Dustin M.’s Post

Futuriom has a new look! Please check out this blog from our Founder Scott Raynovich explaining all the new features and the expansion of Cloud Tracker Pro! #cloudtrackerpro #cloudtechnology #cybersecurity #AIinfra https://lnkd.in/gNymr7J8

Developed by a team of visionaries, strategists, and developers from AWS, Google, Rubrik, Cohesity, Palo Alto Networks, and CrowdStrike, Bedrock Security is setting a new industry standard as the leading frictionless data security company. Read about the vision behind Bedrock and how it protects your data — via Help Net Security. https://lnkd.in/eJayzjqe #AI #cyberdefense #data #datasecurity #datasecurityposturemanagement #dspm #cloud #strategy #AIReasoning

Security best practices for the Databricks Data Intelligence Platform A defense-in-depth approach to stay ahead in data and AI security. #security #data #ai #cloud

Best practices for securing your Machine Learning (ML) solutions on GCP: Data Security: Encryption: Encrypt data at rest and in transit with strong algorithms like AES-256. Utilize Cloud Key Management Service (KMS) for key management and granular access control. Data Access Control: Implement Identity and Access Management (IAM) for fine-grained access control based on user roles and permissions. Consider Data Loss Prevention (DLP) policies to prevent unauthorized data exfiltration. Data Provenance and Lineage: Utilize Data Catalog to track data lineage and understand its origin and usage. Enable Cloud Audit Logging and BigQuery Audit Log for data access monitoring. Data Labeling: Use clear and descriptive labels for training data to mitigate bias and poisoning attacks. Model Security: Threat Modeling: Identify potential vulnerabilities like data poisoning, bias, and model manipulation. Implement adversarial training and input validation to address these threats. Secure Model Development and Deployment: Leverage Vertex AI for a secure environment for training and deploying your ML models. Utilize Vertex AI Workspaces for controlled access and collaboration. Continuous Monitoring: Monitor model performance for drift, bias, and security issues with Vertex AI Model Monitor and Cloud Security Command Center. Explainability: Employ Vertex Explainable AI (XAI) to understand model predictions and identify potential biases. Application Security: Least Privilege: Implement IAM for fine-grained access control to all GCP resources used by your application. API Security: Utilize Apigee API Platform for secure API access and management. Validate and sanitize user input to prevent injection attacks like XSS and RCE. Vulnerability Scanning: Regularly scan your application and underlying infrastructure for vulnerabilities with tools like Security Command Center. Patch vulnerabilities promptly. Web Application Firewall (WAF): Deploy Cloud Armor to protect your application from common web attacks like SQL injection and DDoS. Configure rules based on your application's specific needs. Additional Practices: Compliance: Align your security practices with relevant industry regulations like GDPR and HIPAA. Utilize tools like Security Command Center and Data Catalog for compliance assessments. Governance: Establish clear policies and procedures for managing ML solutions with frameworks like Google Cloud Security Posture Management. Security Awareness: Train employees involved in developing and using ML on security best practices. Specific considerations for Generative Models: Input validation: Sanitize user-generated text to prevent malicious code injection. Output filtering: Prevent the model from generating harmful or offensive content. Adversarial training: Train the model on adversarial examples to improve its robustness. Resources: Google Cloud Security Best Practices: https://lnkd.in/gSQFm4zg

Information on a new feature for Microsoft Sentinel. Microsoft is excited to announce the public preview of a new data tier Auxiliary Logs and Summary Rules in Microsoft Sentinel to further increase security coverage for high-volume data at an affordable price. Link below to article, “Comprehensive coverage and cost-savings with Microsoft Sentinel’s new data tier,” written by Yael Bergman. #Microsoft #Azure #AzureCloud #Cloud #CloudComputing #CloudSecurity #CloudNative #MicrosoftSentinel https://lnkd.in/esFshj3t

Thankful for the chance to share some thoughts with better appsec on the risks of third party AI to your cloud security posture. Check out the full post!

Another awesome post by James C.. "How to Build a Cloud-Native Data Security Program" is probably one of the more intimidating discussions in security. James has a unique ability to take a very complex topic and break the various components into easily digestible content that is practical for any practitioner. I look forward to learning from James's experiences and best practices to help the greater community I serve. #Cloudnativesecurity #cybersecurity

Something to know about Cyera A misconception I've learnt whilst talking to partners over the last week is that Cyera is the leading 'cloud' data security posture management platform. Whilst that is true, earlier this year we announced another critical capability that will allow customers to know and secure their data wherever it is. 'Cyera has expanded our coverage to include on-premises databases and file shares. While Cyera is a cloud-first and cloud-native company, the reality of enterprise customers is that their data doesn’t solely reside in cloud services. Cyera now detects and mitigates exposure anywhere by applying the proper security controls at the speed and scale of the cloud. This is big news for our customers, who now have a single data security platform to gain deep knowledge of data everywhere at once.' Would love to show you more. https://lnkd.in/e4p4U2mY

More than 90% of organizations use multiple cloud infrastructures, platforms, and services to run their business, adding complexity to securing all data.1 Microsoft Purview can help you secure and govern your entire data estate in this complex and changing environment. #Microsoft #Purview #data #security