Security experts have repeatedly recommended system hardening to reduce vulnerabilities in the cloud. But what does that entail? This article explains while offering additional guidance to better monitor the integrity of cloud configurations.
Microsoft, Google and Apple are doubling down on passkeys to support the Fast Identity Online (FIDO) Alliance’s goal of eliminating passwords from the equation. This article explores what passkeys are, how they work and what companies like Ping Identity are doing to make their use more widespread.
Automation is key to reducing the mean time to remediate (MTTR) vulnerabilities in the cloud. This article explores what the options are for security teams looking to automate updates and how to proceed effectively (i.e. without breaking anything during those security updates).
Vulnerability management has been a challenge for security teams since the very beginning, but in more recent years organizations have found more success through automated patching practices.
Once an organization chooses a platform, what are the key deployment steps that must be taken to ensure optimal performance? This article will explore key considerations and practices to ensure a better security design and better overall protection.
Viable tool or buzzword? Here we examine what a cloud native app protection platform is designed to do, key features, and how to prioritize functions for your own organization.
An explosive growth in web-based apps, accelerated by a pandemic that eliminated most in-person visits, has left no shortage of targets for nefarious cyber actors to set their sights on. And a few industries are feeling the heat, particularly.
Third-party relationships have expanded exponentially as companies seek outsourced services and software to perform optimally and backfill talent amid the ongoing pandemic. That expansion has broadened attack surfaces as threat actors target weaker vendors with strong market penetration to quietly surveil and paralyze systems.
Log4Shell highlighted weaknesses in the software supply chain, especially when it comes to weaknesses in the security of web applications. This article explores the lessons of Log4Shell and how they can influence security strategies moving forward.