Blue Hexagon Blog

Threat Advisory: Log4j vulnerability (LOG 4 SHELL CVE-2021-44228)

Periodic scans or flow log analysis may not be sufficient for detection or triage of log4j attack. Continuous and runtime analysis of cloud activity and...

Securely migrate to Azure Cloud

Shared Responsibility Model, Security Framework and Applying AI Deep LearningWith agentless implementation, automated pre-trained AI models, and automated threat defense that requires no post-analysis human...

Threat Advisory: Log4j vulnerability (LOG 4 SHELL CVE-2021-44228)

Periodic scans or flow log analysis may not be sufficient for detection or triage of log4j attack. Continuous and runtime analysis of cloud activity and...

Threat Advisory: Log4j vulnerability (LOG 4 SHELL CVE-2021-44228)

Periodic scans or flow log analysis may not be sufficient for detection or triage of log4j attack. Continuous and runtime analysis of cloud activity and... Read More

Securely migrate to Azure Cloud

Shared Responsibility Model, Security Framework and Applying AI Deep LearningWith agentless implementation, automated pre-trained AI models, and automated threat defense that requires no post-analysis human... Read More

Instantly Stop S3 Ransomware and Malware

With New AWS S3 Object Lambda and Blue Hexagon Agentless Cloud-Native AI SecurityOver the past year, we have worked closely with AWS to bring real-time... Read More

Real-time Cloud-Native Network Protection Against Unknown Cloud Threats

Upgrade Your AWS Firewall with Blue Hexagon Agentless AI Security Cloud-Native Integration- By Arun Raman and Song Wrensch, Blue Hexagon The modern threat... Read More

Threat Advisory: CVE-2021-1675 aka #PRINTNIGHTMARE

Here’s what you really need to know and do now With any vulnerability that manages to grab headlines, the... Read More

Deep Dive into the NSA funded MITRE D3FEND Framework

MITRE released the D3FEND framework today (6/22/21), an effort funded by the National Security Agency to effectively create a knowledge graph of cybersecurity countermeasure... Read More

You Can’t Detect What You Can’t See – In Real-Time. The Modern Cloud Security Edition

There is an old maxim in cybersecurity: “You cannot detect what you cannot see.” While we hold the need for security visibility as a self-evident truth, there are... Read More

Threat Advisory: CVE-2021-31166 Windows Remote Code Execution Vulnerability

Just when you thought you had seen the worst 2021 could throw at you… We are barely approaching the middle of the year and not... Read More

Industry’s First Agentless Cloud-Native AI Security at Runtime – for Google Cloud Platform

The rise of cloud-based Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) has driven rapid enterprise workload migration to the cloud. However, this sea change... Read More

5 Takeaways from the Colonial Pipeline Ransomware Attack

On Friday, May 7th, Colonial Pipeline experienced a ransomware attack. Colonial Pipeline transports gasoline, diesel, jet fuel, and home heating oil starting from refineries on the Gulf Coast... Read More

3 Key DevSecOps Trends for 2021

DevSecOps is a term that means different things to different people. I see it as primarily as an umbrella term for "continuous security" or security that is built... Read More

Microsoft Exchange flaws – a look back after a month

It has been over a month since the news first broke of a security vulnerability targeting MS Exchange circulating in the wild.  It seems the severity of this... Read More