Blog Home

Reactive vs. Proactive Security: Which Is Better?.
SecurityTrails Blog · May 25 · by Sara Jelen

Reactive vs. Proactive Security: Which Is Better?

As networks and technology rapidly evolve, many organizations face the challenges of expanding their attack surface. A truly successful approach to dealing with these challenges involves multiple layers of protection that encompass networks, devices, data and people. And to add more fuel to issues brought on by technology and security sprawl growth, malicious actors are constantly working on new techniques, tools and methods to execute attacks on organizations’ data.

Shadow IT and Its Security Risks - Managing the Unseen.
SecurityTrails Blog · May 18 · by Sara Jelen

Shadow IT and Its Security Risks - Managing the Unseen

Cloud computing is beneficial. Many organizations already know this and are reaping the benefits cloud adoption has brought them: reduced IT costs, scalability, collaboration efficiency and, above all else, flexibility in accessing storage and software to meet their needs. Users can now more easily engage services and solutions that will make their everyday jobs easier.

Top 10 Cloud Security Threats and How to Mitigate Them.
SecurityTrails Blog · Feb 02 · by Sara Jelen

Top 10 Cloud Security Threats and How to Mitigate Them

One thing’s for sure: cloud adoption is going mainstream. It’s grown increasingly obvious that cloud computing has continuously transformed the way organizations of all sizes access, store and share data, thanks to its many benefits of rapid deployment, flexibility, low costs and scalability. But its interconnectedness and many other advantages aren’t the only things cloud computing has brought along with it—security challenges are emerging in today’s cloud era.

Attack Surface Monitoring: Definition, Benefits and Best Practices.
SecurityTrails Blog · Jan 19 · by Sara Jelen

Attack Surface Monitoring: Definition, Benefits and Best Practices

The firewall, IDSs, EDR platforms and proxies are your first line of defence. They’re the locks to your entire network, and your scanners are the security cameras that allow you to see what goes on inside. And while these security controls traditionally help to achieve a decent security posture, the threat landscape is rapidly and constantly changing—along with your attack surface.

Top 5 Tips for Securing Your Dev & Test Environments, and Why You Should.
SecurityTrails Blog · Jan 07 · by Gianni Perez

Top 5 Tips for Securing Your Dev & Test Environments, and Why You Should

In his seminal work, The Mythical Man-Month, Frederick Brooks Jr. tells us that software development is homologous to a tar pit where many efforts flounder regardless of the appealing nature of the task or the relative tractability of the underlying physical medium. In what he calls one of the “woes of the craft”, the author goes on to explain that the pervasive optimism among programmers regarding the conception of a software project is rarely maintained after we take into account the set of complex interdependencies commensurate with others’ skills and objectives.

Infrastructure as Code: Is It as Secure as It Seems?.
SecurityTrails Blog · Dec 30 2020 · by Esteban Borges

Infrastructure as Code: Is It as Secure as It Seems?

Alongside the rise of public clouds, managing the infrastructure of private clouds has never been easier. Tools like Terraform are available, but increasing dependence on them means it’s necessary to understand the security implications they present. After all, your entire infrastructure is dependent on, and accessible through, such a configuration—it’s essentially infrastructure as code, or “IAC”, passed through a tool like Terraform.

Attack Surface Management: You Can't Secure What You Can't See.
SecurityTrails Blog · Dec 29 2020 · by Sara Jelen

Attack Surface Management: You Can’t Secure What You Can’t See

A report from 2016 predicted that 30% of all data breaches by 2020 will be the result of shadow IT resources: systems, devices, software, apps and services that aren’t approved, and in use without the organization’s security team’s knowledge. But shadow IT isn’t the only area where security and IT teams face issues with tracking and visibility.