For security professionals inundated with alerts and metrics, the one-size-fits-all approach to data monitoring and threat assessment leaves much to be desired in terms of ease of use and efficiency. The data barrage, on the daily, has teams spinning their wheels, questioning which of the myriad signals warrants priority. When time is at a premium and security incidents can threaten an organization, the crux of the issue comes down to the rigid structure of pre-built, out-of-the-box dashboards. Traditional security dashboards miss the mark when it comes to delivering the nuanced insights speci ..read more

Rapid migration to cloud services presents organizations with new security challenges. A common issue security teams encounter is the excessive granting of privileges to both user and machine identities. While intended to avoid disrupting daily operations, this practice increases the risk of cyberattacks by expanding the permission surface, compromising the organization's security posture. The complexity of identity and access management (IAM) and the lack of visibility and control over identity permissions often cause this overprivileged access dilemma. Security teams frequently lack the nece ..read more

Real-time APIs will execute more than 50% of all B2B transactions by the end of 2023,1 according to projections from the research firm, Gartner®. In addition to marking a pivotal shift in how organizations interact, the prevalence of APIs — already driving the majority of web traffic — underscores the need for rigorous API security. The dilemma for security teams lies in the proliferation of APIs, which is outpacing the capabilities of management tools. Experts predict, in fact, that less than half of enterprise APIs will be under effective management by 2025.2 Without question, APIs unlock re ..read more

Prisma Cloud’s integration with AWS Identity and Access Management (IAM) Access Analyzer provides users with accurate least-privileged access recommendations. Palo Alto Networks is proud to partner with Amazon Web Services on their expanded AWS IAM Access Analyzer service. IAM Access Analyzer helps customers identify unused and external access to AWS resources. Prisma Cloud’s New Integration with AWS IAM Access Analyzer Amazon Web Services announced the expansion of AWS IAM Access Analyzer capabilities to include additional types of findings through access analysis. These features help custom ..read more

Throughout the hundreds of hours I spent meeting with customers, sales teams, and internal users of Prisma Cloud, I was struck by the complexity of feedback I received. Soon into the process, a few key themes emerged. Each theme centered on the user experience of the product. Motivated by a desire to enhance usability, I embarked on a journey to better understand our users and their needs. To offer some insight into the approach, user experience teams and myself employed various UX methods to transform our application. The Process: From Users to Co-Creators Step 1: Deep-Dive User Interviews I ..read more

An AI research team recently made a massive mistake when they published a bucket of open-source training data on GitHub that included terabytes of additional private data. This data contained a disk backup of employees’ workstations, containing all their secrets, private keys, passwords and thousands of internal messages! The researchers shared the files using SAS tokens, a feature from Azure Storage accounts that allows data to be shared through the system. The unintentional breach could have been avoided by placing stricter access restrictions on the data shared through SAS tokens. This blog ..read more

In the dynamic realm of cybersecurity, certain vulnerabilities capture more attention than others. One such flaw is CVE-2023-22515, which affects the Confluence Data Center and Server. This vulnerability has raised eyebrows across the cybersecurity sector because of the potential threats it introduces, including unauthorized access and the ability to escalate privileges. In this blog post, we break down the specifics of CVE-2023-22515, its consequences, and the best ways to safeguard against it. The Heart of the Matter: What Is CVE-2023-22515? CVE-2023-22515 is a broken access control vulnerab ..read more

Organizations face an array of challenges, from securing data and applications to meeting compliance regulations and defending against evolving threats. To assist organizations with these challenges, leading market research and consulting firm Frost & Sullivan has released its 2023 Frost Radar for Cloud-Native Application Protection Platforms (CNAPP). In this report, Frost & Sullivan provide invaluable insights into the dynamic landscape of cloud-native security solutions and showcase the market's top companies. Our post today will examine findings from the report, with a special empha ..read more

In today’s dynamic software development landscape, the agility of engineers and their tools evolve at an unprecedented rate, calling for a paradigm shift in our security approach. Modern developers prioritize moving fast, using a diverse range of tools and technologies to enhance and hasten their projects. But the fallout of continuously adapting their tooling to fit their needs and automate more deployment processes leaves security lagging, struggling to grasp the changes in their environment, let alone maintain a secure posture. Adding to their concerns is the barrage of breach headlines, pa ..read more

At the beginning of July 2023, I took a stroll around the azure/login GitHub Action repository. Looked through the repository’s issues section, I immediately noticed issue number 315. The issue was titled “SECURITY: Azure/login in some cases leaks Azure Application Variables to the GitHub build log”. And don’t you just love when things leak stuff? I had to click! Let’s see what’s up. Excuse Me? You Dropped Your Environment Variables The issue reported by @NoCopy stated that “azure/login in some cases leaks Azure Application Variables to the GitHub build log.” The user included an example work ..read more