Cloud Security
Avanade | November 06, 2023
Avanade launches an AI-based platform, "Avanade Cloud Impact", to unlock up to 50% of cloud spend.
The platform generates insights on IT estate risks and opportunities by analyzing cloud consumption patterns.
Avanade offers a free cost optimization workshop to clients interested in adopting an AI-first approach.
Avanade, a leading Microsoft solutions provider, launches a new platform, ‘Avanade Cloud Impact’, designed to help businesses establish an AI-ready digital core and unlock funding for innovation. The platform uses AI and machine learning to analyze industry, business, and technical data sources, providing tailored modernization insights for companies on their cloud journey. It has already saved Avanade clients up to 50% of their cloud spend.
The platform works by analyzing cloud consumption patterns and comparing them with various data sources to generate insights on a wide range of risks and opportunities across an IT estate. These insights can include modernization recommendations and cost-benefit analyses. Avanade Cloud Impact can deliver information about data egress cost spikes, application redesign options, and achieve up to 50% cloud cost savings while quantifying sustainability benefits, all without the need to make any code changes.
Andrew Stahel, Regional Applications and Infrastructure Solution Area Lead, Avanade Australia, emphasized the importance of AI in today's business environment and the need for businesses to rethink what the cloud can do for them. He expressed excitement about the potential of the Avanade Cloud Impact platform to help Australian businesses harness the true potential of AI by strengthening their digital core.
Merrie Williamson, CVP, Azure Infrastructure, Digital and App Innovation, Microsoft, also expressed enthusiasm about the new platform and its ability to provide deep insights and recommendations that accelerate value for Azure customers.
While Avanade's new platform, ‘Avanade Cloud Impact’, promises to unlock up to 50% of a business's cloud spend and provide tailored modernization insights, it does come with potential drawbacks. The platform's effectiveness is heavily dependent on the quality and accuracy of the data it analyzes, and incorrect or incomplete data could lead to misleading insights. Additionally, there may be a learning curve associated with understanding and effectively utilizing the insights generated by the platform. Furthermore, the platform might not be suitable for all types of businesses, particularly those with unique or complex cloud consumption patterns.
However, the benefits of the platform are significant. It can lead to substantial cost savings and help businesses make informed decisions on their cloud journey. The use of AI and machine learning allows the platform to handle large amounts of data and provide comprehensive insights. Plus, Avanade offers a free introductory cost optimization workshop, providing additional support for businesses adopting an AI-first approach.
Read More
Cloud Security
Business Wire | November 03, 2023
Sysdig, the leader in cloud security powered by runtime insights, today released at SANS CyberFest 2023 the 5/5/5 Benchmark for Cloud Detection and Response, a new framework that outlines how quickly organizations should detect, triage, and respond to attacks in the cloud. Operating securely in the cloud requires a mindset shift in regard to time, and with that, cloud security programs need to hold themselves to a modernized benchmark: five seconds to detect, five minutes to correlate insights and understand what’s happening, and five additional minutes to respond. Recent findings by the Sysdig Threat Research Team published in the 2023 Global Cloud Threat Report note that, after discovering an exploitable target, malicious actors require less than 10 minutes to execute an attack.
Cloud attacks are swift and sophisticated, requiring robust threat detection and response programs that move at the speed of the cloud. On-premises attacks take 16 days on average and antiquated frameworks challenge security teams to respond to a breach within 60 minutes, which is simply insufficient for the cloud. Bad actors are exploiting the automation and scale of the cloud, along with new techniques, to accelerate all stages of an attack and inflict damage within minutes. The 5/5/5 Benchmark guides organizations to detect and respond to cloud attacks faster than adversaries can complete them.
The Challenge
Detect threats within five seconds.Organizations should be able to gather detection signals from their cloud security tools in real time to ensure visibility into ephemeral assets.
Correlate and triage within five minutes.Teams should be able to gather full context for all correlated signals within five minutes of receiving the first relevant alert.
Initiate a response within five minutes.Organizations should be able to initiate a tactical response within five minutes of confirming that an attack is in progress.
What people are saying
People are always looking for security metrics, especially when the industry evolves into new operating models. We have plenty of 'best practices,' but no real way to quantify cloud security agility — until now, said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig. The 5/5/5 Benchmark, built in partnership with our customers, industry analysts, and the Sysdig Threat Research Team, sets a new standard for operating securely in the cloud.
“As organizations move to the cloud, traditional on-premises security standards become outdated and too slow. In the cloud, both innovation and attacks happen quickly – companies need security tools, processes, and standards designed to operate at the speed of cloud-native environments,” said Phil Bues, Research Manager for IDC Cloud Security.
“I don’t want to know 15 minutes after someone breached my system. I need to know instantly so that we can shut it down before the blast radius expands,” said Kuldeep Tomar, Head of Information Security at India’s leading digital skill games company and 5/5/5 Benchmark Advisor. “To move at the necessary speed, you need to not only be alerted to the right things, but also respond appropriately. Having a benchmark gives us a goal to hold ourselves to.”
About Sysdig
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.
Read More
Cloud Security
IBM | November 08, 2023
The cloud-native SIEM enhances scalability, speed, and flexibility while leveraging AI for improved alert prioritization and response.
Cloud-native QRadar SIEM is built on an open foundation, supporting interoperability with multi-vendor tools and cloud platforms.
IBM plans to introduce generative AI capabilities in early 2024.
IBM introduced a significant transformation to its flagship IBM QRadar SIEM (Security Information and Event Management) product. The new QRadar SIEM is redesigned on a cloud-native architecture tailored for hybrid cloud environments, with a strong focus on scale, speed, and flexibility. This update aims to empower security teams by enabling AI and security analysts to work together efficiently.
In fact, SOC professionals get to less than half (49%) of the alerts that they're supposed to review within a typical workday, according to a recent global survey.
[Source- Cision PR Newswire]
The cloud-native QRadar SIEM builds upon the strong foundation of its predecessor, offering efficient data ingestion, rapid search capabilities, and analytics at scale. It is based on an open foundation and is part of the QRadar Suite, IBM's integrated threat detection and response software portfolio.
As hybrid cloud environments expand and evolve rapidly, the security challenges become increasingly complex. The growing attack surface makes it difficult for security professionals to identify true threats amid the noise, leading to delayed threat responses. The new cloud-native QRadar SIEM addresses these challenges by leveraging AI to manage repetitive tasks and streamline the detection and response process for high-priority security incidents.
Built on Red Hat OpenShift, QRadar SIEM is designed to be open at its core, allowing for deep interoperability with multi-vendor tools and cloud platforms. It supports common detection rules (SIGMA) to quickly integrate crowdsourced threat detections from the security community. Additionally, it offers federated search and threat-hunting capabilities across various data sources, enhancing threat investigation across cloud and on-premises environments.
IBM's cloud-native SIEM includes AI capabilities that automatically prioritize alerts, reduce noise, and provide context for high-priority alerts. It streamlines threat investigations by running federated searches, creating visual attack timelines, and suggesting recommended actions. It plans to introduce generative AI (GAI) capabilities for QRadar Suite in early 2024. These AI capabilities will automate tasks like report creation, threat detection, log data interpretation, and threat intelligence curation. GAI is expected to enhance the productivity of security analysts, allowing them to focus on higher-value tasks.
The investment in cloud-native SIEM and AI integration reflects its commitment to delivering next-generation security operations technology. These advancements are designed to simplify security operations, reduce complexity, and provide security teams with the tools to effectively address today's complex threat landscape. The new cloud-native QRadar SIEM will be available as SaaS in Q4 2023.
IBM is actively working on its AI and data platform, watsonx, to enable generative AI to support security teams in automating routine tasks, accelerating threat response, and simplifying threat investigations. This represents a significant step toward more efficient and effective security operations.
Read More