All news with #cspm tag

🔒 Most major cloud breaches in recent years have stemmed from basic misconfigurations rather than sophisticated zero-days or custom malware. The article highlights incidents such as Snowflake (2024), AT&T, Ticketmaster and Capital One to show how exposed credentials, public storage buckets and missing controls led to vast data exposure. Immediate actions recommended are enabling MFA everywhere, enforcing account-level public access blockers, activating comprehensive logging across AWS/Azure/GCP, and prioritizing remediation of exposed buckets and keys, while longer-term fixes include CSPM tools and infrastructure-as-code security checks.

🛡️ This post presents the AMI Lineage solution to help organizations track and govern Amazon Machine Images (AMIs) across AWS. It explains how AWS lineage metadata (announced at the end of 2024) can be combined with a centralized Amazon Neptune graph, EventBridge, Lambda, API Gateway, and Security Hub to validate image origins, enforce SCPs, and assess CVE impact. The architecture uses a three-account model (management, security tooling, member) to centralize sensitive processing, automate compliance checks, and provide queryable lineage and remediation workflows for security teams.

🔒 AWS announced an expanded AWS Security Hub that serves as a centralized security operations layer, aggregating risk signals from multicloud environments. The update promises near real-time risk analytics, automated analysis, and prioritized insights, and extends CSPM and Amazon Inspector capabilities to cover VMs, containers, and serverless. It also supports third-party integrations through AWS Security Hub Extended to unify visibility across vendors.

🔒 AWS announced a major expansion of AWS Security Hub, repositioning it as a unified security operations solution that aggregates signals from across the stack and across clouds. The service now consolidates findings from services such as Amazon GuardDuty, Amazon Inspector, Security Hub CSPM, and Amazon Macie into a single pane for prioritized risk analytics. An Extended plan simplifies procurement and partner integrations, with AWS as seller of record and pay-as-you-go billing. AWS says forthcoming multicloud capabilities will add a common data layer, unified policies, expanded vulnerability scanning, and external network exposure checks.

🔒 Google Cloud published a recommended security checklist based on Minimum Viable Secure Product principles, offering 60 curated controls across six domains to help organizations harden cloud environments. The tiered Basic, Intermediate, and Advanced guidance is designed to be simple and scalable. It’s also automatable via a companion Terraform repository and positioned as AI-ready to support adoption of agentic AI. Early customers reported the checklist enabled rapid activation of critical controls and hardened baselines in a single session.

⚙️AWS has made the enhanced AWS Security Hub generally available, adding automation features to centralize and accelerate handling of security findings across accounts and Regions. The update integrates Security Hub CSPM into detection engines and provides real-time risk analytics, automated correlation, and enriched context to prioritize critical issues. Automation rules and integrations with EventBridge, Lambda, and ITSM tools like ServiceNow enable remediation, routing, and evidence collection to reduce manual triage and support compliance.

🔒 Cloud security posture management (CSPM) combines threat intelligence, continuous detection, and automated remediation to find and fix cloud misconfigurations that can expose data. Customers—not cloud providers—are responsible for configuring and protecting workloads, so organizations must select CSPM that delivers multicloud visibility, integrated data security, and policy-driven automated remediation. Modern offerings increasingly fold CSPM into broader CNAPP and SSE suites from vendors such as Wiz, Palo Alto Networks, Tenable, and CrowdStrike, making coverage, integration, and operational model critical factors in vendor selection.

🔒 Four former CISOs — Paul Hadjy, Joe Silva, Chris Pierson, and Michael Coates — turned recurring operational frustrations into startups that address enduring enterprise security gaps. Hadjy founded Horangi to tackle cloud security in Asia, Silva launched Spektion to reframe vulnerability management as an engineering problem, Pierson created BlackCloak to protect executives’ personal digital lives, and Coates built Altitude to secure cloud collaboration. Their founder journeys emphasize ruthless prioritization, accountability, and treating security as a trust and revenue enabler.

🚀 AWS Control Tower is now available in the AWS Asia Pacific (New Zealand) Region, bringing the service to 34 AWS Regions plus the AWS GovCloud (US) Regions. The service simplifies setup and governance of a secure, multi-account AWS environment, enabling a landing zone in 30 minutes or less and centralized visibility into compliance status. Existing customers can extend governance to the new region via the Control Tower settings by selecting regions and updating their landing zone; once applied, governed accounts, managed accounts, and registered organizational units (OUs) will be managed in the new region.

🛡️ AWS Security Hub CSPM now supports the CIS AWS Foundations Benchmark v5.0, introducing 40 automated configuration checks aligned to the industry standard. The new standard is available in all Regions where Security Hub CSPM operates, including AWS GovCloud (US) and the China Regions. AWS recommends using Security Hub CSPM central configuration to enable the standard across selected accounts and Regions with a single action. Customers can subscribe to the CSPM SNS topic for updates and try Security Hub free for 30 days.

🔒 This post explains how to plan and implement an AWS Security Hub proof of concept (POC) to evaluate unified cloud security operations. It outlines steps to define success criteria, configure integrations with GuardDuty, Amazon Inspector, Macie, and Security Hub CSPM, and to prepare, enable, and validate the deployment. The guidance recommends using overlapping trial periods, adopting the OCSF standard for normalized findings, and leveraging automation and ticketing integrations to measure operational impact.

🔍 AWS Config now records resource tags for IAM policy resource types, enabling you to capture tag values and track their changes directly in your Config recorder. You can scope both Config-managed and custom rule evaluations by tag and use Config aggregators to selectively collect IAM policies across accounts. This capability is available in all supported AWS Regions at no additional cost.

🔔 AWS CloudFormation Hooks now supports managed proactive controls, allowing teams to validate resource configurations against AWS best practices without writing custom Hook logic. Customers can select controls from the AWS Control Tower Controls Catalog and apply them during CloudFormation operations, and run them in warn mode for nonblocking evaluation before enforcing policies. A new Hooks Invocation Summary page provides a centralized historical view of control executions and outcomes to simplify compliance reporting and troubleshooting.

🔒 FortiCNAPP unifies cloud security across posture, workload runtime, control plane, and application layers to address common gaps that expose cloud-native applications. The platform delivers continuous asset discovery and inventory mapping, built-in CSPM with compliance mappings, runtime workload protection, and CDR that correlates host telemetry with cloud audit logs via composite alerts. Integrated FortiWeb WAF/API protections and CI/CD scanning enable a shift-left workflow so developers and security teams can detect and remediate risks earlier without slowing delivery.

🔍 SRA Verify is an open-source assessment tool from AWS that automates validation of an organization’s alignment to the AWS Security Reference Architecture (AWS SRA). It runs automated checks across multiple services to verify configurations and highlight deviations from recommended patterns. The tool links checks to remediation guidance and IaC examples to help teams implement fixes more quickly. It currently covers CloudTrail, GuardDuty, IAM Access Analyzer, Config, Security Hub, S3, Inspector, and Macie, with plans to expand.