Aqua Security creates first unified scanner for cloud native security

A padlock on a shed.

Aqua Security, a pure-play cloud native security provider, has unveiled multiple updates to Aqua Trivy, which it says makes it the world’s first unified scanner for cloud native security.

Consolidating multiple scanning tools into a single tool, it is now the most comprehensive vulnerability and misconfigurations scanner for cloud native applications and infrastructure. Trivy is also being integrated into the Aqua Platform as Trivy Premium, through which customers can take...

Cisco releases its Cloud Controls Framework to the public

Cisco building in Amsterdam.

Cisco has released the Cisco Cloud Controls Framework (CCF) to the public.

The Cisco CCF is a comprehensive set of international and national security compliance and certification requirements, aggregated in one framework. It empowers teams to make sure cloud products and services meet security and privacy requirements thanks to a simplified rationalized compliance and risk management strategy, saving significant resources.

Meeting the fast-evolving requirements for...

Debunking the top myths about cloud-based physical security

Cloud Myths

Over the years, cloud-based physical security technology has been increasing in power and popularity as many businesses have begun to favour the cloud over on-premises systems. According to cloud security company Thales, 90% of companies worldwide use the cloud. The cloud is essential to data management for most businesses and there are many reasons why. 

Cloud-based technology is sweeping the security industry because of its advanced abilities and unparalleled convenience....

Evolution of cybercriminals’ attacks on cloud native environments revealed

A graphic of a padlock.

Attackers are finding new ways to target cloud native environments, according to Nautilus, the threat research team of cloud native security provider, Aqua Security.

The team's latest research shows that adversaries are adopting more sophisticated techniques, leveraging multiple attack components, and shifting attention to Kubernetes and the software supply chain. The “2022 Cloud Native Threat Report: Tracking Software Supply Chain and Kubernetes Attacks and Techniques”...

Accenture launches sovereign cloud practice

Accenture's Argentina office.

Accenture has announced a new worldwide practice to help organisations take advantage of disruptive new technologies in the cloud utilising trusted frameworks, services and controls.

The new Accenture Cloud First Sovereign Practice includes four new sovereign cloud centers in Kronberg, Germany; Trondheim, Norway; Paris and Rome. Located within Accenture Innovation Hubs, these centres bring Accenture industry, security and technology specialists together in collaboration with...

UK firms ‘have limited awareness’ of cloud native security

A padlock on a shed.

Around a third of companies say that between 50-75% of their apps are cloud native, yet 20% have no cloud native security strategy in place.

This is according to a study by Aqua Security, which also found that 68.3% of respondents to its survey also admit that they are not familiar with the term CNAPP (Cloud Native Application Platform Protection), the cloud native security concept introduced by analyst firm, Gartner.

Paul Calatayud, CISO at Aqua Security, said: “As...

Cloud-native adoption shifts security responsibilities across teams

A padlock on a keyboard.

Cloud-native and open-source are booming with IT decision makers (97%) and developers (96%) stating that their organisations plan to expand use over the next 12 months.

With this increase in use comes a greater need for security due to rising compliance regulations and ever-evolving cyberattacks. Both parties stated that they have high confidence in their organisations’ ability to manage security for cloud-based applications, with 97% of IT decision-makers and 96% of developers...

Andrew Egoroff, ProcessUnity: On the increased cybersecurity threat and mitigating risks

Cloud Tech caught up with Andrew Egoroff, Senior Cybersecurity Specialist at ProcessUnity, to discuss the increased threat around the Russia-Ukraine crisis and how to mitigate risks from third parties.

A business can implement excellent internal cybersecurity measures, but a slip-up from a third-party vendor can have devastating consequences. ProcessUnity specialises in helping businesses determine what vendors carry the lowest risk.

“We try and evangelise the...

Google acquires cybersecurity firm Mandiant

Thomas Kurian, CEO, Google Cloud.

Google has signed a definitive agreement to acquire Mandiant, a specialist in dynamic cyber defence and response for $23.00 per share.

The all-cash transaction is valued at approximately $5.4 billion, inclusive of Mandiant’s net cash, and will see Mandiant join Google Cloud.

Organisations are facing cybersecurity challenges that have accelerated in frequency, severity and diversity, creating a global security imperative. To address these risks, enterprises need to be...

Misconfiguration was the number one cause of cloud-security incidents in 2021

As organisations continue to adopt the cloud, with 35% running more than 50% of their workloads on the likes of Azure, AWS and GCP, they struggle to manage the complexity of securing their cloud infrastructures across multiple cloud platforms, while also suffering a cyber-skills and knowledge shortage.

This is one of the key findings from the 2022 Cloud Security Report from cybsersecurity solutions provider Check Point Software Technologies.

The global report, based on a...