Cloud Security
IBM | November 08, 2023
The cloud-native SIEM enhances scalability, speed, and flexibility while leveraging AI for improved alert prioritization and response.
Cloud-native QRadar SIEM is built on an open foundation, supporting interoperability with multi-vendor tools and cloud platforms.
IBM plans to introduce generative AI capabilities in early 2024.
IBM introduced a significant transformation to its flagship IBM QRadar SIEM (Security Information and Event Management) product. The new QRadar SIEM is redesigned on a cloud-native architecture tailored for hybrid cloud environments, with a strong focus on scale, speed, and flexibility. This update aims to empower security teams by enabling AI and security analysts to work together efficiently.
In fact, SOC professionals get to less than half (49%) of the alerts that they're supposed to review within a typical workday, according to a recent global survey.
[Source- Cision PR Newswire]
The cloud-native QRadar SIEM builds upon the strong foundation of its predecessor, offering efficient data ingestion, rapid search capabilities, and analytics at scale. It is based on an open foundation and is part of the QRadar Suite, IBM's integrated threat detection and response software portfolio.
As hybrid cloud environments expand and evolve rapidly, the security challenges become increasingly complex. The growing attack surface makes it difficult for security professionals to identify true threats amid the noise, leading to delayed threat responses. The new cloud-native QRadar SIEM addresses these challenges by leveraging AI to manage repetitive tasks and streamline the detection and response process for high-priority security incidents.
Built on Red Hat OpenShift, QRadar SIEM is designed to be open at its core, allowing for deep interoperability with multi-vendor tools and cloud platforms. It supports common detection rules (SIGMA) to quickly integrate crowdsourced threat detections from the security community. Additionally, it offers federated search and threat-hunting capabilities across various data sources, enhancing threat investigation across cloud and on-premises environments.
IBM's cloud-native SIEM includes AI capabilities that automatically prioritize alerts, reduce noise, and provide context for high-priority alerts. It streamlines threat investigations by running federated searches, creating visual attack timelines, and suggesting recommended actions. It plans to introduce generative AI (GAI) capabilities for QRadar Suite in early 2024. These AI capabilities will automate tasks like report creation, threat detection, log data interpretation, and threat intelligence curation. GAI is expected to enhance the productivity of security analysts, allowing them to focus on higher-value tasks.
The investment in cloud-native SIEM and AI integration reflects its commitment to delivering next-generation security operations technology. These advancements are designed to simplify security operations, reduce complexity, and provide security teams with the tools to effectively address today's complex threat landscape. The new cloud-native QRadar SIEM will be available as SaaS in Q4 2023.
IBM is actively working on its AI and data platform, watsonx, to enable generative AI to support security teams in automating routine tasks, accelerating threat response, and simplifying threat investigations. This represents a significant step toward more efficient and effective security operations.
Read More
Cloud App Management
Spectro Cloud | November 07, 2023
Spectro Cloud has unveiled its third annual ‘State of Production Kubernetes’ report, providing unique insights into the highly dynamic Kubernetes industry. The report, based on a comprehensive survey of 333 Kubernetes practitioners and decision-makers, reveals key trends and challenges facing the industry.
The research highlights that operations teams are grappling with increasing complexity as their Kubernetes environments expand. A significant 56% of businesses have more than 10 Kubernetes clusters, and 69% run Kubernetes in multiple clouds or other environments. Furthermore, 75% report issues affecting the running of their clusters, an increase from 66% in 2022.
The report also underscores the need for greater support for application developers. Despite the rise of platform engineering, 82% of operations teams struggle to provide developers with access to tailored clusters. Additionally, 37% report inconsistencies between development, staging, and production environments.
The study also points to application modernization as a pressing issue for cloud-native organizations. While all interviewees reported a ‘container first’ approach, they agreed that virtual machines (VMs) are here to stay. A significant 85% are migrating existing VM workloads to Kubernetes, and 86% aim to unify containerized and VM workloads on a single infrastructure platform.
The Spectro Cloud's report reveals challenges in Kubernetes, with 75% of operations teams facing issues with cluster management and 82% struggling to provide developers with tailored clusters. The report also highlights the persistence of VMs and security, compliance, and cost issues in edge computing. However, it also shows a growing trend towards Kubernetes, with a majority of businesses operating multiple clusters across various environments. The rise of platform engineering, migration of VM workloads to Kubernetes, and increasing adoption of Kubernetes in edge computing environments suggest a shift towards modernization and promising advancements.
Finally, the report indicates that edge computing is gaining momentum, with 49% actively piloting or using Kubernetes in edge computing environments. AI is a key driver for edge adoption, with investment expected to improve business processes and enable new connected solutions. However, significant challenges remain, particularly around security, compliance, and the costs of field engineering.
Spectro Cloud's third annual ‘State of Kubernetes’ report highlights these trends and challenges. The report aims to inspire new dialogue in the industry, particularly at events like KubeCon. The report is available for download and will be discussed in a webinar on November 30.
About Spectro Cloud
Spectro Cloud is a leading provider of Kubernetes management solutions. Its comprehensive platform allows organizations to manage the full lifecycle of diverse Kubernetes environments, whether small or large, new or existing, simple or complex, in data centers or the cloud. The company's unique approach offers IT teams complete control and visibility, enabling them to provide developers with flexible Kubernetes stacks and tools tailored to their specific needs, all while ensuring granular governance and enterprise-grade security.
Read More
Cloud App Development
Business Wire | November 02, 2023
Box, Inc. (NYSE: BOX), the leading Content Cloud, and Google Cloud today announced an expanded partnership to transform work in the enterprise with generative AI. Box will integrate with Vertex AI to build new gen AI features that help customers more efficiently process and analyze data stored in the Box Content Cloud, which is also now available to customers directly through Google Cloud Marketplace.
Enterprises today want to work with strategic technology platforms that can help them work smarter and more productively, said Aaron Levie, co-founder and CEO of Box. Google Cloud is an incredibly important partner that helps us serve our customers globally. This deepened partnership underscores our joint commitment to delivering solutions that leverage cutting edge technology to power entirely new ways for users to intelligently interact with their content and revolutionize the way businesses operate in the AI-first era.
“Generative AI can streamline some of the most time-consuming processes facing enterprises today, such as manual data entry and analysis,” said Thomas Kurian, CEO of Google Cloud. “Our expanded partnership with Box will provide customers with new tools that help them quickly process and create insights from documents stored within Box Content Cloud, saving time that users can reallocate towards more impactful work.”
New Box AI Capabilities, Powered by Vertex AI
Box has chosen to integrate with Vertex AI, Google Cloud’s unified AI platform, to help customers process and analyze data faster, create more personalized user experiences, intelligent search, and more.
Building on the earlier announcement that Box will integrate Google Cloud’s advanced large-language models (LLMs) into Box AI, Box will now use Vertex AI to help power its new metadata extraction feature. The new feature, coming first as an API, will save customers’ time inputting and maintaining data by automatically identifying and tagging key context from their documents, including matching metadata fields to attributes within a file. Soon, customers will be able to:
Automatically classify and label documents at scale to surface key insights, such as contracts nearing their expiration and invoices requiring payment within the current month.
Define metadata templates to extract information for custom use cases, such as automatically recognizing and tagging products in images or categorizing PII in specific types.
Populate defined metadata templates and integrate with ERP and CRM systems to automate workflows such as invoicing, executing contracts, client and employee onboarding, and more.
Identify and preserve critical information, such as timestamps, authorship, and document versions history, to maintain compliance protocols.
Recognize and extract metadata in different languages to ensure consistent term recognition while operating in different countries and regions.
Box is Now Available on Google Cloud Marketplace
As part of the expanded partnership, Box is now also available on Google Cloud Marketplace, making it even easier for customers using Google Cloud infrastructure to purchase Box’s content management platform. With the Box app available on Google Cloud Marketplace, eligible customers can realize key benefits including:
Reduced procurement cycles allowing for faster, smoother, and simpler buying process.
Consolidated Google Cloud billing.
Cost savings against existing Google Cloud commitments when purchased through Google Cloud Marketplace.
Box Expands Its Use of Google Cloud
Box already leverages Google Cloud as a key infrastructure provider for data storage and compute globally. Now, Box will expand its usage of Google Cloud by adopting several new services across networking, data analytics, and machine learning to deliver faster performance and higher-reliability to its customers. For example, Box is now applying:
Google Cloud as a storage option for Box KeySafe, which enables Box customers to use their own encryption key within Box. This provides customers with more choice over where they maintain their encryption keys.
Google Cloud’s global networking infrastructure to power Box network communication with customers, resulting in faster content transfers and increased productivity for customers around the world.
Cloud Bigtable for improved performance and uptime for the core data systems that power Box. This enables Box to deliver its customers with a more reliable service to secure and manage all of their content needs.
Google Cloud BigQuery to power Box's data application, analytics, and insights. With BigQuery, Box can now deliver more comprehensive data-driven insights to customers faster.
Google Workspace Integrations
The expanded partnership builds on existing integrations with Google Workspace, which lets Box customers create, collaborate, and save content in Google Docs, Sheets, or Slides from the secure Box Content Cloud platform. Additionally, the Box for Google Workspace add-on enables smooth and secure productivity and collaboration across Google Workspace, including Gmail, Google Drive, and Google Calendar. With these integrations, customers can:
Create, open, and edit content using Google Workspace’s collaboration tools directly within Box.
Add Box files directly to emails and save email attachments to Box without leaving Gmail.
Include Box files and link Box Notes directly to your Google Calendar events.
Save files in Google Drive to Box.
Apply Box’s enterprise-grade security, compliance, and governance capabilities to Google Docs, Sheets, and Slides.
About Box
Box (NYSE:BOX) is the leading Content Cloud, a single platform that empowers organizations to manage the entire content lifecycle, work securely from anywhere, and integrate across best-of-breed apps. Founded in 2005, Box simplifies work for leading global organizations, including AstraZeneca, JLL, Morgan Stanley, and Nationwide. Box is headquartered in Redwood City, CA, with offices across the United States, Europe, and Asia. Visit box.com to learn more. And visit box.org to learn more about how Box empowers nonprofits to fulfill their missions.
About Google Cloud
Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
Read More