• Securing Assets and Applications in the Cloud

    In our recent blog, Cloud Security: Who is Responsible for What?, we focused on the idea of shared responsibility in cloud environments; with IaaS/PaaS, the customer is responsible for everything above the hypervisor, while the cloud vendor takes responsibility for …

  • Passwords Don’t Have to Be the “Enemy of Security”

    The headline of an Ars Technica article on password rotation recently caught my attention, “Frequent Password Changes are the Enemy of Security.” The article, which highlights a BSides Las Vegas keynote by FTC Chief Technologist Lorrie Cranor, explains that contrary …

  • Citadel Malware Targets Password Management Applications

    By Lavi Lazarovitz Faced with the prospect of remembering passwords for multiple websites and offline applications, people are increasingly using password managers so they don’t have to remember their credentials. While a significant convenience, they also represent a valuable target …