2303 matches found
Are You Promoting Security Fluency in your Organization?
Migrating to the cloud is hard. The PowerPoint deck and pretty architectures are drawn up quickly but the work required to make the move will take months and possibly years. The early stages require significant effort by teams to learn new technologies the cloud services themselves and new ways o...
Connected Car Standards – Thank Goodness!
Intelligent transportation systems ITS require harmonization among manufacturers to have any chance of succeeding in the real world. No large-scale car manufacturer, multimodal shipper, or MaaS Mobility as a Service provider will risk investing in a single-vendor solution. Successful ITS require...
Risk Decisions in an Imperfect World
Risk decisions are the foundation of information security. Sadly, they are also one of the most often misunderstood parts of information security. This is bad enough on its own but can sink any effort at education as an organization moves towards a DevOps philosophy. To properly evaluate the risk...
How to Secure DevOps in Microsoft Azure
Want to establish best practices within Microsoft Azure? Learn how to integrate a Secure DevOps Kit for Azure AzSK at the subscription level, as well as in your development process during coding, CI/CD pipeline, and future alerting and reporting...
Build in the Cloud with Confidence
The AWS Well-Architected Framework provides a consistent approach to building cloud architectures. Learn how to leverage consistent best practices and guidance for your architecture so you can focus on building great solutions in the cloud...
Perspectives Summary – What You Said
On Thursday, June 25, Trend Micro hosted our Perspectives 2-hour virtual event. As the session progressed, we asked our attendees, composed of +5000 global registrants, two key questions. This blog analyzes those answers. First, what is your current strategy for securing the cloud? Rely completel...
Principles of a Cloud Migration
Development and application teams can be the initial entry point of a cloud migration as they start looking at faster ways to accelerate value delivery. One of the main things they might use during this is “Infrastructure as Code,” where they are creating cloud resources for running their...
This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about two recently detected variants of existing Linux botnet malware types targeting exposed Docker servers. Also, read about a group...
8 Cloud Myths Debunked
Many businesses have misperceptions about cloud environments, providers, and how to secure it all. We want to help you separate fact from fiction when it comes to your cloud environment. This list debunks 8 myths to help you confidently take the next steps in the cloud. The post 8 Cloud Myths...
Healthcare Enterprises Share Risk Reduction Insight
Healthcare organizations are subject to strict regulations, including data security and privacy. Three enterprises discuss risk reduction within a sector where a data leak could prove disastrous...
Reduce the Attack Surface of Your Container Images
Follow along as Chuck Losh, Solutions Architect, walks through a new way of thinking in how to construct distroless images from Google, using an example of a multi-stage Dockerfile method...
Knowing your shared security responsibility in Microsoft Azure and avoiding misconfigurations
Trend Micro is excited to launch new Trend Micro Cloud One – Conformity capabilities that will strengthen protection for Azure resources. As with any launch, there is a lot of new information, so we decided to sit down with one of the founders of Conformity, Mike Rahmati. Mike is a technologist a...
The Fear of Vendor Lock-in Leads to Cloud Failures
Vendor lock-in has been an often-quoted risk since the mid-1990’s. Fear that by investing too much with one vendor, an organization reduces their options in the future. Was this a valid concern? Is it still today? The Risk Organizations walk a fine line with their technology vendors. Ideally, you...
Cloud Assurance from Infrastructure to App
In this webinar, Trend Micro and IDC explain the importance of security guardrails in Amazon Web Services AWS and Microsoft® Azure™ play in obtaining cloud operational excellence...
Protect Cloud Workloads with Azure Sentinel
Looking for SIEM and SOAR integration for your Trend Micro Cloud One™ – Workload Security investment? Learn how you can get Azure Sentinel capabilities added to Workload Security and how this integration can create a more valuable solution...
This Week in Security News: Intel Says ‘Tiger Lake’ Will Drown Control-Flow Malware and New Phishing Campaign Targeting Office 365 Exploits Brand Names
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how the next generation of Intel mobile processors will include malware protection built into the chip. Also, read about a new...
How to Fix Security Misconfigurations Automatically
Mistakes happen, but what happens if someone accidentally introduces a misconfiguration into your public cloud account. Explore the auto-remediation capabilities offered by Trend Micro and unburden your team from manually cleaning up the mess...
Open Doors with Cloud Security Posture Management (CSPM)
Gain insights into the importance of being well-architected during the deployment process and how to quickly remediate risks by shifting best practice checks to the earliest phase of the CI/CD pipeline...
This Week in Security News: Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update and New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Microsoft’s largest-ever Patch Tuesday update including 129 CVEs. Also, read about a new Android Spyware dubbed ActionSpy. Read...
Trend Micro Guardian: Protecting Your Kids On-the-Go
Some smart devices are not limited to use on the home network; for instance, your child’s mobile phone or tablet. Keeping your kids safe on these on-the-go devices means extending your security policies beyond the home. Trend Micro Home Network Security HNS makes it easy with its complementary ap...
Bridging the Cloud Communication Gap. #LetsTalkCloud
The conversation between you and your Board of Directors is not always a walk in the park. With more and more cloud projects coming your way, it’s time to change the conversation to speak their language and start smoothing out the journey...
Not Just Good Security Products, But a Good Partner
The analyst firm Canalys annually produces their Cybersecurity Leadership Matrix. Whereas many third-party assessments are looking at just the security product, this one focuses on the value to channel partners. Sidebar: what is the channel? If you aren’t actively buying or selling cybersecurity...
This Week in Security News: Google Faces Privacy Lawsuit Over Tracking Users in Incognito Mode and TrickBot Adds Enterprise-grade Module to Malware Arsenal
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a new module for the infamous trojan known as TrickBot that has been deployed. Also, read about Google’s $5 billion class-action...
Message from Eva Chen – as a human being, not a CEO: We need to speak out and act against racism
I would like to express my outrage over the brutal killings of George Floyd, Breonna Taylor, and Ahmaud Arbery – not as the CEO of an international company, but as a human being and a citizen of the world. It makes me very sad, but also intensely frustrated and angry to realize how little is bein...
This Week in Security News: How the Cybercriminal Underground Has Changed in 5 Years and the NSA Warns of New Sandworm Attacks on Email Servers
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how, over the past five years, the cybercriminal underground has seen a major shift to new platforms, communications channels,...
Exploring Common Threats to Cloud Security
The adoption of cloud services helps drive agility, differentiation, and progress. But like any technological progress, cyber risks are attached. IT leaders need to embrace a more holistic, simpler way to manage security...
Principles of a Cloud Migration – Security W5H – The HOW
“How about… ya!” Security needs to be treated much like DevOps in evolving organizations; everyone in the company has a responsibility to make sure it is implemented. It is not just a part of operations, but a cultural shift in doing things right the first time – Security by default. Here are a f...
Securing the Connected World with Support for The Shadowserver Foundation
If the first few months of 2020 have taught us anything, it’s the importance of collaboration and partnership to tackle a common enemy. This is true of efforts to fight the current pandemic, and it’s also true of the fight against cybercrime. That’s why Trend Micro has, over the years, struck...
21 Tips to Stay Secure, Private, and Productive as You Work from Home on Your Mac
Nowadays, Macs are part of the work-from-home workforce during the COVID-19 pandemic. If you’ve brought a Mac from the office to home, it’s likely your IT department has already set it up to meet your company’s security policies. But what if you’re enlisting a Mac already at home to do duty for...
Is Cloud Computing Any Safer From Malicious Hackers?
Cloud computing has revolutionized the IT world, making it easier for companies to deploy infrastructure and applications and deliver their services to the public. The idea of not spending millions of dollars on equipment and facilities to host an on-premises data center is a very attractive...
How the Cybercriminal Underground Has Changed in 5 Years
The cybercrime economy is one of the runaway success stories of the 21st century — at least, for those who participate in it. Estimates claim it could be worth over $1 trillion annually, more than the GDP of many countries. Part of that success is due to its ability to evolve and shift as the...
This Week in Security News: New Bluetooth Vulnerability Exposes Billions of Devices to Hackers and Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a new security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device. Also, learn...
Integrate Security Into DevOps and IaC
This article provides recommendations on implementing security into your CI/CD and infrastructure as code pipeline, and most importantly, how to enable both security and DevOps to start speaking each other’s languages...
This Week in Security News: How Researchers Used an App Store to Demonstrate Hacks on a Factory and Microsoft Again Surpasses 100 Vulnerabilities on Patch Tuesday
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how researchers at Trend Micro used an app store to demonstrate hacks on a manufacturing facility. Also, learn about this month’s...
From Bugs to Zoombombing: How to Stay Safe in Online Meetings
The COVID-19 pandemic, along with social distancing, has done many things to alter our lives. But in one respect it has merely accelerated a process begun many years ago. We were all spending more and more time online before the virus struck. But now, forced to work, study and socialize at home,...
Protect Your Cloud Workloads using IaC
Get step-by-step instructions on how to perform an automated security deployment utilizing Terraform by Hashicorp, an Azure Custom-Script Extension, and a Trend Micro Cloud One™ deployment script stored in an Azure Key Vault...
Securing Smart Manufacturing
“Alexa, turn on the TV.” ”Get it yourself.” This nightmare scenario could play out millions of times unless people take steps to protect their IoT devices. The situation is even worse in industrial settings. Smart manufacturing, that is, Industry 4.0, relies on tight integration between IT system...
Protect Your Container Images and CI/CD Pipeline
Ever wonder if the container images you provide to customers have been checked for vulnerabilities, malware, and other malicious threats? Read this article on how to easily and quickly set up protection for your container images and CI/CD pipeline...
Principles of a Cloud Migration – Security W5H – The WHERE
“Wherever I go, there I am” -Security I recently had a discussion with a large organization that had a few workloads in multiple clouds while assembling a cloud security focused team to build out their security policy moving forward. It’s one of my favorite conversations to have since I’m not jus...
This Week in Security News: 7 Tips for Security Pros Patching in a Pandemic and Coinminer, DDoS Bot Attack Docker Daemon Ports
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a malicious cryptocurrency miner and Distributed Denial of Service DDoS bot that targets open Docker daemon ports. Also, learn...
Teaming up with INTERPOL to combat COVID-19 threats
If the past couple of months have taught us anything, it’s that partnerships matter in times of crisis. We’re better, stronger and more resilient when we work together. Specifically, public-private partnerships matter in cybersecurity, which is why Trend Micro is always happy to reach out across...
Secure Your Azure Active Directory Domain Controllers
Working from home has become the new norm. In this article, we dive into why it is time to part ways with your on-premises domain controllers, get your devices registered to the Microsoft® Azure®, and enable a secure work from home environment...
This Week in Security News: Shade Ransomware Shuts Down, Releases Decryption Keys and WebMonitor RAT Bundled with Zoom Installer
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how the operators of the Shade Troldesh ransomware have shut down and released more than 750,000 decryption keys. Also, learn abo...
Principles of a Cloud Migration – Security W5H – The When
If you have to ask yourself when to implement security, you probably need a time machine! Security is as important to your migration as the actual workload you are moving to the cloud. Read that again. It is essential to be planning and integrating security at every single layer of both...
How to Secure Applications Using Security as Code
Follow along as Chuck Losh, Solutions Architect, uses Azure App Service, Visual Studio Code, GitHub, and PHP to run an experiment on how to secure applications using security as code from Trend Micro Cloud One™ – Application Security...
Why Organizations Need to Simplify Cybersecurity
The emergent adoption of cloud services helps organizations drive agility, differentiation, and progress. But like with any technological progress, the cyber risks attached grow right alongside it. This exemplifies that the need for IT leaders to adopt a more holistic, simpler way to manage...
CISOs Are Demanding Detection and Response Everywhere
As digital transformation increases the corporate attack surface, IT leaders require enhanced visibility, detection, and response—not just at the endpoint, but across all key IT layers...
Trend Micro’s Top Ten MITRE Evaluation Considerations
The introduction of the MITRE ATT&CK evaluations is a welcomed addition to the third-party testing arena. The ATT&CK framework, and the evaluations in particular, have gone such a long way in helping advance the security industry as a whole, and the individual security products serving the market...
#LetsTalkCloud: The Unicorn Project Principles
Let's Talk Cloud: Season 02 // Episode 06: Host, Mark Nunnikhoven, interviews Trend Micro Developer, Madeline Van Der Paelt. Together they dive into the core principles enumerated in Gene Kim's book, The Unicorn Project...
Principles of a Cloud Migration – Security, The W5H – Episode WHAT?
Teaching you to be a Natural Born Pillar! Last week, we took you through the “WHO” of securing a cloud migration here, detailing each of the roles involved with implementing a successful security practice during a cloud migration. Read: everyone. This week, I will be touching on the “WHAT” of...