CloudDefense.AI Blog
- Anshu Bansal
- Security
The cloud-native application protection platform, or CNAPP, has revolutionized how developers and AppSec teams secure modern cloud-native applications. It has brought a major shift to the security aspect of cloud native applications. With containers and Kubernetes becoming a default for development and a high-speed dev cycle
- Anshu Bansal
- Press
On 15-16 September 2025 a novel self-replicating supply-chain worm, being tracked publicly as “Shai-Hulud” was discovered in routine npm packages (npm packages compromised by Shai hulud worm). The malware was first observed in compromised versions of @ctrl/tinycolor and quickly expanded to dozens, then hundreds, of packages
- Abhishek Arora
- Security
In 2025, developers are always finding ways to speed up their development process. With the rapid adoption of AI code editors, organizations are achieving unprecedented development speed. However, it is also creating attack vectors in the development pipeline, and a vulnerability in the codebase can hamper
- Anshu Bansal
- Security
In 2025, developers are always finding ways to speed up their development process. With the rapid adoption of AI code editors, organizations are achieving unprecedented development speed. However, it is also creating attack vectors in the development pipeline, and a vulnerability in the codebase can hamper
- Anshu Bansal
- Security
Software development was once a team’s job. The advent of Continuous Integration and Continuous Delivery (CI/CD) completely transformed everything. It enables multiple dev teams to work together and boost the development through automation. For modern organizations, the CI/CD pipeline has become the backbone to cope with
- Anshu Bansal
- Press
A maintainer’s npm account was phished, and malicious versions of several widely used packages—chalk, debug, and a set of color/ANSI utilities—were published. Community reports and maintainer issues confirmed the tampering and the compromised versions were rapidly pulled. The payload acted as a crypto-drainer primarily when code
- Abhishek Arora
- Security
Shift-left security has become a necessity in today’s high-speed application development to protect the application and data from evolving cyber threats. As organizations gradually move towards more Agile methodologies, security can no longer remain an afterthought. Shift-left as a proactive approach helps in integrating security checks
- Abhishek Arora
- Security
Securing today’s cloud-driven businesses is a challenge, and choosing the right approach can be overwhelming. Two popular frameworks – SASE and CASB which often come up in the conversation. SASE redefines network security with a unified edge approach, while CASB focuses on protecting cloud apps and
- Anshu Bansal
- Security
With the growing complexity of securing both cloud and on-premises environments, organizations face a challenging decision when choosing between security solutions like CIEM and PAM. CIEM vs PAM each address critical aspects of access control but focus on different areas. CIEM specializes in managing cloud identities
- Abhishek Arora
- Cloud Security
Since many businesses adopt remote work and cloud-first strategies, the demand for secure and effective access to applications and data has risen dramatically. This shift has brought two key concepts to the forefront: Secure Access Service Edge (SASE) and Security Service Edge (SSE). While SASE combines
Cloud Security
Security
Press
Testing
Application Security
Security Operations Center (SOC) Roles and Responsibilities
