Cloud Security In Practice

Discussions on operating as a cloud security professional in today's threat environment

  • 5 Topics
  • 9 Replies

5 Topics

CISO Tim
Lacer
CISO TimLacer
posted in Cloud Security In Practice

Could letting employees access personal email on work computers create security vulnerabilities? Yes. Should it be banned? Maybe

I found the recent information that Okta released about their latest breach to be interesting. According to the report, the employee accidentally saved a service account password to his personal email, and then his personal email my have been compromised which gave the attackers access inside Okta. First, don’t we think that is a stroke of luck that the attack managed to find the one user that saved a password incorrectly, and then managed to compromise that account?  Food for thought. In my CISO experience, we do need controls around personal email and other SaaS services.  It’s a data exfiltration method that we need to be concerned about. It doesn’t mean that they have to be blocked per se, but there should be a process in place to monitor for services used on a device and data that leaves. Blocking strictly can cause problems: 1- users get really, really mad and tend to find workarounds and 2 - It gets tough considering so many companies use services like Google that have both an e

0
CISO Tim
Lacer
5 months ago
J
Lacer
juliensobrierLacer
posted in Cloud Security In Practice

Understanding the latest curl vulnerabilities: CVE-2023-38545 and CVE-2023-38546

We have published a blog post on the latest curl vulnerabilities:https://www.lacework.com/blog/understanding-the-latest-curl-vulnerabilities-cve-2023-38545-and-cve-2023-38546/ These vulnerabilities requires a very specific set of conditions to be exploited, such as the use of a SOCKS5 proxy or local access to the machine. AgentN/APlatformUsing Lacework/OperationalizingCloudN/A

0
J
Lacer
6 months ago
J
Lacer
juliensobrierLacer
posted in Cloud Security In Practice

How to remediate CVE-2023-4863

We have posted a blog post about CVE-2023-4863 (libwebp out-of-bounds memory write): https://www.lacework.com/blog/how-to-detect-cve-2023-4863-a-libwebp-out-of-bounds-memory-write/ This vulnerability is being exploited through Desktop applications (Chrome, iMessage), but the library is present in many Linux applications. Lacework provides a list of hosts an containers affected by this vulnerability. 

0
J
Lacer
6 months ago
CISO Tim
Lacer
CISO TimLacer
posted in Cloud Security In Practice

How do you quantify risk?

Risk is a hard thing to quantify at times.  But I think having a good understanding of your security risk can elevate the conversation at the executive level. It can tie security problems to business outcomes, which can ultimately help make a stronger security program and get more budget.   How do people quantify risk in your organization? AgentN/APlatformUsing Lacework/OperationalizingCloudN/A

8
jth
7 months ago
Merritt Baer
Lacer
Merritt BaerLacer
asked in Cloud Security In Practice

What frameworks do you find helpful for Zero Trust?

Since zero trust is not a concrete thing it’s a conceptual framework, what have you found useful for operationalizing the concept?

1
Ben Sherman
Lacer
7 months ago

Badge winners

Show all badges
Terms of UseCookie settings