[Part 1 of 2 – Based on an interview with Zscaler CSO Deepen Desai]

By Holger Schulze, Cybersecurity Insiders

The 2025 RSA Conference floor was buzzing earlier this month—every booth promising maximum security, every vendor claiming AI. But when I sat down with Deepen Desai in a quieter room to talk about secure access, he cut straight to the point: 

“VPNs are exposed by design,” he said. “And anything exposed is exploitable.”

Desai is the Chief Security Officer at Zscaler. He leads ThreatLabz, one of the most recognized research teams in cloud security. His team had just released the 2025 VPN Risk Report, an unflinching assessment of how legacy remote access infrastructure is failing the modern enterprise.

The numbers alone signal a turning point:

• 65% of organizations plan to eliminate VPNs within 12 months
• 81% are moving toward a Zero Trust architecture
• 92% are concerned that unpatched VPNs will lead to ransomware attacks

But those numbers weren’t the headline. The real story was what Desai said next.

“The problem with VPNs isn’t misconfiguration. It’s that they work exactly as designed—by placing users on the network. That’s the flaw.”

From Access to Attack Surface – The Blast Radius Is the Network

For years, VPNs served as the default answer to remote access. They were familiar, deployable, and “secure enough.” But the world they were built for no longer exists. And in today’s hybrid work and cloud-first environment, that familiarity is dangerous as they create tunnels from users into internal environments: because once authenticated, VPNs grant network-level access.

“VPNs don’t connect you to an application,” Desai explained. “They put you on the network—and once you’re there, the entire routing table is fair game.”

Between 2020 and 2025, Zscaler ThreatLabz tracked over 400 CVEs tied to VPN appliances as reported by the MITRE CVE Program. In 2024 alone, 60% of new VPN vulnerabilities were rated high or critical. These flaws allowed attackers to bypass authentication, execute code remotely, or hijack sessions outright. And the adversaries aren’t waiting around. 

And as Desai pointed out, attackers are often exploiting them faster than vendors can patch.

“We’ve seen ransomware groups reverse-engineer VPN vendor patches within hours of release,” he said. “They don’t need to wait for the next zero-day exploit. They just need to watch the update notes.”

Once inside, VPNs offer no built-in segmentation. No identity-aware access. No containment. 

We’ve seen this play out repeatedly. In the past 24 months, attacks targeting Citrix, Pulse Secure, and Ivanti VPNs forced urgent patch cycles, major outages, and—in at least one case— U.S. federal agencies were ordered to physically disconnect appliances to prevent a breach.

“When a government agency tells you to unplug your VPN device,” Desai said, “that’s not a security advisory. That’s an obituary.”

The Breach Blueprint: Four Stages of Exploitation

What makes VPNs so dangerous today is not just that they’re reachable—it’s what they enable after compromise. Desai broke it down like a blueprint, because that’s exactly how attackers see it:

1. Find an exposed VPN endpoint—scan the internet or query an LLM trained on CVE metadata.
2. Compromise the device—via credentials, phishing, or a known exploit.
3. Move laterally—because VPNs place you on the internal network with broad access.
4. Exfiltrate or encrypt—steal data or detonate ransomware.

“If your device is compromised,” Desai warned, “the blast radius is everything your VPN can reach on the network. And with most VPNs, that’s a lot.”

AI Is Changing the Rules—and Breaking the Old Model

Desai also emphasized that attackers aren’t just adapting to old defenses. They’re automating past them.

“We’re already seeing threat actors use AI to scale reconnaissance,” he said. “They use GPT models to query CVE databases, plan attacks, and generate working exploits faster than most teams can patch.”

In this new era, attackers no longer need weeks of manual research. They can run 1,000 automated scans, find the exposed systems, and strike—at scale.

“They don’t care about an 80% failure rate,” Desai added. “If 20 out of 100 attacks succeed, they win. But we can’t operate that way. We have to defend everything.”

And while defenders have AI too—risk scoring, anomaly detection, automated policy generation—Desai made it clear that defensive AI only works when the architecture is simplified.

“Use AI to fight AI,” he said. “But don’t rely on AI to clean up after a broken access model. You need Zero Trust first—because if your infrastructure is reachable, you’ve already lost.”

This is where Zero Trust does more than reduce risk. It removes visibility. It denies entry. It breaks the attacker’s playbook before they press ‘Enter.’

The Quiet Cost: Normalized Fragility, Institutional Risk

Desai’s view isn’t just about external threats. He pointed to what he called the “quiet failure” of VPNs: the day-to-day cost they impose on IT, security, and end users.

“We’ve normalized the fragility,” he told me. “Dropped sessions, sluggish performance, endless helpdesk tickets—it’s all seen as just the price of remote work. But it doesn’t have to be that way.”

According to the VPN risk report:

• 54% of teams say VPNs are a recurring source of outages or support escalations
• 41% call VPN maintenance a major drain on internal resources
• 51% of users report degraded application performance
• 23% say slowdowns directly impact their productivity

The problem isn’t just the VPN tunnel. It’s the architecture around it—one that demands constant patching, exposes public IPs, and assumes any authenticated user is trustworthy enough to be on the network.

“Security teams are stuck patching appliances,” Desai said. “Helpdesk teams are buried in tickets. Meanwhile, attackers are using AI to scale recon. It’s not a fair fight.”

Inheriting Risk: Third-Party and M&A Exposure

There’s another failure mode that Desai considers just as dangerous—and far less visible: VPNs as backdoors for third-party risk.

“If your contractors connect over VPN, you’re not just exposing your apps,” he said. “You’re inheriting whatever vulnerabilities exist in their environments.”

In one 2024 incident cited in the report, a financial services firm suffered a breach after attackers exploited a third-party VPN connection, exposing data from nearly 20,000 clients.

And the risk is amplified during mergers and acquisitions.

“Attackers monitor the news,” Desai said. “When an acquisition is announced, they target the smaller company. It’s lean, underprotected, and usually connected by VPN to the parent. That’s the bridge—and no one’s watching it.”

What Happens When the VPN Is Gone

So what does life after VPN actually look like?

Desai offered a clear example: ManpowerGroup, a global enterprise with over 30,000 users, fully transitioned from traditional VPN to Zscaler Private Access (ZPA)—in just 18 days.

The impact wasn’t just faster logins or simplified administration. It was architectural.

• No exposed IP addresses
• No lateral network access
• 97% reduction in helpdesk tickets related to remote access
• Application access based on identity and policy—not network level routing

“When you eliminate the idea of being ‘on the network,’” Desai said, “you eliminate the attacker’s playground.”

Coming Next: The End of VPNs —Beyond the Buzz of Zero Trust

In Part 2 of this series, we’ll go deeper into how Zero Trust replaces VPNs—not just in branding, but in architecture. We’ll walk through how Zscaler applies Zero Trust in practice, why identity—not subnet—is the new perimeter, and how organizations are using app-segmentation and deception to stop lateral movement before it starts.

Because the future of secure access isn’t about building safer tunnels. It’s about removing the need for VPN tunnels altogether.

The post The End of VPNs — Part 1: Why Reachability is the New Risk first appeared on Cybersecurity Insiders.

The post The End of VPNs — Part 1: Why Reachability is the New Risk appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/dvLqhG9
via IFTTT

In today’s sophistication driven world, ransomware attacks have become one of the most pervasive and damaging forms of cybercrime. These attacks, which involve hackers encrypting a victim’s data and demanding a ransom for its release, can cripple businesses, institutions, and individuals alike. 

According to recent statistics, ransomware attacks are on the rise, with cybercriminals employing more sophisticated techniques to extort victims. In light of this growing threat, businesses are looking for innovative ways to safeguard their critical data.

One solution that is gaining traction is immutable data storage. This technology provides a robust defense against ransomware by ensuring that data cannot be altered, encrypted, or deleted once it’s written. In the event of a ransomware attack, immutable storage acts as a critical line of defense, offering several unique benefits that can significantly reduce the impact of an attack.

What is Immutable Data Storage?

Immutable data storage refers to a data storage system in which information is made permanent and cannot be changed, deleted, or altered once it has been written. This immutability is typically achieved through features like write-once-read-many (WORM) protection or blockchain-based technologies. The idea is simple: data is locked down to prevent malicious actors from tampering with it, even if they gain access to the system.

In the context of ransomware, immutable storage acts as a safeguard against the encryption of critical files. Since attackers typically rely on being able to alter or delete data, immutable storage renders that attack vector useless, as the data remains untouchable.

Key Benefits of Immutable Data Storage in Ransomware Defense

1. Protection from Data Encryption

Ransomware attacks often involve encrypting the victim’s files, making them inaccessible without a decryption key, which is usually provided only after paying a ransom. With immutable data storage, once data is written to the storage medium, it cannot be encrypted or modified. This ensures that, even if attackers manage to infiltrate the system and deploy ransomware, the critical backup data remains unaffected and accessible.

For instance, if a company’s sensitive data and backup files are stored in an immutable format, they cannot be encrypted by ransomware, even if the main systems are compromised. The organization can then restore its data from the unaltered copies, without having to pay the ransom.

2. Data Integrity and Reliability

Immutable storage offers a high level of data integrity, ensuring that the data cannot be tampered with or corrupted. In the aftermath of a ransomware attack, this guarantees that businesses have access to a clean, unmodified version of their files. This reliability is crucial for maintaining business continuity, as it allows for a quicker and smoother recovery process.

For example, many organizations rely on backup systems to recover from cyberattacks, but if backups themselves are compromised or deleted, recovery becomes almost impossible. Immutable storage prevents this from happening, ensuring that backups remain secure and viable for recovery even in the worst-case scenario.

3. Increased Resilience to Insider Threats

While ransomware attacks are often associated with external cybercriminals, insider threats—such as disgruntled employees or compromised accounts—are also a significant risk. In such cases, malicious insiders may attempt to alter, delete, or encrypt critical data.

Immutable data storage, however, blocks any attempt to modify or delete data, even by trusted internal users. The security model ensures that data is always preserved in its original form, thereby mitigating the risks posed by insider threats.

4. Facilitating Regulatory Compliance

Many industries are subject to strict data protection regulations that require businesses to keep secure, unaltered copies of their data for specific periods. This is especially true for sectors like finance, healthcare, and legal services, where data integrity and availability are paramount. Immutable storage helps businesses meet these compliance requirements by ensuring that data is stored securely and cannot be tampered with, offering a clear audit trail in the event of an investigation.

By implementing immutable data storage solutions, organizations can demonstrate that they are following best practices for data security and regulatory compliance, protecting themselves from both legal and financial repercussions.

5. Cost-Effective and Fast Recovery

One of the biggest challenges of a ransomware attack is the cost of downtime and the expense of restoring data. Businesses may spend days or even weeks trying to recover from the attack, especially if they lack a reliable backup system. Immutable storage mitigates these recovery costs by ensuring that backup data remains intact and readily available.

In addition, since immutable storage prevents data modification or deletion, there is no need for costly and time-consuming efforts to verify the integrity of the backup. The data is already safe, reducing both recovery time and financial losses. This enables businesses to return to normal operations faster, minimizing the operational disruption that comes with ransomware attacks.

How Immutable Storage Works

To fully understand the effectiveness of immutable storage, it’s important to know how it operates in practice. There are two main approaches to implementing immutability:

1.Write Once, Read Many (WORM): WORM is a feature that locks down data once it’s written to a storage medium, making it read-only. Any subsequent attempts to modify, delete, or encrypt the data are blocked. Many modern cloud providers offer WORM-enabled storage as a feature in their backup and archival systems.

2.Blockchain Technology: Some organizations are exploring the use of blockchain technology to create immutable records of data. Blockchain provides a decentralized ledger where each block contains a cryptographic record of data that cannot be altered once it is added to the chain. This offers a tamper-proof system for storing important records, which could play a critical role in preventing ransomware attacks.

Conclusion: A Crucial Layer of Defense

As ransomware attacks continue to evolve in sophistication and frequency, businesses must explore every available defense to protect their critical data. Immutable data storage offers a powerful and proactive solution, helping organizations secure their data against modification, encryption, and deletion.

By implementing immutable storage, businesses can ensure that, in the event of a ransomware attack, they still have access to clean, unaltered backups for recovery. In a time when the cost of a successful ransomware attack can be devastating, adopting immutable storage is an investment in both security and peace of mind.

In the fight against cyber threats, immutability provides one of the most effective weapons available.

The post The Power of Immutable Data Storage in Defending Against Ransomware Attacks first appeared on Cybersecurity Insiders.

The post The Power of Immutable Data Storage in Defending Against Ransomware Attacks appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/vsEg4Qp
via IFTTT

Cary, North Carolina, May 13th, 2025, CyberNewsWire

Comprehensive Training Platform Delivers Solutions for AI Security, Cloud Management, and Incident Response Readiness.

Fresh from a high-impact presence at RSAC 2025, where INE Security welcomed thousands of visitors to its interactive booth at San Francisco’s Moscone Center, the global cybersecurity training and certification provider is addressing some of the top cybersecurity priorities emerging from the industry-leading event. As an exhibitor that engaged with both frontline practitioners and top-level decision makers, INE Security gained firsthand insights into organizations’ most pressing security challenges: the convergence of AI-driven threats, multi-cloud vulnerabilities, and increasingly sophisticated attack vectors. 

Four days of packed session tracks and face-to-face discussions with industry leaders pointed to a clear reality: a large majority of ransomware victims lack effective response plans, and even more security professionals have doubts about their organization’s readiness for zero-day attacks. INE Security is addressing how a comprehensive training platform directly addresses the five most critical security imperatives that dominated this year’s conference conversations.

Top 5 Cybersecurity Imperatives from RSAC 2025

1. AI Risk Management Becomes Business-Critical

AI security solutions dominated RSAC this year, signaling that as organizations adopt advanced response technologies, comprehensive training must keep pace. 72% of leaders report an increase in organizational cyber risks, with ransomware remaining a top concern, according to the World Economic Forum. Organizations deploying AI tools and Large Language Models discover their systems vulnerable to sophisticated exploits that can manipulate AI behaviors, leading to data breaches and system compromises. This shift demands immediate security expertise to protect AI implementations.

2. LLM Vulnerabilities Expose Enterprise Data

Large Language Models (LLMs) emerged as a flashpoint at RSAC, sparking debates on the risks and merits. Despite the variety of strong opinions, what is clear is that LLMs are here to stay. They represent a new frontier for cyber threats, with critical vulnerabilities emerging from AI training data, model manipulation, and prompt injection attacks. The cybersecurity community at RSAC 2025 identified this as one of the year’s most pressing concerns, with a large majority highlighting the advance of adversarial capabilities (such as phishing, malware development, and deep fakes) as their greatest concern regarding generative AI impact on cybersecurity. Organizations must understand and defend against these AI-specific attack vectors to protect their digital assets, creating new specialized job titles such as AI Security Analyst.

3. Multi-Cloud Environment Security Becomes Complex 

Across domains, cloud remains top of mind for industry executives. As businesses adopt multiple cloud platforms, security analysts face new challenges in maintaining consistent security postures across diverse environments. Research presented at RSAC 2025’s cloud security sessions by the Cloud Security Alliance found that although misconfigurations appear in a majority of real-world breaches, over 50% of organizations rate them as a low-to-moderate risk. This gap highlights a growing disconnect between perceived and actual risk in cloud deployments. Researchers emphasized that IAM hygiene is essential, as are regular audits of the security systems in place. 

4. Zero Trust Architecture Needs Proper Implementation 

While zero trust principles are widely recognized as essential, implementing them effectively across modern IT environments proves challenging. The RSAC 2025 conference theme “Many Voices. One Community” emphasized the need for unified approaches to security, including zero trust implementation. According to Zscaler’s ThreatLabz 2025 VPN Risk Report discussed at the conference, 81% of organizations plan to implement zero trust strategies within the next 12 months. Organizations struggle with identity management, access controls, and continuous verification across cloud services, remote workers, and interconnected systems, making it critical for companies to develop talent via cybersecurity certification programs.

5. Crisis Response Requires Comprehensive Preparedness 

When cyber attacks succeed, organizations must maintain critical operations while containing threats. RSAC 2025 sessions on rapid incident response highlighted critical gaps in preparedness, while the Microsoft Digital Defense Report found 76% of organizations which suffered ransomware attacks in 2024 lacked an effective response plan. The role of cybersecurity analyst has evolved to include crisis response capabilities, making effective training in incident management a critical skill. Real world scenario training, such as INE Security’s Skill Dive lab platform, helps build important muscle memory that becomes crucial during a crisis. 

Addressing the Challenges

“After engaging with hundreds of cybersecurity leaders at our booth and participating in thought-provoking discussions throughout RSAC 2025, these five priorities clearly represent fundamental shifts in how organizations must approach cybersecurity,” said Dara Warn, CEO of INE Security. “The conversations we had with practitioners and executives alike confirmed that traditional security approaches cannot adequately address AI vulnerabilities, multi-cloud complexities, or the sophisticated response requirements of modern cyber attacks.”

INE Security provides practical solutions for each critical area:

• AI Security Fundamentals: Training on securing AI systems, understanding LLM vulnerabilities, and implementing AI-specific security controls
• Advanced Cloud Security: Hands-on experience managing multiple-cloud environments, implementing proper configurations, and maintaining security across distributed platforms
• Zero Trust Implementation: Practical guidance on designing and deploying zero trust architecture with proper access controls and verification systems
• Crisis Management Training: Realistic incident response scenarios that prepare teams to maintain operations while containing security breaches
• Continuous Skill Development: Access to 700+ courses and 50+ learning paths, and preparation for credentials from CompTIA Security+ to advanced professional certificates that help secure environments from modern threats

“The energy and insights we gathered at RSAC 2025 reinforced our conviction that the complexity of modern cybersecurity demands organizations invest in comprehensive cybersecurity training,” added Warn. “Our comprehensive training and cybersecurity certification platform ensures teams develop the expertise needed to address these challenges effectively.”

About INE Security

INE Security is the premier provider of online networking and cybersecurity training and certification. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE Security’s suite of learning paths offers an incomparable depth of expertise across cybersecurity. The company is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career.

Contact

Kathryn Brown
INE Security
kbrown@ine.com

The post INE Security Alert: Top 5 Takeaways from RSAC 2025 first appeared on Cybersecurity Insiders.

The post INE Security Alert: Top 5 Takeaways from RSAC 2025 appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/hu4scHb
via IFTTT

Cloud storage has become an essential part of both personal and business data management. From saving family photos to managing sensitive corporate documents, cloud solutions offer convenience, scalability, and accessibility. However, with this increasing reliance on cloud services comes a critical question: Are cloud storage solutions 100% secure when it comes to cybersecurity?

The short answer is no—no system connected to the internet is ever entirely secure. But that doesn’t mean cloud storage is unsafe. In fact, most major cloud providers offer robust security features that make them safer than many on-premise systems. Still, understanding the limitations and risks is key to using cloud storage wisely.

The Security Advantages of Cloud Storage

Cloud storage providers like Google Drive, Microsoft OneDrive, Amazon Web Services (AWS), and Dropbox have made massive investments in security infrastructure. Some of the built-in advantages include:

• Encryption: Data is usually encrypted both in transit (as it moves across the internet) and at rest (while stored on servers). This means even if data is intercepted, it’s unreadable without the encryption keys.

• Redundancy and Backup: Cloud providers typically store data across multiple data centers and create backups to prevent data loss due to hardware failure or natural disasters.

• Access Controls: Most services offer multi-factor authentication (MFA), access management policies, and permission settings that help control who can view or edit files.

• Constant Monitoring: Leading providers employ cybersecurity professionals who monitor systems 24/7 to detect and respond to threats quickly.

Potential Security Risks

Despite these protections, cloud storage is not immune to cybersecurity threats. Some of the main vulnerabilities include:

•Human Error: Misconfigured settings, such as accidentally setting a folder to “public,” can expose sensitive data to the world. Many of the most publicized breaches were caused not by hacking, but by user mistakes.

• Account Compromise: If an attacker gains access to a user’s credentials through phishing, password reuse, or malware, they can access and potentially download or delete cloud data.

• Insider Threats: Employees or contractors with legitimate access to cloud systems can misuse their privileges, whether maliciously or accidentally.

• Service Outages or Breaches: While rare, cloud providers themselves are not completely immune to attacks or system failures. If a provider is breached, large volumes of user data could be at risk.

Shared Responsibility Model

A key concept in cloud security is the shared responsibility model. Cloud providers are responsible for securing the infrastructure (data centers, hardware, software), but users are responsible for securing their data and access points.

This means it’s up to individuals and organizations to:

•    Use strong, unique passwords and enable MFA

•    Regularly review permissions and access logs

•    Keep backups of critical data

•    Be vigilant against phishing and social engineering attacks

So, Is Cloud Storage Safe?

Cloud storage is generally very secure when used correctly, and in many cases, it’s safer than local storage solutions like USB drives or personal servers. However, no system is completely foolproof. Security depends not only on the provider’s technology but also on how users configure and manage their access.

For businesses handling sensitive data—such as healthcare records, financial information, or intellectual property—extra precautions like end-to-end encryption, data classification, and regulatory compliance (e.g., HIPAA, GDPR) are essential.

Final Thoughts

Cloud storage is a powerful and mostly secure tool in the modern digital ecosystem. While it offers many layers of protection, 100% security is a myth in any internet-connected environment. The best defense is a combination of trusted providers, good security practices, and ongoing vigilance.

In the cloud, convenience and security can go hand-in-hand—but only if both users and providers do their part.

The post Are Cloud Storage Solutions 100% Secure with Regards to Cybersecurity? first appeared on Cybersecurity Insiders.

The post Are Cloud Storage Solutions 100% Secure with Regards to Cybersecurity? appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/Qwcp4M1
via IFTTT

Traditional vulnerability and application security tools are failing in cloud-native environments. It’s not that these tools aren’t good at what they do. The fact is, they weren’t designed for the particular challenges presented by dynamic cloud environments. These tools rely on static snapshots – a container image at a specific point in time, for example. This makes it nearly impossible for these tools to consistently track ephemeral assets. As a result, security teams are overwhelmed by noise without clear risk prioritization or ownership visibility.

The challenge 

Consider the dynamic nature of cloud-native environments with their complex ephemeral asset infrastructures. These assets are moving targets that can disappear entirely from one version to the next. Security teams struggle to keep track of vulnerabilities, and so they turn to tooling to solve the problem. However, since scanning tools are limited to point-in-time snapshots, they cannot continuously track ephemeral assets across versions. 

This often leads to the use of numerous scanning tools which only adds to the challenge. Multiple, disparate reports result in fragmented and partial visibility and a lack of ownership continuity. Security teams end up wasting time triaging ephemeral findings that lack clear ownership or prioritization. Meanwhile, exploitation occurs faster than organizations can respond. 

Here are five key considerations for effective vulnerability management (VM) in cloud environments: 

1.  Dynamic Environments Require Continuous Discovery 

Cloud infrastructure—particularly in containerized or serverless settings—can quickly spin up, change, and terminate. Traditional moment-in-time scanning often overlooks these transient assets making it impossible for security teams to keep track of vulnerabilities. Without durable visibility across versions, these invisible risks become blind spots that attackers exploit. 

Teams should implement VM solutions that automatically discover and assess assets, ensuring new instances or containers don’t slip through the cracks. Consolidate vulnerability data from various sources into a single system for streamlined analysis and reporting. Continuous asset tracking, risk mapping, and deduplication strengthen security workflows. 

2.  Integrate VM into DevOps 

Cloud-native vulnerability management requires continuous, automated, and context-aware practices. Cloud ecosystems evolve rapidly. To keep up, security teams must integrate VM into DevOps pipelines which helps identify issues early and prevents insecure code from reaching production. At the same time, automating patch deployment and ticket creation reduces manual overhead and increases remediation. 

3.  Contextual Prioritization 

Cloud vulnerabilities vary significantly in their potential impact. For example, misconfigurations in cloud environments can present more significant risks than typical software vulnerabilities. Understanding these context-specific factors is critical to remediation efforts. Security teams should deploy VM tools that incorporate threat intelligence and business context to better assess and prioritize urgent issues.

4.  Compliance & Regulatory Requirements 

Compliance with industry regulations often requires proof of continuous scanning and remediation. A strong VM program that tracks cloud and infrastructure assets across deployments, deduplicates findings, and assigns ownership can help prioritize urgent vulnerabilities and fast-track remediation to meet compliance requirements. A single, unified VM solution can also automate reporting and alleviate time-intensive and duplicative processes. 

5. Scalability 

Scaling VM programs is not about deploying more tools. Instead, organizations should employ automated processes, risk-based prioritization, and integration with native cloud security services for efficient and scalable scanning. Take it one step further and make use of cloud-native vulnerability and exposure management solutions that consolidate cloud and application data in one unified platform to streamline and accelerate VM.

Cloud-native services and applications are among the fastest-growing attack surfaces, but their ephemeral, fast-changing nature introduces new security challenges. However, traditional scanning tools are not the answer. By integrating continuous discovery, risk-based prioritization, and automated remediation workflows, security teams can modernize their cloud VM programs and stay ahead of fast-moving threats. 

 

The post Why Traditional Vulnerability Management Fails in the Cloud first appeared on Cybersecurity Insiders.

The post Why Traditional Vulnerability Management Fails in the Cloud appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/Nx8Lbsm
via IFTTT