Cloud Security

Lacework Announces Enterprise Multicloud Platform Updates

Lacework Announces Enterprise Multicloud Platform Updates

Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates.

Expanded Enterprise Multicloud Support

Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations.

We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration.

Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment.

"My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches."

In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances.

To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks.

Operationalized Risk Management with ServiceNow and Jira Integrations

It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities.

"With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently."

Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview.

About Lacework
Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.

Spotlight

Other News
Cloud App Management

ScaleOps Raises $21.5M to Automate Cloud Resource Management

ScaleOps | December 20, 2023

ScaleOps, a startup specializing in cloud resource management, announced today $21.5M in funding for the first fully-automated cloud-native resource orchestration platform. The Seed and Series A funding rounds announced today were led by Lightspeed Venture Partners, NFX, and Glilot Capital Partners. ScaleOps has attracted a large and dedicated customer base of companies that use the platform to fully automate their production environments, achieving up to 80% cloud cost savings and delivering better-running applications. As cloud-native and Kubernetes environments become increasingly dynamic and interconnected, managing them has become highly complex and tedious. Kubernetes' native container sizing, scaling thresholds, and node type selection use static configurations, but consumption and demand are dynamic. Engineers spend precious time manually adjusting cloud resources to meet fluctuating demand — trying to avoid under or overprovisioning — resulting in millions of dollars wasted on idle resources or poor application performance issues during peak demand. "In production environments, each container requires a different scaling strategy," said Yodar Shafrir, ScaleOps' co-founder and CEO. "Experienced engineers spend hours trying to predict demand, running load tests, and tweaking configuration files for every single container. It's impossible to manage this at scale. We realized there's a huge need for a context-aware platform that can optimize these constantly-changing environments automatically, adapting to changes in demand in real-time." ScaleOps is the first fully-automated platform that continuously optimizes and manages cloud-native resources during runtime. The platform is installed in just two minutes on any cloud provider, on-premises and in air-gapped environments. ScaleOps ensures application scaling matches real-time demand. Instead of static allocations, it allocates resources dynamically, automatically rightsizing containers based on application needs. The platform also ensures every container runs in the most suitable node type, significantly cutting cloud costs. "The only way to free engineers from ongoing, repetitive configurations and allow them to focus on what truly matters is by completely automating resource management down to the smallest building block: the single container," added Shafrir. "By employing AI, the ScaleOps platform is context-aware and autonomously handles resource management for engineers, lowering infrastructure costs and delivering better performance." ScaleOps was co-founded by Yodar Shafrir (CEO), and Guy Baron (CTO). Since its founding in 2022, ScaleOps has experienced rapid growth worldwide, and today it automatically manages the production environments of industry leaders like Wiz, PayU, Orca Security, At-Bay, RTL, OutBrain, Salt Security, Noname Security, and dozens more. The company will use the funding to fund its global expansion to the US and Europe. "ScaleOps automatically optimizes Wiz's workloads in production according to our real-time needs, improving performance even during demand spikes," said Ron Tzrouya, Lead Cloud FinOps at Wiz. "While dramatically reducing our Kubernetes cloud costs, the hands-free automation freed our teams from dealing with ongoing configurations, which is critical in our rapidly ever-growing environment." About ScaleOps ScaleOps, a Tel Aviv based startup, is on a mission to automate the management of cloud environments, enabling organizations to focus on their core business objectives and dramatically reduce cloud costs. ScaleOps is backed by Lightspeed Venture Partners, NFX, Glilot Capital Partners, and other leading investors.

Read More

Cloud Security

Observer Platform Innovations From VIAVI Enhance Visibility Across Users, Applications and the Cloud

PR Newswire | January 12, 2024

Viavi Solutions Inc. (VIAVI) (NASDAQ: VIAV) today announced significant enhancements to the Observer Platform allowing IT teams to further maximize network availability, productivity and compliance. The enhancements include critical new capabilities in End-User Experience (EUE) scoring, digital certificate analysis, application identification, Unified Communications (UC) support, and Azure traffic visibility through NSG flow log analysis. The VIAVI State of the Network study revealed enterprises' top challenges in managing their networks. With a majority of enterprise applications hosted in the cloud, fewer than 1% of organizations say they are satisfied with network visibility. Problem domain isolation – pinpointing issues across network, server, application, or client domains ­– remains one of the biggest challenges for NetOps teams. End-user experience is the highest ranking KPI. And nearly half of teams spend between 10 and 20 hours per week troubleshooting UC platforms. The latest Observer release, v18.17, addresses these challenges to improve reliability of networks in meeting organizational objectives. Major new enhancements include: EUE Scoring Updates. Observer's patented EUE analysis now provides deeper insight into each problem domain – network, server, application or client – clearly showing individual scores and associated deductions, making it easy to understand what is contributing the most to performance degradations. Traffic Visibility for Azure and AWS. With the introduction of NSG flow log support, Observer adds insight and visibility for Azure environments equivalent to the existing capabilities for AWS using VPC Flow Logs. As Microsoft does not natively support packet extraction, flow visibility is essential for troubleshooting issues within complex Azure environments. Enhanced Application Recognition. Through added Deep Packet Inspection (DPI) and Application Identification (AppID) capabilities, the Observer Platform now recognizes thousands of specific business and non-business applications natively without having them embedded or hidden within HTTP or HTTPS. UC Call Visualization. Observer is now the only platform in the industry to transform both packet and flow data into intuitive, actionable visualizations that follow the journey of calls through the network infrastructure and identify the location and root cause(s) of poor UC performance. Digital Certificate Analysis. Running servers with non-compliant or expired certificates is a risk, especially if affected hosts and services are public facing. Certificate analysis enables a proactive approach to take timely action, prevent negative outcomes, and safeguard networks and reputation. "Applications are now distributed across private data centers, multiple public clouds, and edge locations, yet many companies fail to upgrade their network monitoring and management solutions to keep pace with these highly complex environments," said Bob Laliberte, Principal Analyst, Enterprise Strategy Group. "VIAVI has recognized this shift and responded by providing comprehensive visibility across these distributed, heterogenous environments. The Observer platform has evolved to support these new environments and its emphasis on end-user experience should appeal to enterprise customers looking to accelerate their transformation, enabling greater operational efficiency and ensuring positive end-user experiences." "In partnership with our customers, we have leveled up performance and threat visibility and developed a powerful set of capabilities that provide insights where they are needed most," said Chris Labac, Vice President and General Manager, Network Performance and Threat Solutions, VIAVI. "Our patented End-User Experience Scoring can now be used by virtually the entire IT team to effectively identify, prioritize, and remediate business-impacting issues. Our UC visualizations are now the best in the industry. New DPI and Azure capabilities round out a release that we're thrilled to deliver. Our focus continues to be not on delivering more KPIs, but delivering more clarity, actionable information, and business value." About VIAVI VIAVI (NASDAQ: VIAV) is a global provider of network test, monitoring and assurance solutions for telecommunications, cloud, enterprises, first responders, military, aerospace and railway. VIAVI is also a leader in light management technologies for 3D sensing, anti-counterfeiting, consumer electronics, industrial, automotive, government and aerospace applications.

Read More

Cloud Security

SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider

PR Newswire | January 03, 2024

SonicWall, a global cybersecurity leader, today announced the acquisition of Banyan Security, a leading provider of security service edge (SSE) solutions for the modern workforce. This acquisition strengthens SonicWall's portfolio by adding zero trust security relied on by leading fortune 100 companies to small businesses who are replacing legacy architectures for SSE solutions, including Zero Trust Network Access (ZTNA). "Cybersecurity's focus is shifting to more dynamic solutions that can adapt to the ever-evolving landscape of threats in the cloud age," said SonicWall President and CEO Bob Vankirk. "For years, firewalls have been the cornerstone of cybersecurity defenses. However, with the rise of cloud computing and secure access service edge (SASE), the industry is shifting its focus to more comprehensive and flexible approaches that include SSE and ZTNA as a necessity. Together, SonicWall and Banyan Security will provide cloud-based secure access service edge (SASE) solutions that empower partners to deliver a security architecture for any stage of their customers' evolving cloud journey." Banyan's technology further extends SonicWall's portfolio to the cloud and provides partners and their customers with more flexibility, which is key to the continued development of SonicWall's cybersecurity platform. The acquisition aligns with SonicWall's "best of suite" strategy — which includes network, endpoint, wireless, cloud email, and threat intelligence — under a single, multi-tenant portal. The platform also simplifies workflows and offers unified threat visibility, enabling service providers and end users to focus on what truly matters. "For decades, SonicWall has played a pivotal role in supporting their partners by delivering leading cybersecurity solutions," said Joshua Skeens, CEO of Logically, a valued SonicWall partner. "They're now extending that to the cloud as the demand for cloud-first strategies is evident. As businesses embark on their cloud journey, they will require hybrid deployments which SonicWall is ideally positioned to provide, and we are excited to be working alongside SonicWall as we empower businesses to thrive in this new era." With hybrid and remote employees working from their homes, virtual offices, and coffee shops, while accessing critical business applications across increasingly complex networks, a new set of challenges has emerged. To secure this ever-growing and interconnected access surface, organizations have been driven to adopt zero trust models to modernize security, often as a replacement for legacy architectures. The announcement comes on the heels of SonicWall's acquisition of Solutions Granted, Inc. (SGI), which helped arm the channel with the latest managed detection and response services tailor-made for Managed Service Providers and Managed Security Service Providers. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. About Banyan Security Banyan Security provides secure, zero trust "work from anywhere" access to infrastructure and applications for employees, developers and third parties without relying on network-centric solutions like VPNs. Deep visibility provides actionable insight, while continuous authorization with device trust scoring and least privilege access, deliver the highest level of protection without sacrificing end-user productivity. Banyan Security protects tens of thousands of employees across multiple industries, including finance, healthcare, manufacturing and technology.

Read More

Cloud Storage

VNET Inks Strategic Partnership with Shandong Hi-Speed Holdings Group Limited

VNET Group, Inc | January 01, 2024

VNET Group, Inc. a leading carrier- and cloud-neutral internet data center services provider in China, announced that it has entered into a strategic cooperation agreement (the "Agreement") with Shandong Hi-Speed Holdings Group Limited ("SDHG," 00412.HK), an important overseas investment and financing as well as emerging industrial holding platform of Shandong Hi-Speed Group. Pursuant to the Agreement, SDHG and VNET will leverage their respective resources and strengths to develop renewable energy projects in northern China. This partnership aims to jointly build low-carbon, secure and highly-efficient renewable energy system, aligning with the national strategy "East Data, West Computing." Furthermore, both parties will join hands to build innovative computing power network infrastructures encompassing data center, cloud computing and big data to promote the low-carbon and high-quality development of IDC services. "We're confident of the synergy that SDHG and VNET are going to create through the partnership," said Mr. Josh Sheng Chen, Founder and Executive Chairman of VNET. "As VNET continues to execute its growth strategy and capitalize on the booming digital economy, the partnership with SDHG will help us to gain a wealth of resources in the infrastructure and renewable energy space. We look forward to collaborating with SDHG in a variety of green energy initiatives to advance toward our carbon neutrality targets and meet surging demand for supercomputing and digital transformation across a broader swath of society." Jianbiao Zhu, Executive Director of SDHG, commented, "We are excited to explore more synergies with VNET to capture the evolving demand driven by AI, leveraging our strength in traditional infrastructure and VNET's capability in new infrastructure backed with its high-power density deployments. As VNET's largest strategic investor, SDHG is pleased to work with Josh and the management team, and leverage its domestic and overseas resources to support the ongoing expansion of VNET's core IDC business to scale up business for a sustainable growth." About VNET VNET Group, Inc. is a leading carrier- and cloud-neutral internet data center services provider in China. VNET provides hosting and related services, including IDC services, cloud services, and business VPN services to improve the reliability, security, and speed of its customers' internet infrastructure. Customers may locate their servers and equipment in VNET's data centers and connect to China's internet backbone. VNET operates in more than 30 cities throughout China, servicing a diversified and loyal base of over 7,000 hosting and related enterprise customers that span numerous industries ranging from internet companies to government entities and blue-chip enterprises to small- to mid-sized enterprises. About Shandong Hi-Speed Holdings Group Limited As a company listed in HKEX, Shandong Hi-Speed Holdings Group Limited ("SDHG") is an important overseas investment and financing as well as emerging industrial holding platform of Shandong Hi-Speed Group. Adhering to the concept of "conduct compliance prudentially, develop steadily and healthily" and leveraging on the unique advantages of Hong Kong international financial center in terms of market, financing, and talents, SDHG is committed to becoming an excellent industrial investment group with a foothold in Hong Kong, an international perspective and connection between domestic and overseas markets for achieving effective integration of resources.

Read More