10 Pros and Cons of AWS Guardduty

10 Pros and Cons of AWS GuardDuty

Walking around cyber security trade shows, you can’t help but notice how standard pen tester booths are. Pen testers, or penetration testers, simulate an unauthorized attack where they purposely try to infiltrate your network or cloud to uncover security gaps. It’s just like an actual attack made by an ethical hacker you paid for.  Why are such services so in demand? Because the cyber threat landscape exploded in the past few years. Cloud exploitation grew by 95% in 2022 compared to the previous year, and the situation will likely worsen.  Luckily for AWS users, AWS offers GuardDuty to continuously monitor your AWS accounts, detect threats and automate threat response. This article delves deep into the GuardDuty world, exploring its capabilities, use cases, advantages, and potential gaps.  What is AWS GuardDuty? GuardDuty is a real-time threat ...
קרא עוד

Skyhawk Synthesis Security Platform mentioned in the 2023 Gartner® Emerging Tech: Security — Cloud Investigation and Response Automation Offers Transformation Opportunities

This post was written by Jennifer Gill, VP Product Marketing at Skyhawk. Skyhawk Security was recently mentioned in Gartner research, “Emerging Tech: Security – Cloud Investigation and Response Automation Offers Transformation Opportunities”, and we think that it really aligns with our vision and strategy. According to the Gartner report, “Cloud investigation and response automation is emerging to automate the investigation and collection of digital forensics in the cloud. Product leaders must adopt transformative cloud technologies to address demand for expanding data collection, analysis, and collaboration and future business models.” Skyhawk Synthesis recognizes that there are so many sources of security information in the cloud and have architected our product in a way to address this. First, Skyhawk Synthesis does not depend on agents. This ensures that ...
קרא עוד

“Toxic Combinations” are Inadequate: A Case Study

Posture management has turned into an exercise in prioritization, but this hasn’t made us safer. This post was written by Chen Burshan, CEO of Skyhawk Security If a Tree Falls in the Forest… We all know the adage, “If a tree falls in the forest and nobody is there to hear it, does it make a sound?” It’s a philosophical allegory essentially questioning whether something that has not been empirically seen or heard has importance or consequence. In security, and particularly cloud security where Skyhawk has gathered some expertise, this allegory is the fundamental question to ask about alerts that come from popular security posture management tools. Notifications on misconfigurations, vulnerabilities, and combinations of the two are abundant but are not always toxic unless they can be exploited by threat actors. Like those trees in the forest, they do make a ...
קרא עוד
What is the Cloud Security Maturity Model and How mature are you?

What is the Cloud Security Maturity Model, and How mature are you?

The cloud revolution has taken the business world by storm, and the thunder is still roaring. From the smallest companies to Fortune 500 enterprises, organizations are launching their data, workloads, and applications into the cloud. And gleefully reaping the benefits. However, as with most revolutionary technologies in the past, the rushed pandemic-fueled race to digital transformation led most organizations to neglect information and cyber security in their roadmap.  As many as 80 percent of organizations that spend over one million dollars annually on cloud infrastructure admit needing a dedicated security team to protect their cloud assets and resources. Left to pick up the slack are information security teams that are, on average, responsible for 32,190 devices (including 28,872 cloud hosts) per team. So it’s no wonder that most IT and security leaders are ...
קרא עוד
7 Best Practices for a Cloud Detection and Response Framework

7 Best Practices for a Cloud Detection and Response Framework

The sky's the limit for cloud computing. As new cloud-native applications like containers, microservices, and APIs grow in popularity, the cloud’s scalability and adaptability make it attractive for businesses. Emerging technologies such as generative AI and Web3, which require powerful computing capabilities, are also bringing the cloud’s growth to a whole new level.  While the cloud is generally safe, the more companies rely on it, the more attractive it becomes for cybercriminals. Almost 27% of businesses experienced a security breach in their public cloud infrastructure over the past year , with nearly a quarter of these breaches resulting from their cloud infrastructure's security misconfigurations. Growth in Global Public Cloud Services 2021-2023 Cloud Detection and Response (CDR) is a relatively new approach to cloud security that enables ...
קרא עוד

Top 7 Requirements for Successful Attack Surface Management

If your organization made it through 2022 without a single major cybersecurity problem in which sensitive data was compromised, you are part of a lucky minority. Cybercrooks are quick to follow as more businesses take their data, workloads, and operations to cloud-based infrastructure and services.  Last year, as many as 7 in 10 organizations in the US and Canada admitted to having digital assets compromised through an unknown, unmanaged, or poorly secured Internet-facing asset. And the bigger your attack surface, the higher likelihood you have to be targeted.  You can’t shrink your attack surface. The expansion of attack surfaces results from digital transformation and business growth in light of changing market conditions and priorities. What you can do is reduce risk and manage your attack surface by employing Attack Surface Management strategies, tools, ...
קרא עוד
Free PCI Compliance Checklist Download

Free PCI Compliance Checklist Download [XLS Template]

Businesses rely on the cloud to store their most important data. While it's true that cloud computing enables a much more efficient way to store and share data, you can't blindly trust that your assets are safe.  Securing credit card data is particularly important for retailers and e-commerce sites that process credit cards. For these companies, protecting data and ensuring regulatory compliance in the cloud come with added requirements - specifically the Payment Card Industry Data Security Standard (PCI DSS) - that can easily overload IT and security teams. There is no wonder why less than 30% of organizations are fully PCI DSS compliant, as shocking as this figure is.  So how do you go about making sure that your assets are protected? This article will guide you through the PCI DSS's official goals and requirements. Plus, you can download our free checklist to ...
קרא עוד

Using ChatGPT to Augment Threat Detection

Skyhawk recently announced a couple of new features that are based on ChatGPT. What’s new? Watch this video and then read the blog for details: A new addition to our scoring mechanisms for malicious events called ‘Threat Detector’. We use the ChatGPT API as an “advisor” to help us be more confident about our scoring mechanism. Our current scoring mechanism has several of these kinds of rules and machine learning based classifiers that can be thought of as advisors, and each one of them takes the score into another direction - but the ML models eventually use all of them to decide on the level of threat of an event. Skyhawk's new ChatGPT functionality features "countless" new advisors whose opinions we consider in our final scoring mechanism, one that is proficient and smart because it is based on the security data of the whole internet. A new ...
קרא עוד
InfoSec's Top 10 Threat-Hunting Tools for 2023

InfoSec’s Top 10 Threat-Hunting Tools for 2023

Although automated security tools detect 80% of security threats to an organization, the remaining 20% are often the most sophisticated and damaging to your business. With each global data breach costing an organization over $4 million yearly, threat-hunting tools that offer comprehensive threat coverage are a must-have for your security team.  This article compares the top threat-hunting tools for 2023, so you’ll have the information you need to select the right one for your organization.  What is threat-hunting? Threat-hunting is a proactive approach to identifying security threats in a system before they lead to a breach with irreparable consequences. It complements automated threat detection and intelligence tools to check for threats or hidden malware that may have been missed.  Attackers may be inside a network for months, flying under the radar ...
קרא עוד
5 Threat Detection and Response Methods Baffling Cyber Attackers

5 Threat Detection and Response Methods Baffling Cyber Attackers

Cybersecurity has always been a game of cat and mouse between cyber criminals and information security teams in organizations. Though it isn’t always clear who the cat and the mouse are in this scenario. As infosec professionals, are we doing the chasing or the escaping? Perhaps a bit of both? In 2023, we are faced with an onslaught of increasingly sophisticated organized cybercrime gangs and a distressing shortage in cybersecurity skills across industries. Add to that the ever-growing attack surface of cloud assets and applications and the dependence of businesses on access to their online resources, and you have yourself a very expensive perfect storm brewing.  More than ever, businesses today are forced to take preventative action to avoid falling victim to professional cybercrime gangs. Gangs that are actively looking to exploit every vulnerability, ...
קרא עוד
open popup