What is Data Security Posture Management (DSPM)?

Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture - regardless of where it's been duplicated or moved to. So, what is DSPM? Here's a quick example: Let's say you've built an excellent security posture for...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.10.14 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.10.14 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS ba...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.9 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.9 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

The vulnerability of the Snowflake NodeJS driver for working with cloud-based data processing platforms and Snowflake’s data processing capabilities on the NodeJS platform allows attackers to execute arbitrary code.

The vulnerability of the Snowflake NodeJS driver for working with cloud-based data processing platforms and Snowflake data on the NodeJS platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Snowflake Golang driver for working with the cloud-based data processing and storage platform allows a perpetrator to execute arbitrary code.

The vulnerability of the Snowflake Golang driver for working with cloud-based data processing and storage platforms is related to the lack of measures to clean incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the OpenAPI interface of the Cisco Secure Workload protection tool for multi-cloud data centers (previously known as Tetration) allows a malicious actor to escalate their privileges.

The vulnerability of the OpenAPI interface of the Cisco Secure Workload protection tool for multi-cloud data centers relates to shortcomings in role-based access control when performing operations. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

The vulnerability in the web interface for managing analytics and automation services in Cisco Nexus Dashboard’s cloud-based data centers allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability in the web interface for managing analytics and automation of cloud-based Cisco Nexus Dashboard data centers is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

Getting started with the CDMC framework—Microsoft’s guide to cloud data management

On March 20, 2023, Microsoft announced the successful completion of the Cloud Data Management Capabilities CDMC certification. As a proponent of wider industry standards, I was fortunate to be part of Microsoft’s executive team working to achieve this important milestone. Beginning in 2020, we...

Microsoft achieves first native Cloud Data Management Capabilities certification

Today, Microsoft announced the successful completion of the Cloud Data Management Capabilities CDMC 14 Key Controls and Automations certification, conducted by Accenture and Avanade, accelerating the industry’s move to the cloud. The 14 Key Controls and Automations are a part of the EDM Council’s...

Microsoft achieves first native Cloud Data Management Capabilities certification

Today, Microsoft announced the successful completion of the Cloud Data Management Capabilities CDMC 14 Key Controls and Automations certification, conducted by Accenture and Avanade, accelerating the industry’s move to the cloud. The 14 Key Controls and Automations are a part of the EDM Council’s...

This Week in Spring - February 21, 20223

Hi, Spring fans! Welcome to another installment of This Week in Spring! How're you? I almost forgot today was Tuesday! Here in the US, we had a three day weekend for President's day, and also I've been streaming for a few hours every day or almost every day on my little YouTube channel so the day...

Wiz launches Australia cloud data center further demonstrating commitment to ANZ and multinational organizations

Wiz announces availability of new regional data center and adds support for Essential Eight controls...

Security Vulnerabilities in Eufy Cameras

Eufy cameras claim to be local only, but upload data to the cloud. The company is basically lying to reporters, despite being shown evidence to the contrary. The companys behavior is so egregious that ReviewGeek is no longer recommending them. This will be interesting to watch. If Eufy can ignore...

Why Agentless DAM is a Better Option for Securing Cloud Data

In the context of on-premises database activity monitoring DAM, security teams use agents to enable them to see all requests coming into the databases as well as all responses going out of the databases. In other words, the agent-based approach enables database activity monitoring independent of...

SaaS Eliminates Barriers to Applying Security Controls to Your Entire AWS and Azure Data Repository

Businesses today widely regard data as “the new oil,” the most valuable resource on earth. At the same time, we are in the midst of the most dynamic IT landscape in history which is increasing the risk to this most valuable asset. Organizations, without sufficiently skilled staff to effectively...

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update

Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

Become a Cybersecurity Expert with 18 New Online Courses @ 98% OFF

With more data stored in the cloud than ever before, now is a good time to get into cybersecurity. Many top corporations are looking for new talent, and even junior professionals can earn $80,000 or more. The only barrier to entry is education. How do you learn about security protocols and white...

How Organizations Manage to Understand Millions of Unstructured Data Files at Scale

For an ever-growing segment of organizations, making sense of unstructured data is fast becoming imperative. It is also far more challenging. Unlike structured data that’s stored in rows and columns, text-based, and easy to search in relational databases and data warehouses, there is no defined...