With organizations moving towards higher levels of digitalization, the role of software has increased multifold. This has led to increased numbers of data breaches and the average size [1] of data breach has increased 1.8 in 2017. A breach is defined as an event in […]

One of the previous blogs on this topic provided an overview about vulnerability management for cloud environments using ThreatWatch. As the blog mentioned , there are two essential aspects to be able to meet that objective. Getting alerted when a cloud provider makes new patches available. Adopting a risk based approach towards applying patches and […]

Overview: As organizations move to greater cloud adoption via traditional cloud app environments or serverless architectures for edge and IoT, they depend heavily on cloud providers to ensure the operating environment remains secure. That doesn’t always happen at a cadence that is desired and even when it does, verification remains an important aspect to ensure […]

Summary: In May of 2016 , a massive security breach resulted due to the hack of servers at Mossack Fonseca, a major law firm involving emails, pdf files, photo files and excerpts of an internal database. It was around 2.6 TB of data that spanned a period of more than 40 years. This is the […]

In some ways software vulnerabilites have close resemblance with a living organism. It goes through much the same stages of lifecycle from being born ( discovered ) to information getting added , exploits getting published , patches made available by vendors / reserachers and systems and services eventually getting patched and newer things getting discovered […]