Reflections from Gartner Security Summit 2018

Last week, the GuardiCore team participated at the 2018 Gartner Security and Risk Management Summit in National Harbor, MD. This year we were honored to be named as a Cool Vendor in the June 2018 Gartner, “Cool Vendors in Security for Midsize Enterprises” report. It is always great to get industry recognition and validation. According to Gartner, a Midsize Enterprise needs most, if not all, of the IT capabilities a large enterprise needs, just at a lesser scale. Our solution, GuardiCore Centra enables organizations to easily micro-segment their environments while continuously monitoring critical systems for breaches using deception and threat intelligence-based reputation feeds, and it does it on any kind of data center environment. Protecting the core’s most critical application FTW!

Read more

Securing the Modern Law Firm

Law firms are increasingly the target of cyber attacks. Since 2012, cyber attacks have been constantly on the rise, culminating in several high profile breaches in 2015 and 2016.

Cyber criminals recognize law firms as vaults of proprietary sensitive corporate data and as such, optimal target for cyber security attacks. From the Panama Papers to DLA Piper, 2017 was one of the most challenging cybersecurity years for law firms and there is no indication that this trend is slowing down in 2018.

At the same time, law firm clients are considering cyber security as a serious factor in decision making and firms that fail to address security threats are more likely to lose business, face regulatory actions and even face lawsuits from clients. Read more

Time to Transform Data Centre Security?

Digital transformation is by its very definition redefining how data centres are designed and services managed and deployed. In fact, much like the long-maligned ‘perimeter’ security model many once datacentre-centric workloads are evaporating and re-forming as more agile and elastic cloud-based operational models.

Read more

Security Features of the Hybrid Cloud (OpenStack and AWS)

Everyone knows about the many benefits of the cloud: it is infinitely scalable, developer-friendly, and easy to use. However, we often avoid addressing the reality that the cloud is not perfect. The truth is that, despite the cloud’s many merits, it presents a significant challenge from a security standpoint. Security concerns might make you hesitate to deploy your workloads in any cloud, be it public or private – and understandably so.

Read more

Integrating Security and DevOps to Protect Cloud Workloads

CSO Online recently reported on a study conducted by the Cloud Security Alliance that listed the top twelve threats to cloud computing. The threats range from data breaches, to advanced persistent threats (APTs), to abuse and nefarious uses of cloud services. For example, the report discusses how malicious actors exploit poorly secured or misconfigured cloud services to abuse compute resources for nefarious purposes, such as DDOS attacks or attempts to exfiltrate data as part of a breach.

Read more

GuardiCore Adds File Integrity Monitoring to the Centra Security Platform

We recently added File Integrity Monitoring (FIM) to the GuardiCore Centra Security Platform and wanted to share how it can help your organization detect breaches and achieve compliance with regulations such as PCI DSS and HIPAA. These regulations require integrity monitoring as an internal control that must be deployed to ensure protection of an organization’s critical assets and data. Overall, organizations that apply FIM gain increased confidence that their critical data is protected against unauthorized changes.
Read more

Musing on Springs, Cloud Stiffness and K

Congratulations to our friends at Dropbox that announced earlier last week plans to raise $500 million through an initial public offering . Well done!

Dozens of news articles and blog posts talked about this upcoming event however, I would like to to focus on GeekWire’s article that was highlighting one specific topic reported in the S1 document: How Dropbox saved almost $75 million over two years by building its own tech infrastructure .

After making the decision to roll its own infrastructure and reduce its dependence on Amazon Web Services, Dropbox reduced its operating costs by $74.6 million over the next two years. 

 

Read more

Leveraging Micro-Segmentation Data to Accelerate Breach Detection

Micro-segmentation provides the ability to isolate communication flows within applications and workloads and allows for more granular workload security than traditional tools. Beyond using micro-segmentation to allow or block connections and alert on those activities, the ability to compare, within a single platform, policy violations to historical observations can dramatically accelerate threat detection, investigation, and response.

Read more

Why Native Cloud Controls Are Not Enough for Meaningful Micro-Segmentation

The movement of data and workloads to the cloud has been more like a headlong rush. In the quest for a competitive edge, businesses are clearly eager to take advantage of the agility and elasticity the cloud affords them – so much so that security is often an afterthought. But hey, isn’t the cloud provider taking care of that? 

Some companies are surprised to hear the answer is no, at least not entirely.
Read more