Cloud Security

CrowdStrike Enhances Security Hygiene for Workloads on AWS

Grazed from CrowdStrike

CrowdStrike Inc. today announced the availability of Falcon Discover for Amazon Web Services (AWS) workloads. Falcon Discover provides security, operations and development teams with detailed visibility and extensive control over Amazon Elastic Compute Cloud (Amazon EC2) instances, improving overall security posture.

As today's enterprises continue to migrate their critical data and implement hybrid centers to host workloads that are both on-premises and on the cloud, maintaining security consistently is challenging. Today, many organizations of all sizes lack security resources and are looking for solutions that are easy to deploy, manage, and integrate.

Falcon Discover allows organizations to quickly visualize existing Amazon EC2 deployments across all regions (including instances without an endpoint security product installed) and subsequently monitors cloud trail logs for any modifications to the environment. As a result, the customer has a more complete picture of their networks and any systems or applications, enabling centralized, automated management and improving the organization's security posture.

Darktrace Cloud Protects Next Wave of Cloud Computing Models and More SaaS Applications

Grazed from Darktrace

Darktrace has announced that Darktrace Cloud can protect the next wave of cloud computing models, applications, and devices with its multi-award-winning cyber AI technology. The enhanced capability announced today comes in response to soaring demand for Darktrace Cloud and the accelerated adoption of innovative cloud architectures, such as edge computing and IoT data stored in the cloud.

Over 500 Darktrace customers use Darktrace Cloud to defend cloud environments and SaaS applications including Addivant, Innovating Capital, TruWest Credit Union, and City of Las Vegas.

"With Darktrace Cloud, we are shining a flashlight into the darkest corners of our digital infrastructure," commented Collin McCreath, Director of Information Technology at Addivant. "The ability to leverage Darktrace's AI to identify vulnerabilities and unknown threats in real time has fundamentally transformed our cyber security strategy. We now have unparalleled visibility of all our cloud environments and SaaS applications, and can better understand not only the configurations of our cloud workloads, but the movements between our entire digital business."

Alcide Announces New Release of its Cloud-Native Security Platform for Modern Data Center and Cloud Environments

Grazed from Alcide

Alcide, provider of the most comprehensive full-stack cloud native security platform, today announced a new release of its Cloud Native Security Platform. The new version, on the heels of the platform's general availability in April 2018, represents a significant milestone based on extensive work with existing customers and design partners, adding features while improving performance and scalability.

Alcide's platform provides unprecedented granular visibility, control and security for a wide range of modern cloud-native environments, including containers, virtual machines, serverless computing and service mesh, as well as physical data centers. The result is not just deeper insight into complex infrastructures, but robust security against cyberattacks through the following capabilities: application aware micro-segmentation, a network visualization and connectivity map, advanced threat protection and embedded security policies.

Threat Stack Releases 451 Research Pathfinder Report: Refocusing Security Operations in the Cloud Era

Grazed from Threat Stack

Threat Stack announced the publication of the 451 Research Pathfinder Report: Refocusing Security Operations in the Cloud Era. The Pathfinder Report, commissioned by Threat Stack, provides specific and actionable guidance for IT, DevOps, and security teams as they adapt to the increased adoption of public cloud, DevOps practices, and modern infrastructure like containers.

As organizations continue to adopt public cloud and drive towards digital transformation initiatives, many will shift towards a DevOps culture that values agility and flexibility in the development process. The 451 Research Pathfinder Report cautions that it can be easy to overlook security during this transition and provides security guidance for organizations with an IT infrastructure in transition.

MobileIron Modernizes Multi-Factor Authentication for the Cloud

Grazed from MobileIron

MobileIron, the secure foundation for modern work, today announced the addition of MobileIron Authenticator to its comprehensive MobileIron Access cloud security solution. MobileIron Authenticator is a new mobile application that allows organizations to verify a user's identity using the phone as a second factor of authentication.  

Passwords are failing

According to the 2018 Verizon Data Breach Investigations Report, compromised credentials are the top cause of reported data breaches. The best solution is to move beyond passwords, as MobileIron already does with seamless single sign-on for trusted devices and apps. But when that is not possible because of legacy devices or untrusted environments, many organizations look to multi-factor authentication (MFA) as additional evidence to confirm a user's identity. Traditional MFA, however, uses hardware tokens that are easily lost or software tokens that require inconvenient activation through QR codes. Neither of these is an ideal user experience.

Demystifying Cloud Security

Cloud-based IT systems perform important functions in almost all modern sectors. Businesses, non-profit organisations, governments and even educational institutions use The Cloud to expand the reach of the market, analyse performance, manage human resources and offer better services. Of course, effective Cloud security governance is essential for any entity wishing to reap the benefits of distributed IT.

Like all IT domains, Cloud technology faces unique security problems. Although the idea of ​​maintaining data security in The Cloud has long been considered an unmanageable paradox, extensive industry operations reveal numerous techniques that offer effective protection. Because Cloud service providers maintain FedRAMP compliance, effective Cloud protection is feasible and practical in the real world.

Bitglass 2018 Report: Cloud Security Adoption Trails Cloud Usage, Leaving Two Thirds of Organizations Vulnerable

Grazed from Bitglass

Bitglass, the Next-Gen CASB company, today released the 2018 Cloud Adoption Report, its fourth such study, which examines cloud adoption in more than 135,000 organizations around the globe. The report corroborates what is now broadly apparent -  the flexibility, productivity and cost savings benefits of cloud apps have fueled widespread adoption in every industry. Surprisingly, the report finds that the adoption of cloud security technologies lags cloud adoption, leaving many at risk of a data breach. 

The report finds that while 81 percent of organizations globally now use cloud apps, just 25 percent of organizations have adopted single sign-on (SSO), which is typically the first, most basic cloud security technology implemented. SSO combined with multi-factor authentication lowers the risk of phishing and password hacks.

"Cloud adoption hits new highs year after year as organizations worldwide have come to trust platforms like Office 365 and AWS, but it is surprising to see that far fewer organizations have invested in basic technologies like SSO to protect their data in the cloud," said Rich Campagna, CMO, Bitglass. "The disparity suggests that data breaches will continue to plague organizations."

 

A Global Technology Provider for 700+ financial services clients, Increases Efficiency of Personnel and SOC team by 37%

Article Written by Arun Gandhi, Director of Product Management at Seceon and Grigoriy Milis, Chief Technology Officer at RFA

As security breaches and attacks continue to lead global headlines, effective cybersecurity protections are the "new normal" for conducting business today. In addition to recently enacted regulations, with more coming in near future, it is imperative for managed service providers (MSPs) to provide best-in-class security solutions to customers while differentiating themselves from the competition. 

Traditional solutions are no longer sufficient; tools must evolve to combat the increasing sophistication of cybercriminal techniques and technologies. Customized malware exists now that can evade and bypass many of the traditional endpoint security solutions. Traditional signature- and manual calculation-based approaches are simply not sufficient for providing security with the increasing sophistication of cyber threats. Above all, the biggest challenge remains integration of these point solutions as they are from different manufacturers and not built to communicate with each other inherently. 

In business for nearly thirty years, Richard Fleischman & Associates, also known as RFA, is a trusted technology partner to more than 700 clients globally who retain more than $900 billion in total assets under management. Serving as an MSP for its financial sector clients, RFA used a number of traditional solutions and services from large market leaders successfully, but was always challenged to find a solution that could address threats (i.e., detect, contain and eliminate) between the perimeter and endpoints to their required level of sophistication. Multi-layered approaches recommended by industry experts were rendered ineffective as the solutions were note properly integrated and remained silo'ed. Moreover, the level of protection afforded resulted in dissatisfaction when compared to the overhead cost. 

Tripwire Expands Cloud Security Capabilities with Cloud Management Assessor

Grazed from Tripwire

Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced expanded support for cloud environments with Tripwire Cloud Management Assessor (CMA). The solution now features File Integrity Monitoring (FIM) capabilities for addressing publicly exposed data in the cloud, and its core secure configuration management functionality now supports all major cloud providers, including Google Cloud Platform.

"Tripwire is dedicated to helping organizations implement critical security controls in their environments, especially as these environments grow more complex with the adoption of hybrid and multicloud models," said Tim Erlin, vice president of product management and strategy at Tripwire. "We've expanded our capabilities to help organizations keep their cloud environments properly configured and prevent inadvertent exposure of their data."

New Kaspersky Lab Solution for Hybrid Cloud Security Management

Grazed from Kaspersky Lab

To support companies moving to a cloud architecture, today, Kaspersky Lab has launched its new Kaspersky Hybrid Cloud Security offering, expanding the company's virtualization and cloud security portfolio. The new solution is the next generation of hybrid cloud protection for businesses of all sizes, integrated with Amazon Web Services (AWS) and Microsoft Azure.

Organizations that struggle to deal with the speed of business process automation and growth of corporate data are turning to the hybrid cloud to expand their infrastructure. At the same time, more than half (59%) of businesses feel they cannot fully trust its data to cloud services because it could introduce new risks to their IT security. Their concerns are authentic with the lack of visibility in hybrid cloud ecosystems today - making them even more vulnerable to cyberattacks.