Sweet Blog
Understanding the New Vulnerabilities on Linux’s CUPS: What You Should Know
Yesterday, a new set of vulnerabilities (CVE-2024-47076, CVE-2024-47175/6/7) was discovered on Linux’s Common UNIX Printing System (CUPS). These flaws affect multiple CUPS components, including libcupsfilters, libppd, cups-browsed, and cups-filters, and they pose the risk of remote code execution (RCE) on vulnerable Linux machines. How the Vulnerability is Exploited The primary vulnerability involves the cups-browsed service, […]
Spotlight on Sweet Security’s Advanced Identity Threat Detection and Response
Managing secrets and identities is crucial to maintaining a secure environment as attackers are leveraging credentials to exploit cloud systems. One exposed secret or an unmanaged identity can be the “open door” that an attacker exploits, risking your entire infrastructure. Sweet Security’s identities capability delivers a comprehensive solution that enhances visibility, improves risk management, and […]
Sweet Security’s Vulnerabilities Hub: End-to-End Vulnerability Lifecycle Management
In recent months, Sweet has expanded its features within the realm of Cloud Vulnerability Management to include the following new capabilities: Scanning images for vulnerabilities Managing vulnerable functions Streamlining vulnerabilities based on package reputation Adhering to compliance with an SBOM These new enhancements are now available in tandem with our existing vulnerability management capabilities, […]
Sweet Security Introduces AI Response Playbooks
Sweet is thrilled to announce a new feature: AI Response Playbooks. This groundbreaking capability is now available on the Sweet Security platform, giving teams the confidence they need to investigate and intervene on every incident. The Challenge: Rapid Response in a Complex Cloud Environment Security teams struggle to respond quickly and effectively to sophisticated cloud […]
Welcome to CandyStore: Sweet Security’s Open Source Key-Value Storage
We’re excited to announce that Sweet Security has officially released CandyStore – an extremely fast open source key-value store, with a very low memory footprint. Why We Created CandyStore It’s not every day that a cyber security company develops its own database (or its little cousin, a key-value store), but Sweet is not your average […]
Manage CIS Compliance Across Your Workloads and Clusters
Ensuring your Kubernetes environment adheres to established security standards is crucial for maintaining a secure and compliant infrastructure. One of the most respected standards in this space is the CIS (Center for Internet Security) Kubernetes Benchmark. This benchmark provides best practices and guidelines to help organizations secure their Kubernetes deployments. Sweet Security has added a […]
Introducing Connection Analysis: Unveiling Hidden Network Insights
As cloud environments grow in complexity, having a clear view of the intricate relationships between cloud assets across your infrastructure is not just a luxury—it’s a necessity. That’s why we’re so excited to announce Sweet’s latest feature: Connection Analysis. Connection Analysis provides unparalleled visibility into your cloud network, offering detailed insights into every connection within […]
The Need for Runtime Protection in Cloud Security
The benefits of rich cloud environments are widely known, but their complexity has blurred the lines between infrastructure and application layers. The traditional security approach has been to address either infrastructure or application incidents independently. However, this fragmented strategy has proven inadequate, allowing attackers to exploit gaps between these layers to evade detection. As cloud […]
Enhance SBOMs with Runtime Security Insights
We are excited to introduce the latest addition to Sweet’s security platform: the Runtime SBOM (Software Bill of Materials). This groundbreaking feature offers a detailed view of all the packages in use within your environment, coupled with critical security insights. Feature Highlights Comprehensive Package Inventory: Get a complete list of all packages in use across […]
Practical Ways to Thwart Non-Human Identity Attacks
Managing non-human identities (NHIs) has become a paramount challenge for security teams. These identities, ranging from automated scripts and service accounts to IoT devices and third-party integrations, present a unique and often overlooked attack vector that can compromise an organization’s entire security structure. Let’s delve into why NHIs are such a critical challenge and how […]
Defending Against the Latest Ghostscript Vulnerability (CVE-2024-29510)
Bleeping Computer has recently reported on a new vulnerability within Ghostscipt, a widely used library for handling PostScript and PDF files. For those who process documents, especially ones provided by third parties, this vulnerability poses a serious threat as attackers are already exploiting this flaw. Because the vulnerability can lead to remote code execution (RCE), […]
Customized Rules for Enhanced Threat Detection and Response
Sweet is excited to announce our new custom rules detection capability for CDR and ADR, which allows users to build customized rules according to their specific threat landscape. Easily create custom rules or exclude findings within a minute, without using complex query language, through a selection of predefined options: Generate New Custom Findings: Create a […]
Responding to the CVE-2024-6387 (RegreSSHion) Vulnerability
What is CVE-2024-6387? Qualys research has discovered a critical Remote Code Execution (RCE) vulnerability, CVE-2024-6387, that has resurfaced in OpenSSH, affecting all public-facing Linux servers open on port 22. This regression, initially fixed in 2006, revolves around the use of functions that are unsafe in the context of signal handlers, and may potentially lead to […]
Introducing Sweet Security for Hybrid Cloud Environments
Sweet Security is thrilled to announce comprehensive support for on-premises and private cloud environments. This expansion enhances our existing capabilities for all major cloud platforms—Azure, AWS, and GCP—and virtual machines (VMs) such as AWS EC2s, Google Compute Engine, and Azure Virtual Machines. Enhancing Cloud Application Security with Support for Hybrid Environments Application environments are complex. […]
From a Snowflake to a Snowball: How to Detect and Stop Impersonation Attacks
Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.
Of XZ and Unknown Unknowns
Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.
How Transitioning from Military CISO to Startup CEO Made me a Better Leader
Transitioning from IDF's CISO to a startup CEO is no easy task. Sharing my experiences and thoughts on this unusual shift.
The Cloud Security Alphabet Soup
One complaint I often hear from stakeholders across the cloud security ecosystem is that there are way too many overlapping acronyms in cloud security. It’s confusing for buyers and counterproductive for the industry. Even worse, companies have deployed an alphabet soup of products, yet they are still exposed. Something’s got to give.
Cloud Security Predictions – 2024
Just like New Year’s resolutions, predictions are a rite of passage, an opportunity for us to take stock of our hopes and concerns for the coming year.
Secure Cloud Migration – Lift, Adapt, and Shift… Right!
Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.