How SaaS Adoption Is Changing Cloud Security

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

TalKlein,
User Rank: Author
9/29/2014 | 2:43:09 PM

Re: Security moving in from the perimeter

Well put! I completely agree. In the article I laid out three mechanisms which we use today:

1. The behavioral standard deviation of the application in the context of the organization using it.
This will continue to be useful because applications in the contexts of their organizations have unique behavioral fingerprints, we will continue to build on these in collaboration with the app vendors themselves. Ideally these would be metered via APIs, but today we supplement some of them through other vectors such as Identity and Access API's (provided by Okta or ADFS), and our SAML-based reverse proxy.

2. The realm of human capability.
This is the low hanging fruit that, as you astutely stated, will become largely commodotized over time and likely adopted by the SaaS vendors themselves as a value added component of their service, like 2FA and IP restrictions. Where we think we'll add value here is by having a broader dataset that encompasses users across several SaaS platforms.

3. The unique behavioral fingerprint of a user.
This is the big one, this is where we're investing 60% of our R&D, hiring the best machine learning engineers, and the brightest heuristic scientists. We believe this is where the competitive battle lines will be drawn.

Reply | Post Message | Messages List | Start a Board

Stratustician,
User Rank: Moderator
9/29/2014 | 1:39:12 PM

Re: Security moving in from the perimeter

It's nice to see a wider inclusion of other threat data such as social evidence included in security models. i think it's quite easy for people to get comfortable relying on traditional controls such as endpoint, authentication and encryption, but as more apps become SaaS based, it's going to come down to more heuristic information such as comparing how attacks are carried out versus as the author states, what is possible by a human.

Reply | Post Message | Messages List | Start a Board

TalKlein,
User Rank: Author
9/26/2014 | 4:53:29 PM

Re: Security moving in from the perimeter

Thanks, Marilyn - I'm glad to see these issues are rising to the forefront of security discussions.

Reply | Post Message | Messages List | Start a Board

Marilyn Cohodas,
User Rank: Strategist
9/26/2014 | 11:23:03 AM

Re: Security moving in from the perimeter

There's been a lot of discussion about the end of the perimeter, but Tal did a really nice job breaking down why and how in the era of web services these attacks are so easily missed! The old saying "never assume" definitely does not apply in the cloud.

Reply | Post Message | Messages List | Start a Board

TalKlein,
User Rank: Author
9/25/2014 | 7:23:24 PM

Re: Security moving in from the perimeter

Thanks, Charlie! I know it's hard in an age of Shellshocks and Heartbleeds to actively think about adaptation rather than prevention - But hopefully security leaders out there are minding the gap.

Reply | Post Message | Messages List | Start a Board

Charlie Babcock,
User Rank: Ninja
9/25/2014 | 6:47:58 PM

Security moving in from the perimeter

Good discussion, Tal, and another signpost that security has to come in from the perimeter and do more to keep an eye on what's actually going on with the application.

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Emerging Cybersecurity Technologies - A Dark Reading Mar 23 Event

Black Hat USA - August 5-10 - Learn More

Black Hat Asia - May 9-12 - Learn More

More Informa Tech Live Events

White Papers

How Machine Learning, AI & Deep Learning Improve Cybersecurity

State of Email Security

Ransomware Resilience and Response: The Next-Generation

Ransomware Is On The Rise

How Hybrid Work Fuels Ransomware Attacks

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

The Promise and Reality of Cloud Security

Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises address the associated security risks. This report - a compilation of cutting-edge Black Hat research, in-depth Omdia analysis, and comprehensive Dark Reading reporting - explores how cloud security is rapidly evolving.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2023-23082
PUBLISHED: 2023-02-03

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

CVE-2023-23615
PUBLISHED: 2023-02-03

Discourse is an open source discussion platform. The embeddable comments can be exploited to create new topics as any user but without any clear title or content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. As a workaround, disable embeddable comments by ...

CVE-2022-24895
PUBLISHED: 2023-02-03

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables s...

CVE-2023-22746
PUBLISHED: 2023-02-03

CKAN is an open-source DMS (data management system) for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a custom value via environment variables in the `.env` fil...

CVE-2022-24894
PUBLISHED: 2023-02-03

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response ...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]