Debunking Cloud Container Security: 7 Troubles, 7 Triumphs

Debunking Cloud Container Security: 7 Troubles, 7 Triumphs
Learn about the challenges and successes of securing containers in the cloud with this article. Enhance container security by understanding the intricacies of vulnerabilities in cloud containers.
 

Contents

1. The Business Value of Securing Cloud Containers 2. Navigating the Challenges in Cloud Container Security 3. Addressing Container Security Challenges 4. The Future of Securing Cloud Containers

Cloud containers are one of the most popular technologies for developing and deploying cloud-native applications, with benefits like portability, scalability, efficiency, and agility. However, cloud container security poses many challenges as new attack vectors get introduced, increasing their complexity, and requiring different tools and processes.

The GitLab 2022 Global DevSecOps Survey reveals that only 64% of security professionals have a security plan for containers, and many DevOps teams still need a plan for other cutting-edge software technologies.

This article delves into the details of container security and debunks some common cloud security issues and solutions regarding cloud and container security. It shows how to overcome the most prevalent troubles and achieve the best practices for securing containerized workloads. Dive into the latest statistics and trends on cloud container security based on various reports and surveys from industry experts.

Whether just beginning or enhancing expertise in cloud container security, this article will dive into valuable insights and tips on improving security posture and protecting cloud assets from threats. The topics covered are:

  • How to deal with the high number of vulnerabilities in container images and prioritize the ones that matter most
  • How to cope with containers' short lifespan and dynamic nature and conduct container security monitoring and auditing effectively
  • How to secure the communication and network traffic between containers and other components, such as microservices, APIs, and serverless functions
  • How to implement a DevSecOps culture and strategy that integrates security into every stage of the container life cycle
  • How to leverage tools for cloud container security, such as Kubernetes, Docker, Sysdig, Red Hat, GitLab, and more

Learn about cloud container security’s state, challenges, opportunities, best practices, and solutions. It will aid in benchmarking the organization's cloud container security against standard parameters.

According to the Expert Insights 2023 Cloud Security Stats Report, 45% of breaches are cloud-based, and 96% of organizations have experienced significant cloud security challenges when implementing their strategy.

This underscores the significance of cloud-native security and container security for business applications.
 

1. The Business Value of Securing Cloud Containers

Cloud container security involves implementing mechanisms and processes to protect containerized applications and workloads in the cloud. Containers are lightweight application code packages and dependencies that can run on any cloud platform. They offer several benefits for businesses, such as:

1.1 Faster and More Efficient Software Deployment

Containers enable developers to create, test, and deploy applications faster and more reliably, as they can run the same code on different cloud environments without compatibility issues.

1.2 Smaller Attack Surface

Containers isolate applications from each other and the host operating system, reducing the risk of compromise and lateral movement. Containers also have a shorter lifespan than virtual machines, limiting exposure to persistent threats.

1.3 Less Configuration Drift

Containers are immutable, meaning they do not change after they are created. This ensures consistency and reproducibility across different cloud platforms and prevents configuration errors that could lead to security vulnerabilities.
 

2. Navigating the Challenges in Cloud Container Security

Container security is a major concern for many companies and presents several challenges. Some of the challenges include a lack of visibility, expertise, governance, input, and standardization.

There are four generalized use cases that should cover security requirements within the host-container threat landscape:

  • Protecting a container from applications inside it
  • Inter-container protection,
  • Protecting the host from containers, and
  • Protecting containers from a malicious or semi-honest host

The first three use cases utilize software-based solutions that mainly rely on Linux kernel features and Linux security modules, while the last use case relies on hardware-based solutions such as trusted platform modules and trusted platform support. Create robust container security by identifying the pitfalls and challenges, such as:

2.1 Lack of Visibility

Activities inside the container are primarily invisible to security teams, making it difficult to monitor which containers are running, what they are running, or flag network behavior. This means that security teams cannot see what is happening inside the container, such as which processes are running, which files are accessed, or which network connections are established. This makes it hard to detect and prevent malicious activities or unauthorized changes.

2.2 Insecure Images

Containers are built using either a parent or base image, which may contain vulnerabilities that attackers can exploit. These files contain the code and dependencies for creating and running a container. These images may introduce security risks to the container environment if they are not verified or scanned for vulnerabilities. For example, an attacker may compromise an image and insert malicious code or backdoors.

2.3 Privileged Containers

Containers with privileged flags can pose a security risk as they can access sensitive information and system resources. These are containers that have more permissions and access rights than regular containers. They can perform actions that affect the host system or other containers, such as mounting devices, modifying files, or changing network settings. This can be dangerous if the container is compromised or misconfigured, as it may allow an attacker to escalate privileges and cause more damage.

2.4 Unrestricted Communication among Containers

Containers not adequately isolated from one another can communicate freely, potentially allowing attackers to move laterally throughout the container environment. This means that containers can communicate with each other without any restrictions or controls. This can create a large attack surface and allow an attacker to move laterally from one container to another, spreading malware or stealing data. It can also expose sensitive information or services to unauthorized or malicious containers.

2.5 Running Malicious and Rogue Processes in Containers

Attackers may be able to run malicious processes within containers, compromising the security of the entire system. These processes are not supposed to run in a container because they are malicious or unauthorized. They may be injected by an attacker who exploits a vulnerability in the container or the host system or spawned by a legitimate process that is compromised or misbehaving. These processes can consume resources, disrupt operations, or perform malicious actions.

2.6 Misconfigured Containers

Some developers often have a ‘set and forget’ mentality, and there might be default insecure configurations they are not aware of. Containers are often deployed with default or insecure configurations, leaving them vulnerable to attacks. For example, a container may be configured to run with excessive privileges or have weak authentication or encryption settings. Attackers can exploit these misconfigurations to gain unauthorized access or perform malicious actions.

2.7 Vulnerabilities in Container Infrastructure

The Sysdig 2023 Cloud-Native Security and Usage Report shows that 87% of container images have high or critical vulnerabilities, and 54% live for fewer than five minutes.

A container infrastructure stack typically consists of application code, configurations, libraries, and packages built into a container image running inside a container on the host operating system kernel via a container runtime. Vulnerabilities in any of these components can compromise the security of the entire container environment. For example, an attacker may exploit a vulnerability in the container runtime to escape the container and gain access to the host system.
 

3. Addressing Container Security Challenges

Prioritizing overcoming cloud container security challenges helps fortify container security and create robust business continuity. Here are some of the best solutions to help mitigate them:

3.1 Visibility

Monitor and audit container activities with tools such as network connections, file accesses, and process executions. Implement monitoring and logging mechanisms to detect and respond to suspicious or anomalous events. Scan and inventory container images and configurations with tools to identify vulnerabilities and misconfigurations.

Effectively prioritizing the vulnerabilities is easy by following a risk-based approach by tracking parameters such as CVE severity, CVSS score, and CVE exploitability and actively running vulnerable workloads. Another system is to follow a three-step process to create secure container images:

  • Securing code and its dependencies
  • Building up a minimal base image from a trusted source
  • Managing the tools and packages added to container images throughout the development lifecycle


3.2 Secure Images

Use trusted and verified sources, such as official repositories or registries, to obtain container images. Scan container images regularly for vulnerabilities and patch them as soon as possible. Enforce policies and prevent unauthorized or untrusted images from running in the container environment with the help of cloud security management tools.

3.3 Least Privileged Containers

Follow the principle of least privilege and run containers with the minimum permissions and access rights required for their functionality. Avoid running containers as root or with privileged flags unless necessary. Restrict or limit the capabilities of containers and isolate them from the host system and other containers using tools.

3.4 Encrypt Container Communication

Implement network segmentation and isolation for containers, such as firewalls, network policies, or service meshes. Define and enforce rules for allowing or denying communication between containers based on their roles, functions, or labels. Encrypt network traffic between containers using protocols such as TLS or HTTPS.

3.5 Prevent Malicious and Rogue Processes in Containers

Detect and block malicious processes from running in containers using tools such as antivirus, anti-malware, or intrusion prevention systems. Perform behavioral analysis and anomaly detection with tools to identify rogue strategies deviating from standard patterns. Sandbox or quarantine containers that are compromised or infected with the help of appropriate tools.

3.6 Automated Container Configuration

Check and validate container configurations against security best practices and standards, such as CIS benchmarks or NIST guidelines, with tools such as Puppet. These automate container configuration management and enforcement, such as configuration management systems or policy engines. Other tools, such as PingSafe, Datadog Cloud SIEM, Anchore, and Sophos Cloud Native Security, provide feedback and recommendations for improving container security posture, such as security scanners or scorecards.

3.7 Vulnerabilities in Container Infrastructure

Utilize tools such as Snyk that can scan and patch the components of the container infrastructure stack, such as the application code, libraries, packages, container runtime, kernel, and host operating system. Isolate or protect the container infrastructure from external attacks with tools such as encryption, authentication, authorization, or encryption at rest or in transit. Update or replace the container infrastructure components with tools without disrupting the application functionality, such as rolling updates or blue-green deployments. These minimize downtime and allow for easy rollback.
 

4. The Future of Securing Cloud Containers

Securing cloud containers has become a top priority for cloud-native applications. Cloud security trends  aim to leverage it to safeguard cloud containers effectively.

  • Containers are highly portable code execution environments that rely on a shared kernel, which poses some security challenges and complexities.
  • Blockchain, data loss prevention, and data classification are some of the trends that will define the future of cloud security.
  • Security teams need solutions that enable, rather than hinder, the entire lifecycle of containers and Kubernetes, from building to deploying to running.
  • To ensure the safety and protection of sensitive data, security solutions should integrate seamlessly into existing development workflows and support role-based access controls, transparency, and accountability.
  • In order to maintain the highest level of security, security solutions should also provide scanning for vulnerabilities, applying security policies, and container security monitoring for anomalies in container environments.

While securing cloud container environments can be challenging at times, tools and technologies offer security teams enhanced protection. In essence, the future of securing containers and Kubernetes in 2023 and beyond is extremely bright. The cloud-native landscape increasingly relies on containers to build, deploy, and run production-ready workloads. This raises the need for security teams to work with cloud container security solutions that enable, rather than hinder, their full lifecycles.

Spotlight

Collibra

Since 2008, Collibra has been uniting organizations by delivering trusted data for every use, for every user, and across every source. Our Data Intelligence Cloud brings flexible governance, continuous quality and built-in privacy to all types of data.

OTHER ARTICLES
Cloud App Development, Cloud Security, Cloud App Management

What Is Cloud-Native and Why Does it Matter for CI

Article | June 21, 2023

Continuous intelligence (CI) relies on the real-time analysis of streaming data to produce actionable insights in milliseconds to seconds. Such capabilities have applications throughout a business. In today’s dynamic marketplace, new CI applications that use data from various sources at any given time might be needed on very short notice.The challenge is how to have the flexibility to rapidly develop and deploy new CI applications to meet fast-changing business requirements. A common approach employed today is to use a dynamic architecture that delivers access to data, processing power, and analytics capabilities on demand. In the future, solutions also will likely incorporate artificial intelligence applications to complement the benefits of traditional analytics. Increasingly, cloud-native is the architecture of choice to build and deploy AI-embedded CI applications. A cloud-native approach offers benefits to both the business and developers. Cloud-native applications or services are loosely coupled with explicitly described dependencies.

Read More
Cloud Security, Cloud App Management, Cloud Infrastructure Management

Why Microsoft Should Spinoff Its Cloud Business

Article | August 8, 2023

Microsoft currently features old-school solutions that are growing relatively slowly (Office and Windows) and new cloud solutions that are growing tremendously (Dynamics 365 and Azure). If the company stays in its current form, Microsoft stock will keep steadily advancing. But because the company’s total top and bottom lines are never going to increase much more than 30% or 35% per year, the shares are never going to deliver truly huge returns. But that would change if the company was to spin off its rapidly growing cloud businesses. In such a scenario, the current owners of Microsoft stock would receive shares in a cutting edge cloud services company (let’s call it Azure), and shares in a company focused on providing old, mostly PC-based software to businesses and consumers.

Read More
Cloud App Development, Cloud Security, Cloud App Management

Intelligence Giant Upgrading its Cloud Technology

Article | July 31, 2023

With the huge amounts of data in all fields, a future in the cloud is imperative to help deal with this explosion of data, especially in the field of intelligence technology. This is the reason why the US Central Intelligence Agency is updating its cloud technology. The agency has recently released a draft request for proposal for its Commercial Cloud Enterprise contract.The C2E tens of billions contract will be a multi-award commercial cloud computing contract with a five-year base period and two five-year options for a period of performance of up to 15 years, according to nextgov.com.In a March 2019 presentation by the Directorate of Digital Innovation, a division of the CIA, the department outlined its vision for C2E. It would be broad and include infrastructure, platform and software cloud services supporting a broad range of users, with a variety of security clearances and a worldwide presence, as reported by techcrunch.com. The principal C2E Program objective is to acquire cloud computing services directly from commercial cloud service providers with established records for innovation and operational excellence in cloud service delivery for a large customer base,the department stated in the presentation.Apparently, the agency prefers to avoid all the attention that the Pentagon’s JEDI cloud procurement process got, and quietly go about its business.

Read More

AWS tags US$235 million to expand its cloud infrastructure in Latin America

Article | February 10, 2020

Amazon Web Services (AWS) is raising its stake on cloud computing infrastructure in Latin America. Proof of this is that the IT company will use R$1 billion (around US$235 million) to expand its data center in Sao Paulo. These millions will be used for its Data Processing Center located in that part of Brazil. In addition, a portion of these US$235 million will also be used to increase the services it offers to both public and private parties.The move gives reason to suggest that AWS is upping the ante in the future of startups and tech in the region that rely on cloud services to develop their own products.It launched its cloud center in Brazil in 2011 but it’ll be getting some beefing up thanks to these funds. Moreover, AWS has two Edge networks in São Paulo and two in Rio de Janeiro. As well as one in each of the following cities: Bogotá (Colombia), Buenos Aires (Argentina), and Santiago (Chile).The objective of all of this is to be the region’s prime provider of cloud infrastructure and beat out its competition AKA, Google Cloud Platform and Microsoft’s Azure.

Read More

Spotlight

Collibra

Since 2008, Collibra has been uniting organizations by delivering trusted data for every use, for every user, and across every source. Our Data Intelligence Cloud brings flexible governance, continuous quality and built-in privacy to all types of data.

Related News

Cloud App Management

Spectro Cloud Releases its ‘State of Production Kubernetes’ Report

Spectro Cloud | November 07, 2023

Spectro Cloud has unveiled its third annual ‘State of Production Kubernetes’ report, providing unique insights into the highly dynamic Kubernetes industry. The report, based on a comprehensive survey of 333 Kubernetes practitioners and decision-makers, reveals key trends and challenges facing the industry. The research highlights that operations teams are grappling with increasing complexity as their Kubernetes environments expand. A significant 56% of businesses have more than 10 Kubernetes clusters, and 69% run Kubernetes in multiple clouds or other environments. Furthermore, 75% report issues affecting the running of their clusters, an increase from 66% in 2022. The report also underscores the need for greater support for application developers. Despite the rise of platform engineering, 82% of operations teams struggle to provide developers with access to tailored clusters. Additionally, 37% report inconsistencies between development, staging, and production environments. The study also points to application modernization as a pressing issue for cloud-native organizations. While all interviewees reported a ‘container first’ approach, they agreed that virtual machines (VMs) are here to stay. A significant 85% are migrating existing VM workloads to Kubernetes, and 86% aim to unify containerized and VM workloads on a single infrastructure platform. The Spectro Cloud's report reveals challenges in Kubernetes, with 75% of operations teams facing issues with cluster management and 82% struggling to provide developers with tailored clusters. The report also highlights the persistence of VMs and security, compliance, and cost issues in edge computing. However, it also shows a growing trend towards Kubernetes, with a majority of businesses operating multiple clusters across various environments. The rise of platform engineering, migration of VM workloads to Kubernetes, and increasing adoption of Kubernetes in edge computing environments suggest a shift towards modernization and promising advancements. Finally, the report indicates that edge computing is gaining momentum, with 49% actively piloting or using Kubernetes in edge computing environments. AI is a key driver for edge adoption, with investment expected to improve business processes and enable new connected solutions. However, significant challenges remain, particularly around security, compliance, and the costs of field engineering. Spectro Cloud's third annual ‘State of Kubernetes’ report highlights these trends and challenges. The report aims to inspire new dialogue in the industry, particularly at events like KubeCon. The report is available for download and will be discussed in a webinar on November 30. About Spectro Cloud Spectro Cloud is a leading provider of Kubernetes management solutions. Its comprehensive platform allows organizations to manage the full lifecycle of diverse Kubernetes environments, whether small or large, new or existing, simple or complex, in data centers or the cloud. The company's unique approach offers IT teams complete control and visibility, enabling them to provide developers with flexible Kubernetes stacks and tools tailored to their specific needs, all while ensuring granular governance and enterprise-grade security.

Read More

Cloud Security

Darktrace Unveils New Cloud-Native Security Solution Using AI to Provide Real-Time Cyber Resilience for Cloud Environments

PR Newswire | October 30, 2023

Darktrace, a global leader in cyber security AI, today unveiled a new Darktrace/Cloud solution based on its unique Self-Learning AI. The new solution provides comprehensive visibility of cloud architectures, real-time cloud-native threat detection and response, and prioritized recommendations and actions to help security teams manage misconfigurations and strengthen compliance. When combined with insight from Darktrace solutions for network, email, apps, zero trust and endpoint, Darktrace/Cloud provides a deeper, contextualized understanding of the risks and threats currently facing an organization's digital estate. According to a recent report, "Gartner anticipates over 99 percent of cloud breaches will be based on a customer error, account takeover or misconfiguration until 2027". Cloud environments are constantly evolving so security professionals need to increase the level of visibility while keeping up with changing compliance, risk and security requirements. The rise of cloud-native technologies including containers, Kubernetes and microservices also require new tools and techniques for detecting and responding to known and novel threats. Unlike static cloud security tools that provide snapshots of a specific point in time, Darktrace/Cloud is real-time, all the time. Our Self-Learning AI continuously learns patterns between workloads, assets, policy configurations and identities to provide a dynamic view of cloud architectures. We analyze the entire cloud stack from data to control plane, combining an understanding of architecture and network with a new flexible, scalable deployment model, said Jack Stockdale, Chief Technology Officer, Darktrace. Our innovative approach to cloud security is built on more than a decade of leadership in Cyber AI that is already protecting our customers' critical business areas from network and email to operational technology. Available today, the new capabilities in Darktrace/Cloud include: Comprehensive visibility and architecture modelingfor insights into the constantly changing nature of cloud environments. This visibility is constructed dynamically from configuration, network, users and identity and access management (IAM) data. Darktrace establishes patterns of life for cloud resources, identities, and services to understand who has access to what and how. This is critical for detecting anomalies and unknown threats. Universal attack path modelingprovides a dynamic view of where attackers may look to move next. Darktrace brings together real-time cloud data and a deep understanding of your cloud environment with a platform approach that provides insights about risks from other covered areas of the business (e.g., network, email) to highlight potential attack paths and prioritize important assets to secure. Unique real-time and cloud-native threat detection and responsethat provides a dynamic view of known and novel threats within the cloud. Darktrace combines deep cloud attack path knowledge with real-time anomaly and threat detection through cloud-native autonomous response actions, such as detaching a policy from a user or removing a workload from a security group. Prioritized cloud posture managementthat starts by examining cloud configurations against common compliance frameworks. Where misconfigurations are detected, Darktrace provides a prioritized view of what to fix first, based on a risk profile generated from security and business context. Guided steps can be provided to help teams proactively address these before they become a significant issue. Cost discoveryto provide a better understanding of cloud resource allocation. This helps teams contextualize their cloud resources according to security and business priorities. Communication and collaboration capabilitiesto streamline workflows between security teams and DevOps teams. Tickets can be created on demand, teams can communicate directly via messaging platforms, and alerts and anomaly detections can be sent to Security Information & Event Management (SIEM) or Security Orchestration, Automation and Response (SOAR) products and the Darktrace Mobile app so they can be alerted on the go. Flexible deployment optionsinclude an agentless deployment by default so organizations can be up and running in minutes. Teams can use the dynamic architectural view and risk context to decide where to deploy agents for enhanced real-time actions and deeper inspection. Sykes Cottages, a cloud-native travel agency platform in the UK, has experienced significant growth in the last five years and has relied on the cloud to help them scale throughout this period. "When it comes to cybersecurity, having visibility and an understanding of what you've got and your risks is critical. If I don't know it's there, I can't protect it," said Jonny Mattey, Head of Cybersecurity, Sykes Cottages. "Having a holistic, live view of our cloud environment enables us to work pragmatically and use AI to cut down management time so that we can address security risks and improve our resilience." The new Darktrace/Cloud solution is now available on Amazon Web Services (AWS) through the AWS Marketplace, a curated digital catalog that makes it easy for customers to find, buy, deploy, and manage the third-party software they need to build solutions and run their business. Darktrace and AWS have been collaborating since 2017 to help organizations secure their AWS environments. Darktrace protects AWS environments for organizations around the world including Sunwest Bank and ProPhase Labs. Darktrace is an AWS Security Competency Partner and is part of the AWS ISV Accelerate program. "Security is job zero at AWS," said Paddy Fitzpatrick, Director – Independent Software Vendors, UK & Ireland at Amazon Web Services. "As the threat landscape continues to evolve, the availability of AI-based tools like Darktrace/Cloud on the AWS Marketplace will help customers to gain increased visibility, and respond more effectively to security risks and threats." Darktrace first extended its Cyber AI capabilities to cloud environments in 2016, applying its world class algorithms to granular network traffic. Darktrace/Cloud was recently named Cloud Security Product of the Year for Large Enterprises by Computing Magazine in its 2023 Cloud Excellence Awards. ABOUT DARKTRACE Darktrace (DARK.L), a global leader in cyber security artificial intelligence, is on a mission to free the world of cyber disruption. Breakthrough innovations in our Cyber AI Research Center in Cambridge, UK have resulted in over 160 patents filed and research published to contribute to the cyber security community. Rather than study attacks, Darktrace's technology continuously learns and updates its knowledge of 'you' and applies that understanding to optimize your state of optimal cyber security. Darktrace is delivering the first ever Cyber AI Loop, fueling a continuous end-to-end security capability that can autonomously spot and respond to novel in-progress threats within seconds. Darktrace employs over 2,200 people around the world and protects approximately 8,900 customers globally from advanced cyber threats. Darktrace was named one of TIME magazine's 'Most Influential Companies' in 2021. To learn more, visit http://www.darktrace.com.

Read More

Cloud Security

Avanade Releases Avanade Cloud Impact to Save Up to 50% on Cloud Costs

Avanade | November 06, 2023

Avanade launches an AI-based platform, "Avanade Cloud Impact", to unlock up to 50% of cloud spend. The platform generates insights on IT estate risks and opportunities by analyzing cloud consumption patterns. Avanade offers a free cost optimization workshop to clients interested in adopting an AI-first approach. Avanade, a leading Microsoft solutions provider, launches a new platform, ‘Avanade Cloud Impact’, designed to help businesses establish an AI-ready digital core and unlock funding for innovation. The platform uses AI and machine learning to analyze industry, business, and technical data sources, providing tailored modernization insights for companies on their cloud journey. It has already saved Avanade clients up to 50% of their cloud spend. The platform works by analyzing cloud consumption patterns and comparing them with various data sources to generate insights on a wide range of risks and opportunities across an IT estate. These insights can include modernization recommendations and cost-benefit analyses. Avanade Cloud Impact can deliver information about data egress cost spikes, application redesign options, and achieve up to 50% cloud cost savings while quantifying sustainability benefits, all without the need to make any code changes. Andrew Stahel, Regional Applications and Infrastructure Solution Area Lead, Avanade Australia, emphasized the importance of AI in today's business environment and the need for businesses to rethink what the cloud can do for them. He expressed excitement about the potential of the Avanade Cloud Impact platform to help Australian businesses harness the true potential of AI by strengthening their digital core. Merrie Williamson, CVP, Azure Infrastructure, Digital and App Innovation, Microsoft, also expressed enthusiasm about the new platform and its ability to provide deep insights and recommendations that accelerate value for Azure customers. While Avanade's new platform, ‘Avanade Cloud Impact’, promises to unlock up to 50% of a business's cloud spend and provide tailored modernization insights, it does come with potential drawbacks. The platform's effectiveness is heavily dependent on the quality and accuracy of the data it analyzes, and incorrect or incomplete data could lead to misleading insights. Additionally, there may be a learning curve associated with understanding and effectively utilizing the insights generated by the platform. Furthermore, the platform might not be suitable for all types of businesses, particularly those with unique or complex cloud consumption patterns. However, the benefits of the platform are significant. It can lead to substantial cost savings and help businesses make informed decisions on their cloud journey. The use of AI and machine learning allows the platform to handle large amounts of data and provide comprehensive insights. Plus, Avanade offers a free introductory cost optimization workshop, providing additional support for businesses adopting an AI-first approach.

Read More

Cloud App Management

Spectro Cloud Releases its ‘State of Production Kubernetes’ Report

Spectro Cloud | November 07, 2023

Spectro Cloud has unveiled its third annual ‘State of Production Kubernetes’ report, providing unique insights into the highly dynamic Kubernetes industry. The report, based on a comprehensive survey of 333 Kubernetes practitioners and decision-makers, reveals key trends and challenges facing the industry. The research highlights that operations teams are grappling with increasing complexity as their Kubernetes environments expand. A significant 56% of businesses have more than 10 Kubernetes clusters, and 69% run Kubernetes in multiple clouds or other environments. Furthermore, 75% report issues affecting the running of their clusters, an increase from 66% in 2022. The report also underscores the need for greater support for application developers. Despite the rise of platform engineering, 82% of operations teams struggle to provide developers with access to tailored clusters. Additionally, 37% report inconsistencies between development, staging, and production environments. The study also points to application modernization as a pressing issue for cloud-native organizations. While all interviewees reported a ‘container first’ approach, they agreed that virtual machines (VMs) are here to stay. A significant 85% are migrating existing VM workloads to Kubernetes, and 86% aim to unify containerized and VM workloads on a single infrastructure platform. The Spectro Cloud's report reveals challenges in Kubernetes, with 75% of operations teams facing issues with cluster management and 82% struggling to provide developers with tailored clusters. The report also highlights the persistence of VMs and security, compliance, and cost issues in edge computing. However, it also shows a growing trend towards Kubernetes, with a majority of businesses operating multiple clusters across various environments. The rise of platform engineering, migration of VM workloads to Kubernetes, and increasing adoption of Kubernetes in edge computing environments suggest a shift towards modernization and promising advancements. Finally, the report indicates that edge computing is gaining momentum, with 49% actively piloting or using Kubernetes in edge computing environments. AI is a key driver for edge adoption, with investment expected to improve business processes and enable new connected solutions. However, significant challenges remain, particularly around security, compliance, and the costs of field engineering. Spectro Cloud's third annual ‘State of Kubernetes’ report highlights these trends and challenges. The report aims to inspire new dialogue in the industry, particularly at events like KubeCon. The report is available for download and will be discussed in a webinar on November 30. About Spectro Cloud Spectro Cloud is a leading provider of Kubernetes management solutions. Its comprehensive platform allows organizations to manage the full lifecycle of diverse Kubernetes environments, whether small or large, new or existing, simple or complex, in data centers or the cloud. The company's unique approach offers IT teams complete control and visibility, enabling them to provide developers with flexible Kubernetes stacks and tools tailored to their specific needs, all while ensuring granular governance and enterprise-grade security.

Read More

Cloud Security

Darktrace Unveils New Cloud-Native Security Solution Using AI to Provide Real-Time Cyber Resilience for Cloud Environments

PR Newswire | October 30, 2023

Darktrace, a global leader in cyber security AI, today unveiled a new Darktrace/Cloud solution based on its unique Self-Learning AI. The new solution provides comprehensive visibility of cloud architectures, real-time cloud-native threat detection and response, and prioritized recommendations and actions to help security teams manage misconfigurations and strengthen compliance. When combined with insight from Darktrace solutions for network, email, apps, zero trust and endpoint, Darktrace/Cloud provides a deeper, contextualized understanding of the risks and threats currently facing an organization's digital estate. According to a recent report, "Gartner anticipates over 99 percent of cloud breaches will be based on a customer error, account takeover or misconfiguration until 2027". Cloud environments are constantly evolving so security professionals need to increase the level of visibility while keeping up with changing compliance, risk and security requirements. The rise of cloud-native technologies including containers, Kubernetes and microservices also require new tools and techniques for detecting and responding to known and novel threats. Unlike static cloud security tools that provide snapshots of a specific point in time, Darktrace/Cloud is real-time, all the time. Our Self-Learning AI continuously learns patterns between workloads, assets, policy configurations and identities to provide a dynamic view of cloud architectures. We analyze the entire cloud stack from data to control plane, combining an understanding of architecture and network with a new flexible, scalable deployment model, said Jack Stockdale, Chief Technology Officer, Darktrace. Our innovative approach to cloud security is built on more than a decade of leadership in Cyber AI that is already protecting our customers' critical business areas from network and email to operational technology. Available today, the new capabilities in Darktrace/Cloud include: Comprehensive visibility and architecture modelingfor insights into the constantly changing nature of cloud environments. This visibility is constructed dynamically from configuration, network, users and identity and access management (IAM) data. Darktrace establishes patterns of life for cloud resources, identities, and services to understand who has access to what and how. This is critical for detecting anomalies and unknown threats. Universal attack path modelingprovides a dynamic view of where attackers may look to move next. Darktrace brings together real-time cloud data and a deep understanding of your cloud environment with a platform approach that provides insights about risks from other covered areas of the business (e.g., network, email) to highlight potential attack paths and prioritize important assets to secure. Unique real-time and cloud-native threat detection and responsethat provides a dynamic view of known and novel threats within the cloud. Darktrace combines deep cloud attack path knowledge with real-time anomaly and threat detection through cloud-native autonomous response actions, such as detaching a policy from a user or removing a workload from a security group. Prioritized cloud posture managementthat starts by examining cloud configurations against common compliance frameworks. Where misconfigurations are detected, Darktrace provides a prioritized view of what to fix first, based on a risk profile generated from security and business context. Guided steps can be provided to help teams proactively address these before they become a significant issue. Cost discoveryto provide a better understanding of cloud resource allocation. This helps teams contextualize their cloud resources according to security and business priorities. Communication and collaboration capabilitiesto streamline workflows between security teams and DevOps teams. Tickets can be created on demand, teams can communicate directly via messaging platforms, and alerts and anomaly detections can be sent to Security Information & Event Management (SIEM) or Security Orchestration, Automation and Response (SOAR) products and the Darktrace Mobile app so they can be alerted on the go. Flexible deployment optionsinclude an agentless deployment by default so organizations can be up and running in minutes. Teams can use the dynamic architectural view and risk context to decide where to deploy agents for enhanced real-time actions and deeper inspection. Sykes Cottages, a cloud-native travel agency platform in the UK, has experienced significant growth in the last five years and has relied on the cloud to help them scale throughout this period. "When it comes to cybersecurity, having visibility and an understanding of what you've got and your risks is critical. If I don't know it's there, I can't protect it," said Jonny Mattey, Head of Cybersecurity, Sykes Cottages. "Having a holistic, live view of our cloud environment enables us to work pragmatically and use AI to cut down management time so that we can address security risks and improve our resilience." The new Darktrace/Cloud solution is now available on Amazon Web Services (AWS) through the AWS Marketplace, a curated digital catalog that makes it easy for customers to find, buy, deploy, and manage the third-party software they need to build solutions and run their business. Darktrace and AWS have been collaborating since 2017 to help organizations secure their AWS environments. Darktrace protects AWS environments for organizations around the world including Sunwest Bank and ProPhase Labs. Darktrace is an AWS Security Competency Partner and is part of the AWS ISV Accelerate program. "Security is job zero at AWS," said Paddy Fitzpatrick, Director – Independent Software Vendors, UK & Ireland at Amazon Web Services. "As the threat landscape continues to evolve, the availability of AI-based tools like Darktrace/Cloud on the AWS Marketplace will help customers to gain increased visibility, and respond more effectively to security risks and threats." Darktrace first extended its Cyber AI capabilities to cloud environments in 2016, applying its world class algorithms to granular network traffic. Darktrace/Cloud was recently named Cloud Security Product of the Year for Large Enterprises by Computing Magazine in its 2023 Cloud Excellence Awards. ABOUT DARKTRACE Darktrace (DARK.L), a global leader in cyber security artificial intelligence, is on a mission to free the world of cyber disruption. Breakthrough innovations in our Cyber AI Research Center in Cambridge, UK have resulted in over 160 patents filed and research published to contribute to the cyber security community. Rather than study attacks, Darktrace's technology continuously learns and updates its knowledge of 'you' and applies that understanding to optimize your state of optimal cyber security. Darktrace is delivering the first ever Cyber AI Loop, fueling a continuous end-to-end security capability that can autonomously spot and respond to novel in-progress threats within seconds. Darktrace employs over 2,200 people around the world and protects approximately 8,900 customers globally from advanced cyber threats. Darktrace was named one of TIME magazine's 'Most Influential Companies' in 2021. To learn more, visit http://www.darktrace.com.

Read More

Cloud Security

Avanade Releases Avanade Cloud Impact to Save Up to 50% on Cloud Costs

Avanade | November 06, 2023

Avanade launches an AI-based platform, "Avanade Cloud Impact", to unlock up to 50% of cloud spend. The platform generates insights on IT estate risks and opportunities by analyzing cloud consumption patterns. Avanade offers a free cost optimization workshop to clients interested in adopting an AI-first approach. Avanade, a leading Microsoft solutions provider, launches a new platform, ‘Avanade Cloud Impact’, designed to help businesses establish an AI-ready digital core and unlock funding for innovation. The platform uses AI and machine learning to analyze industry, business, and technical data sources, providing tailored modernization insights for companies on their cloud journey. It has already saved Avanade clients up to 50% of their cloud spend. The platform works by analyzing cloud consumption patterns and comparing them with various data sources to generate insights on a wide range of risks and opportunities across an IT estate. These insights can include modernization recommendations and cost-benefit analyses. Avanade Cloud Impact can deliver information about data egress cost spikes, application redesign options, and achieve up to 50% cloud cost savings while quantifying sustainability benefits, all without the need to make any code changes. Andrew Stahel, Regional Applications and Infrastructure Solution Area Lead, Avanade Australia, emphasized the importance of AI in today's business environment and the need for businesses to rethink what the cloud can do for them. He expressed excitement about the potential of the Avanade Cloud Impact platform to help Australian businesses harness the true potential of AI by strengthening their digital core. Merrie Williamson, CVP, Azure Infrastructure, Digital and App Innovation, Microsoft, also expressed enthusiasm about the new platform and its ability to provide deep insights and recommendations that accelerate value for Azure customers. While Avanade's new platform, ‘Avanade Cloud Impact’, promises to unlock up to 50% of a business's cloud spend and provide tailored modernization insights, it does come with potential drawbacks. The platform's effectiveness is heavily dependent on the quality and accuracy of the data it analyzes, and incorrect or incomplete data could lead to misleading insights. Additionally, there may be a learning curve associated with understanding and effectively utilizing the insights generated by the platform. Furthermore, the platform might not be suitable for all types of businesses, particularly those with unique or complex cloud consumption patterns. However, the benefits of the platform are significant. It can lead to substantial cost savings and help businesses make informed decisions on their cloud journey. The use of AI and machine learning allows the platform to handle large amounts of data and provide comprehensive insights. Plus, Avanade offers a free introductory cost optimization workshop, providing additional support for businesses adopting an AI-first approach.

Read More

Events