By now we’re all aware of the breach at Capital One, which affected nearly 106 million U.S. and Canadian residents, due to an attacker bypassing a web application firewall (WAF) Capital One was using as part of its operations in the cloud. In a nutshell, the attacker was able to trick the WAF into sharing credentials with access to Capital One’s AWS operations, thus leading to the data breach. The WAF possessed excessive permissions – enough to view and copy information behind it in AWS S3 buckets.

Specifically, consensus has emerged that this is a Server-Side Request Forgery (SSRF) attack. Our aim here is not to conduct an attack post-mortem but rather think about how to best move forward. For a thorough, digestible review of the attack, please read Brian Krebs' excellent write up.

This article was originally published on bio-itworld.com.

When it comes to cybersecurity needs and policies, the biotech and pharma industries need to secure and protect their most valuable assets like every other industry. What makes them unique, however, is that while protecting a company’s data is important to any industry, this information (i.e. research) is the biotech or pharma company in question—it’s their lifeblood and is the foundation for everything they do.

This article was originally published on Forbes.com.

Flat networks have become so prevalent because they are typically simple to architect, cheap to construct and easy to operate and maintain. However, it turns out that malicious actors love flat networks, too. That's because once a single host on a flat network has been compromised, the integrity of the rest of the network starts to resemble a house of cards. Once an enterprise is penetrated, the flat network delivers the uninvited and unwelcome guest unfettered network access to scan, identify and target high-value assets. Unfortunately, many organizations fail to mitigate or even fully recognize these risks.

It's that time of year again so I took some time to reflect back on 2018 and what we can expect to ring true in 2019. I've boiled it down to two predictions. The first takes an introspective view into the organizations we're all ultimately tasked with protecting. The second takes an outward-facing view that acknowledges that enterprises are part of a broader business ecosystem, and with that comes upstream and downstream risk. 

In this post, I explain the various factors in calculating the Illumio Vulnerability Exposure Score (VES), which allows organizations to combine industry-standard vulnerability scoring measurements with context from their own unique environment. The VES also helps security professionals prioritize security controls to minimize the exposure of the attack surface and potential impact of vulnerabilities.