Cloud Security

Orca adds cloud vulnerability tracing capability to CNAPP

Security Boulevard reports that Orca Securitys cloud-native application protection platform has been upgraded with a new ability to trace cloud vulnerabilitiesin production environments back to its original code and its author. The Orca Security platform can now, for example, respond to the detection of a vulnerability in a running container by identifying the source code repository, the Dockerfile, as well as the owner who added the vulnerable package, said Orca Securitys Chief Innovations Officer Avi Shua. The addition of Cloud to Dev capabilities marks another step in bridging the gap between application developers and cybersecurity professionals, according to Shua. Until now, developers have had no tool at their disposal that lets them glean the context from a discovered cybersecurity flaw and to develop a remediation for it, Shua said. Orca Security estimates that this capability would cut the amount of effort expended by development teams in addressing cloud security issues by around 80%.

Related

LockBit-leaked DC city agency data from third party

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.