Azure Defender for IoT had five security vulnerabilities that SentinelOne‘s SentinelLabs had discovered and proactively reported to Microsoft. Some of the flaws are rated "Critical" for severity.
Attacks on cloud-native infrastructures are on the rise. Research over a six-month period in 2021 shows a 26% increase in attacks on container environments over the previous six months. Malicious actors are targeting the auto-build process, packing the payloads, using rootkits, and compromising misconfigured APIs often within less than an hour from setup. Automating vulnerability scanning […]
Open source Trivy plugs into the software build process and scans container images and infrastructure-as-code files for vulnerabilities and misconfigurations.
Microsoft bolsters zero trust play with CloudKnox buy
Microsoft bolsters zero trust play with CloudKnox buy
CloudKnox operates a platform for managing the identity privilege lifecycle across hybrid cloud environments. Credit: Microsoft
Microsoft has acquired cloud security start-up CloudKnox, a move it hopes will offer Microsoft Azure Active Directory customers greater granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions.
Based in California, CloudKnox operates a platform for managing the identity privilege lifecycle across hybrid cloud environments. It employs an activity-based authorisation model to do this.
The company claims its approach offers a non-intrusive way to manage identity privileges and protect organisations critical infrastructure from malicious and accidental credential abuse.
Reseller News
Join Reseller News
Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.Sign up now
Microsoft doubles down on zero trust with RiskIQ acquisition
Will integrate RiskIQ s data and solutions with Microsoft s Security portfolio. Credit: Dreamstime
Microsoft has acquired security vendor RiskIQ in an effort to boost cyber security around digital transformation and the concept of zero trust.
The global giant reportedly paid US$500 million cash for the surface-based security and risk management vendor, according to
Bloomberg, and will gain access to the company’s alleged 100,000 users.
According to a Microsoft blog post, RiskIQ’s technology helps customers discover and assess security across the entire attack surface, including “in the Microsoft cloud, AWS [Amazon Web Services], other clouds, on-premises, and from their supply chain”.