In this Spotlight Podcast*, Philippe Courtot of the firm Qualys discusses being an early innovator in the software as a service space and how the market for cloud based security services has evolved since he launched his firm, Qualys, almost two decades ago.
Cloud
For YouTube Stars, Influencers: More Risk of Hacks after Octoly Breach
Octoly, the Paris-based agency for online “influencers” apologized following the leak of sensitive and personally identifying information on 12,000 clients. But clients were furious they were not informed by the company first and researchers warn that those exposed could face increased risks of both online and offline harm.
Five Essential Reads to Understand the Meltdown and Spectre Processor Flaws
There has been plenty of (digital) ink spilled in recent days about widespread processor flaws known as “Meltdown” and “Spectre.” We round up five articles that will help you understand these security vulnerabilities, how they were discovered and their likely impact.
Podcast: Uber Breach Puts Focus on Securing DevOps Secrets
The hack of Uber and the loss of information on 57 million customers is just the latest security incident stemming from what our guest Elizabeth Lawler calls “DevOps secrets” – valuable credentials, APIs and other sensitive information that often end up exposed to the public as a result of lax continuous development operations. In this Spotlight Edition* of The Security Ledger Podcast, sponsored by CyberArk, we talk with Elizabeth about how to contain DevOps secrets and secure the secret super user lurking in modern organizations: highly privileged application code.
IoT’s Cloud Risk on Display with Flaws in Fuze Collaboration Platform
In-brief: Rapid7 said it found a number of flaws that leaked data on users of collaboration technology by Fuze. In an increasingly common finding: poorly secured cloud resources, not the handsets, were the problem.