Cloud Security

WinMagic and Scale Computing Partner for Hyperconvergence Benefits from Unified Cloud Security

Grazed from WinMagic and Scale Computing

Today, WinMagic and Scale Computing announced a collaboration for enterprises who need high performance, highly secure access to their data across their unified public, private and hybrid cloud environments.

Through Scale's high availability HC3 hyperconverged platform combined with WinMagic's SecureDoc CloudVM encryption and intelligent key management solution, organizations can secure their cloud workloads while focusing on driving business value.

"The ability to control and manage data flow in and out of an organization is going to become increasingly difficult without the implementation of an enterprise solution capable of keeping ahead of security issues, emerging trends, and ever-evolving compliance regulations. Working with WinMagic puts our customers and partners in control. It also helps reduce security risks, with one simple easy to use solution, that overlays our HC3 platform, and allows users to pursue the advantages of public, private or a hybrid cloud strategy," said Jeff Ready, CEO of Scale Computing.

Skyhigh Targets Cloud Adoption Challenges With Three Breakthrough Cloud-Native Data Security Innovations

Grazed from Skyhigh

At the company's first-ever livestreamed Cloud-Native Data Security Summit at 10 a.m. PDT today, Skyhigh, the cloud security company, will unveil three innovations that enable organizations to protect data in the cloud. These new breakthroughs aims to solve unique security challenges that the scale, speed and user-centric nature of the cloud present, and thus enable organizations to leverage the power of cloud to accelerate their businesses.

Data is an organization's most valuable asset. As organizations strive to identify, control and protect data in the cloud, and a world in which traditional network-centric security technologies become less relevant, they must reframe their security strategy to focus on securing data natively in the cloud. This is the foundational premise of Skyhigh's Cloud-Native Data Security (CNDS) framework.

"Today, we are in the age of cloud. And within the persistent ebb-and-flow of information, security needs to empower IT to provide data protection without disrupting the breakneck speed of modern business," said Mauro Loda, Chief Cloud Security Architect, DuPont. "With a CNDS approach, we can enforce security policies like data loss prevention (DLP), rights management, data classification, threat protection and encryption through a single security platform designed in the cloud, for the cloud."

McAfee Integrates Advanced Analytics to Increase Security Operations Center Efficiency and Protect Endpoints and Cloud

Grazed from McAfee

McAfee, one of the world's leading cybersecurity companies, today announced new endpoint and cloud solutions that go beyond machine learning to take advantage of the speed and accuracy of advanced analytics, deep learning and artificial intelligence, and increase efficiency of security operations. Cyber threats and the data needed to defend against them continue to increase, overwhelming security teams and driving the need for open, efficient security operations. McAfee's new solutions make use of the automation, reasoning and data curation uniquely provided by advanced analytics technologies, allowing security teams to easily discover and assess data and root out threats. Through human-machine teaming and an open and interoperable cybersecurity platform, McAfee proves ‘Together is power,' with collaborative security that defends against shared adversaries.

"Security teams are increasingly overwhelmed by the complexity they face in their environments which hinders their ability to defend against the growing number of threats," said Chris Young, CEO of McAfee. "McAfee is acting on our ‘Together is power' principle with collaborative security that combines the unique advantages of people, machines and partners enabling teams to be situationally aware of security events and take swift action to thwart assaults, from the endpoint to the cloud."

TrapX Security Expands Cloud Data Center Support for Amazon AWS and KVM OpenStack

Grazed from TrapX Security

TrapX Security, a global leader in deception-based advanced cybersecurity defense, today announced fully integrated cloud data support for DeceptionGrid for both Amazon AWS EC2 and KVM OpenStack. This enhancement addresses the growing challenges associated with visibility and lateral movement within the hybrid environments of cloud and internal networks.

Widespread private and public cloud adoption presents significant security challenges. Security teams must extend their operations across internal networks who support a large number of cloud based applications. There are several key elements to success in securing the cloud:

PhoenixNAP to Launch Data Security Cloud in Collaboration with VMware

Grazed from PhoenixNAP

PhoenixNAP, a global IT services provider offering cloud, bare-metal dedicated server, colocation, and Infrastructure-as-a-Service (IaaS) solutions, today announced the upcoming launch of its Data Security Cloud - a new cloud security platform architected on the latest VMware technologies. PhoenixNAP's Data Security Cloud will address growing security concerns for businesses of all sizes and across industries, including those with heavy compliance and security demands to protect their workloads in the cloud.

According to reports, more than 90 percent of traffic resides within the data center, where perimeter security protections do not inspect the traffic*, and the average data center experiences two successful attacks per day**. The problem is growing quickly as almost two billion data records around the world were lost or stolen during 918 different cyberattacks in the first half of 2017, an increase of 164 percent over the same period last year. The toll on businesses is significant: two-thirds of firms breached had their share price negatively impacted with a cost to shareholders of over $52.40 billion. Today the question for business and security leaders is not if there will be a breach but when and how to contain the impact.

Cavirin Adds the NIST Cybersecurity Framework to its Hybrid Cloud Security Assessment and Remediation Platform

Grazed from Cavirin Systems

Cavirin Systems, Inc. offers continuous security assessment and remediation for hybrid clouds, containers, and data centers, via the most comprehensive curated library of industry guidelines, control frameworks, and best practices.

Cavirin today announced support for the NIST Cybersecurity Framework on its Hybrid Cloud Security Platform. The Framework outlines the best risk management practices and principles that organizations should apply to improve the security and resilience of their critical infrastructures. It helps organizations avoid the failures in processes and policies that are the source of many of today's breaches. To create this guidance, the NIST Framework leverages current standards and guidelines, such as ISO, COBIT, CIS, and other NIST documents.

Cavirin unifies and automates continuous cybersecurity risk management for hybrid infrastructures prevalent in the enterprise. Cavirin's customers can select the NIST Cybersecurity Framework as one of the Platform's many control frameworks for assessing their infrastructure against the framework requirements, prioritizing and remediating any open issues found, thereby enhancing their security and risk posture. Cavirin's security team has analyzed this draft NIST document and translated the guidance into a set of technical controls that help organizations automatically align to the document's recommendations. A detailed description of Cavirin's NIST support is available on the NIST Industry Resources page. Cavirin's NIST Framework primer is here.

RedLock Report Indicates Data Breaches in the Cloud Will Continue to Rise

Grazed from RedLock

RedLock, the Cloud Threat Defense company, today released a new report based on research from its Cloud Security Intelligence (CSI) team - a group of elite security analysts, data scientists and data engineers. The latest "Cloud Security Trends" report spans research from June through September, 2017, providing a comprehensive view into major threats and vulnerabilities in public cloud computing environments despite cloud service providers' efforts to educate organizations on shared security responsibilities.

Among key findings in the new report, the RedLock CSI team found that:

Tripwire's Cloud Management Assessor Now Supports Microsoft Azure

Grazed from Tripwire

Tripwire, Inc. announced that Tripwire Cloud Management Assessor, an extension of its flagship Tripwire Enterprise solution, now supports Microsoft Azure. Announced earlier this year, with initial focus on supporting Amazon Web Services (AWS) environments, Cloud Management Assessor helps organizations strengthen their cybersecurity and maintain compliance, and it now allows users to scan and assess the configuration states of their Azure environments.

"New security considerations come with the continued adoption of cloud technologies, so we're working to provide more solutions that help organizations maintain secure and compliant states across their evolving environments," said Dave Meltzer, chief technology officer of Tripwire. "Earlier this year, we announced support for AWS based on the Center for Internet Security AWS Foundations Benchmark. We've taken the initiative of putting together configuration recommendations for Azure and can offer a solution that customers can use today."

HyTrust Announces Enhanced Security Solutions for VMware Cloud Provider Program Partners

Grazed from HyTrust

HyTrust, a leader in workload security solutions, today made moves to broaden security and compliance offerings for VMware Cloud Provider Program Partners with further integration of HyTrust solutions and VMware vCloud Director (vCD). This enhanced offering builds on HyTrust's existing integration with NSX and vCenter with the ability to include discrete vCloud Director driven workload encryption for vCloud Director tenants. The solution utilizes Intel Xeon processors hardware-based security technologies to address the current needs of VMware Cloud Provider Program Partners who are committed to providing secure and regulatory compliant cloud offerings to their customers. Demonstrations of this technology will be exhibited at the VMworld 2017 Europe in Barcelona.

As customers move to public and hybrid cloud environments, VMware Cloud Provider Program Partners must ensure a level of data security that allows them to achieve scale efficiencies and to operate in today's round-the-clock business environment. HyTrust, leveraging Intel technology, delivers critical partner services through regulatory compliance automation, unplanned outage prevention, data breach prevention across clouds and the enablement of new partner revenue streams, such as: Data Sovereignty, Data Geo-Fencing-As-A-Service, and Compliant Cloud Services.

With the new VMware vCloud Director for Service Provider integration, HyTrust provides a level of security and trust that enables the following:

Private and Hybrid Cloud Enforcement

vArmour Exponentially Grows Patent Portfolio, Focusing on Application Policy and Automation

Grazed from vArmour

vArmour, the leading data center and cloud security company, today announced 12 additions to its growing patent portfolio issued by the U.S. Patent and Trademark Office, almost doubling its patent portfolio within a year. Newly awarded patents focus on policy and automation as services to secure the data center.

vArmour has exponentially increased its patent portfolio since 2015, having an additional 12 issued within the past year, taking the total patents issued to 25, plus 23 pending U.S. patents. The recently awarded and pending patents help security teams in defining and applying application policies to better secure data in multi-cloud environments.

Recent patent innovations allow business owners and their teams to define security policy based upon what's most important for business outcomes as opposed to system capabilities. The cost of security administration is drastically reduced through end-to-end automation, allowing the ability to respond in a predictable, predetermined manner to changing threat landscapes. Cloud-first digital organizations and those in highly regulated environments -- such as Financials, Critical Infrastructure and Healthcare -- would be best served with this modern approach to security. The unifying theme of these innovations is to securely enable business based upon the intent and needs of the application owner.