Latest news with #securityteams
Forbes
30-07-2025
- Business
- Forbes
Mitigation Without Remediation: Rethinking Cloud Risk Resolution
Security teams today face a hard reality in modern cloud environments: not every vulnerability can be fixed right away. In fact, many can't be fixed at all—at least not without breaking business-critical systems or waiting on another team's backlog. That doesn't mean organizations are helpless. It means the way we think about cloud risk has to evolve. The Exposure We Can't Always Fix A growing body of research—and firsthand experience—shows that more than half of identified cloud risks go unremediated for extended periods. The reasons vary: These are relatively common scenarios. And in each case, the longer a vulnerability stays open, the more time an attacker has to find and exploit it. 'Full remediation is always the ultimate goal,' says Snir Ben Shimol, CEO of ZEST Security. 'But mitigation is a key piece to a robust cloud exposure management program—especially when full remediation can't be implemented right away.' Why Mitigation Matters Traditionally, security posture has been defined by how quickly teams can identify, prioritize, and patch. But when patching isn't an option, the focus shifts to limiting what an attacker can do. This is where mitigation comes in. Think of it as a parallel track to remediation—not a replacement, but a way to reduce exposure today while working on a longer-term fix. Mitigation strategies might include: These options aren't about perfect security. They're about reducing exploitability. 'Let's take ransomware as an example,' Ben Shimol explains. 'SCPs can be used to limit what an attacker is able to do, such as restricting the ability to delete or encrypt data. That buys valuable time and reduces risk while remediation efforts are underway.' The Role of Agentic AI in Resolution Manual mitigation is time-intensive and context-sensitive. Applying the wrong policy—or applying it in the wrong place—can break functionality or disrupt development workflows. That's where automation and AI are starting to play a critical role. AI-powered resolution engines now exist to analyze the environment, simulate changes, and recommend safe, high-impact actions. These systems, often built around specialized 'agents,' can correlate CSPM findings and vulnerability scans to a range of viable resolutions—including both code fixes and mitigation pathways. Ben Shimol describes ZEST's approach as a network of AI agents 'each designed to handle specific remediation tasks,' including agents that focus on mitigation using native cloud controls. 'Our agents simulate every fix, mitigation, etc., on a digital twin of your environment, recursively validating the outcome before suggesting changes.' Why SCPs Are Gaining Attention AWS Service Control Policies are not new, but they've historically been viewed as administrative guardrails—static controls for limiting service access across accounts. What's changed is the realization that SCPs can also be dynamic mitigation tools. They can be used to enforce least privilege, restrict destructive actions, and isolate misconfigured services—all without requiring code changes. When used with precision and context, SCPs can help prevent key stages of an attack, including: Skeptics sometimes view SCPs as blunt instruments, but that perception is shifting. When properly scoped and validated, they can offer a reliable, reversible, and low-friction way to reduce risk. The Bigger Shift Most CSPM tools and vulnerability scanners end at detection and alerting. The burden then falls on security teams to decide what to do next—and to negotiate with DevOps, engineering, or IT to implement a fix. Mitigation pathways provide a way to break that cycle. They empower security teams to act immediately, using cloud-native controls to reduce the attack surface while waiting on the rest of the system to catch up. ZEST Security announced it is adding AWS Service Control Policies as a core mitigation pathway in its cloud risk resolution platform. ZEST's approach treats SCPs as real-time controls to prevent key stages of an attack—such as reconnaissance, privilege escalation, or data encryption—even when the underlying vulnerability remains unresolved. The move highlights a broader industry trend: building smarter tooling that can help security teams take meaningful action—without having to wait for the perfect fix. 'ZEST gives security teams options,' says Ben Shimol. 'We provide resolution pathways aligned to groups of related risks, offering both remediation and mitigation options—so teams can choose the best way forward based on their unique circumstances.' Looking Ahead As cloud complexity grows, so does the gap between risk discovery and resolution. Agentic AI systems and proactive mitigation strategies are closing that gap—not by eliminating every vulnerability, but by reducing the chances it can be used against you. Mitigation isn't a detour from security best practices. It's a way to stay in the fight when perfection isn't possible.
Yahoo
21-07-2025
- Business
- Yahoo
Google adds separate work and personal accounts to Chrome on iOS
Google has introduced new features for Chrome on iOS that help users bifurcate work and personal data by using separate Google accounts. As more employers implement bring your own device (BYOD) policies, employees increasingly access company resources from browsers on their personal devices. Devices connected to a managed Google Workspace are able to leverage these additions. Chrome now supports easy account switching and data separation on iOS, similar to its approach onAndroid andChrome for desktop. The browser keeps data such as tabs, history and passwords confined to the corresponding account, protecting employer information from exposure to personal activities. When users first sign or select their managed account, they will be taken through an onboarding process that explains the separation between managed accounts and personal, as well as insights into how their company is handling their data. Anytime a user switches to the managed account, they are notified that they are entering a managed experience. Google has also added safeguards for companies using Chrome Enterprise. IT teams can now apply URL filtering to work accounts in Chrome on iOS, and security teams can stream audit logs from iOS and Android directly into the Admin console or any SIEM, both of which are features already available on desktop. These features are available for managed devices through Chrome Enterprise today.
Zawya
17-07-2025
- Business
- Zawya
AWS WAF reduces web application security configuration steps and provides expert-level protection
Dubai, UAE – AWS has announced general availability of the AWS WAF simplified console experience that reduces web application security configuration steps by up to 80% and provides expert-level protection to help optimize application security. AWS WAF helps protect web applications and APIs against common web exploits and bots that could affect availability, compromise security, or consume excessive resources. Security teams can now implement comprehensive protection for applications within minutes through pre-configured protection packs that incorporate AWS security expertise and are continuously updated to address emerging threats. These templates provide extensive security coverage including protection against common web vulnerabilities, malicious bot traffic, application layer DDoS events, and API-specific threats, all customized to your application type. With the new console experience, select the application type, such as E-commerce platforms or transaction processing applications, to automatically apply expert-curated protection rules optimized for the specific use case. The unified dashboard provides consolidated security metrics, threat detection, and rule performance data, enabling security teams to quickly identify and respond to potential threats while maintaining full security control. Key security controls, including rate limiting, geographic restrictions, and IP reputation filtering, can be customized through an intuitive single-page interface that reduces configuration time. The new AWS WAF console experience is available in all AWS Regions. About Amazon Web Services Since 2006, Amazon Web Services has been the world's most comprehensive and broadly adopted cloud. AWS has been continually expanding its services to support virtually any workload, and it now has more than 240 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, media, and application development, deployment, and management from 114 Availability Zones within 36 geographic regions, with announced plans for 16 more Availability Zones and five more AWS Regions in Chile, New Zealand, the Kingdom of Saudi Arabia, Taiwan, and the AWS European Sovereign Cloud. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. To learn more about AWS, visit About Amazon Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth's Most Customer-Centric Company, Earth's Best Employer, and Earth's Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon. For more information, visit and follow @AmazonNews.
The Herald
01-07-2025
- Business
- The Herald
Rethinking resilience
Resilience is no longer about having a backup plan. It means being able to adapt – faster than the market shifts, the threats evolve, or the next compliance requirement lands on your desk. In this issue of Digital Business, we explore how South African businesses are rethinking resilience in a landscape that's as complex as it is fast-moving. Cloud adoption is no longer novel; it's foundational. But cost pressures, skills shortages, and fragmented architectures are pushing CIOs to do more with less – while still promising scalability, security, and service continuity. AI adds a new layer of pressure. It's helping teams automate threat detection and close talent gaps. But it's also arming attackers with better tools, faster tactics, and increasingly sophisticated deepfakes. In this environment, relying on outdated systems or legacy playbooks isn't just risky – it's negligent. What's becoming clearer is this: the tech alone isn't enough. The real competitive edge lies in people – whether that means security teams being upskilled through local bootcamps, business leaders embracing cloud strategy as a boardroom priority, or organisations maturing their operations to unlock long-term value. You'll find stories in this issue that span deep technical insight, human-centred innovation, and forward-looking strategy. From the economics of cloud optimisation to the ethics of AI in an African context, these are the conversations shaping digital business – not just in 2025, but from here on out. We hope it helps you see not just where the future's going – but how to meet it on your own terms. Brendon Petersen. Editor
Forbes
20-05-2025
- Business
- Forbes
Building The Future Of Smarter Security Operations
Security teams are overwhelmed, but a smarter, unified approach—powered by AI and streamlined ... More workflows—could finally bring order to the chaos inside the SOC. Security Operations Centers are meant to be the command hubs of cybersecurity. But many are bogged down by tool sprawl, false alerts and burned-out teams. Splunk's State of Security 2025 report shows that security teams are spending more time maintaining tools than stopping threats—and it's costing them. I sat down with Michael Fanning, CISO at Splunk, to talk about what insights the reports revealed for him. He summed it up clearly: 'The future SOC is extremely streamlined. Analysts will be freed from mundane, repetitive tasks, so they can apply their expertise where it truly matters: defending the organization.' SOCs today face a flood of alerts. About 59% of respondents say they get too many, and 55% are dealing with too many false positives. That slows down response times and wears down teams. Nearly half of security professionals say they spend more time managing tools than actually protecting systems. Fanning noted that this isn't just inefficient—it's demoralizing. Spending an hour on a low-value alert that turns out to be nothing is frustrating, and it adds up fast. Downtime during an incident can cost over $500,000 per hour. AI is already making a difference in the SOC. About 59% of security leaders say it has improved their team's efficiency. Fanning was surprised by how many teams have already started using it. 'Greater than 50% of the respondents had mentioned that their security operations are already adopting AI in some form or fashion.' But AI is not a fix-all. It still needs oversight. Only 11% of respondents fully trust AI for mission-critical decisions. Most prefer a 'human-in-the-loop' approach. That means AI helps with repetitive tasks, but people still make the final call. Fanning put it this way: 'I don't see it as a complete replacement, but more of an aid to help an engineer or an analyst do their job faster than they were before.' Detection engineering is a top skill for modern security teams—but also one of the hardest to find. About 41% of teams say they lack it. Detection as Code is catching on because it lets teams create, test and improve detections like software. But only a third of organizations are using it regularly. Fanning stressed that quality detection is key. With good data and smart rules, analysts waste less time and respond faster. Better alerts mean better decisions. Overwork is a serious problem. More than half of SOCs report staff burnout. Many professionals have even thought about leaving the field. Some automation can help—but it also raises new questions. If AI handles the basics, how will new analysts learn the fundamentals? Fanning pointed out that his early help desk experience gave him the skills to succeed in cybersecurity. If junior staff skip that step, they may lack the deeper knowledge needed to solve complex problems. Splunk's own SOC has automated many tier-one tasks. But instead of cutting jobs, they use the freed-up time for higher-priority work. It's about shifting focus, not shrinking teams. One major problem is tool sprawl. Seventy-eight percent of respondents say their tools don't work well together. That makes fast response harder. When teams adopt a unified platform, they report better results—faster response times, less tool upkeep and stronger coverage. Security is no longer just a job for the SOC. It takes support from across the company—from HR and IT to legal and engineering. But only a small number of teams always share data across these departments. Fanning says that building those connections is crucial for quicker, more accurate responses. The future of the SOC is about using people, processes and platforms in a smarter way. That means making thoughtful use of AI, improving detection methods, closing skill gaps and unifying security workflows. The threats are faster, and the stakes are higher. But the Splunk report suggests that with the right strategy, SOCs can keep up—and even get ahead.
