Cloud Security Blog - Netskope

See what's going on in the cloud security service industry. We cover topics including cloud app security, cloud solutions, cloud vulnerabilities & more.

  • IaaS Security: Not Just Checking a Box

    IaaS Security: Not Just Checking a Box

    Digital Transformation is taking over, we all know this and enterprises are adopting this at a higher than consumable rate. What once took many times months to provision in our legacy...

    View Now
  • Defcon Cloud Village – Phishing in the Cloud Era

    Defcon Cloud Village – Phishing in the Cloud Era

    The DEFCON27 computer security conference is one of the world’s largest and reputed hacker conventions that will be held from August 8th to August 11th in Las Vegas, Nevada. This event consists of...

    View Now
  • ×

    Get the latest posts to your inbox.

    Subscribe to the Cloud Security Blog

    Netskope would like to ​send you additional marketing information and ​share your personal data with our trusted third-parties for marketing purposes. ​Please check the box to ​opt-in and agree to our privacy policy ​which includes instructions on how to opt-out at any time​.
    Yes, I am opting in and agree with Netskope's privacy policy.
    Thank you!
    Error - something went wrong!
  • Why the Future of Command and Control is the Cloud

    Why the Future of Command and Control is the Cloud

    Cloud adoption has grown dramatically within the enterprise and shows no signs of stopping. Many cloud services such as Github, Slack, Dropbox, and others are part of everyday business and...

    View Now
  • AWS Loopholes with Temporary Credentials

    AWS Loopholes with Temporary Credentials

    If you don’t already have a plan for managing temporary credentials, or tokens in your AWS environment, you need one ASAP. Temporary tokens can be a security nightmare because: They provide nearly...

    View Now
  • Gartner Magic Quadrant for Cloud Access Security Broker

    Get Your Copy
  • Permission Isolation in GCP

    Permission Isolation in GCP

    When Identity and Access Management (IAM) permissions are not sufficiently isolated using the structure provided by the Google Cloud Platform (GCP), the results could be disastrous. Ideally, if...

    View Now
  • Pardot CRM Attack

    Pardot CRM Attack

    On 5 August 2019, Netskope Threat Research Labs discovered an attack campaign propagated through Pardot, a cloud-based Customer Relationship Management (CRM) by Salesforce. The attack kill chain...

    View Now
  • Netskope Cloud Report: Web traffic has significantly shifted to cloud

    Netskope Cloud Report: Web traffic has significantly shifted to cloud

    We recently released the August 2019 edition of the Netskope Cloud Report. Beginning with this cloud report, we are offering an expanded view of enterprise internet traffic. This is the result of...

    View Now
  • AWS S3 Logjam: Server Access Logging vs. Object-Level Logging

    AWS S3 Logjam: Server Access Logging vs. Object-Level Logging

    In AWS, there are two ways to log access to S3 storage resources,  i.e. buckets and bucket objects:  server access logging (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html) bucket...

    View Now
  • Introducing Netskope’s NewEdge

    Introducing Netskope’s NewEdge

    At Netskope we believe that customers have been forced to make a false tradeoff between security and performance. With today’s announcement, the Netskope NewEdge, is a globally distributed set of...

    View Now
  • Architecture and Zero Trust

    Architecture and Zero Trust

    In the modern age of cloud-based computing, the Zero Trust model of information security is the high-water mark businesses should be striving for. Zero Trust, as defined by Forrester Research, is,...

    View Now
  • Amazon themed Phish hosted in Azure Sites

    Amazon themed Phish hosted in Azure Sites

    Netskope Threat Research Labs recently found an Amazon-themed phishing page hosted by Azure App Service. The phishing page was created with an intent to steal Amazon credentials and other...

    View Now
  • Cloud Security Use Case #3: Ensure Social Media Compliance

    Cloud Security Use Case #3: Ensure Social Media Compliance

    I recently blogged about the two of the most common cloud security use cases that customers are covering with Netskope. I would like to continue the discussion and talk about use case #3, which is...

    View Now
  • ×

    Get the latest posts to your inbox.

    Subscribe to the Cloud Security Blog

    Netskope would like to ​send you additional marketing information and ​share your personal data with our trusted third-parties for marketing purposes. ​Please check the box to ​opt-in and agree to our privacy policy ​which includes instructions on how to opt-out at any time​.
    Yes, I am opting in and agree with Netskope's privacy policy.
    Thank you!
    Error - something went wrong!
  • LokiBot & NanoCore being distributed via ISO disk image files

    LokiBot & NanoCore being distributed via ISO disk image files

    Netskope Threat Research Labs has been tracking multiple similar malspam campaigns that began in  April 2019. The spam campaign contains an ISO image file as an attachment containing the next...

    View Now
  • Customer Zero: a case study

    Customer Zero: a case study

    Being CISO for a security technology vendor can be an interesting position. My job combines the usual CISO responsibilities alongside daily self and industry analysis as I support our own product...

    View Now
  • Cloud Security Use Case #2: Granular Control of Unmanaged Cloud Apps

    Cloud Security Use Case #2: Granular Control of Unmanaged Cloud Apps

    I recently blogged about the first of the six most common cloud security use cases that customers are covering with Netskope. I would like to continue the discussion and talk about use case #2,...

    View Now
  • The 3D approach to User Identity

    The 3D approach to User Identity

    Most of us are certainly familiar with the notion of 3D video.  It has gained tremendous popularity over the last decade, with more and more blockbuster motion pictures being screened in 3D.  Why...

    View Now
  • Cloud Security Use Case #1: Control Data Exposure

    Cloud Security Use Case #1: Control Data Exposure

    This is my fifth year at Netskope and it is awesome to see first-hand the rapid adoption of our ONECloud platform by some of the largest enterprises in the world. It is also interesting to see the...

    View Now
  • Google Storage Bucket Misconfiguration

    Google Storage Bucket Misconfiguration

    Rhino Labs recently released a tool for scanning Google Cloud Storage (GCS) buckets, called GCPBruteBucket. The tool gives users an easy way to search for publicly exposed buckets being hosted by...

    View Now
  • The Cyber Kill Chain in the Age of Cloud

    The Cyber Kill Chain in the Age of Cloud

    The cyber kill chain is used to model a cyber intrusion, identifying the different stages involved in a cyber-attack. The model is well established , but recently I have been asked multiple times...

    View Now
  • Ransomware Bulletin: LockerGoga

    Ransomware Bulletin: LockerGoga

    Executive Summary Netskope Threat Research Labs recently detected several strains of encrypted files across several cloud instances with the infamous LockerGoga Ransomware. The Ransomware was...

    View Now
  • loading
    Loading More...