Cloud Security

Threat Stack and Red Canary Announce Partnership to Drive Incident Response and Remediation in the Cloud

Threat Stack and Red Canary announced a partnership designed to offer response and remediation in the cloud. Together, Red Canary and Threat Stack will be able to reduce the mean time to remediation for security alerts identified by the Threat Stack Cloud Security Platform and Threat Stack Cloud SecOps Program.

Threat Stack's industry-leading full stack security observability across cloud infrastructure - from control plane, host, container, orchestration, and application layer - in combination with Red Canary, enables customers to streamline response efforts by outsourcing alert investigation and enabling customers to focus only on incidents that require active remediation. As an example, Ping Identity, the leader in identity defined security, have been looking for the next-generation cloud data breach detection and remediation capabilities offered by this partnership.

SonicWall Secures Hybrid Clouds by Simplifying, Enhancing Deployment for Enterprises, SMBs

SonicWall announced new Capture Cloud Platform capabilities that include Zero-Touch Deployment and Secure SD-WAN (software-defined WAN) designed for distributed enterprises and organizations with hybrid cloud environments. The company also announced enhancements to the Capture Security Center with personalized Risk Meters that deliver company-specific, real-time threat intelligence and risk scoring, as well as Hyper-V, Azure and AWS support for its virtual firewall series.

"Organizations are invested in hybrid cloud strategies where they're able to harness the power of both public and private clouds, but they require solutions that help simplify and secure their cloud migration initiatives," said SonicWall President and CEO Bill Conner. "Whether they are pursuing the benefits of a vendor's specific capabilities, looking to reduce the cost of hiring staff or seeking to reach compliance standards, SonicWall helps protect their migration while simultaneously giving more visibility and control of their environments."

Reducing Cost with Zero-Touch Deployment
SonicWall Zero-Touch Deployment allows organizations to quickly and securely configure firewall hardware at new locations without requiring advanced and costly on-site personnel. Once new products are brought online in remote locations, administrators can manage local and distributed networks through a single pane-of-glass using Capture Security Center, SonicWall's flagship cloud-based management and analytics SaaS platform.
 

iboss Announces Integration with Microsoft Cloud App Security

iboss announced an integration partnership with Microsoft Cloud App Security (MCAS). The partnership allows organizations to leverage Microsoft Cloud App Security in a more powerful way by integrating it with the iboss cloud. The iboss cloud secures user Internet access, on any device, from any location and this integration allows iboss cloud and MCAS to connect seamlessly. Through this connection, data from users is automatically sent from iboss cloud to MCAS to provide insight into cloud application use. In addition, risky applications sanctioned within Microsoft Cloud App Security are automatically synchronized with iboss cloud to ensure those applications are controlled to prevent data loss.

DH2i Launches DxOdyssey for Zero Trust Hybrid/Multi-Cloud Security

DH2i, the leading provider of multi-platform Software Defined Perimeter and Smart Availability software for Windows and Linux, today announced the launch of DxOdyssey, its new network security software that dynamically deploys perimeter security where needed in order to isolate services for fine-grained user access, creating a Software-Defined Perimeter (SDP). The new DH2i SDP offering gives medium and large organizations the perimeter security model needed for Zero Trust network connectivity between on-premises sites and/or multi-cloud environments. In addition, the new offering addresses customer desire for a highly scalable, self-healing networking solution that is easy to configure and manage, with a high ROI. DxOdyssey makes the application infrastructure "always-secure and always-on".

Today's medium and large organization security and network admins are well-aware of the difficulties that surround using traditional approaches such as virtual private networks (VPNs) for perimeter security to connect on-premises sites and/or multi-cloud environments. The issues include:

Wipro Collaborates with Check Point Software to Offer Cloud Security Services

Wipro Limited announced a new partnership with Check Point Software Technologies Ltd, a leading provider of cyber security solutions globally, to deliver Check Point's advanced and dynamic cloud security solution, CloudGuard IaaS.

This strategic worldwide partnership will further accelerate demand for the CloudGuard comprehensive suite of cloud security products, which are focused on advanced threat prevention and safeguarding enterprise cloud applications, infrastructure, and data against the most sophisticated fifth-generation cyber-attacks threatening organizations today. CloudGuard already protects more than 2,000 enterprise cloud environments.

Cloud security is a shared responsibility between the service provider and the customer, which can be a challenging model to implement. Through this partnership, Wipro and Check Point are enabling customers to maximize their investment in cloud infrastructure by defending against the most sophisticated fifth-generation cyber security threats to their cloud assets and data.

New McAfee Report Reveals Data in the Cloud More Exposed Than Organizations Think

McAfee, the device to cloud cybersecurity company, today released its Cloud Adoption and Risk Report, which analyzed billions of events in anonymized customers production cloud use to assess the current state of cloud deployments and to uncover risks. The report revealed that nearly a quarter of the data in the cloud can be categorized as sensitive, putting an organization at risk if stolen or leaked. Coupled with the fact that sharing sensitive data in the cloud has increased 53 percent YoY, those who do not adopt a cloud strategy that includes data loss protection, configuration audits and collaboration controls, will endanger the security of their most valuable asset-data-while exposing themselves to increased risk of noncompliance with internal and external regulations.

The study found that while organizations aggressively use the public cloud to create new digital experiences for their customers, the average enterprise experiences more than 2,200 misconfiguration incidents per month in their infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) instances. Cloud service providers only cover the security of the cloud itself, not customer data or customer use of their infrastructure and platforms. Companies are always responsible for securing their data wherever it is, hence highlighting the need to deploy cloud security solutions that span the whole cloud spectrum, from SaaS (software-as-a-service) to IaaS and PaaS.

"Operating in the cloud has become the new normal for organizations, so much so that our employees do not think twice about storing and sharing sensitive data in the cloud," said Rajiv Gupta, senior vice president of the Cloud Security Business, McAfee. "Accidental sharing, collaboration errors in SaaS cloud services, configuration errors in IaaS/PaaS cloud services, and threats are all increasing. In order to continue to accelerate their business, organizations need a cloud-native and frictionless way to consistently protect their data and defend from threats across the spectrum of SaaS, IaaS and PaaS."

Fortanix and Alibaba Cloud Partner to Launch SDKMS Runtime Encryption Key Management on Alibaba Cloud ECS

Grazed from Fortanix and Alibaba Cloud

Fortanix Inc., the leader in Runtime Encryption, today announced its partnership with Alibaba Cloud, the cloud computing arm of Alibaba Group, to integrate its Self-Defending Key Management Service (SDKMS) with the Alibaba Cloud platform, introducing new levels of security and privacy with Runtime Encryption key management in the cloud.

Alibaba Cloud is among the world's top three IaaS providers according to Gartner and the largest provider of public cloud services in China according to IDC. It launched commercial Intel® Software Guard Extensions (Intel® SGX)-powered cloud servers as Elastic Compute Service (ECS) bare metal instances in April. Working with Fortanix, customers can now keep their most precious applications secure with new levels of security and privacy for encryption keys in the cloud. This new partnership enables secure cloud adoption for even the most sensitive workloads by allowing prospects to securely adopt the cloud with unmatched privacy for their encryption keys offered by Fortanix SDKMS.

"Fortanix is one of the leaders in Intel SGX technology and their Runtime Encryption can bring applications that were previously constrained due to security issues to the cloud," said Xiaoning Li, Chief Security Architect of Alibaba Cloud. "Fortanix Self-Defending Key Management Service allows customers to encrypt all their data in Alibaba Cloud, while keeping the keys protected from Fortanix and Alibaba Cloud. We are glad to partner with Fortanix to provide a cutting-edge cloud security options to our users."

Utimaco Launches Cryptoserver Cloud: HSM as a Service for Secure Multi-Cloud Environments

Grazed from Ultimaco

Utimaco, a leading manufacturer of Hardware Security Module (HSM) technology, is proud to announce the availability of its cloud HSM offering in Europe and Asia. With CryptoServer Cloud, the German hardware security specialist launches a uniquely flexible and customizable HSM as a Service. The solution enables Cloud Service Providers (CSP) independence and provides organizations in multi-cloud environments with security and flexibility. CryptoServer Cloud will hit Asian and European markets in early November.

Dedicated HSM and maximum security

Verizon Digital Media Services adds managed security services to its cloud solution for enterprises

Grazed from Verizon Digital Media Services

Verizon Digital Media Services today announced it has added a round-the-clock managed cloud security offering as part of its global Cloud Security Solution. The managed cloud security component provides access to expert security professionals who monitor and proactively take corrective action against the latest security threats, no matter the time of day. The addition of this offering complements features previously available within Verizon Digital Media Services' leading Cloud Security Solution, including a dual web application firewall (WAF), distributed denial-of-service (DDoS) protection, bot management, and real-time analytics and reporting.

"Any security threat or vulnerability is a distraction of resources and valuable time for a business," said Frank Orozco, Chief Technology Officer for Verizon Digital Media Services. "By leveraging our managed cloud security feature, our customers can now lean on our dedicated security teams to monitor and protect their web and mobile applications, so they can concentrate on growing their business."

 

Zscaler Achieves AWS Security Competency Status for Zero Trust

Grazed from Zscaler

Zscaler, Inc., a leader in cloud security, announced that Zscaler Private Access (ZPA) is the first zero trust architecture to achieve Amazon Web Service (AWS) Security Competency status.

The ZPA zero trust architecture securely connects authorized users and devices to named, internally managed applications without exposing the Amazon Virtual Private Cloud (VPC) to the internet. With ZPA, applications connect to users via inside-out connections, making them invisible to unauthorized users and reducing the risk of internet-based attacks. Enterprises using ZPA can create micro-segmented architectures without virtualizing the security stack and creating complex firewall policies.