Turngate
@turngate.bsky.social
Turngate simplifies logs so anyone can investigate, so you can understand activities in your enterprise in seconds.
https://www.turngate.io/
https://www.turngate.io/
Pinned
Turngate
@turngate.bsky.social
· Sep 2
So, as we are new here we wanted to introduce ourselves! If you want to know more, check out turngate.io
At Turngate, we like to discuss best strategies and the current 'going-ons' in SaaS land. If you want to see our latest thoughts, check out our recent write up about Business Continuity and Disaster Recovery.
www.linkedin.com/pulse/busine...
www.linkedin.com/pulse/busine...
Business Continuity and Disaster Recovery in SaaS-land
Many organizations rely on SaaS-based applications for everything from business critical functions like identity and authentication to less critical activities like graphics design and note taking. If...
www.linkedin.com
November 13, 2025 at 9:24 PM
At Turngate, we like to discuss best strategies and the current 'going-ons' in SaaS land. If you want to see our latest thoughts, check out our recent write up about Business Continuity and Disaster Recovery.
www.linkedin.com/pulse/busine...
www.linkedin.com/pulse/busine...
Every cybersecurity incident tells a story, and that narrative is written in the logs. Our latest blog will help you discern that tale and ensure you gleam actionable insights so you can make the most of your logs.
www.turngate.io/blog/log-ana...
www.turngate.io/blog/log-ana...
Log Anatomy 101: Divining Meaning From User and Systems Activity
Raw logs may be boring, complicated, and downright ugly, but they’re a trove of high-value clues for security investigators. Here’s how to make use of them.
www.turngate.io
October 30, 2025 at 8:05 PM
Every cybersecurity incident tells a story, and that narrative is written in the logs. Our latest blog will help you discern that tale and ensure you gleam actionable insights so you can make the most of your logs.
www.turngate.io/blog/log-ana...
www.turngate.io/blog/log-ana...
What’s in a log, or rather what’s not in a log? Bruce talks his thoughts on a recent report by Unit 42 on the use of AzureHound by threat actors, and how logs failed to showcase the full extent of the attack.
October 29, 2025 at 8:41 PM
What’s in a log, or rather what’s not in a log? Bruce talks his thoughts on a recent report by Unit 42 on the use of AzureHound by threat actors, and how logs failed to showcase the full extent of the attack.
The folks at Koi discovered GlassWorm, the world's first worm targeting VS Code extensions on OpenVSX marketplace.
www.koi.ai/blog/glasswo...
www.koi.ai/blog/glasswo...
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog
www.koi.ai
October 23, 2025 at 8:18 PM
The folks at Koi discovered GlassWorm, the world's first worm targeting VS Code extensions on OpenVSX marketplace.
www.koi.ai/blog/glasswo...
www.koi.ai/blog/glasswo...
In case you didn't hear, F5 has reported that a "nation-state threat actor maintained long-term, persistent access to, and downloaded files from, certain F5 systems,” including source code and vulnerability info.
www.helpnetsecurity.com/2025/10/15/f...
F5's statement:
my.f5.com/manage/s/art...
www.helpnetsecurity.com/2025/10/15/f...
F5's statement:
my.f5.com/manage/s/art...
myF5
my.f5.com
October 15, 2025 at 7:30 PM
In case you didn't hear, F5 has reported that a "nation-state threat actor maintained long-term, persistent access to, and downloaded files from, certain F5 systems,” including source code and vulnerability info.
www.helpnetsecurity.com/2025/10/15/f...
F5's statement:
my.f5.com/manage/s/art...
www.helpnetsecurity.com/2025/10/15/f...
F5's statement:
my.f5.com/manage/s/art...
GoAnywhere MFT is warning users to install a new patch that fixes a deserialization vulnerability in the License Servlet that allows threat actors to run command injection attacks.
www.techradar.com/pro/security...
www.techradar.com/pro/security...
Experts warn a maximum severity GoAnywhere MFT flaw is now being exploited as a zero day
A patch is already released, so hurry up
www.techradar.com
October 3, 2025 at 8:45 PM
GoAnywhere MFT is warning users to install a new patch that fixes a deserialization vulnerability in the License Servlet that allows threat actors to run command injection attacks.
www.techradar.com/pro/security...
www.techradar.com/pro/security...
When building an insider risk program, practicality is key. That is why our latest blog post lays out a middle-ground approach that is budget friendly and allows you to spot problems early with clarity, and without creating a jumbo-sized project.
www.turngate.io/blog/insider...
www.turngate.io/blog/insider...
Insider Risk 101: Build a Program Without Breaking the Bank
A defender’s guide to insider risk. What it is, how it differs from insider threat, and a middle-ground program that uses metadata, lightweight DLP, and Turngate to spot problems early without turning...
www.turngate.io
September 30, 2025 at 7:03 PM
When building an insider risk program, practicality is key. That is why our latest blog post lays out a middle-ground approach that is budget friendly and allows you to spot problems early with clarity, and without creating a jumbo-sized project.
www.turngate.io/blog/insider...
www.turngate.io/blog/insider...
The Google Threat Intelligence Group has published a report about the BRICKSTORM malware that has been allowing backdoor access across sectors for the last year.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors | Google Cloud Blog
BRICKSTORM is a stealthy backdoor used by suspected China-nexus actors for long-term espionage.
cloud.google.com
September 26, 2025 at 8:41 PM
The Google Threat Intelligence Group has published a report about the BRICKSTORM malware that has been allowing backdoor access across sectors for the last year.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Good security investigations are about strategy, not spectacle. In our latest blogpost, we lay out a seven step budget- and user-friendly approach on setting up a SOC without a SIEM to make the most of your log data.
www.turngate.io/blog/seven-s...
www.turngate.io/blog/seven-s...
Seven Steps to Set Up a SOC Without a Traditional SIEM
At Turngate, we’re here to challenge the idea that you can’t properly identify key security events in your SOC without SIEM.
www.turngate.io
September 25, 2025 at 6:31 PM
Good security investigations are about strategy, not spectacle. In our latest blogpost, we lay out a seven step budget- and user-friendly approach on setting up a SOC without a SIEM to make the most of your log data.
www.turngate.io/blog/seven-s...
www.turngate.io/blog/seven-s...
The Cloud Security Alliance announced the launch of the SaaS Security Capability Framework (SSCF), a new technical framework that defines configurable, consumable, and customer-facing security controls provided by SaaS vendors to their customers.
cloudsecurityalliance.org/artifacts/sa...
cloudsecurityalliance.org/artifacts/sa...
SaaS Security Capability Framework (SSCF) | CSA
The SaaS Security Capability Framework defines configurable, consumable, and customer-facing security controls provided by SaaS vendors to their customers.
cloudsecurityalliance.org
September 24, 2025 at 6:33 PM
The Cloud Security Alliance announced the launch of the SaaS Security Capability Framework (SSCF), a new technical framework that defines configurable, consumable, and customer-facing security controls provided by SaaS vendors to their customers.
cloudsecurityalliance.org/artifacts/sa...
cloudsecurityalliance.org/artifacts/sa...
If you have been wanting more information on the Salesforce Drift breach, Tom Uren breaks down the authorization sprawl attack as well as the responses from the victim organizations.
www.lawfaremedia.org/article/expl...
www.lawfaremedia.org/article/expl...
Exploiting Authorization Sprawl Is the New Black
The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.
www.lawfaremedia.org
September 19, 2025 at 6:23 PM
If you have been wanting more information on the Salesforce Drift breach, Tom Uren breaks down the authorization sprawl attack as well as the responses from the victim organizations.
www.lawfaremedia.org/article/expl...
www.lawfaremedia.org/article/expl...
This week Turngate hosted a mixer where we discussed current OAuth concerns. This article by Bill Batchelor, Eyal Rafian, and Nathaniel Quist expands on that with their own insights on OAuth token risks and best practices organizations can implement.
unit42.paloaltonetworks.com/third-party-...
unit42.paloaltonetworks.com/third-party-...
Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain
Effective OAuth token management is crucial for supply chain security, preventing breaches caused by dormant integrations, insecure storage or lack of rotation.
unit42.paloaltonetworks.com
September 17, 2025 at 8:02 PM
This week Turngate hosted a mixer where we discussed current OAuth concerns. This article by Bill Batchelor, Eyal Rafian, and Nathaniel Quist expands on that with their own insights on OAuth token risks and best practices organizations can implement.
unit42.paloaltonetworks.com/third-party-...
unit42.paloaltonetworks.com/third-party-...
If you were affected by the Cloudflare outage last Friday, they released a blogpost this weekend detailing how a bug in the dashboard caused repeated, unnecessary calls to the Tenant Service API which ultimately overwhelmed the service.
blog.cloudflare.com/deep-dive-in...
blog.cloudflare.com/deep-dive-in...
A deep dive into Cloudflare’s September 12, 2025 dashboard and API outage
Cloudflare’s Dashboard and a set of related APIs were unavailable or partially available for an hour starting on Sep 12, 17:57 UTC. The outage did not affect the serving of cached files via the Cloud...
blog.cloudflare.com
September 15, 2025 at 6:28 PM
If you were affected by the Cloudflare outage last Friday, they released a blogpost this weekend detailing how a bug in the dashboard caused repeated, unnecessary calls to the Tenant Service API which ultimately overwhelmed the service.
blog.cloudflare.com/deep-dive-in...
blog.cloudflare.com/deep-dive-in...
We found an interesting article about the risks associated with the growing tech debt within the SaaS world.
www.techradar.com/pro/secure-a...
www.techradar.com/pro/secure-a...
Secure access, minimize tech debt: a browser-based strategy for the SaaS-driven enterprise
Reimagining browser access to eliminate tech debt
www.techradar.com
September 3, 2025 at 7:02 PM
We found an interesting article about the risks associated with the growing tech debt within the SaaS world.
www.techradar.com/pro/secure-a...
www.techradar.com/pro/secure-a...
So, as we are new here we wanted to introduce ourselves! If you want to know more, check out turngate.io
September 2, 2025 at 6:49 PM
So, as we are new here we wanted to introduce ourselves! If you want to know more, check out turngate.io