cloud Security — Leveraging Its Strengths and Overcoming Its Vulnerabilities,” alongside representatives from Palo Alto Networks, Gigamon, Sysdig, Lacework, Imperva, and Tufin.
