Palo Alto Marching towadrs Identity based segmentation on cloud offerings

Palo Alto Networks is enhancing its cloud security platform by releasing new features. Integrated with its acquisition of Aporeto, a machine identity-based microsegmentation company.

Organizations can securely connect office branches and mobile users to the cloud, allow for SaaS adoption with a cloud access security broker, and improve security across multi-cloud deployments.

With the integration of Aporeto, Palo Alto is bringing identity-based microsegmentation into Prisma Cloud. The technology will provide visibility of network communications along with security policy control and management.

Other than this integration ,new DLP capabilities offer discovery, classification, and malware detection for AWS S3. The IAM features provide customers CIEM capabilities, visibility into who has access to specific cloud resources, and the ability secure those resources with automated least-privileged identity access.

Securing the cloud is a major focus for Palo Alto, along with securing the enterprise and providing security with its AI-powered platform Cortex.Palo Alto built up its cloud security capabilities with the acquisition of the cloud security startup RedLock, as well as the purchase of and Aporeto.

Enterprises are moving towards cloud centric for enhancing the release velocity for Devops, for which Secops requires an integration across platforms

Zero Trust ! Shaping to be need of an hour

Over half of global organizations have suffered a data breach during the COVID-19 crisis, with even more arguing that they need to shift to a zero-trust model to bolster security.

A new report commissioned by Cloudflare and set to be officially releasing this week focuses mainly on Zero Trust Strategy.

Based on a poll of over 300 global security decision makers at mid and large-sized businesses, it highlights how revenue and planning (64%), customer engagement (53%) and the shift to distributed working (52%) have had the biggest impact so far in 2020.

Despite the majority of respondents claiming to have invested in new devices for work from home (WFH) employees, updated security policies and adopted new security tools for remote workers, over half (58%) still suffered a data breach. A third (33%) were hit by infrastructure outages, with a similar number (29%) struck by ransomware.

Many security bosses admit that VPNs are a major bottleneck, leading to slow connections (46%). Most (54%) say they’ve struggled to maintain these during the shift to WFH. At the same time they’re concerned over staffing shortfalls (80%), apps and data exposed to the public internet (76%) and little management over end user devices (64%).

They admit that legacy network security tools are no longer effective (64%) but have been overwhelmed by rapid migration to the cloud (80%).

The answer for many is a zero-trust approach predicated on the notion of “never trust always verify” and supported by technologies such as multi-factor authentication, network segmentation and endpoint security.

Over three-quarters (76%) of respondents want to move to this model, and even more (81%) say their organization is committed to migrating to this approach in time. However, similar numbers (75%) say they’re struggling to do so due to the complexities of user access at their organization.

The report chimes from earlier this year which revealed that global firms struggled with the shift to mass remote working due to a lack of visibility into endpoints and challenges around patching.

Although 85% said they felt ready for the shift to remote working, 98% admitted they were caught off guard by security challenges in the first two months, with overwhelmed VPNs (22%) frequently cited as a problem.

Microsoft adds Consent Phishing Protection

Microsoft announced that consent phishing protections including OAuth app publisher verification and app consent policies are now generally available in Office 365.

These protections are designed to defend Office 365 users from an application-based phishing attack variant known as consent phishing.

Targets are tricked into providing access to their Office 365 accounts by granting permissions to malicious Office 365 OAuth apps .

Microsoft says that it’s rolling out three updates designed to bolster the security of the Office 365 app ecosystem including:

Since this feature entered public preview in May, more than 700 app publishers have been verified by Microsoft amounting to a total of over 1300 app registrations.

Apps developed by verified publishers feature a blue “verified” badge on all Azure AD consent prompts, as well as other screens where they’re featured to make it easier for end-users to verify application authenticity.

User consent useful to allow only the authorised publishers leaving rest app behind the users view, will bring a layer of protection from anonymous

Tenable new feature for enhanced protection

Network security company Tenable Inc. today announced a number of new features, including new cloud scanning capabilities and measurement features designed to provide improved cloud security .

Frictionless Assessment offers what Tenable says is a new approach to vulnerability management for modern assets. The service leverages native technologies deployed as part of the cloud asset to assess instances continuously for vulnerabilities. Designed to harness the benefits of cloud-first environments without vulnerability management programs that require period scans or agent-based approaches, the new service allows customers to evaluate cloud assets without interruption, quickly detecting new vulnerabilities as their environment changes without intervention.

Initially launching on Amazon Web Services Inc., Frictionless Assessment uses AWS Systems Manager Run Command to maintain, update and reassess cloud instances without interruption, achieving and maintaining what Tenable says is accurate visibility into cybersecurity risks across all cloud-based assets.

Tenable Lumin, Tenable’s cyber exposure visualization, analytics and measurement solution, is also getting a number of upgrades designed to allow organizations to predict which vulnerabilities pose the greatest risk to their business. Using machine learning, the enhanced version of Lumin allows security teams to also measure how quickly and efficiently they remediate vulnerabilities.

The updated version of Tenable Lumin has several parts, starting with remediation maturity to help security teams not only measure their speed and efficiency of remediating vulnerabilities but also compare them to external peers and Tenable best practices. Remediation maturity is available to existing Lumin customers now.

A new mitigations function is designed to evaluate a security team’s response to critical risks when timely remediation isn’t possible. It provides an inventory of endpoint security controls for a more complete and accurate picture of an organization’s cyber exposure. That capability will be available in the fourth quarter.

Predictive scoring, also available in the fourth quarter, is said to deliver more accurate and comprehensive insight into an organization’s overall cyber exposure. The method infers the exposure scores of groups of assets before they have been assessed in detail.