CLOUD SECURITY

Apiiro Launches Partner Program to Help Customers Fix Cloud-Native Application Risks Faster

Apiiro | June 09, 2022

Apiiro
Apiiro, the leader in Cloud-Native Application Security, today announced the Apiiro Partner Program, which provides comprehensive support for technology, consulting, and reseller partners across the Cloud-Native Application Protection Platform (CNAPP) ecosystem.

In the era of cloud-native application development, the remediation lifecycle is getting longer and more complex because risks are distributed across the design, code, open source packages, infra-as-code, containers, Git and CI/CD servers, and cloud infrastructure.

In addition, the shift in responsibilities and the use of a multitude of tools, each addressing only a small subset of cloud-native application risks has reduced the overall efficacy with noisy alerts and false-positives due to the lack of context. Context from cloud infrastructure to code and Software Bill Of Materials visibility (SBOM) are instrumental for the remediation process across the software supply chain.

Partners like Alacrinet, Defy Security, Google Cloud, HashiCorp, NetSPI, NXGN, Parabellyx, and Trace3 from the cloud-native application security, DevOps, cloud infrastructure security, and other cybersecurity industries are joining the Apiiro Partner Program to work together to help customers remediate cloud-native application risks across the software supply chain. Partners will benefit from the Apiiro Risk Graph technology and enabling resources to speed customer adoption and success with a contextual shift left risk remediation technology.

"Our customers aren't just modernizing their cloud-native application security - they're reinventing the way they develop, build, and deploy cloud-native applications across the software supply chain. By uniting in the Apiiro Partner Program, Apiiro and our partners can collectively ensure cloud-native applications are developed and delivered in a secure manner,"

John Leon, VP of Business Development at Apiiro

Program benefits include training materials and sales resources, access to technical evaluation demos and documentation to enable go to market and joint promotion opportunities. By enrolling in the Apiiro Partner Program, partners can increase their value to customers by delivering contextual shift left risk remediation before releasing to the cloud.

Apiiro has quickly gained momentum and recognition in the cloud-native application security market:
  • The current winner of the prestigious RSA Sandbox Innovation Award
  • Named a Gartner 2021 Cool Vendor in DevSecOps
  • Detected Day 0 Supply Chain Security vulnerability found on Kuberenetes based Argo CD platform
  • Contributor to the NIST 800-218 Secure SW Development Framework published February 2022
  • Apiiro is a new partner in the Google Cloud Marketplace. Google Cloud customers can purchase the Apiiro platform directly on Google Cloud Marketplace, enabling them to simplify cloud software procurement for their enterprise via online discovery, purchasing, and fulfillment.


About Apiiro

Apiiro helps security and development teams proactively fix risk across the software supply chain, before releasing to the cloud. Backed by Greylock and Kleiner Perkins.

Spotlight

Video content owners are in an arms race to keep pace with the burgeoning array of devices and screen formats that consumers are snapping up to fulfill their content consumption needs. Failure to meet customer expectations for a high quality experience is the surest way to lose their loyalty, perhaps irretrievably.


Other News
CLOUD DEPLOYMENT MODELS

CoreStack Accelerates Vision and Growth with Acquisition of Optio3

CoreStack | September 27, 2022

CoreStack, a global multi-cloud governance provider, today announced the company’s acquisition of Optio3, an AI-powered operations management company based in Seattle, WA. As a result, CoreStack will acquire 100 percent of Optio3’s technology and IP and will integrate Optio3 team into the CoreStack team. Optio3 Co-founder and CEO Sridhar (Sri) Chandrashekar will be joining the CoreStack leadership team as Chief Digital Officer (CDO). “We’ve been leveraging Optio3’s technology in our platform for 9 months and have had tremendous success with it,” said Ezhilarasan (Ez) Natarajan, CoreStack Founder and CEO. “We now have the opportunity to bring the Optio3 team’s expertise in-house and can further tailor the technology to support our enterprise customers’ needs.” CoreStack helps enterprises unleash the power of cloud on their terms by providing a NextGen multi-cloud governance platform that is Continuous, Holistic, Autonomous, Integrated, and Nimble (CHAIN). This NextGen governance solution enables proactive multi-cloud governance and 360-degree visibility across financial management (FinOps), security operations (SecOps), and cloud operations (CloudOps) in a unified dashboard. The Optio3 acquisition will further facilitate CoreStack’s delivery of these NextGen multi-cloud governance capabilities, bringing their deep industry experience in building scalable SaaS products as well as a proven technology framework that strengthens the platform, automates the cloud infrastructure, and increases the speed of innovation and delivery. “CoreStack is at an inflection point in its growth curve with a phenomenal pipeline of Fortune 5000 customers,” said Sri Chandrashekar, CoreStack’s new CDO. “The Optio3 team is highly specialized in delivering high-scale platforms and SaaS solutions to those enterprise customers. I’m excited that we’re working together to achieve CoreStack’s ambitious vision and product roadmap for NextGen Cloud Governance.” Founded in 2016, CoreStack is a multi-national corporation with headquarters in Bellevue, WA, an engineering Center of Excellence is in Chennai, India, and sales and support personnel located across the globe to ensure seamless support. Since January 2022, CoreStack has hired more than 150 people, won significant deals, and added numerous marquee partners. Booked annual revenues have grown by more than 100%, and customer renewal rates remain at 100%. Annual cloud spend across all customers and partners governed by CoreStack is crossing $2B, and the company has doubled down on partnership engagements with AWS, Azure, Google, and Oracle. “We are thrilled to be bringing Optio3’s technology and team into our family,” said Ez Natarajan. “CoreStack was born with the mission of establishing a robust, NextGen governance layer on top of even the most complex multi-cloud ecosystems. We are now perfectly positioned to offer our customers a highly scalable, manageable, and reliable solution – one that drives digital transformation and delivers next-level performance.” “We are delighted to bring in Optio3’s technology, CoreStack was born with the mission of establishing a robust, NextGen governance layer on top of even the most complex multi-cloud ecosystems. We are now perfectly positioned to offer our customers a highly scalable, manageable, and reliable solution one that drives digital transformation and delivers next-level performance.” Sabapathy Arumugam, CoreStack Co-Founder and CTO About CoreStack CoreStack provides a NextGen Cloud Governance platform that empowers enterprises to predictably increase top-line revenues, improve bottom-line efficiencies, and gain a competitive edge through AI-powered real-time cloud governance on autopilot. CoreStack's FinOps, SecOps, and CloudOps solutions embrace, enhance, and extend native-cloud capabilities, enabling reporting, recommendation, and remediation and providing single pane-of-glass governance across multi-cloud. Through executive dashboards for comprehensive real-time insights, CoreStack delivers transformative value such as 40% increase in operational efficiencies, 50% decrease in cloud costs, and 100% security assurance and compliance. CoreStack helps 500+ global enterprises govern $2+ billion in annual cloud consumption. Gartner, Frost & Sullivan, Forrester, S&P Global and IDC have recognized CoreStack as an innovator and leader in cloud management solutions. CoreStack is backed by strategic advisors, including the ex-CEO of Wipro and ex-CIO of Microsoft. The company is a Microsoft Azure Gold Partner, Amazon AWS Advanced Technology Competency Partner, Oracle Cloud Build Partner, and Google Cloud Build Partner.

Read More

CLOUD STORAGE

ManageEngine Releases SaaS Version of Analytics Plus to Complete its Deploy-Analytics-Anywhere Model

ManageEngine | August 09, 2022

ManageEngine, the enterprise IT management division of Zoho Corporation, today announced that its IT analytics product, Analytics Plus, is now available as a SaaS offering, enabling users to set up a fully functional, integrated analytics platform in under 60 seconds. This launch completes the company's vision to deploy analytics anywhere, that is, to make it easy for an organization to deploy analytics on private or public clouds such as AWS and Azure. ManageEngine will showcase the new offering at its user conference to be held on August 4-5, 2022, at the InterContinental Melbourne in Australia. IT operations nowadays are structured in a way that warrants the use of several monitoring tools and technologies to ensure the business remains operational and accessible to its customers around the clock. While these disjointed IT tools provide visibility into their area of operations, they fall short in providing complete visibility into IT as a whole, costing IT leaders time and effort in gathering insights. Analytics Plus' new cloud offering completes the IT application stack by creating a foundation for integrations, allowing organizations to connect to a multitude of data sources and attain faster time to market, increase productivity, curb expenditure and garner more revenue. "At ManageEngine, we've witnessed several digital transformation trends over the last two decades across all industry verticals: rapid cloud adoption, a need for setting up a data-centric culture, and the need for advanced AI to sift through data lakes and establish correlations, triage events, and eliminate the need for human intervention in data analysis, That's why we've launched the cloud version of Analytics Plus—a marriage of our 20+ years of domain expertise with cloud benefits like flexibility, agility and scalability to help augment strategic decision-making with insights that are fast, reliable and contextual." Rakesh Jayaprakash, product manager at ManageEngine Analytics Plus can be deployed in on-premises servers (Windows or Linux-based), Docker or on cloud platforms such as AWS, Azure and Google Cloud. IT and Business App Connectivity to Track IT Performance Holistically Analytics Plus now connects with more than 40 business applications such as Microsoft Dynamics CRM, Stripe, SurveyMonkey, Google Analytics, Xero, QuickBooks, Salesforce CRM, and LinkedIn along with over 30 IT monitoring applications such as SolarWinds, Nagios, Splunk, DataDog, AppDynamics, and OpenNMS to help IT leaders get a holistic view of IT performance. Support for these new apps will enable IT leaders to measure the ROI of IT along with how IT has contributed to achieving business objectives. Context-Aware AI to Deliver Domain-Level Intelligence ManageEngine has also enhanced its built-in AI assistant with domain-level intelligence to bridge the gap between data and decision makers. "Contextual AI can deliver the most crucial insights at a large scale that will resonate with IT leaders. For example, context-aware AI can suggest how to deploy workloads in the most cost-effective and high-performing cloud locations, taking into account performance, cost structure and security requirements," said Jayaprakash. Analytics Plus' context-aware AI enables users to: Establish correlations between data from various applications and data sources. Quickly identify opportunities and threats. Gain granular insights into aspects of IT operations and business that might not be possible otherwise. Stan Veloutsos, IT service desk manager at Regis Aged Care in Australia, said, "Analytics Plus helped us improve processes by 30%. Using Analytics Plus, we were able to deep dive into IT data, identify problems and trends, align project releases and also increase agent performance. It also helped us share our findings with a larger audience for better reach. With Analytics Plus, we have also set up easy-to-read dashboards for our CXOs with custom metrics and widgets, so they can gain information and make decisions that can increase our revenue." Pricing and Availability The cloud version of Analytics Plus offers a Professional edition at $199/month for two users and three viewers. The Enterprise edition starts at $399/month for 10 users and 25 viewers. The Personal edition is available for free forever and supports one user. A free, fully-functional evaluation is also available. For more details on pricing, visit https://mnge.it/ySN About Analytics Plus Analytics Plus is an AI-enabled, IT analytics solution that connects with over 200 IT and business applications to enable CXOs to converge analytics on a single pane for faster decision-making. Zia, the built-in AI-assistant, comes loaded with IT domain intelligence that identifies correlations in data from multiple applications and data sources, and provides actionable insights to resolve problems and exploit opportunities. Analytics Plus supports cross-module analytical capabilities that helps leaders gain insight into how functional IT domains such as service management, operations management, IT financial management, and project management are all interrelated. About ManageEngine ManageEngine is the enterprise IT management division of Zoho Corporation. Established and emerging enterprises—including 9 of every 10 Fortune 100 organizations—rely on ManageEngine's real-time IT management tools to ensure optimal performance of their IT infrastructure, including networks, servers, applications, desktops and more. ManageEngine has offices worldwide, including the United States, the United Arab Emirates, the Netherlands, India, Colombia, Mexico, Brazil, Colombia, Singapore, Japan, China and Australia, as well as 200+ global partners to help organizations tightly align their business and IT.

Read More

CLOUD SECURITY

Radware Launches New Cloud Security Center in Taiwan

Radware Ltd | August 30, 2022

Radware a leading provider of cyber security and application delivery solutions, announced the launch of a new cloud security center in Taiwan. The facility will enable customers in Taiwan to secure their datacenters, networks, web and mobile applications, and their APIs with minimal latency, as well as mitigate compliance processes involved in offshore routing. The new security center will protect customers against denial-of-service attacks, web application attacks, malicious bot traffic, and attacks on APIs. This includes the OWASP Top 10 Web Application Security Risks for 2021, OWASP Top 21 Automated Threats to Web Applications, OWASP API Security Top 10, as well as volumetric distributed denial-of-service (DDoS) and application-level DDoS attacks. According to Radware’s First Half 2022 Global Threat Analysis Report, during the first six months of 2022: The number of malicious DDoS attacks climbed 203% compared to the first six months of 2021. The average number of DDoS events per month, per customer was almost 1.5 times higher in the first half of 2022, compared to 2021 and 2020. The number of malicious web application transactions grew by 38%, compared to the first six months of 2021, surpassing the total number of malicious transactions recorded in 2020. “As the size and speed of cyberattacks continue to rise, the launch of the new cloud security center in Taiwan enables us to deliver faster mitigation response times in the region along with the highest levels of security protection, The center also meets a growing demand for local security that complies with data sovereignty requirements.” Haim Zelikovsky, vice president of Radware’s cloud security services business The new security center in Taiwan is the latest addition to Radware’s cloud security network. Today, the network includes over 10Tbps of mitigation capacity across more than 50 security centers located around the globe. “Radware continues to make investments in protecting businesses and governments alike from the growing threat of cyberattacks,” said Alan Lee, regional director for Radware in Taiwan and Hong Kong. "Taiwan is located within an influential hub in the Asia-Pacific region. Information security is regarded as a national security issue. Setting up a cloud security center in Taiwan will help improve information security standards and increase regional cyber defenses.” About Radware Radware is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.

Read More

CLOUD SECURITY

Prisma Cloud Delivers Context-Aware Software Composition Analysis to Secure Deployment of Open Source Software

Palo Alto Network | September 23, 2022

Open source software is a critical component of cloud-native applications, allowing developers greater speed and modularity without having to reinvent the wheel each time they code. However, as the Unit 42 Cloud Threat Report, 2H 2021 found, open source software can often contain known vulnerabilities, which can open organizations up to significant risk. Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today introduced the industry's first context-aware software composition analysis (SCA) solution to help developers safely use open source software components. The integration of SCA into Prisma® Cloud further demonstrates why Palo Alto Networks is the leading provider of cloud-native security. Traditional SCA solutions are standalone products that can produce a large number of alerts but lack the runtime context to help fix vulnerabilities. With the addition of SCA to the Prisma Cloud platform, developers and security teams can proactively surface and prioritize known vulnerabilities that impact the application lifecycle (i.e., code, build, deploy and run). Prisma Cloud SCA delivers deep dependency detection and remediation of vulnerabilities in open source software before applications reach production. It can also help developers prioritize remediation based on software components that are already in use. These capabilities are not possible when SCA solutions are deployed as single point products. "Developers leveraging open source software should be able to build applications with the confidence they aren't opening the organization up to risk, With the average application consisting of 75% open source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build with speed." Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks As a complete cloud-native application protection platform (CNAPP), Prisma Cloud is context-aware at every stage of the application lifecycle to provide a unified view of risk across organizations' cloud environments. Where current approaches to cloud security rely on siloed products that provide intermittent visibility without remediation, Prisma Cloud approaches cloud security with a comprehensive, prevention-first framework. With 188% increase in cloud incident response cases over the past three years, this shift in approach has become mandatory. A complete code-to cloud CNAPP needs to incorporate the following five key principles in order to keep organizations safe: Security from code to cloud — protects applications at every stage of the development lifecycle — from code, build, deploy and run. Continuous, real time visibility — uses real-time and contextual security analysis of cloud environments to help prevent misconfigurations, vulnerabilities and threats. Prevention-first protection — stopping attacks and defending against zero-day vulnerabilities to drive down mean time to remediation. Choice for every cloud journey — aligning security needs with current and future cloud priorities by supporting a breadth of cloud service providers, workload architectures, continuous integration and continuous delivery (CI/CD) pipelines, integrated development environments (IDEs), and repositories with a unified platform Cloud scale security — consistently secures applications as cloud environments scale. In addition to SCA and to further increase the safety of cloud-native applications, Prisma Cloud introduced a software bill of materials (SBOM) among other capabilities for developers to easily maintain and reference a complete codebase inventory of every application component used across cloud environments. Implementing SCA and SBOM ensures Prisma Cloud aligns with these principles. "Buyers looking for cloud-native security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past," said Frank Dickson, program vice president, Security and Trust at IDC. "Security should be embedded throughout the application development life cycle. This means that buyers need to fundamentally change their approach to security, although they need to continue to protect their run-time environments, they must also embrace solutions that embed security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes." About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

Spotlight

Video content owners are in an arms race to keep pace with the burgeoning array of devices and screen formats that consumers are snapping up to fulfill their content consumption needs. Failure to meet customer expectations for a high quality experience is the surest way to lose their loyalty, perhaps irretrievably.

Resources