Mor Asher

@morasher
2 Followers
14 Following
32 Posts
Mor AsherApr 18, 2025

Data security posture management, after all, the data is what matters.

Data discovery and contextual classification is a key step first, and with Gen-AI technologies getting much faster and accurate, we should expect a brighter future for data protection (fingers crossed).

A comprehensive guide by #BigID

https://api.cyfluencer.com/s/ultimate-guide-to-a-data-security-platform-19585

#DSPM #DataProtection

The Ultimate Guide to a Data Security Platform

Secure your data with a Modern Data Security Platform (DSP) built for CISOs—detect threats, enforce policies, and protect sensitive data at scale.

BigID
Mor AsherMar 27, 2025

“To catch a criminal you have to think like a criminal” (or see what the criminal sees).

Attack graphs, seeing what attackers see:

https://cybersec.xmcyber.com/s/seeing-what-attackers-see-how-attack-graphs-help-you-stay-ahead-of-cyber-threats-451f3430-19226

#Cyber #CTEM

Seeing What Attackers See: How Attack Graphs Help You Stay Ahead of Cyber Threats | XM Cyber

Learn more about Seeing What Attackers See: How Attack Graphs Help You Stay Ahead of Cyber Threats . Read more on XM Cyber website.

XM Cyber
Mor AsherMar 26, 2025

IngressNightmare - detecting and mitigating the IngressNGINX critical severity vulnerabilities.

That’s a high risk you don’t want to play with:

https://api.cyfluencer.com/s/detecting-and-mitigating-ingressnightmare-cve-2025-1974-19212

#VulnerabilityManagement #Cyber #K8

Detecting and Mitigating IngressNightmare - CVE-2025-1974

On Monday, March 24, 2025, a set of critical vulnerabilities affecting the admission controller component of the Ingress NGINX Controller for Kubernetes

Sysdig
Mor AsherMar 20, 2025

Classic case where you try to address a security weakness just to find out that you have created another vulnerability.

If you have an Apache server with this version, most likely that it is Internet exposed which means you must patch it fast. Another reason to continuously scan your attack surface.

https://cybersec.xmcyber.com/s/cve-2025-24813-critical-apache-tomcat-vulnerability-already-being-exploited-patch-now-19108

#Cyber #CTEM #Vulnerability

CVE-2025-24813: Critical Apache Tomcat Vulnerability Already Being Exploited – Patch Now! | XM Cyber

Learn more about CVE-2025-24813: Critical Apache Tomcat Vulnerability Already Being Exploited – Patch Now! . Read more on XM Cyber website.

XM Cyber
Mor AsherMar 11, 2025

Secure your CI/CD pipelines: an interesting and useful article you want to read.

It’s a soft spot for many organizations and hackers know it.

https://go.aembit.io/s/optimizing-ci-cd-security-best-practices-for-a-robust-software-delivery-pipeline-18990

#AppSec #InfoSec #SSDLC

Optimizing CI/CD Security: Best Practices for a Robust Software Delivery Pipeline

Modern software development accelerates progress but introduces security risks that must be managed to protect organizational integrity and reputation.

Aembit
Mor AsherMar 9, 2025

Cybersecurity is moving from a support function to a strategic driver of business decisions. Trust and reputation are imperative for conducting business.

https://api.cyfluencer.com/s/top-10-predictions-shaping-the-future-of-cybersecurity-in-2025-according-to-35-experts-18953

#Cyber #Trust

Cybersecurity Predictions for 2025: Insights from Leaders | Team Cymru

Discover key cybersecurity shifts for 2025, from Zero Trust adoption to AI-driven threat detection. Learn from top leaders how to turn security into a business advantage.

Mor AsherMar 7, 2025

Cloud misconfigurations: a gap calling for the thief.

Top and common cloud misconfigurations you will find in a typical cloud deployment.

While many invest great resources in applications vulnerabilities (rightfully), many tend to neglect configuration hardening. A big mistake.

https://api.cyfluencer.com/s/top-cloud-misconfigurations-a-cspm-perspective-18939

#Cloud #CSPM #Cyber

Top cloud misconfigurations: A CSPM perspective

While cloud misconfiguration issues most often stem from human error, they are unfortunately a leading cause of data breaches.

Sysdig
Mor AsherMar 6, 2025

7 stages of Non-human identities (NHI) transformation nicely put.

https://go.aembit.io/s/7-stages-of-non-human-identity-security-maturity-18926

#NHI #Identity #Cyber

7 Stages of Non-Human Identity Security Maturity

Securing non-human identities is a journey. Explore the seven stages of maturity, from hardcoded secrets to just-in-time, identity-based access. Where does your organization stand?

Aembit
Mor AsherFeb 22, 2025

How fast do you investigate your cloud environment? If it’s not few minutes, you might be too slow. Cloud detection and response tools are an essential component in your cyber security and incident response program.

An interesting view by Sysdig.

https://api.cyfluencer.com/s/cdr-how-cloud-has-changed-the-game-18741

#Cloud #IR #Cyber #Investigation

ɆCDR: How Cloud Has Changed the Game

Some organizations are just beginning their migration to the cloud, while others are already firmly settled there, but almost everyone is in the cloud in

Sysdig
Mor AsherFeb 21, 2025

Continuous delivery tools: a great automation and orchestration solution but if done wrong, can be become a serious risk. Here’s one example. Applies to all cloud service providers and environments.

https://cybersec.xmcyber.com/s/from-argocd-to-azure-hybrid-attacks-18723

#SSDLC #Cloud #CICD #InfoSec #appsec

From ArgoCD To Azure Hybrid Attacks | XM Cyber

Learn more about From ArgoCD To Azure Hybrid Attacks . Read more on XM Cyber website.

XM Cyber