Lara_Goldstein

Bridging the Gap Between Code and Cloud with Defender for Cloud

While containers have revolutionized modern software development, the complexity of dependencies in containerized environments and the expanded attack surface they present are still significant hurdles for security professionals. The initial step in securing these environments involves identifying vulnerabilities within container images. Yet, the most time-consuming task can often be identifying the right development team to […]

Bridging the Gap Between Code and Cloud with Defender for Cloud Continue Reading

Securing DevOps with Microsoft’s CNAPP: Defender for Cloud

As the landscape of DevOps continues to expand and confront increasingly sophisticated security threats, the need for proactive attack surface reduction measures has never been more critical. To enhance DevOps security and prevent attacks, Defender for Cloud, a Cloud Native Application Protection Platform (CNAPP), is enabling customers with new capabilities: DevOps Environment Posture Management, Code

Securing DevOps with Microsoft’s CNAPP: Defender for Cloud Continue Reading

High severity curl vulnerability: prepare with Microsoft Defender for Cloud

On October 3rd, high severity vulnerabilities in curl were preannounced. The curl project has announced that curl8.4.0 has now been released, earlier than expected. Two vulnerabilities have now been disclosed: high-severity CVE-2023-38545 and low-severity CVE-2023-38546.   curl is a popular command-line tool and library (libcurl) used to transfer data across network protocols using URL syntax. The

High severity curl vulnerability: prepare with Microsoft Defender for Cloud Continue Reading

Defender for APIs Better Together with Azure Web Application Firewall and Azure API Management

Under the Microsoft Defender for Cloud umbrella, Microsoft Defender for APIs, offers protection for APIs at every stage of their lifecycle. This service enhances the protections from Web Application Firewalls and API Gateways, resulting in a comprehensive security framework for API endpoints. In this article, we’ll dive deeper into how Defender for APIs augments the

Defender for APIs Better Together with Azure Web Application Firewall and Azure API Management Continue Reading

Validating Microsoft Defender for APIs Alerts

Introduction Microsoft Defender for APIs, a new plan in Defender for Cloud, offers full lifecycle protection, detection, and response coverage for APIs published in Azure API Management. One of the main capabilities is the ability to detect exploits of the OWASP API Top 10 vulnerabilities through runtime observations of anomalies using machine learning-based and rule-based

Validating Microsoft Defender for APIs Alerts Continue Reading