CloudDefense.AI, has discovered that a California-based breast pump manufacturer is storing at least 7 million documents, including personal information of healthcare providers, on an exposed server with no password protection. The documents include full names, business addresses, fax numbers, phone numbers, and National Provider Identifier (NPI) numbers. Although much of the information can be found publicly, it is unlikely that those listed are aware that their information is centrally available in a database of that size. The Daily Dot has reached out to the company but has received no response. The exposure of the data raises concerns over data safety in women's healthcare.

Barbara Ericson

28 Mar

Indian at-home salon platform Yes Madam has exposed sensitive data of hundreds of thousands of customers and gig workers due to a server-side misconfiguration, according to security researcher Anurag Sen of CloudDefense.ai. The exposed data includes full names, mobile numbers, mailing addresses, email addresses, location data, payment links, and device details of over 900,000 users. Yes Madam co-founder Mayank Arya confirmed that the company has since secured the database, but it remains unclear whether the exposed data was accessed by anyone else. Yes Madam operates in over 30 cities across India and has attracted over a million downloads on its mobile apps.

Barbara Ericson

9 Mar

2 min read

CloudDefense.AI discovered an unprotected Elasticsearch server containing the personal data of over 100,000 customers of Falkensteiner, a European hotel chain. The breach was associated with Gustaffo, a company offering IT solutions for the hospitality industry. It was later discovered that only 13,000 individuals were exposed, and many of the records were duplicates. The incident highlights the importance of having robust security measures in place and having responsible disclosure programs.

Barbara Ericson

3 Mar

3 min read

CloudDefense found a misconfigured database belonging to a video marketing software provider based in San Francisco has exposed the personal d@athata of over 700,000 users of the websites getshow.io and animaker.com.

Barbara Ericson

1 Mar

2 min read

Recently, CloudDefense.AI was featured in Techcrunch for securing the exposed database of Indian social media startup, Slick. The database contained over 153,000 user records and had been left vulnerable due to a misconfiguration, which could have led to significant harm.

Barbara Ericson

13 Feb

2 min read

Not sure how to secure your startup properly? You needn’t worry any longer as we will inform you of all startup DevSecOps security tips.

Mark Preston

23 Aug

9 min read

You needn't worry any longer as the search for answers to the latest security issues is over. Learn how embracing the benefits of single delivery platform will help protect your business.

Mark Preston

21 May

7 min read

Learn what is endpoint detection and response and enhance your security with the latest real-time monitoring and endpoint data analysis.

Barbara Ericson

26 Apr

7 min read

If you want to be certain that your security is unrivalled, then there is no better way than testing its limits with penetration testing.

Barbara Ericson

29 Jan

8 min read

If you are a part of a business which is dependant on applications and browser, then you should most certainly be on the lookout for any vulnerability management tips!

Barbara Ericson

28 Jan

10 min read

With web application security add an extra layer of protection to your application and stop DDoS attacks and data breaches before they even occur.

Mark Preston

27 Jan

11 min read

Develop new skills and become indispensable in the software industry. Learn all the key parts of the system development life cycle in our step-by-step guide.

Mark Preston

21 Jan

8 min read

There’s a wide variety of reasons why people are turning more and more to cloud computing. Read our in-depth guide and find out more about it

Barbara Ericson

31 Oct

3 min read

CI/CD is a vital part of any modern development process, which aims to reduce any errors. Learn how to bring the best CI/CD best practices to life.

Mark Preston

30 Oct

7 min read

Businesses and organizations should strive to incorporate and maintain security levels in the DevOps process. Learn more about DevSecOps best practices!

Barbara Ericson

28 Oct

7 min read

Although DevOps and DevSecOps share similar aspects, there are still some things that make them different from one another. Learn more from our guide.

Mark Preston

20 Oct

7 min read

Ask yourself what is DAST, and our CloudDefense guide will be here to help! By mimicking attacks DAST is able to find application flaws and weaknesses.

Mark Preston

13 Oct

7 min read

Learn how SAST, a common testing methodology, can help you analyze your source code and pinpoints software flaws and vulnerabilities.

Mark Preston

8 Oct

7 min read

Achieving the full potential of your software development process has never been easier with a refresher course on how to implement an effective CI/CD pipeline.

Mark Preston

22 Sep

7 min read

Almost all major companies use DevOps and in our detailed guide, you will learn why. DevOps is a method of increasing and improving efficiency.

Barbara Ericson

15 Sep

10 min read

Learn how to build a successful app by getting a proper understanding of the app development life cycle.

Mark Preston

10 Sep

10 min read

The best way to develop DevOps is to have source code that can be modified by the best open-source DevOps tools. Find the one that suits you the most.

Barbara Ericson

7 Sep

5 min read

Find out which methodology suits you better in our continuous integration vs continuous delivery detailed comparison. There's no one solution that fits all.

Barbara Ericson

2 Sep

5 min read

Learn all about the differences between SCA, SAST and DAST in our detailed comparison. We dive deep into the key security terminology.

Mark Preston

31 Aug

7 min read

One of the best ways to provide high-quality software is to implement the top 10 best practices for software testing projects

Mark Preston

24 Aug

7 min read

Worried about OSS licenses? You needn't worry any longer as we got you covered with our how to avoid OSS license compliance lawsuits and vulnerabilities guide.

Barbara Ericson

10 min read

In order to take back control from hackers, California had to pay millions of dollars. Click here and find out if California can afford another cyber attack in the near future.

Barbara Ericson

5 min read