VerSprite Security Resources

In previous posts, we have covered security around Azure and AWS cloud solutions and now it’s time to look at the third big contestant, Google Cloud Platform.

The ground-breaking California Consumer Privacy Act goes into effect on January 1, 2020. The bill was drafted and signed in the space of one week, which shows how important the lawmakers of the tech-forward state deemed the need to get in on the table.

The rise of regulations and demand for more agile engineering practices is forcing CISOs and security programs to develop more sophisticated ways to adhere to security requirements from regulations, internal governance, and clients.

Tony UcedaVélez, VerSprite CEO, is interviewed about recent report finding security gaps in DeKalb County’s data center: “Environments where you have too many people having access to sensitive areas is naturally a problem…”

Given the noticeable upward trend in Azure adoption, let’s explore more about Azure security, compliance, and its other rich capabilities.  In this post we’ll just touch on big picture and what is important to securing your Azure environment. 

Modeling for threats forces an adversarial lens for security operations team members. Via evidence backed attack simulations, security operations centers (SOC) can define a blueprint for defense that factors in motives, related attack patterns, and realistic targets.

Use of public cloud infrastructure is now commonplace with nearly $60 billion spent annually. Of course, there are good reasons for this as Infrastructure and Platform as a Service provide several advantages over traditional in-house hosting. VerSprite shares key principles that will help you manage your cloud security risk.

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

On June 17, 2019 the Department of Homeland Security (DHS) issued an alert for the Microsoft Windows Remote Code Execution (RCE) vulnerability named BlueKeep and CVE-2019-0708.