Cloud Security News this week 24 November 2021

• CSA recently announced that they have now had 1500 Cloud services evaluated across to the STAR registry principles. According to CSA, by publishing to the registry organizations can show current and potential customers their security and compliance posture which may prevent the need for them to complete multiple security questionnaires. You can find more information about CSA and STAR registry here
• Security researcher Schütz was rewarded a $4,133 bounty by the Google Vulnerability Rewards Program for his Google Internal API vulnerability discovery. Google has now fixed this bug. You can read more about this here and the Schütz has documented his discovery here
• Palo Alto Networks - a well known cybersecurity Vendor - Their Chairman and CEO Nikesh Arora told investors that they are  “18-to-24 months ahead from a competitive platform perspective”. There a few exciting players in the Cloud Security Market right now and you can read more about this here You can also find more about Palo Alto, Orca Security, Wiz and Lacework on the links
• Lacework, they have recently raised $1.3 billion in fresh capital at a valuation of $8.3 billion, making this one of the largest venture funding rounds of the year in the United States. Nasdaq covered a bit more about this here. In comparison Orca Security raised  $550 million in Series C funding to raise their valuation to $1.8 Billion and Wiz raised $250 million on a $6 billion valuation
• Clubhouse, an audio based chatroom launched in 2020 which gained popularity during the pandemic has launched a BugBounty program on HackerOne. The scope of the Bounty includes their API and websites. The program has upto $3000 on offer for any critical vulnerabilities reported. You can find more about the program here
• Using a compromised password, an  unauthorised third party has managed to infiltrate GoDaddy’s systems affecting atleast 1.2 million users. Along with usernames, passwords and emails, the attackers also gained access to SSL private keys for a subset of users.

Episode Show Notes on Cloud Security Podcast Website.

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News 

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy: