Advertise

Cloud

2/6/2020
08:00 AM

Curtis Franklin Jr.
Slideshows

0 comments
Comment Now

RSAC Sets Finalists for Innovation Sandbox

The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.

7 of 11

Obsidian Security

SaaS application architecture is the target of Obsidian Security with its web-based service that applies security to all SaaS applications. More than just securing the environment, Obsidian Security promises "frictionless" security, adding no response time to applications or additional steps for users.

Obsidian Cloud Detection and Response is based on identity-centric security coupled with machine intelligence to recognize threats and vulnerabilities. Obsidian's technology is deployed through API integrations, with no agents or applications to bring into an environment.

Founded in 2017, Obsidian Security has raised $29 million in funding, most recently a $20 million Series B round in 2019, led by Wing Venture Capital. Greylock and GV are also prominent investors in the company.

(Image: Obsidian Security)

7 of 11

Comment |

Email This |

Print |

RSS

Comments

Newest First | Oldest First | Threaded View

[close this box]

Be the first to post a comment regarding this story.

Hot Topics

Editors' Choice

NSA Appoints Rob Joyce as Cyber Director

Dark Reading Staff 1/15/2021

Vulnerability Management Has a Data Problem

Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber, 1/14/2021

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?

IFSEC Global, Staff, 1/14/2021

Webinars

Protecting Your Enterprise's Intellectual Property

Making Cybersecurity Work in Small and Medium-Sized Businesses

ROI and Beyond for the Cloud

Webinar Archives

White Papers

How to Prioritize Risk Across the Cyberattack Surface

The Insecure State of Microsoft Teams Security

Two-Factor Evaluation Guide

Presenting Your Cloud Security Strategy to the Board

How to Compete in Financial Services IT

More White Papers

Cartoon

Post a Comment

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-27852
PUBLISHED: 2021-01-20

A stored Cross-Site Scripting (XSS) vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role (Administrator, Editor, etc.).

CVE-2021-3137
PUBLISHED: 2021-01-20

XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.

CVE-2020-27850
PUBLISHED: 2021-01-20

A stored Cross-Site Scripting (XSS) vulnerability in forms import feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via the import of a GF form. This code is interpreted by users in a privileged role (Administrator, Editor, etc.).

CVE-2020-27851
PUBLISHED: 2021-01-20

Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privile...

CVE-2020-13134
PUBLISHED: 2021-01-20

Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. The successful exploitation requires admin privileges (for storing the XSS payload itself), and can exploit (be triggered by) admin users. All TOS versions with SecureChange deployments prior to R19.3 HF3 and R20-1 HF1...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]