Next week, GuardiCore will participate at the RSA Conference in San Francisco for the 3rd consecutive year. It is an important event for the larger Cyber and Network Security community and can be seen as the litmus paper for analyzing market trends and more important, understanding current and future needs.
CSO Online recently reported on a study conducted by the Cloud Security Alliance that listed the top twelve threats to cloud computing. The threats range from data breaches, to advanced persistent threats (APTs), to abuse and nefarious uses of cloud services. For example, the report discusses how malicious actors exploit poorly secured or misconfigured cloud services to abuse compute resources for nefarious purposes, such as DDOS attacks or attempts to exfiltrate data as part of a breach.
We recently added File Integrity Monitoring (FIM) to the GuardiCore Centra Security Platform and wanted to share how it can help your organization detect breaches and achieve compliance with regulations such as PCI DSS and HIPAA. These regulations require integrity monitoring as an internal control that must be deployed to ensure protection of an organization’s critical assets and data. Overall, organizations that apply FIM gain increased confidence that their critical data is protected against unauthorized changes.
Dozens of news articles and blog posts talked about this upcoming event however, I would like to to focus on GeekWire’s article that was highlighting one specific topic reported in the S1 document: How Dropbox saved almost $75 million over two years by building its own tech infrastructure .
After making the decision to roll its own infrastructure and reduce its dependence on Amazon Web Services, Dropbox reduced its operating costs by $74.6 million over the next two years.
Micro-segmentation provides the ability to isolate communication flows within applications and workloads and allows for more granular workload security than traditional tools. Beyond using micro-segmentation to allow or block connections and alert on those activities, the ability to compare, within a single platform, policy violations to historical observations can dramatically accelerate breach detection, investigation, and response.
The movement of data and workloads to the cloud has been more like a headlong rush. In the quest for a competitive edge, businesses are clearly eager to take advantage of the agility and elasticity the cloud affords them – so much so that security is often an afterthought. But hey, isn’t the cloud provider taking care of that?
Some companies are surprised to hear the answer is no, at least not entirely.
In traditional data center environments, security teams usually leverage their standard security tools and agents to capture network-level logs. Capturing these logs gives teams visibility into network architecture and traffic flow. However, when we migrate applications to AWS, these standard practices change. The same toolsets might not be as efficient as they were in the traditional environment. While security fundamentals are the same, the approach changes. Security teams need to explore new options and adopt new tools to ensure adequate security coverage.
Containers and orchestration systems use numerous technical abstractions to support auto-scaling and distributed applications that obfuscate visibility into application communication flows. Security teams lose visibility into application communication flows, rendering traditional tools useless and exposing the application to risk.
Micro-segmentation is very achievable. While it can feel daunting, you can succeed by proactively being aware of and avoiding these roadblocks. Read more
The Virtual Desktop Infrastructure (VDI) continues to gain popularity among our customers due to its many advantages and benefits when deployed within the modern data center infrastructure. However, those deployments lack some of the capabilities that are needed to address the threats that are introduced when moving away from hardware desktops to a virtual environment. Thus, many organizations are still hesitating about VDI in view of security concerns, especially due to the increased attack surface and the fact that endpoint devices, which are vulnerable by nature, share compute resources with the organization’s most critical and important servers inside the data center.