SSH (Secure Shell) is a secure communication protocol widely used to enable secure access to remote devices and servers over an unsecured network like the Internet. stands as a strong and reliable guardian of data integrity and confidentiality. It has been used for decades to enable secure access to remote devices and servers over an unsecured network like the Internet. Traditionally, SSH authentication has been widely implemented using either passwords or cryptographic keys. However, password insecurity, SSH key management challenges, and evolving security threats have led organizations to ex ..read more

In today’s distributed workplace model, privileged remote access to servers and systems is essential to ensure smooth operations. Secure Shell (SSH) keys play a pivotal role in facilitating this access securely. IT teams worldwide use SSH keys daily for remote system administration, support and maintenance, and file transfers. Because SSH keys are so widely used and grant secure root-level access to systems, it is vital to make sure they are appropriately managed and protected. Since SSH keys can be easily generated and do not expire, they continue to grow exponentially, with enterprises accu ..read more

Load balancing is essential for exposing new applications on production IP addresses and requires knowledge of the network from the network operations (NetOps) team to manage the process. Other teams must open a ticket when they need to load balance a new application. This type of dependency can lead to Shadow IT, where team members bypass NetOps completely and deploy infrastructure themselves in the cloud. This, in turn, creates security risks and non-compliance issues . What’s needed are solutions that serve all teams in ways that fit their unique goals. HAProxy Fusion Control Plane bridges ..read more

SSH or secure shell is a secure network protocol that enables two devices or machines to connect and communicate with each other securely over an unsecure network. SSH keys are cryptographic credentials (consisting of a public and a private key pair) used for authenticating and securely accessing computers, servers, machines, and devices. They enable network administrators to manage systems/applications by allowing them to log into a computer, move files between computers, and execute commands remotely. SSH Machine Identities Are on the Rise In recent years, we have seen increased adoption of ..read more

On February 2, 2024, popular remote access solution AnyDesk disclosed that it had suffered a cyberattack that compromised its production systems. AnyDesk revealed that they detected the breach in mid-January during a security audit. They immediately began a forensic investigation that confirmed that the attack began in December 2023. Post the investigation, the team at AnyDesk worked closely with experts at CrowdStrike to initiate a threat remediation and response plan. As part of the plan, they revoked all security-related certificates and remediated or replaced affected systems. They would ..read more

In the fast-evolving world of healthcare, connected medical devices are revolutionizing diagnostics and patient care. From pacemakers and glucose monitors to advanced imaging systems and smart wearables, these connected medical devices (IoMT – Internet of Medical Things) have become crucial to improving treatment outcomes and helping people manage their health better. However, the increased proliferation of medical devices connected to the internet has also opened the doors to a dangerously large attack surface, making the security of these devices a significant concern. The High Stakes of Me ..read more

Data privacy is a global issue. As businesses increasingly collect and process personal information from consumers, they need to take responsibility for protecting the information from theft and misuse. At the same time, consumers need to have a say and better control over how their personal data is being used. Many countries have implemented strong data privacy laws to fulfill the above requirements and ensure data protection. Some of these include the General Data Protection Regulation (GDPR) in the EU, the Personal Information Protection Law (PIPL) in China, the Personal Information Protec ..read more

Kicking off 2024, AppViewX believes machine identity management and digital identity security will play a pivotal role in how enterprises implement identity-first security and zero trust strategies. With machine identity growth outpacing human identities, especially in cloud and virtualized environments, securing machines, workloads and applications will be a priority. Here are my 2024 predictions for why this will be the year for Machine Identity Management. Machine Identity Management Reaches Critical Mass To achieve zero trust, every person and “thing” needs a managed trusted identity. Tra ..read more

Software supply chain attacks are seeing an unprecedented surge. According to the Sonatype State of the Software Supply Chain Report, twice as many incidents were recorded in 2023 as compared to the cumulative total from 2019-2022. The numbers are stark indicators of the fact that the software supply chain, rich with native code, open-source packages, and numerous dependencies is a lucrative target for attackers.  As security concerns continue to mount, DevSecOps, a transformative approach that focuses on integrating security into the software development cycle, end-to-end, is gaining a ..read more

Recently, Palo Alto issued a customer advisory on its support portal warning customers about the fast-approaching expiry of the Root Certificate and Default Certificate for PAN-OS. As both certificates are scheduled to expire on December 31, 2023, Palo Alto urged customers to take immediate action to prevent certificate expiration from impacting connectivity to firewalls and Panorama devices. What Could Happen When the Root and Default Certificates for PAN-OS Expire? When PAN-OS root and default certificates expire, cloud services, browsers, and operating systems will no longer trust Palo Alto ..read more