CLOUD SECURITY

Elastic Security for Cloud Announced by Elastic

Elastic | June 08, 2022

Elastic
As part of Elastic Security for Cloud, the firm behind Elasticsearch has revealed new features for managing cloud risk and posture, as well as safeguarding cloud workloads.

Cloud-native and hybrid environments can now benefit from Elastic Security's infrastructure detection and response (IDR) capabilities, as well as its ability to enforce security postures, thanks to the addition of Elastic Security for Cloud. In addition, the unified Elastic Search Platform allows customers to monitor both deployment and run-time hazards.

Elastic Security Labs, the company's threat research, detection engineering and malware analysis division, provides out-of-the-box rules and machine learning models to identify new threats.

"While cloud security is key to business, it introduces more dependencies on various internal and third-party elements and increases complexity. The result is an environment with fragmented visibility, and you can't secure what you can't see. Such an environment can be difficult to secure, since many elements need to come together cohesively. Elastic aims to reduce this complexity and improve attack surface visibility by delivering Elastic Security for Cloud on a single platform that enables customers to secure their cloud risks while integrating it within their broader security operations," 

Ken Buckler, Research Analyst - Security and Risk Management, Enterprise Management Associates.

By 2025, more than 85% of enterprises will adopt a cloud-first strategy, with 95% of new digital workloads running on cloud-native platforms, according to Gartner. But a recent Elastic study indicated that nearly half (49%) of cloud-native enterprises expect misconfigurations to increase as a root cause of breaches over the next two years.

"To protect applications and workloads in the cloud, security operations teams require deep visibility across their organizations' underlying infrastructure and application data," said Santosh Krishnan, General Manager of Elastic Security, Elastic. "Elastic Security for Cloud provides customers with a single platform to monitor their cloud deployments, manage their cloud posture, and secure their cloud workloads - giving them the visibility they need to prevent, detect, and respond to threats faster."

Spotlight

Europe's biggest and best attended cloud event is just around the corner so join some of Cloud Expo Europe's top speakers and Organizer as the discuss cloud security,Privacy post Prism, The emergence of the cloud broker.


Other News
CLOUD DEPLOYMENT MODELS

CoreStack Participates in AWS Marketplace Vendor Insights Preview

CoreStack | September 07, 2022

CoreStack, a global cloud governance provider that empowers enterprises to unleash the power of the cloud by enabling continuous and autonomous cloud governance at scale, today announced that it is participating in the Amazon Web Services (AWS) Marketplace Vendor Insights preview, which streamlines the complex third-party software risk assessment process by enabling sellers to make security and compliance information available through AWS Marketplace, a curated digital catalog that customers can use to find, buy, deploy, and manage third-party software, data, and services to build solutions and run their businesses. CoreStack’s NextGen Cloud Governance solutions — FinOps, SecOps and CloudOps — are now available via a unified web-based dashboard as part of AWS Marketplace Vendor Insights to give customers access to security and compliance information. AWS Marketplace Vendor Insights helps streamline the procurement process by granting buyers access to evidence made available by sellers related to data privacy and residency, application security, and access control. “We created AWS Marketplace Vendor Insights to serve customers that need help validating third-party software that meets their compliance needs, We are glad to see CoreStack participating in the Vendor Insights preview and their commitment to trust and transparency. Companies like CoreStack work with AWS to showcase their validated security profile, saving customers months of effort, reducing the software risk assessment lead time for customers while assuring them of continuous monitoring of vendor security.” Jason Timmes, General Manager, AWS Marketplace Seller Services Using Vendor Insights can help buyers reduce assessment lead time to a few hours by allowing buyers to access the vendor’s validated security profile, saving months of effort from questionnaires and back-and-forth with vendors. The dashboard also provides evidence backed by AWS Config and AWS Audit Manager assessments, external audit reports, and software vendor self-assessments to help customers perform continual compliance monitoring. "Vendor Insights provides ongoing visibility and alerts about the vendor’s security hygiene,” said Satyam Patel, Vice President & Chief Information Security Officer at [24]7.ai. “Using Vendor Insight notifications helps us remove the need for periodic reassessments and brings in agility in the procurement process.” The CoreStack platform, built on cloud-native services, empowers AWS customers to achieve security and compliance, enhance cloud operational efficiencies as well as optimize costs. It applies a unique cloud-as-code approach that leverages deep artificial intelligence (AI) / machine learning (ML), declarative definitions, and a patented cloud service-chaining technology. Customers can leverage CoreStack’s powerful NextGen Cloud Governance offerings — FinOps, SecOps and CloudOps — to govern operations, security, cost, access, and resources across multiple cloud accounts. “We take pride in helping customers embrace, expand and enhance cloud through our NextGen Cloud Governance, and we are proud to showcase our validated and strong security story with customers through Vendor Insights,” said Parul Chheda, Vice President of Strategic Alliances at CoreStack. “Security is a shared responsibility, and we are happy that AWS Marketplace customers can directly monitor and inspect configuration of our technology resources and collect other critical information to deliver up-to-date security posture metrics and artifacts. We look forward to working with AWS to fast-track due diligence and further the value we can offer to our customers.” About CoreStack CoreStack is a NextGen cloud business accelerator that empowers enterprises to predictably increase top-line revenues, improve bottom-line efficiencies, and gain a competitive edge through AI-powered real-time cloud governance on autopilot. CoreStack's FinOps, SecOps and CloudOps solutions embrace, enhance, and extend native-cloud, enable reporting, recommendation, remediation and provide single pane-of-glass governance across multi-cloud. Through executive dashboards for comprehensive real-time insights, CoreStack delivers transformative value such as 40% increase in operational efficiencies, 50% decrease in cloud costs, and 100% security assurance and compliance. CoreStack helps 500+ global enterprises govern $2B+ in annual cloud consumption.

Read More

CLOUD STORAGE

Wasabi Technologies Closes $250 Million in New Funding to Usher In the Future of Cloud Storage

Wasabi Technologies | October 04, 2022

Wasabi Technologies, the hot cloud storage company, today announced it has achieved unicorn status following $250 million in new funding. Wasabi raised $125 million in Series D equity led by L2 Point Management with participation from Cedar Pine; an affiliate of Cerberus Capital Management; and returning investors including Fidelity Management & Research Company and Forestay Capital, bringing the company’s valuation to over $1.1 billion. Wasabi also expanded its existing debt facility with MGG Investment Group to $125 million. Barclays acted as sole placement agent on the transaction. Wasabi provides fast, affordable, and highly reliable cloud data storage for businesses all over the world at 1/5th the cost of large hyperscale providers or on-premises storage, with no charges for egress or API requests and no complex tiering. The company's revenues more than doubled from 2020-2021, and Wasabi now has more than 40,000 customers in over 100 countries, 13,000 partners, 250+ global employees and 13 storage regions across North America, Europe, and Asia Pacific. The new equity will drive expansion into additional vertical markets and geographies, enhance Wasabi’s channel partnerships, and scale the company’s go-to-market team and global brand strategies. Meanwhile, the debt will be used to finance capital equipment and infrastructure in Wasabi’s storage regions around the world, and to invest in Wasabi’s technology capabilities to lay the groundwork for a new generation of cloud storage architecture. “Closing a large up round in this environment speaks to the spectacular growth of Wasabi, the magnitude of the cloud storage opportunity, and our leadership as the industry’s largest pure-play cloud storage vendor. At Wasabi, we focus on just one thing: cloud storage. We do it better than anyone else in the industry. Because of this singular focus, our team has achieved best-in-class performance and security at the lowest prices in the industry,” David Friend, co-founder and CEO of Wasabi Technologies Kerstin Dittmar, managing partner of lead investor L2 Point, will join Wasabi’s Board of Directors. “Wasabi provides a game-changing product that offers customers a simpler, faster, and significantly more economical solution to their cloud data storage needs. We believe this capital raise will allow Wasabi to continue to expand its offering across additional services and geographies to meet their global customers’ needs,” said Dittmar. “We are proud to partner with Wasabi to provide innovative solutions in cloud storage and security,” added Sam Barnett, PhD, executive chairman of Cedar Pine. “The importance of Wasabi’s technology is increasing in every industry.” Kevin Griffin, CEO of MGG Investment Group, also commented, “We seek to partner with best-in-class entrepreneurs and companies and are excited to continue supporting Wasabi Technologies and their global expansion.” In addition to the industry-leading performance of Wasabi hot cloud storage, the company partners with over 350 technology companies, including most of the world’s leading backup, disaster recovery, and surveillance companies. Wasabi is used to store data across a wide range of industries, including professional sports, energy and natural resources, finance, surveillance, education, manufacturing, consumer technology, healthcare, scientific research, and media and entertainment. “As our data needs continue to evolve, from player analytics, IoT, digital assets and even security, this presents an enormous learning opportunity for the organization,” said Brian Shield, senior vice president and CTO of the Boston Red Sox. “Wasabi provides a cost-effective cloud-based solution that enables us to retrieve content quickly and improve the level of video analysis and production we do here at the Red Sox.” About Wasabi Technologies Wasabi provides simple, predictable and affordable hot cloud storage for businesses all over the world. It enables organizations to store and instantly access an unlimited amount of data at 1/5th the price of the competition with no complex tiers or unpredictable egress fees. Trusted by tens of thousands of customers worldwide, Wasabi has been recognized as one of technology’s fastest-growing and most visionary companies. Created by Carbonite co-founders and cloud storage pioneers David Friend and Jeff Flowers, Wasabi is a privately held company based in Boston. Wasabi is a Proud Partner of the Boston Red Sox, and the Official Cloud Storage Partner of Liverpool Football Club and the Boston Bruins. About L2 Point Management L2 Point Management (“L2 Point”) is a San Francisco based investment firm providing innovative capital solutions for growth companies. With expertise across the capital structure, L2 Point works to address a common concern of late-stage companies today: the lack of an alternative cost of capital product between highly dilutive growth equity and operationally restrictive debt.

Read More

CLOUD STORAGE

Votiro Cloud Integrates With Box Content Cloud to Provide Zero Trust Content Security

Votiro | October 20, 2022

Votiro, the category leader in Content Disarm and Reconstruction (CDR) technology, today announced its integration with Box’s leading Content Cloud to prevent ransomware and other evasive file-borne threats from entering users’ content collaboration applications and environments. Available today, users can seamlessly connect Votiro Cloud to Box to provide an essential layer of security needed to prevent new and unknown threats by sanitizing content before adding it in Box. Digital content collaboration capabilities have been paramount in the new hybrid work environment, where bad actors are targeting content and data management platforms, primarily through hidden threats in files. Many of these threats leverage advanced obfuscation techniques that can easily evade detection through traditional security technologies. Through this integration with Box, Votiro Cloud can easily be downloaded and deployed within the customers’ environment, and begin immediately eliminating all malware threats. Preventing Threats without Ruining Files Instead of scanning for known malware signatures, Votiro Cloud proactively disarms weaponized files before they enter the network and prevents virtually all attacks, ranging from evasive commodity attacks to zero-day attacks, including ransomware. In addition, Votiro’s solution prioritizes secure collaboration, increasing productivity without compromising security. All incoming files to Box Content Cloud from remote employees, contractors, and 3rd party partners are sanitized and reconstructed to preserve the integrity and functionality of the original file, allowing users to collaborate securely. "Organizations today need products that are inherently secure to support employees working from anywhere, At Box, we continuously strive to improve our integrations with third-party apps so that it's easier than ever for customers to use Box alongside best-in-class solutions. With today's integration with Votiro, we are providing customers with even more options for additional security controls to further minimize the risk of potential incidents.” Fred Klein, Vice President of Business and Corporate Development at Box Votiro applies Zero Trust principles to a customer’s interactions with digital files, automated file processing, or application-to-application file transfer process. Votiro’s scalability, speed, and depth and breadth of accepted file formats best positions them to help enterprises collaborate with third-parties safely while keeping business flowing. Files are processed at scale for high volume operations and within milliseconds, completely transparent to the end user. The company’s cloud-based, open application programming interface (API), and auto-scaling functionality allows for limitless scalability to seamlessly accommodate surges in file throughput. Votiro Cloud is easy to use and the open API fits into existing file flows seamlessly, including to and from content-rich applications and services like customer-facing portals deployed in public cloud platforms, machine-to-machine transfer to cloud content platforms such as AWS S3, Snowflake, and Box. “Enterprises no longer have to implicitly trust the users interacting with files in the cloud content platforms, but explicitly ensure safe content at all times. As a result, building out a data protection strategy and investing in technologies that adhere to the Zero Trust model is a great way to ensure secure content collaboration,” said Ravi Srinivasan, CEO at Votiro. “Digital collaboration services, like Box, create amazing efficiencies for businesses and - with the right safeguards - also provide a high level of security. We’re proud to integrate with Box to offer an essential layer of security to protect the content and data that organizations’ exchange on a daily basis without inhibiting user productivity.” About Votiro Votiro is a zero-trust content security company serving hundreds of commercial and government organizations worldwide. Votiro Cloud is an open, API-centric Content Disarm and Reconstruction (CDR) solution to deliver safe content and eliminate file-borne threats targeting your remote workers, content-rich apps, data lakes, supply chain and B2C digital interactions. Votiro is headquartered in the United States, with offices in Australia, Israel, and Singapore.

Read More

CLOUD SECURITY

KubeCon Co-Located Cloud Foundry Day Schedule Announced with Mix of Introductory Sessions and Technical Deep Dives

Cloud Foundry Foundation | September 17, 2022

The Cloud Foundry Foundation today announced the schedule for Cloud Foundry Day with anynines GmbH and VMware among the organizations taking center stage at the event. "We are very excited to hold our first in-person Cloud Foundry event after a three year hiatus, The event is meant to showcase the extensibility of Cloud Foundry. All the latest improvements to the core platform and various Cloud Foundry projects will be highlighted at the event. We are striving to create a balance for those who are experienced with Cloud Foundry as well as those who are looking to adopt it afresh. Cloud Foundry events are a great opportunity to meet hands-on practitioners and facilitate collaboration and discussions." Chris Clark, program manager at Cloud Foundry Cloud Foundry Day will be held on Tuesday, October 25, co-located with KubeCon + CloudNativeCon NA in Detroit. For this one-day event, the Cloud Foundry Foundation has joined forces with the program committee to curate a program that fosters collaboration among attendees and offers an interactive platform for education. "At the event, we have strived to put together an agenda that presents the best of Cloud Foundry," said Ram Iyengar, chief evangelist at Cloud Foundry. "Due to the broad nature of Cloud Foundry projects, our program committee had a hard time choosing what to showcase. Attendees will get to learn about the latest open source innovations happening in the areas of core Cloud Foundry, as well as extensions to Kubernetes in the form of Paketo Buildpacks and Korifi. The agenda is also a good mix of introductory sessions, technical deep-dives, and community updates." Sessions include: A Keynote from Cloud Foundry governing board member, Catherine McGarvey Introducing Korifi: The Evolution of CF on Kubernetes Cloud Foundry Technical Governance: Past, Present, and Future What's new with Paketo Buildpacks? Recap: Ten Years of Working With Cloud Foundry Grappling with Kubernetes Eventual Consistency in Korifi App Runtime Interfaces Extravaganza! New Features in BOSH: Improved NATS cert rotations Remote Debugging of .NET Core applications with Paketo Buildpacks + Visual Studio Code Stemcells are now Jam-packed with Jelly(fish) How we modernized and reduced the infrastructure costs for running CFZ The Future of Logs and Metrics in Cloud Foundry The registration fee for Cloud Foundry Day is $50, or free to attend online. Attendees can register for the event here. Cloud Foundry is an open source technology backed by the largest technology companies in the world, including, HCL, Huawei, IBM, SAP, and VMware, and is being used by leaders in manufacturing, telecommunications and financial services. Only Cloud Foundry delivers the velocity needed to continuously deliver apps at the speed of business. Cloud Foundry's container-based architecture runs apps written in any language on a choice of cloud platforms — Amazon Web Services (AWS), Google Cloud Platform (GCP), IBM Cloud, Microsoft Azure, OpenStack, and more. With a robust services ecosystem and simple integration with existing technologies, Cloud Foundry is the modern standard for deploying mission critical apps at global organizations. About Cloud Foundry Foundation The Cloud Foundry Foundation is a non-profit open source organization formed to sustain the development, promotion and adoption of Cloud Foundry as the industry standard for delivering the best experience for developers at companies of all sizes. The Foundation projects include Cloud Foundry, Paketo Buildpacks, Korifi, Eirini, BOSH, Open Service Broker API, CredHub, and more. Cloud Foundry makes it faster and easier to build, test, deploy and scale applications, and is used by more than half the Fortune 500, representing nearly $15 trillion in combined revenue.

Read More

Spotlight

Europe's biggest and best attended cloud event is just around the corner so join some of Cloud Expo Europe's top speakers and Organizer as the discuss cloud security,Privacy post Prism, The emergence of the cloud broker.

Resources