Theoretical vs. Actual Cloud Threat Detection

Theoretical vs. Actual Cloud Threat Detection: How Skyhawk Discovers Breaches in Progress   Today’s security platforms can identify misconfigurations, open ports, unused permissions, and databases exposed to the internet. These are all issues that need to be corrected as they could be exploited to breach your data. The operative word here is could . You do not know if any of these things have happened. Alerts on these issues create panic, with teams working to lock down your environment, hoping that your company will not be in the news.    Hope is not a strategy.   At Skyhawk Security , we know how confusing it is to get potential breach data instead of actual. Companies often confuse the market by calling their alert functionality an ‘attack path’ which sounds a lot like Skyhawk’s Attack Sequence technology. The difference between ...
קרא עוד

Using the MITRE ATT&CK Framework for Threat Detection and Response

This post was written by Rotem Klar, Product Manager at Skyhawk . Above all else, security is a culture. Companies who strive to develop the most sophisticated security solutions will need to participate in today’s security culture, keep up with the evolving cybercrime market, as well as talk the cyber-security language and be familiar with the common attack methodologies. With the rapid adoption of cloud and companies being born in the cloud, this has become a challenge because a key characteristic (and benefit) of Cloud Computing is the speed of scalability. Data is being moved and scaled at the highest speeds, visibility is then being highly challenged, keeping track of all your assets, configurations, and access management, which in turn result in endless vulnerability patching and investigating enormous amount of security alerts, these are all part of the bigger ...
קרא עוד

Machine Learning at Skyhawk – The Science Behind our Security

This post about ML in cybersecurity was written by Jennifer Gill , VP Product Marketing at Skyhawk. Securing a cloud while meeting the need of developers and the business and supporting compliance initiatives, is difficult to say the least. Analyzing trends across user behavior, application usage, cloud performance, for a single account and then across clouds, this makes things even more difficult. Skyhawk Security leverages advanced machine learning (ML) techniques and artificial intelligence (AI) to build models for ongoing behavioral analysis of the runtime for more accurate threat detection. Now you have likely heard from many, many security vendors that they are also using AI and ML to identify threats. In this blog, we will walk you through Skyhawk Security’s ML, how we are unique, and why our ML is many steps ahead of the market. Skyhawk Synthesis Security ...
קרא עוד

5 Reasons Why CSPM Tools are not Enough

This post was written by Jennifer Gill, VP Product Marketing at Skyhawk. Cloud Security Posture Management (CSPM) tools are an important part of any security strategy. However, they fall woefully short in terms of being the end game to secure your public cloud. Why? They only look at the static configuration of your environment, and only for the assets you know you have. Developers and IT teams are spinning up resources all the time – is the security operations center (SOC) aware of those? Have any assets been exploited? How were they exploited? These important questions cannot be answered by CSPM tools alone. Here are the top 5 reasons why CPSM tools are not enough: Not all misconfigurations can be fixed. Most CSPM tools are pretty good at detecting issues – so you find the misconfiguration which is great – but, can you fix it? According to a Gartner® ...
קרא עוד

What the Uber Breach Verdict Means for CISOs in the US

Can already beleaguered CISOs now add possible legal charges to their smorgasbord of job considerations? Disclose a breach to comply and face dismissal, or cover it up and face personal punishment. This is a challenging time to be a CISO. The security community has been eagerly following multiple stories regarding Uber in the past few weeks. From the  play-by-play of their recent major hack , to last week's guilty verdict of former Uber security chief Joe Sullivan, CISOs are facing considerable challenges. The verdict in the Sullivan case found him guilty of obstructing a federal investigation and concealing a felony from the government. According to the New York Times : "Stephanie M. Hinds, the US attorney for the Northern District of California, said in a statement: 'We will not tolerate concealment of important information from the public by corporate executives more ...
קרא עוד
open popup