Remediating Misconfigurations to Keep Your Cloud Out of the News An organization that is transitioning to a cloud provider such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP) should immediately consider a shift towards a new model of...
Feature Release 19.3: Secure S3 Buckets, Microsoft Teams, & Compliance Heat Map We are excited to announce our newest release of 2019 which continues our mission to help you effectively leverage CSP security and management tools like AWS’ “GET BucketPolicyStatus”...
2019 Data Breaches: On Track to Be the Worst Year
Consumer privacy (or the lack thereof) is a huge societal concern and concerns about protecting privacy is manifesting itself through many forms, including regulation like the California Consumer Privacy Act and General Data Protection Regulation. As a backdrop to this is the shocking news that 2019 is on track to be the worst year on record for data breaches, according to a report from Risk Based Security which finds the number of reported breaches has gone up by 54 percent and the number of exposed records by 52 percent compared to the first six months of 2018 with over 3,800 data breaches reported in the first half of 2019.
Inga Goddijn, executive vice president of Risk Based Security-
Looking over the first six months of 2019, it is hard to be optimistic on the outlook for the year. The number of breaches is up and the number of records exposed remains stubbornly high. Despite best efforts and awareness among business leaders and defenders, data breaches continue to take place at an alarming rate.
Most of these breaches are caused by misconfigurations that are exploited by an attacker and many are from cloud misconfigurations. Companies are under increasing pressure to make appropriate investments to ensure that consumer data is being protected in their race to the cloud. This is where DivvyCloud comes in. Our software and innovations can form the strategy that allows companies to both embrace public cloud for innovation and do so at speed and scale, while not giving up control or sacrificing security and compliance. By running DivvyCloud companies can identify and remediate the misconfigurations and policy violations in public cloud services that often lead to the data breaches being reported daily.
For example, take the Capital One breach that impacted 106M people. According to KrebsOnSecurity, this breach primarily resulted from “a misconfigured open-source Web Application Firewall (WAF) that Capital One was using as part of its operations hosted in the cloud with Amazon Web Services (AWS). The misconfiguration of the WAF allowed the intruder to trick the firewall into relaying requests to a key back-end resource on the AWS platform. The type of vulnerability exploited by the intruder in the Capital One hack is a well-known method called a “Server Side Request Forgery” (SSRF) attack, in which a server (in this case, CapOne’s WAF) can be tricked into running commands that it should never have been permitted to run, including those that allow it to talk to the metadata service.” This is exactly the type of misconfiguration that DivvyCloud is built to identify and remediate before it can be exploited.
The truth is, organizations are lacking the proper tools to identify and remediate insecure cloud configurations and deployments on a continuous basis. Automated cloud security solutions give companies the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, and they can even trigger automated remediation in real time. DivvyCloud is on the front lines of the battle to protect consumer privacy and ensure that consumers don’t go through the identity theft hell that often results when their information is exposed.
Watch DivvyCloud’s 60-second video to learn how we help customers like GE, 3M, Autodesk, Discovery, and Fannie Mae stay secure and compliant.
DivvyCloud minimizes security and compliance risk by providing virtual guardrails for security, compliance, and governance to customers embracing the dynamic, self-service nature of public cloud, and container infrastructure. Customers like General Electric, Discovery Communications, and Fannie Mae run DivvyCloud’s software to achieve continuous security governance in cloud and container environments (AWS, Azure, GCP, Alibaba, and Kubernetes). First, our software performs real-time, continuous discovery of infrastructure resources allowing customers to identify risks and threats. Second, customers can implement out-of-the-box or custom cloud-native policy guardrails that identify and alert on violations. Third, we automate the enforcement and remediation of these policies.