Sweet Blog

Browse:

    Feature Release

    Introducing Sweet Security for Hybrid Cloud Environments

    Sweet Security is thrilled to announce comprehensive support for on-premises and private cloud environments. This expansion enhances our existing capabilities for all major cloud platforms—Azure, AWS, and GCP—and virtual machines (VMs) such as AWS EC2s, Google Compute Engine, and Azure Virtual Machines. Enhancing Cloud Application Security with Support for Hybrid Environments Application environments are complex. […]

    Lea Edelstein | 2 min read
    Read More
    Introducing Sweet Security for Hybrid Cloud Environments
    Browse:
    Practical Ways to Thwart Non-Human Identity Attacks
    Runtime Security

    Practical Ways to Thwart Non-Human Identity Attacks

    Managing non-human identities (NHIs) has become a paramount challenge for security teams. These identities, ranging from automated scripts and service accounts to IoT devices and third-party integrations, present a unique and often overlooked attack vector that can compromise an organization’s entire security structure.  Let’s delve into why NHIs are such a critical challenge and how […]

    Sarah Elkaim | 4 min read
    Read More
    Defending Against the Latest Ghostscript Vulnerability (CVE-2024-29510)
    Security Research

    Defending Against the Latest Ghostscript Vulnerability (CVE-2024-29510)

    Bleeping Computer has recently reported on a new vulnerability within Ghostscipt, a widely used library for handling PostScript and PDF files. For those who process documents, especially ones provided by third parties, this vulnerability poses a serious threat as attackers are already exploiting this flaw. Because the vulnerability can lead to remote code execution (RCE), […]

    Sarah Elkaim | 2 min read
    Read More
    Customized Rules for Enhanced Threat Detection and Response
    Feature Release

    Customized Rules for Enhanced Threat Detection and Response

    Sweet is excited to announce our new custom rules detection capability for CDR and ADR, which allows users to build customized rules according to their specific threat landscape.  Easily create custom rules or exclude findings within a minute, without using complex query language, through a selection of predefined options: Generate New Custom Findings: Create a […]

    Or Harel | 5 min read
    Read More
    Responding to the CVE-2024-6387 (RegreSSHion) Vulnerability
    Security Research

    Responding to the CVE-2024-6387 (RegreSSHion) Vulnerability

    What is CVE-2024-6387? Qualys research has discovered a critical Remote Code Execution (RCE) vulnerability, CVE-2024-6387, that has resurfaced in OpenSSH, affecting all public-facing Linux servers open on port 22. This regression, initially fixed in 2006, revolves around the use of functions that are unsafe in the context of signal handlers, and may potentially lead to […]

    Sarah Elkaim | 2 min read
    Read More
    Introducing Sweet Security for Hybrid Cloud Environments
    Feature Release

    Introducing Sweet Security for Hybrid Cloud Environments

    Sweet Security is thrilled to announce comprehensive support for on-premises and private cloud environments. This expansion enhances our existing capabilities for all major cloud platforms—Azure, AWS, and GCP—and virtual machines (VMs) such as AWS EC2s, Google Compute Engine, and Azure Virtual Machines. Enhancing Cloud Application Security with Support for Hybrid Environments Application environments are complex. […]

    Lea Edelstein | 2 min read
    Read More
    From a Snowflake to a Snowball: How to Detect and Stop Impersonation Attacks
    Cloud Security

    From a Snowflake to a Snowball: How to Detect and Stop Impersonation Attacks

    Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.

    Sarah Elkaim | 4 min read
    Read More
    Of XZ and Unknown Unknowns
    Cloud Security

    Of XZ and Unknown Unknowns

    Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.

    Tomer Filiba | 4 min read
    Read More
    How Transitioning from Military CISO to Startup CEO Made me a Better Leader
    Cloud Security

    How Transitioning from Military CISO to Startup CEO Made me a Better Leader

    Transitioning from IDF's CISO to a startup CEO is no easy task. Sharing my experiences and thoughts on this unusual shift.

    Dror Kashti | 4 min read
    Read More
    The Cloud Security Alphabet Soup
    Cloud Security

    The Cloud Security Alphabet Soup

    One complaint I often hear from stakeholders across the cloud security ecosystem is that there are way too many overlapping acronyms in cloud security. It’s confusing for buyers and counterproductive for the industry. Even worse, companies have deployed an alphabet soup of products, yet they are still exposed. Something’s got to give.

    Dror Kashti | 3 min read
    Read More
    Cloud Security Predictions – 2024
    Cloud Security

    Cloud Security Predictions – 2024

    Just like New Year’s resolutions, predictions are a rite of passage, an opportunity for us to take stock of our hopes and concerns for the coming year.

    Eyal Fisher | 3 min read
    Read More
    Secure Cloud Migration – Lift, Adapt, and Shift… Right!
    Cloud Security

    Secure Cloud Migration – Lift, Adapt, and Shift… Right!

    Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.

    Dror Kashti | 3 min read
    Read More