Sweet Blog

Browse:

    Feature Release

    Defending Against SSRF Attacks in Cloud Native Applications

    A Server-Side Request Forgery (SSRF) attack occurs when an attacker tricks a server into making requests to other internal or external services on behalf of the server itself. This can lead to unauthorized access to sensitive data, exploitation of internal systems, and even full system takeover.  At Sweet Security, we’ve seen a surge in SSRF […]

    Sarah Elkaim | 4 min read
    Read More
    Defending Against SSRF Attacks in Cloud Native Applications
    Browse:
    Sweet Security is Now Available on the AWS Marketplace
    Sweet News

    Sweet Security is Now Available on the AWS Marketplace

    Sweet Security is proud to announce its comprehensive Cloud Native Detection and Response platform is now available on the AWS Marketplace, enabling security teams to cut cloud MTTR by 90%. Sweet brings its unique approach to cloud security, leveraging AWS infrastructure and services to offer customers cloud runtime protection and threat detection and response across […]

    Sarah Elkaim | 2 min read
    Read More
    Defending Against SSRF Attacks in Cloud Native Applications
    Feature Release

    Defending Against SSRF Attacks in Cloud Native Applications

    A Server-Side Request Forgery (SSRF) attack occurs when an attacker tricks a server into making requests to other internal or external services on behalf of the server itself. This can lead to unauthorized access to sensitive data, exploitation of internal systems, and even full system takeover.  At Sweet Security, we’ve seen a surge in SSRF […]

    Sarah Elkaim | 4 min read
    Read More
    Understanding the New Vulnerabilities on Linux’s CUPS: What You Should Know
    Cloud Security

    Understanding the New Vulnerabilities on Linux’s CUPS: What You Should Know

    Yesterday, a new set of vulnerabilities (CVE-2024-47076, CVE-2024-47175/6/7) was discovered on Linux’s Common UNIX Printing System (CUPS). These flaws affect multiple CUPS components, including libcupsfilters, libppd, cups-browsed, and cups-filters, and they pose the risk of remote code execution (RCE) on vulnerable Linux machines. How the Vulnerability is Exploited The primary vulnerability involves the cups-browsed service, […]

    Tomer Filiba | 3 min read
    Read More
    Spotlight on Sweet Security’s Advanced Identity Threat Detection and Response
    Feature Release

    Spotlight on Sweet Security’s Advanced Identity Threat Detection and Response

    Managing secrets and identities is crucial to maintaining a secure environment as attackers are leveraging credentials to exploit cloud systems. One exposed secret or an unmanaged identity can be the “open door” that an attacker exploits, risking your entire infrastructure. Sweet Security’s identities capability delivers a comprehensive solution that enhances visibility, improves risk management, and […]

    Lea Edelstein | 6 min read
    Read More
    Sweet Security’s Vulnerabilities Hub: End-to-End Vulnerability Lifecycle Management
    Sweet Product

    Sweet Security’s Vulnerabilities Hub: End-to-End Vulnerability Lifecycle Management

    In recent months, Sweet has expanded its features within the realm of Cloud Vulnerability Management to include the following new capabilities: Scanning images for vulnerabilities   Managing vulnerable functions  Streamlining vulnerabilities based on package reputation  Adhering to compliance with an SBOM   These new enhancements are now available in tandem with our existing vulnerability management capabilities, […]

    Or Harel | 4 min read
    Read More
    Sweet Security Introduces AI Response Playbooks
    Sweet Product

    Sweet Security Introduces AI Response Playbooks

    Sweet is thrilled to announce a new feature: AI Response Playbooks. This groundbreaking capability is now available on the Sweet Security platform, giving teams the confidence they need to investigate and intervene on every incident. The Challenge: Rapid Response in a Complex Cloud Environment Security teams struggle to respond quickly and effectively to sophisticated cloud […]

    Or Harel | 3 min read
    Read More
    Welcome to CandyStore: Sweet Security’s Open Source Key-Value Storage
    Security Research

    Welcome to CandyStore: Sweet Security’s Open Source Key-Value Storage

    We’re excited to announce that Sweet Security has officially released CandyStore – an extremely fast open source key-value store, with a very low memory footprint. Why We Created CandyStore It’s not every day that a cyber security company develops its own database (or its little cousin, a key-value store), but Sweet is not your average […]

    Tomer Filiba | 2 min read
    Read More
    Manage CIS Compliance Across Your Workloads and Clusters
    Sweet Product

    Manage CIS Compliance Across Your Workloads and Clusters

    Ensuring your Kubernetes environment adheres to established security standards is crucial for maintaining a secure and compliant infrastructure. One of the most respected standards in this space is the CIS (Center for Internet Security) Kubernetes Benchmark. This benchmark provides best practices and guidelines to help organizations secure their Kubernetes deployments. Sweet Security has added a […]

    Lea Edelstein | 2 min read
    Read More
    Introducing Connection Analysis: Unveiling Hidden Network Insights
    Feature Release

    Introducing Connection Analysis: Unveiling Hidden Network Insights

    As cloud environments grow in complexity, having a clear view of the intricate relationships between cloud assets across your infrastructure is not just a luxury—it’s a necessity. That’s why we’re so excited to announce Sweet’s latest feature: Connection Analysis.  Connection Analysis provides unparalleled visibility into your cloud network, offering detailed insights into every connection within […]

    Lea Edelstein | 4 min read
    Read More
    The Need for Runtime Protection in Cloud Security
    Cloud Security

    The Need for Runtime Protection in Cloud Security

    The benefits of rich cloud environments are widely known, but their complexity has blurred the lines between infrastructure and application layers. The traditional security approach has been to address either infrastructure or application incidents independently. However, this fragmented strategy has proven inadequate, allowing attackers to exploit gaps between these layers to evade detection. As cloud […]

    Sarah Elkaim | 4 min read
    Read More
    Enhance SBOMs with Runtime Security Insights
    Feature Release

    Enhance SBOMs with Runtime Security Insights

    We are excited to introduce the latest addition to Sweet’s security platform: the Runtime SBOM (Software Bill of Materials). This groundbreaking feature offers a detailed view of all the packages in use within your environment, coupled with critical security insights. Feature Highlights Comprehensive Package Inventory: Get a complete list of all packages in use across […]

    Lea Edelstein | 2 min read
    Read More
    Practical Ways to Thwart Non-Human Identity Attacks
    Runtime Security

    Practical Ways to Thwart Non-Human Identity Attacks

    Managing non-human identities (NHIs) has become a paramount challenge for security teams. These identities, ranging from automated scripts and service accounts to IoT devices and third-party integrations, present a unique and often overlooked attack vector that can compromise an organization’s entire security structure.  Let’s delve into why NHIs are such a critical challenge and how […]

    Sarah Elkaim | 4 min read
    Read More
    Defending Against the Latest Ghostscript Vulnerability (CVE-2024-29510)
    Security Research

    Defending Against the Latest Ghostscript Vulnerability (CVE-2024-29510)

    Bleeping Computer has recently reported on a new vulnerability within Ghostscipt, a widely used library for handling PostScript and PDF files. For those who process documents, especially ones provided by third parties, this vulnerability poses a serious threat as attackers are already exploiting this flaw. Because the vulnerability can lead to remote code execution (RCE), […]

    Sarah Elkaim | 2 min read
    Read More
    Customized Rules for Enhanced Threat Detection and Response
    Feature Release

    Customized Rules for Enhanced Threat Detection and Response

    Sweet is excited to announce our new custom rules detection capability for CDR and ADR, which allows users to build customized rules according to their specific threat landscape.  Easily create custom rules or exclude findings within a minute, without using complex query language, through a selection of predefined options: Generate New Custom Findings: Create a […]

    Or Harel | 5 min read
    Read More
    Responding to the CVE-2024-6387 (RegreSSHion) Vulnerability
    Security Research

    Responding to the CVE-2024-6387 (RegreSSHion) Vulnerability

    What is CVE-2024-6387? Qualys research has discovered a critical Remote Code Execution (RCE) vulnerability, CVE-2024-6387, that has resurfaced in OpenSSH, affecting all public-facing Linux servers open on port 22. This regression, initially fixed in 2006, revolves around the use of functions that are unsafe in the context of signal handlers, and may potentially lead to […]

    Sarah Elkaim | 2 min read
    Read More
    Introducing Sweet Security for Hybrid Cloud Environments
    Feature Release

    Introducing Sweet Security for Hybrid Cloud Environments

    Sweet Security is thrilled to announce comprehensive support for on-premises and private cloud environments. This expansion enhances our existing capabilities for all major cloud platforms—Azure, AWS, and GCP—and virtual machines (VMs) such as AWS EC2s, Google Compute Engine, and Azure Virtual Machines. Enhancing Cloud Application Security with Support for Hybrid Environments Application environments are complex. […]

    Lea Edelstein | 2 min read
    Read More
    From a Snowflake to a Snowball: How to Detect and Stop Impersonation Attacks
    Cloud Security

    From a Snowflake to a Snowball: How to Detect and Stop Impersonation Attacks

    Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.

    Sarah Elkaim | 4 min read
    Read More
    Of XZ and Unknown Unknowns
    Cloud Security

    Of XZ and Unknown Unknowns

    Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.

    Tomer Filiba | 4 min read
    Read More
    How Transitioning from Military CISO to Startup CEO Made me a Better Leader
    Cloud Security

    How Transitioning from Military CISO to Startup CEO Made me a Better Leader

    Transitioning from IDF's CISO to a startup CEO is no easy task. Sharing my experiences and thoughts on this unusual shift.

    Dror Kashti | 4 min read
    Read More
    The Cloud Security Alphabet Soup
    Cloud Security

    The Cloud Security Alphabet Soup

    One complaint I often hear from stakeholders across the cloud security ecosystem is that there are way too many overlapping acronyms in cloud security. It’s confusing for buyers and counterproductive for the industry. Even worse, companies have deployed an alphabet soup of products, yet they are still exposed. Something’s got to give.

    Dror Kashti | 3 min read
    Read More
    Cloud Security Predictions – 2024
    Cloud Security

    Cloud Security Predictions – 2024

    Just like New Year’s resolutions, predictions are a rite of passage, an opportunity for us to take stock of our hopes and concerns for the coming year.

    Eyal Fisher | 3 min read
    Read More
    Secure Cloud Migration – Lift, Adapt, and Shift… Right!
    Cloud Security

    Secure Cloud Migration – Lift, Adapt, and Shift… Right!

    Migrating to the cloud is a lot more than just "lift and shift". It requires cross-organizational adaptation, and a comprehensive view - from left to right.

    Dror Kashti | 3 min read
    Read More