CyberSecurity news
FlagThis - #protection
|
@Cloud Security Alliance
//
Amazon Web Services (AWS) is actively enhancing its security measures to empower customers with robust active defense capabilities. AWS utilizes internal active defense systems like MadPot, which are global honeypots, Mithra, a domain graph neural network, and Sonaris, which handles network mitigations. These systems are continuously improving to detect and help prevent attacks related to malware, software vulnerabilities, and AWS resource misconfigurations, benefiting customers automatically through the AWS network. AWS also employs strategies to identify, track, and disrupt threat infrastructure by analyzing network traffic logs, honeypot interactions, and malware samples.
CrowdStrike and AWS have joined forces to simplify security incident response for cloud environments. This collaboration includes launching a new managed service integrated directly into the AWS console, aiming to provide seamless security operations. The integration is designed to enable faster and easier incident response, allowing for more efficient handling of security threats and breaches within cloud infrastructures. This partnership seeks to address the growing need for streamlined security management in complex cloud environments. 1Password and AWS have formed a strategic alliance to enhance the security of AI and cloud environments for enterprises. This collaboration focuses on providing AI-era security tools to protect unmanaged devices and applications, addressing the "Access-Trust Gap." Contracts sold through AWS average four times larger than typical deals, with win rates exceeding 50 percent. 1Password, traditionally a consumer-focused password manager, has transformed into an enterprise security platform serving one-third of Fortune 100 companies, driven by the increasing demand for security tools capable of monitoring and controlling AI agents and unauthorized applications.
Share:
References :
Classification:
@owaspai.org
//
The Open Worldwide Application Security Project (OWASP) is actively shaping the future of AI regulation through its AI Exchange project. This initiative fosters collaboration between the global security community and formal standardization bodies, driving the creation of AI security standards designed to protect individuals and businesses while encouraging innovation. By establishing a formal liaison with international standardization organizations like CEN/CENELEC, OWASP is enabling its vast network of security professionals to directly contribute to the development of these crucial standards, ensuring they are practical, fair, and effective.
OWASP's influence is already evident in the development of key AI security standards, notably impacting the AI Act, a European Commission initiative. Through the contributions of experts like Rob van der Veer, who founded the OWASP AI Exchange, the project has provided significant input to ISO/IEC 27090, the global standard on AI security guidance. The OWASP AI Exchange serves as an open-source platform where experts collaborate to shape these global standards, ensuring a balance between strong security measures and the flexibility needed to support ongoing innovation. The OWASP AI Exchange provides over 200 pages of practical advice and references on protecting AI and data-centric systems from threats. This resource serves as a bookmark for professionals and actively contributes to international standards, demonstrating the consensus on AI security and privacy through collaboration with key institutes and Standards Development Organizations (SDOs). The foundation of OWASP's approach lies in risk-based thinking, tailoring security measures to specific contexts rather than relying on a one-size-fits-all checklist, addressing the critical need for clear guidance and effective regulation in the rapidly evolving landscape of AI security.
Share:
References :
Classification:
|