How good is your organization’s cloud security? Sounds like a simple question, but it can be very difficult to answer. With so many competing business priorities, it’s often difficult to know what is running in cloud environments, let alone how or where. However, not knowing the answer could

June has been dotted with many stories, but the most prevalent is what people are calling the “Mother of all Breaches”. Other stories this month include a significant shift in U.S. cybersecurity policy via a new executive order, and a dramatic escalation of cyber warfare tied to geopolitical conflicts.

How good is your organization’s cloud security? Sounds like a simple question, but it can be tough to answer. With so many competing business priorities, it’s often difficult to know what is running in cloud environments, let alone how or where. However, not knowing the answer could lead

May was another whirlwind month for cybersecurity, characterized by a surge in actively exploited zero-day vulnerabilities, large-scale ransomware attacks, data breaches, and sophisticated malware campaigns. Artificial Intelligence (AI) also continued its expansion, proving that it can be a powerful tool for both attackers and defenders, adding complexities to an already

Hey friends, we’re coming to you once a quarter with our latest content plus some good stuff we’ve seen from the security-sphere.  First, our favorite meme of the quarter: Jordan’s cat, Rosa, is not impressed.  Our Blogs From This Quarter  Happy AppSec New Year - 2024 Recap

Over the years, Cloud Security Partners has offered a wide range of security consultancy services. One unfortunate responsibility we frequently handle is incident response. This response work often takes place in custom applications, but we also carry out these tasks on WordPress installations regularly. These incidents can vary widely in

“Cyber Security at the Ministry of Defence” by Defence Imagery is licensed under CC BY-NC 2.0 Keeping up with cybersecurity can sometimes feel like a full-time job, but we have broken down the latest updates and emerging threats for April into bite-sized pieces; full details can be found in

Generative Artificial Intelligence is everywhere these days— from customer service chatbots all the way up to autonomous agents writing code on behalf of users. However, as these AI models are given more power and agency, they also become a much larger target for adversarial attacks. How can we ensure that

Introduction Breaking into Application Security can feel overwhelming at first. However, it's one of the most rewarding and dynamic fields in cybersecurity. You might be a newcomer to the industry, a software engineer or product manager looking to make a career pivot, or an existing AppSec engineer looking

A robust AWS incident response plan tends to begin with CloudTrail. CloudTrail is a tool that enables insight into events that occur within the AWS account. It is the first step in investigating a breached account and generally provides a wealth of information. In many cases, however, CloudTrail will not

Software increasingly becomes more complicated. We regularly import libraries for complex or tedious tasks that we would rather not do ourselves to speed up the development of new applications or features. Database connectors, web application frameworks, serialization libraries. The list goes on for tools we need to remain highly productive.