Cloud Security
PR Newswire | October 25, 2023
Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates.
Expanded Enterprise Multicloud Support
Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations.
We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration.
Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment.
"My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches."
In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances.
To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks.
Operationalized Risk Management with ServiceNow and Jira Integrations
It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities.
"With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently."
Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview.
About Lacework
Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.
Read More
Cloud Security
IBM | November 08, 2023
The cloud-native SIEM enhances scalability, speed, and flexibility while leveraging AI for improved alert prioritization and response.
Cloud-native QRadar SIEM is built on an open foundation, supporting interoperability with multi-vendor tools and cloud platforms.
IBM plans to introduce generative AI capabilities in early 2024.
IBM introduced a significant transformation to its flagship IBM QRadar SIEM (Security Information and Event Management) product. The new QRadar SIEM is redesigned on a cloud-native architecture tailored for hybrid cloud environments, with a strong focus on scale, speed, and flexibility. This update aims to empower security teams by enabling AI and security analysts to work together efficiently.
In fact, SOC professionals get to less than half (49%) of the alerts that they're supposed to review within a typical workday, according to a recent global survey.
[Source- Cision PR Newswire]
The cloud-native QRadar SIEM builds upon the strong foundation of its predecessor, offering efficient data ingestion, rapid search capabilities, and analytics at scale. It is based on an open foundation and is part of the QRadar Suite, IBM's integrated threat detection and response software portfolio.
As hybrid cloud environments expand and evolve rapidly, the security challenges become increasingly complex. The growing attack surface makes it difficult for security professionals to identify true threats amid the noise, leading to delayed threat responses. The new cloud-native QRadar SIEM addresses these challenges by leveraging AI to manage repetitive tasks and streamline the detection and response process for high-priority security incidents.
Built on Red Hat OpenShift, QRadar SIEM is designed to be open at its core, allowing for deep interoperability with multi-vendor tools and cloud platforms. It supports common detection rules (SIGMA) to quickly integrate crowdsourced threat detections from the security community. Additionally, it offers federated search and threat-hunting capabilities across various data sources, enhancing threat investigation across cloud and on-premises environments.
IBM's cloud-native SIEM includes AI capabilities that automatically prioritize alerts, reduce noise, and provide context for high-priority alerts. It streamlines threat investigations by running federated searches, creating visual attack timelines, and suggesting recommended actions. It plans to introduce generative AI (GAI) capabilities for QRadar Suite in early 2024. These AI capabilities will automate tasks like report creation, threat detection, log data interpretation, and threat intelligence curation. GAI is expected to enhance the productivity of security analysts, allowing them to focus on higher-value tasks.
The investment in cloud-native SIEM and AI integration reflects its commitment to delivering next-generation security operations technology. These advancements are designed to simplify security operations, reduce complexity, and provide security teams with the tools to effectively address today's complex threat landscape. The new cloud-native QRadar SIEM will be available as SaaS in Q4 2023.
IBM is actively working on its AI and data platform, watsonx, to enable generative AI to support security teams in automating routine tasks, accelerating threat response, and simplifying threat investigations. This represents a significant step toward more efficient and effective security operations.
Read More
VMware Cloud
Business Wire | October 26, 2023
VMware, Inc. (NYSE: VMW) today announced that VMware Cross-Cloud services are available to customers through the Oracle Cloud Marketplace. VMware customers can take advantage of Oracle Cloud Infrastructure (OCI) with VMware Cross-Cloud services to migrate and operate applications on OCI more efficiently, innovate faster, and improve resiliency.
Oracle Cloud Marketplace is a one-stop shop for Oracle customers seeking trusted business applications and services offering unique solutions, including ones that extend Oracle Fusion Cloud Applications.
VMware Cross-Cloud services is a family of multi-cloud services customers can use to build, run, and manage applications on OCI. Organizations can now use their existing Oracle Universal Credits to consume VMware Cross-Cloud services through private offers to modernize their mission-critical enterprise apps on OCI. For customers, this offers a quicker and painless path to the cloud. The following VMware Cross-Cloud services are available immediately in Oracle Cloud Marketplace:
VMware Tanzu: a modular application platform for developing, operating and optimizing modern apps on multi-cloud infrastructure. Tanzu offerings currently available in the marketplace include VMware Tanzu Mission Control Self-Managed, VMware Tanzu Kubernetes Grid and VMware Tanzu Application Service.
VMware Aria: a multi-cloud management portfolio that provides a set of end-to-end solutions for managing the cost, performance, configuration, and delivery of infrastructure and applications. Aria offerings currently available in the marketplace include VMware Aria Universal Suite and VMware Aria Operations for Networks.
VMware Site Recovery Manager (SRM): an on-demand disaster recovery-as-a-service solution that protects critical data and apps while delivering cloud flexibility and economics.
Today marks another step in the continued evolution of the VMware and Oracle partnership as together we help customers in their continued transition to the cloud, said Abhay Kumar, vice president, hyperscalers, and technology partners, VMware. Building on our announcement that Oracle Cloud VMware Solution is available to customers through our VMware Cloud Universal program, we are now making it easier for customers to accelerate app and cloud modernization initiatives using their existing, pre-approved IT budgets to purchase VMware Cross-Cloud services via the Oracle Cloud Marketplace.
“We are excited to expand our partnership with VMware by making their Cross-Cloud services available in the Oracle Cloud Marketplace,” said Chris Sullivan, vice president, Strategic Partnerships, Oracle. “Our continued collaboration underscores our shared commitment to delivering tremendous value to our customers by providing an even more comprehensive suite of VMware solutions. We look forward to the exciting possibilities that lie ahead.”
OCI is a deep and broad platform of cloud infrastructure services that enables customers to build and run a wide range of applications in a scalable, secure, highly available, and high-performance environment. From application development and business analytics to data management, integration, security, AI, and infrastructure services including Kubernetes and VMware, OCI delivers comprehensive security, performance, and cost savings. In addition, with multicloud, hybrid cloud, public cloud, and dedicated cloud options, OCI’s distributed cloud offers customers the benefits of cloud with greater control over data residency, locality, and authority, even across multiple clouds. As a result, customers can bring enterprise workloads to the cloud quickly and efficiently while meeting the strictest regulatory compliance requirements.
Read More