Posts tagged Cloud Security

4 min Cloud Security

A Matter of Perspective: Agent-Based and Agentless Approaches to Cloud Security, Part 1

When it comes to securing your cloud assets' activities at runtime, the first step is deciding how.

5 min Cloud Security

Turn On, Tune In, Drop the Noise: Achieve Better Cloud Security by Reducing Noise

For security professionals, it's easy to get lost in the noise. And when it comes to cloud security, tuning into the signal is essential.

4 min Kubernetes

Have You Checked the New Kubernetes RBAC Swiss Army Knife?

InsightCloudSec’s RBAC tool is an all-in-one open-source tool for analyzing Kubernetes RBAC policies and simplifying Kubernetes RBAC.

3 min Cloud Security

To the Left: Your Guide to Infrastructure as Code for Shifting Left

Shifting cloud security left helps teams catch misconfigurations, avoid security bottlenecks, and keep both DevOps and SecOps happy.

4 min Cloud Security

OMIGOD: How to Automatically Detect and Fix Microsoft Azure’s New OMI Vulnerability

On September 14, 2021, security researchers disclosed new vulnerabilities in Microsoft Azure’s implementation of Open Management Interface (OMI).

2 min Cloud Security

Cloud Challenges in the Age of Remote Work: Rapid7’s 2021 Cloud Misconfigurations Report

The cloud has increased innovation, but it’s also impacted security risks. Our 2021 Cloud Misconfigurations Report takes a closer look at those risks.

3 min Cloud Security

Cloud Security Glossary: Key Terms and Definitions

The cloud security experts here at Rapid7 have created a list of key terms and concepts to help you continue your journey into cloud security and DevSecOps with clarity and confidence.

7 min Ransomware

The Ransomware Task Force: A New Approach to Fighting Ransomware

The Institute for Security and Technology put together a comprehensive Ransomware Task Force (RTF) to identify new approaches to shift the dynamics of ransomware and reduce opportunities for attackers.

2 min InsightCloudSec

Introducing InsightCloudSec

Rapid7 is proud to announce our next step in helping to drive cloud security forward: InsightCloudSec.

3 min Detection and Response

Automated remediation level 3: Governance and hygiene

The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.

2 min Detection and Response

CVE-2021-20025: SonicWall Email Security Appliance Backdoor Credential

The virtual, on-premises version of the SonicWall Email Security Appliance ships with an undocumented, static credential, which can be used by an attacker to gain root privileges on the device.

2 min Cloud Security

Action! Start putting automation into practice.

In our new blog series, we’ll talk about the challenges of leveraging automation and actually putting it into practice for your organization and business.

3 min Identity Access Management

All about the boundaries: The cloud IAM lifecycle approach

Implementing cloud Identity Access Management (IAM) boundaries can seem like an oxymoron in the midst of rapid growth or need for access as new personnel, teams, or supply-chain partners come online.

3 min DevOps

Creating coefficiency: DevOps, Security, and Compliance

The ultimate goal on the security horizon is, of course, to prevent risks and misconfigurations before runtime. This won’t always happen, but teams can still get into a rhythm where runtime mistakes become the exception rather than the rule.

4 min Cloud Security

5 questions to answer before spending big on cloud security

Convincing people to sign off on big cloud security spends is, most assuredly, a never-ending process. Because every so often (be it in 6 months, 1 year, 2 years), your security organization will have to pitch to the check-writers all over again.