The year’s most significant attacks highlight how hackers are changing tactics — and how IT security must evolve in the year ahead. Not a week went by in 2015 without a major data breach, significant attack campaign, or serious vulnerability report. Many of the incidents were the result of disabled security controls, implementation errors, or other basic security mistakes, highlighting how far organizations have to go in nailing down IT security basics.
On December 17th, 2015 Juniper issued an advisory indicating that they had discovered unauthorized code in the ScreenOS software that powers their Netscreen firewalls. This advisory covered two distinct issues; a backdoor in the VPN implementation that allows a passive eavesdropper to decrypt traffic and a second backdoor that allows an attacker to bypass authentication in the SSH and Telnet daemons. There are speculations that the backdoor was installed by “State Sponsored” actors. Shortly after Juniper posted the advisory, an employee of Fox-IT stated that they were able to identify the backdoor password in six hours. (So much for Government efficiency hiding their actions)
How do you detect a security breach inside your network? How do you collect the necessary intelligence to protect your assets properly? Sun Tzu, author of The Art of War, said that convincing your opponents to unveil their identity without knowing that they are being watched is one of the most important keys to winning a war. Attack deception is one of the best techniques to make attackers unveil their identity and gain valuable intelligence. While it is not new, advanced attack deception methods take advantage of Sun Tzu’s strategy.
Opportunistic hackers are far from the limelight these days but they still exist and can cause large amounts of damage if they manage to break into your systems. We’ve recently observed our Data Center Security Suite catch such a hacker, an “Alex” from Romania who has kindly enough supplied his own name and private domain for publicity.
Process-Level Visibility Between Containers Delivers More Granular Application Security Monitoring and Troubleshooting for “Dockerized” Applications
DockerCon Europe 2015, Barcelona, Spain – GuardiCore, a leader in internal data center security, today announced that it has expanded support for the Docker open platform for building, shipping and running distributed applications. In addition to providing advanced breach detection and response for “Dockerized” applications, GuardiCore has extended its support for Docker environments to deliver process-level visibility between any two containers, allowing security and devops teams to effectively secure, monitor, maintain and troubleshoot applications in a very granular manner. GuardiCore will be demonstrating its Docker support at Dockercon in the New Innovators Showcase. Read more
Solution Combining Nuage Networks Software Defined Networking (SDN) with GuardiCore Threat Detection Capabilities Provides Advanced, Real-Time Protection for Data Centers and Clouds
Tel Aviv, Israel, – GuardiCore, a leader in internal data center security, today announced its Data Center Security Suite as one of the first technologies to achieve Nuage Networks certification. GuardiCore integration with the Nuage Networks Virtual Services Platform (VSP) helps organizations easily add advanced security to the Nuage Networks environment to detect, analyze and respond in real time to advanced threats, minimizing the cost and damage of a breach. Read more
So, VMworld Europe just concluded last week and certainly there was a lot to talk about, from hybrid clouds, VMware’s acquisition of Boxer, Dell’s acquisition of EMC and how this affects VMware (it doesn’t according to Dell CEO Michael Dell), VMware CEO Pat Gelsinger’s keynote where he highlighted the five imperatives of the digital business and also called out of some enterprises for lack of agility (“Elephants must learn to dance”) and of course, security, which seemed to be integrated into almost every topic at the event.
Today we announced the general availability of the GuardiCore Data Center Security suite.
We are very excited to bring our solution to market, and feel we will be able to provide much needed help for organizations that are struggling to withstand the onslaught of cyber attacks.
New Breed of Security Solution Detects Active Breaches inside Data Centers and Clouds Where Legacy Approaches Fall Short
San Francisco, CA – GuardiCore, a leader in internal data center security, today announced availability of its security solution that leverages advanced threat deception technology and a proactive honeypot approach to protect enterprise data centers and clouds from advanced threats that are increasingly breaching legacy security defenses. The GuardiCore Data Center Security Suite is built from the ground up for today’s modern data centers and clouds, providing unparalleled visibility, active breach detection and real-time response for both virtual and physical environments, and scales to support the performance requirements for high traffic data center environments. Read more
Last week our team, myself included, participated in the CloudStack Collaboration Conference ( CSCC) that took place in Dublin, Ireland. About 200 attendees enjoyed a well-organized event during a non-typical Irish weather (sunny, no rain).
As a bonus, the local team won the UEFA EURO soccer match against the strong German team.