Latest news with #CloudTrail
Techday NZ
18-06-2025
- Business
- Techday NZ
Fortinet expands AWS Marketplace suite to boost cloud security
Fortinet has introduced updates to Lacework FortiCNAPP and expanded the availability of several security solutions in the AWS Marketplace, aimed at improving cloud security for organisations operating across hybrid and multi-cloud environments. The latest releases are intended to make it easier for customers to protect their applications, workloads, and data as businesses accelerate their adoption of cloud technologies. Fortinet's expanded presence in AWS Marketplace extends options for procurement and management of its products for Amazon Web Services (AWS) users. Enhanced protection features Fortinet's enhancements to Lacework FortiCNAPP offer reinforced security for cloud-native applications throughout their development and operational lifecycles. Key improvements include real-time CloudTrail alerting, which can now detect critical activities such as compromised credentials or anomalous API behaviour much more quickly by reducing AWS CloudTrail alert latency from 24 hours to under 15 minutes. Other new features include an Explorer (Security Graph) tool, which allows for an interactive visualisation of attack paths and asset relationships, making it more straightforward to identify and investigate threats such as internet-facing vulnerabilities. FortiCNAPP also now supports agentless scanning for Windows workloads across any cloud environment, enabling vulnerability and secret detection without the need to install software. Additional fleet management capabilities provide greater visibility over large-scale deployments including inventory, health, and coverage. Product bundles newly available include options with Dynamic Application Security Testing (DAST), content delivery network (CDN) functionality, and Security Operations Centre as a Service (SoC-as-a-Service), alongside AI-powered zero-day threat detection and remediation. These elements are designed to improve web application and API security. Expanded AWS Marketplace portfolio The company has increased the number of its solutions accessible via AWS Marketplace, allowing customers to acquire and manage Fortinet offerings within their existing cloud procurement workflows and apply AWS Enterprise Discount Program (EDP) commitments. Among the services that are now available are FortiAppSec Cloud, which provides unified web application and API protection (WAAP), FortiMail Workspace Security, which delivers protection across platforms like Microsoft 365 and Google Workspace, FortiNDR Cloud for AI-based threat detection, and FortiSIEM for scalable incident response. Fortinet Incident Response Services have also been added to AWS Marketplace. The services are designed to deliver expert support for AWS customers, integrating with both AWS-native tools and FortiGuard threat intelligence to support a comprehensive approach to incident management and response. Fortinet has achieved the AWS Security Incident Response Specialisation, which recognises the company's ability to deliver streamlined incident response solutions that are supported by AWS security response experts. This reflects Fortinet's strategic emphasis on offering end-to-end security expertise managed through a single vendor and deployment model. "Fortinet is committed to accelerating secure cloud transformation for our customers. By making more of our services available in AWS Marketplace and enhancing leading cloud-native solutions like Lacework FortiCNAPP and FortiAppSec Cloud, we're making it easier than ever for organisations to protect every cloud workload, application, and network edge." That statement was provided by Nirav Shah, Senior Vice President, Products and Solutions, Fortinet. All-in-one approach These launches are part of Fortinet's strategic data to help organisations reduce reliance on isolated point products by offering integrated security capabilities across application, network, and user layers. Consolidating various services—including WAAP, network detection and response (NDR), security information and event management (SIEM), cloud-native application protection platform (CNAPP), and workspace security—aims to give businesses full-stack protection with simplified management, better scalability, and reduced cost. For customers with significant cloud spend commitments seeking investment optimisation, Fortinet's FortiFlex licensing model provides a flexible, daily usage-based approach, supporting rapid deployment and elastic scaling, and allowing customers to only pay for the services that they use. The Fortinet Security Fabric and consulting teams offer proactive risk assessment and incident response, aiming to help AWS customers strengthen their security postures as cloud usage continues to grow.
Hi Dubai
23-04-2025
- Business
- Hi Dubai
What are the most in-demand Cybersecurity skills in 2025
In 2025, cybersecurity isn't just a concern for tech giants or financial institutions. It's a core part of every business, from startups to multinationals. With digital threats getting smarter and more aggressive, the pressure is on to build strong defenses and that starts with having the right people. But not just any tech professional will do. Companies are now looking for specialists who bring specific, in-demand skills to the table. The playing field has shifted. It's no longer enough to just know how to install antivirus software or configure a firewall. Attackers are moving faster, using AI tools, targeting cloud platforms and going after identity systems with precision. To keep up, cybersecurity professionals need to stay sharp, agile and ready to pivot as threats evolve. What's interesting is that this demand is cutting across industries. Healthcare, retail, education, government; everyone's hiring. That means there's real opportunity for people who want to move into cybersecurity or level up their current skills. The right expertise can open doors to high-paying roles, remote jobs and leadership positions that put you at the heart of major decision-making. So the question is, what skills do you actually need right now? What are employers actively hunting for in 2025? Here's a break down of the top cybersecurity skills that are in high demand this year. Cloud Security Cloud adoption isn't slowing down. In fact, it's accelerating, and that means security needs to keep up. Businesses are shifting more data, services and operations into cloud environments like AWS, Azure and Google Cloud, which creates a wider attack surface. Cloud security is about protecting those environments and making sure data is encrypted, access is controlled and misconfigurations don't become open doors for attackers. It's also about understanding shared responsibility models and being able to work across multi-cloud setups, which are becoming more common. If you know how to manage identity and access in the cloud, set up secure architectures and spot vulnerabilities before they're exploited, you're exactly who companies are looking for. Add in some experience with tools like CloudTrail, Security Center or third-party solutions like Palo Alto Prisma or Wiz, and you'll be even more valuable. Threat Intelligence Threat intelligence is all about staying one step ahead of cyber attackers. It's the process of gathering, analyzing and using data to understand threats before they hit. Instead of just reacting when something goes wrong, companies want pros who can see patterns, spot suspicious behavior early and make sense of digital clues. More than just about knowing how malware works, it's about connecting the dots between different data points, understanding attacker behavior and feeding that insight back into the business to improve defenses. Tools like SIEM platforms, threat feeds and behavioral analytics play a big role here, but it's the human element that makes the difference. If you've got a curious mind, love solving puzzles and can turn complex data into actionable advice, this skill can take you far. As cyber threats keep getting smarter, so does the demand for people who can outthink them. Incident Response and Digital Forensics When a cyberattack hits, the clock starts ticking. Companies don't just need someone to plug the leak. They need someone who can understand exactly what happened, how it happened and how to stop it from happening again. That's where incident response and digital forensics come in. It's one of those roles where calm, clear thinking matters just as much as technical know-how. You'll need to quickly contain threats, analyze logs, dig through digital evidence and trace the attacker's path. Knowing your way around SIEM tools, endpoint detection systems and forensic software is key. And it's also about documenting everything for legal or compliance purposes. As threats grow more advanced, this skillset is becoming non-negotiable for any company serious about cybersecurity. If you're good at staying cool under pressure and love solving complex puzzles, this is a strong path to follow. Identity and Access Management (IAM) Image Source: Cisco IAM is all about making sure the right people have the right access to the right systems at the right time. Sounds simple, but with the rise of remote work, bring-your-own-device policies and cloud-based everything, it's gotten a lot more complicated. Companies need to control who gets in, what they can do once they're in and how long they stay in. IAM specialists work on setting up and managing systems that handle user authentication, authorization and access policies. Think single sign-on, multi-factor authentication and role-based access control. It's also about reducing risk. If someone leaves the company or switches roles, their access needs to change immediately. Miss that, and you're opening the door to insider threats or data leaks. Knowing how to work with IAM tools like Okta, Microsoft Entra ID (formerly Azure AD) or Ping Identity is a major plus. It's one of those skills that touches every part of the business. Application Security Application security isn't just a technical checkbox anymore. It's a core part of any company's risk management strategy. With apps handling everything from payments to personal data, one vulnerability can open the door to serious damage. That's why businesses want cybersecurity pros who understand how to bake security into the development process, not bolt it on after. If you can find flaws in code, spot insecure libraries and work with developers to fix issues before apps go live, you're a major asset. Skills like static and dynamic application security testing (SAST/DAST), secure coding practices and working with tools like OWASP ZAP or Burp Suite are especially useful. Knowing how to bring security into agile and DevOps environments (often called DevSecOps) also puts you ahead. Companies want people who don't just find problems, but help solve them fast, without slowing teams down. Security Automation and Scripting In 2025, security teams can't afford to do everything manually. Threats evolve fast, and there's too much ground to cover. That's why automation and scripting are now key skills in cybersecurity. If you know how to write simple scripts in Python, Bash or PowerShell, you can save hours of repetitive work, reduce errors and respond to threats faster. Think automating vulnerability scans, setting up alerts for suspicious activity or building custom workflows to handle incidents. It's not about replacing humans, it's about making smarter use of time and resources. Tools like Ansible, Terraform and SIEM platforms that support scripting can help streamline operations across large systems. Security automation also plays a big role in DevSecOps, where integrating security into the development pipeline is now standard. If you're comfortable writing code and thinking through how to reduce manual security overhead, you're going to stand out in a crowded field. Governance, Risk, and Compliance (GRC) GRC might not be the flashiest area in cybersecurity, but it's one of the most important, especially in 2025. As data privacy laws and industry regulations continue to tighten, companies need people who understand the rules and know how to apply them in real-world settings. GRC professionals help organizations avoid fines, maintain customer trust and build security strategies that align with business goals. It's not just about ticking boxes. It's about understanding risk across the board and putting systems in place to manage it. That means setting policies, running risk assessments, preparing for audits and ensuring security practices meet legal and industry standards. Frameworks like ISO 27001, NIST and GDPR aren't just buzzwords: they're roadmaps that companies rely on. If you can bridge the gap between technical teams and executives, explain risk in plain terms and help the business stay compliant without slowing things down, you've got a skill set that's in serious demand. Zero Trust Architecture Zero Trust isn't a buzzword anymore. It's becoming the standard for how organizations secure their systems in a world where traditional perimeters don't really exist. With remote work, cloud services and hybrid environments, the idea that anyone inside a network is automatically trusted just doesn't work anymore. Zero Trust flips that mindset. It assumes no user or device should be trusted by default, even if it's already inside the network. Every access request needs to be verified. That means strong authentication, continuous monitoring and strict access controls based on who the user is, what they're trying to access, and where they're coming from. If you understand how to build or manage a Zero Trust model, you're stepping into a skillset that's in high demand. Companies are looking for people who can help them roll out this approach without breaking their systems or slowing down users. It's a space where security meets strategy and there's plenty of room to grow. Cybersecurity isn't just a career path anymore; it's the future of work. Learn the right skills, stay ahead of the curve, and you'll be building a career that's not only in demand, but built to last. Also Read: United Arab Emirates Cybersecurity Salaries: What Can You Expect to Earn? Explore cybersecurity salaries in the UAE. Learn what factors influence pay, role-specific earnings, and top industries hiring in the UAE. UAE Unveils First-Ever Cybersecurity Excellence Awards to Spotlight Digital Innovation and Leadership The UAE Government Cybersecurity Council has officially announced the launch of the nation's first Cybersecurity Excellence Awards & Recognition Programme, a landmark initiative designed to honour outstanding achievements and innovations in digital security. Cybersecurity Threats in Dubai: What You Need to Know Learn about the top cybersecurity threats in Dubai and how to protect yourself. An essential guide for residents and businesses alike. UAE to Launch National Cybersecurity Strategy at WGS 2025 Dr. Mohamed Al Kuwaiti, Head of the UAE Cyber Security Council (CSC), has announced the official launch of the UAE's National Cybersecurity Strategy this week. New Research Highlights Rising OT Security Risks in Industrial Networks A recent whitepaper from Palo Alto Networks and Siemens highlights the growing cybersecurity risks faced by SCADA and operational technology (OT) devices connected to the public internet.
