Security – EvaluateSolutions38 https://evaluatesolutions38.com Latest B2B Whitepapers | Technology Trends | Latest News & Insights Thu, 04 May 2023 18:23:47 +0000 en-US hourly 1 https://wordpress.org/?v=5.8.6 https://dsffc7vzr3ff8.cloudfront.net/wp-content/uploads/2021/11/10234456/fevicon.png Security – EvaluateSolutions38 https://evaluatesolutions38.com 32 32 Github Announces New Tools to Ensure Integrity and Secure Software Supply Chain https://evaluatesolutions38.com/news/security-news/github-announces-new-tools-to-ensure-integrity-and-secure-software-supply-chain/ https://evaluatesolutions38.com/news/security-news/github-announces-new-tools-to-ensure-integrity-and-secure-software-supply-chain/#respond Mon, 24 Apr 2023 14:52:44 +0000 https://evaluatesolutions38.com/?p=52186 Highlights:

  • Private vulnerability reporting, the first new tool, is now generally accessible and was created to assist open-source maintainers and security researchers adopt best practices for reporting and resolving vulnerabilities.
  • Npm is a widely used package manager for the JavaScript programming language and is maintained by npm Inc.

GitHub, which is owned by Microsoft Corp., announced two new tools recently to assist developers in ensuring the integrity of their projects and securing the software supply chain.

Private vulnerability reporting, the first new tool, is now generally accessible and was created to assist open-source maintainers and security researchers in adopting best practices for reporting and resolving vulnerabilities. A standardized and secure method for the open-source community to report and collaborate on vulnerabilities made it far too easy for issues to go unresolved or to become publicly known before fixes were ready. This problem is what the private collaboration channel aims to address.

Private vulnerability reporting makes the process simple for researchers and maintainers to identify and correct vulnerabilities in public repositories through various tools and automated features. This includes the capacity to report identified issues in multiple repositories and recognize contributions from multiple researchers who aid in vulnerability detection and resolution.

In November, the service entered the public beta testing phase and was made available to maintainers from over 30,000 organizations, who used it to facilitate private vulnerability reporting on over 180,000 repositories. During this time, researchers submitted more than 1,000 reports to the service.

The second release, npm package provenance, will allow programmers create npm projects on GitHub Actions which will include providence information with their packages. This enables consumers to verify the source repository and build instructions for a package. Npm is a widely used package manager for the JavaScript programming language maintained by npm Inc. Its popularity stems from being the default package manager for the Node.js JavaScript runtime environment.

GitHub states that programmers plug npm packages into their applications daily with little thought, weakening the integrity of their software supply chain. As the stewards of the npm registry, GitHub helps in building trust in these projects, and consumers of npm projects can trust the source code and build process with this release.

The two new tools come after GitHub released Copilox X in March. Copilox X is an AI tool that is partly powered by GPT-4. The tool is an enhanced version of the Copilot coding assistant, which GitHub had released in the middle of 2021. It was made to help developers write code faster and has features that weren’t in the original release.

]]>
https://evaluatesolutions38.com/news/security-news/github-announces-new-tools-to-ensure-integrity-and-secure-software-supply-chain/feed/ 0
Crowdstrike Turns to Managed XDR to Assist Organizations in Navigating the Cyber Skills Gap https://evaluatesolutions38.com/news/security-news/crowdstrike-turns-to-managed-xdr-to-assist-organizations-in-navigating-the-cyber-skills-gap/ https://evaluatesolutions38.com/news/security-news/crowdstrike-turns-to-managed-xdr-to-assist-organizations-in-navigating-the-cyber-skills-gap/#respond Mon, 24 Apr 2023 14:41:40 +0000 https://evaluatesolutions38.com/?p=52180 Highlights:

  • Falcon Complete XDR can support teams with varying skill levels and help eliminate data and organizational silos to stop cyber adversaries.
  • As part of CrowdStrike’s “better-together strategy” for bringing XDR to organizations of all sizes, the partnership between partners and CrowdStrike is said to have been successful in the MDR market.

CrowdStrike Holdings Inc., a company specializing in cybersecurity, has introduced a new managed extended detection and response service called Falcon Complete XDR, which combines the power of human expertise with AI automation and threat intelligence. This service bridges the cybersecurity skills gap by offering 24/7 expert management, threat hunting and amp; monitoring, and end-to-end remediation across all important attack surfaces.

Falcon Complete XDR can support teams with varying skill levels and help break down data and organizational silos to stop cyber adversaries. The service addresses the challenge faced by almost half of all organizations who believe they need more security operations skills. Additionally, a massive cybersecurity workforce gap of 3.4 million individuals makes it difficult for companies to hire the necessary staff to implement a robust security program.

Tom Etheridge, the Chief Global Services Officer of CrowdStrike stated, “With Managed XDR services, organizations can entrust the implementation, management, response and end-to-end remediation of advanced threats across multiple vendors and attack surfaces.” He said the company can provide that without the “burden, overhead, or costs of deploying and managing a 24/7 threat detection and response function on their own.”

CrowdStrike highlighted the Partner-Delivered Managed XDR Services with the introduction of Falcon Complete XDR. To provide MXDR services to their clients, partners use the Falcon platform.

As part of CrowdStrike’s “better-together strategy” for bringing XDR to organizations of all sizes, the collaboration between CrowdStrike and its partners is said to have been successful in the MDR market. Delivering MXDR services powered by CrowdStrike has benefited top international system integrators and managed security service providers. BT Group plc, ReliaQuest LLC, Red Canary Inc., Eviden, and Telefonica Tech S.A. are notable partners.

]]>
https://evaluatesolutions38.com/news/security-news/crowdstrike-turns-to-managed-xdr-to-assist-organizations-in-navigating-the-cyber-skills-gap/feed/ 0
Research by Akamai Identifies a 137% Increase in Application and API Attacks https://evaluatesolutions38.com/news/cloud-news/research-by-akamai-identifies-a-137-increase-in-application-and-api-attacks/ https://evaluatesolutions38.com/news/cloud-news/research-by-akamai-identifies-a-137-increase-in-application-and-api-attacks/#respond Thu, 20 Apr 2023 14:30:45 +0000 https://evaluatesolutions38.com/?p=52132 Highlights:

  • According to the report, Local File Inclusion remains the most common attack vector, with a 193% year-over-year increase.
  • Another emerging attack vector that poses a significant threat to organizations is server-side request forgery.

According to new research from Akamai Technologies Inc., a content delivery network and cloud services provider, application and application programming interface attacks increased by 137% through 2022.

According to the study “Slipping through the Security Gaps: The Rise of Application and API Attacks Against Organizations,” there has been an increase in application and API attacks regarding frequency and complexity as adversaries seek more innovative ways to exploit the expanding attack surface.

2022 was discovered to be a record-breaking year for application and API attacks. The 137% increase is a major concern as organizations adopt more web applications and APIs to enhance their business and increase customer ease of use. According to the report, Local File Inclusion remains the most common attack vector, with a 193% year-over-year increase.

In the research, Akamai researchers also detail several emerging attack vectors, such as Server-Side Template Injections. SSTI is a technique in which attackers exploit notable vulnerabilities such as Spring4Shell, Log4Shell, and the Atlassian Confluence vulnerability. Attacks can result in remote code execution and data exfiltration, posing serious business risks.

Another emerging attack vector that poses a significant threat to organizations is Server-Side Request Forgery. Through 2022, Akamai observed an average of 14 million SSRF attempts per day against its customers’ web applications and APIs.

Broken Object Level Authorization has also been identified as an increasing source of concern. BOLA is a simple but high-risk attack method that allows access to other users’ information.

Other findings in the report included an 82% increase in the healthcare industry attacks because of the adoption of the “internet of medical things” in the healthcare sector, which expanded the healthcare attack surface—because of the proliferation of the Internet of Things connections and the massive data collected from this sector’s equipment, median attacks on the manufacturing industry increased by 76% last year.

Akamai’s Senior Vice President and General Manager of application security, Rupesh Chokshi, said in a statement, “As cybercriminals evaluate who provides the best return on investment based on the level of effort, the value of data, or the likelihood of paying extortion, we often see shifts in attack trends.”

]]>
https://evaluatesolutions38.com/news/cloud-news/research-by-akamai-identifies-a-137-increase-in-application-and-api-attacks/feed/ 0
Amazon and De Beers Collaborate to Produce Artificial Diamonds for Quantum Networking https://evaluatesolutions38.com/news/tech-news/amazon-and-de-beers-collaborate-to-produce-artificial-diamonds-for-quantum-networking/ https://evaluatesolutions38.com/news/tech-news/amazon-and-de-beers-collaborate-to-produce-artificial-diamonds-for-quantum-networking/#respond Fri, 07 Apr 2023 15:03:16 +0000 https://evaluatesolutions38.com/?p=51807 Highlights:

  • A developing technology called quantum networking may one day enable data transmission with higher security than is currently possible.
  • Data can only move a relatively small distance when transmitted as light over a network before errors start to appear.

According to a recent report, Amazon Web Services Inc. has partnered with De Beers PLC to produce diamonds for quantum networks.

According to a recent Bloomberg report, a De Beers subsidiary named Element Six is involved in the partnership. The subsidiary has opened a facility in Oregon that can produce millions of artificial diamonds annually, meant for networking purposes. Element Six will work with an AWS division called the Center for Quantum Networking, which debuted last year, as part of the partnership.

A developing technology called quantum networking may enable data transmission with higher security than is currently possible one day. AWS intends to integrate the technology into its infrastructure, according to Bloomberg. For tasks like connecting cloud data centers together, quantum networking hardware might be used.

In a data center network, information is encoded to light and then transmitted over fiber optic cables to its final location. Quantum networks also use light to transmit data. However, they go about it in a way that makes it much more difficult for hackers to eavesdrop on data traffic secretly.

The observer effect, a phenomenon, causes observing subatomic particles to change some of their characteristics. The state of the photons passing through the fiber optic cables of a quantum network is altered when a hacker observes those photons. Therefore, the ensuing interference enables the network operator to identify a breach right away.

Quantum networks also make it difficult for hackers to copy traffic, which is another advantage. This lowers the possibility of data exfiltration, further enhancing security. Nevertheless, one of the biggest challenges to putting the technology into practice is how challenging it is to copy information in quantum networks.

Data can only move a relatively small distance when transmitted as light over a network before errors start to appear. The reason is that as light signals carrying data travel farther and farther from their source, they weaken.

Conventional networks have a repeater component as a solution to that problem. To prevent errors, it gathers information-carrying light pulses before they begin to fade, makes a new copy, and then sends the copy in place of the original. However, in quantum networks, copying data in this way is impossible, making it impossible to use conventional repeaters.

Quantum networks are unsuitable for connecting geographically dispersed systems because long-distance data transmission calls for repeaters. This limits the technology’s applicability to cloud service providers. The new alliance between AWS and De Beers aims to overcome this difficulty.

As part of the collaboration, the cloud behemoth is creating a novel repeater operating in quantum networks. According to reports, AWS intends to produce components using artificial diamonds grown by De Beers’ Element Six division. A significant step toward creating commercial-grade quantum networks would be the creation of a working quantum repeater.

According to Bloomberg, Antia Lamas-Linares, AWS Center for Quantum Networking head, expects the technology to be used in “years rather than decades.”

Competitors of AWS are also investing in cutting-edge networking technologies. Microsoft Corp. purchased the networking startup Lumenisity Ltd. in December of last year. The startup has created a new fiber optic cable to transmit data more securely and quickly than existing hardware.

Lumenisity’s cables differ from regular fiber optic links as they are hollow. Before being acquired by Microsoft, the startup claimed that data could move through the hollow core 50% more quickly than with standard network hardware. Additionally, the technology enables traffic protection using quantum encryption algorithms, which are more secure than the software used today.

]]>
https://evaluatesolutions38.com/news/tech-news/amazon-and-de-beers-collaborate-to-produce-artificial-diamonds-for-quantum-networking/feed/ 0
Updates to Akamai’s Managed Security Service and a New Premium Offering Announced https://evaluatesolutions38.com/news/security-news/updates-to-akamais-managed-security-service-and-a-new-premium-offering-announced-2/ https://evaluatesolutions38.com/news/security-news/updates-to-akamais-managed-security-service-and-a-new-premium-offering-announced-2/#respond Fri, 07 Apr 2023 14:59:50 +0000 https://evaluatesolutions38.com/?p=51804 Highlights:

  • More Akamai Experts are now accessible through updates to Akamai Managed Security Services, and technical advisory hours with engagement managers and support delivery managers are now included without additional fees.
  • Enhanced site monitoring, regular reviews with Akamai SOCC experts to collaborate and exchange information, proactive communication from SOCC subject matter experts, a customer-specific security incident and event management or SIEM view in the SOCC dashboard, and proactive communication are all included in the premium service.

Akamai Technologies Inc., a provider of content delivery network and cloud services, recently confirmed an updated managed security service program and a new premium service offering to assist customers in protecting themselves from cyberattacks.

With proactive monitoring and rapid response in the event of a cyberattack, the new capabilities assist customers in protecting their businesses 24×7 from sophisticated attacks. Customers can use the increased access to Akamai security experts, reduced pricing, and better and direct assistance to their advantage because of the new capabilities. A premium version of the service is also available for customers who want personalized support and prioritized escalation paths.

With the release, Akamai hopes to address an ever-growing attack surface posing problems for businesses: distributed denial-of-service attacks and credential stuffing that can disrupt and shut down business services.

Roger Barranco, Vice President of support services at Akamai, said, “Businesses everywhere are struggling to defend against sophisticated cyber adversaries who are determined to create chaos and hinder business continuity. Our customers have asked for higher levels of service, which is what we’re delivering with Akamai’s managed security service and premium offerings. We’re partnering with our customers in a way that augments the availability of highly skilled proactive cybersecurity professionals.”

More Akamai Experts are now accessible through updates to Akamai Managed Security Services, and technical advisory hours with engagement managers and support delivery managers are now included without additional fees. The Managed Security Service from Akamai still offers the basic package price but with more features. The pricing of additional App and amp; API Protector with managed Advanced Security Management policy, managed Page Integrity configuration, and Bot Manager Premier endpoint, has also reduced.

According to the company, customers now have access to more support because Akamai University seats, after-hours configuration assistance, and quarterly customer business reviews are part of the base package.

According to the company, the Security Operations Control Center Premium service offers prioritized escalation and support tailored to the individual customer’s needs. Features for better outcomes and alignment include named resources, customer-specific data, and 24/7 customer access to SOCC experts.

Enhanced site monitoring, regular reviews with Akamai SOCC experts to collaborate and exchange information, proactive communication from SOCC subject matter experts, a customer-specific security incident and event management or SIEM view in the SOCC dashboard, and proactive communication are all included in the premium service. Faster escalations give clients faster access to SOCC management and immediate access to Akamai subject matter experts. Customers can access Akamai’s SOCC Premium Service from April 6.

]]>
https://evaluatesolutions38.com/news/security-news/updates-to-akamais-managed-security-service-and-a-new-premium-offering-announced-2/feed/ 0
Updates to Akamai’s Managed Security Service and a New Premium Offering Announced https://evaluatesolutions38.com/news/security-news/updates-to-akamais-managed-security-service-and-a-new-premium-offering-announced/ https://evaluatesolutions38.com/news/security-news/updates-to-akamais-managed-security-service-and-a-new-premium-offering-announced/#respond Wed, 05 Apr 2023 18:51:49 +0000 https://evaluatesolutions38.com/?p=51759 Highlights:

  • More Akamai Experts are now accessible through updates to Akamai Managed Security Services, and technical advisory hours with engagement managers and support delivery managers are now included without additional fees.
  • Enhanced site monitoring, regular reviews with Akamai SOCC experts to collaborate and exchange information, proactive communication from SOCC subject matter experts, a customer-specific security incident and event management or SIEM view in the SOCC dashboard, and proactive communication are all included in the premium service.

Akamai Technologies Inc., a provider of content delivery network and cloud services, recently confirmed an updated managed security service program and a new premium service offering to assist customers in protecting themselves from cyberattacks.

With proactive monitoring and rapid response in the event of a cyberattack, the new capabilities assist customers in protecting their businesses 24×7 from sophisticated attacks. Customers can use the increased access to Akamai security experts, reduced pricing, and better and direct assistance to their advantage because of the new capabilities. A premium version of the service is also available for customers who want personalized support and prioritized escalation paths.

With the release, Akamai hopes to address an ever-growing attack surface posing problems for businesses: distributed denial-of-service attacks and credential stuffing that can disrupt and shut down business services.

Roger Barranco, Vice President of support services at Akamai, said, “Businesses everywhere are struggling to defend against sophisticated cyber adversaries who are determined to create chaos and hinder business continuity. Our customers have asked for higher levels of service, which is what we’re delivering with Akamai’s managed security service and premium offerings. We’re partnering with our customers in a way that augments the availability of highly skilled proactive cybersecurity professionals.”

More Akamai Experts are now accessible through updates to Akamai Managed Security Services, and technical advisory hours with engagement managers and support delivery managers are now included without additional fees. The Managed Security Service from Akamai still offers the basic package price but with more features. The pricing of additional App and amp; API Protector with managed Advanced Security Management policy, managed Page Integrity configuration, and Bot Manager Premier endpoint, has also reduced.

According to the company, customers now have access to more support because Akamai University seats, after-hours configuration assistance, and quarterly customer business reviews are part of the base package.

According to the company, the Security Operations Control Center Premium service offers prioritized escalation and support tailored to the individual customer’s needs. Features for better outcomes and alignment include named resources, customer-specific data, and 24/7 customer access to SOCC experts.

Enhanced site monitoring, regular reviews with Akamai SOCC experts to collaborate and exchange information, proactive communication from SOCC subject matter experts, a customer-specific security incident and event management or SIEM view in the SOCC dashboard, and proactive communication are all included in the premium service. Faster escalations give clients faster access to SOCC management and immediate access to Akamai subject matter experts. Customers can access Akamai’s SOCC Premium Service from April 6.

]]>
https://evaluatesolutions38.com/news/security-news/updates-to-akamais-managed-security-service-and-a-new-premium-offering-announced/feed/ 0
Fortinet Announces Upgrades to Network and Security https://evaluatesolutions38.com/news/security-news/fortinet-announces-upgrades-to-network-and-security/ https://evaluatesolutions38.com/news/security-news/fortinet-announces-upgrades-to-network-and-security/#respond Wed, 05 Apr 2023 18:42:39 +0000 https://evaluatesolutions38.com/?p=51750 Highlights:

  • FortiManager now integrates with FortiSASE, its single-vendor secure access service edge solution, to provide uniform security, administration, and analytics throughout the whole hybrid network.
  • Upgrades to Fortinet’s secure software-defined wide-area network for branch offices provide consistent protection and an improved user experience for business-critical cloud and data center applications.

Fortinet Inc., a cybersecurity company, has lately made many announcements about expanding its networking and security solutions.

The innovations include new products, features, and revisions to the flagship Network Security Expert Certification program. Fortinet’s most recent developments allow unified management and analytics throughout its secure networking portfolio, making it the leader in unified management and analytics across the whole hybrid network. FortiManager now integrates with FortiSASE, its single-vendor secure access service edge solution, to provide uniform security, administration, and analytics throughout the hybrid network.

FortiManager can now administer and enforce Fortinet’s secure networking components, such as the Hybrid Mesh Firewall, Universal ZTNA, Single-Vendor SASE, Secure SD-WAN, and Secure WLAN/LAN.

Additionally, the company has announced updates to its secure networking portfolio and FortiOS 7.4 platform too. FortiGate 7080F, a new series of next-generation firewalls, includes upgrades to the hybrid mesh firewalls for data centers and the cloud. FortiGate 7080F removes point products, lowers complexity, and increases performance using application-specific integrated circuit technology and superior security powered by artificial intelligence and machine learning.

Upgrades to Fortinet’s secure software-defined wide-area network for branch offices provide consistent protection and an improved user experience for business-critical cloud and data center applications. New capabilities consist of a restructured monitoring map view that offers global WAN status for individual site and automation in overlay orchestration to accelerate site installations.

FortiSASE simplifies operations across hybrid networks by merging cloud-delivered security and networking for single-vendor SASE for distant users and branch offices. FortiSASE now interacts with FortiManager as part of this release, enabling unified policy administration for Secure SD-WAN and SASE and visibility across on-premises and remote users.

Universal ZTNA for remote users and campus locations now allegedly delivers the industry’s most flexible zero-trust application access management, regardless of where the user or application is situated. New upgrades directly provide user-based risk ratings for ongoing application access checks.

FortiAP in WLAN/LAN used for branch offices will be able to integrate with Fortinet’s Single-Vendor SASE solution, marking it the industry’s first AP integration with SASE.

Capabilities for real-time response and automation throughout the security fabric

Fortinet has also expanded its Security Fabric with new products and features to allow enhanced threat prevention and coordinated response across networks, endpoints, and clouds for a self-defending ecosystem. The Security Fabric, which consists of over 50 enterprise-grade solutions, now includes real-time reaction and automation capabilities, transforming detection into real-time protection.

FortiEDR and FortiXDR now offer enhanced interactive incident visualization with expanded contextual incident data leveraging different threat intelligence streams to facilitate and accelerate investigations.

Meanwhile, FortiNDR Cloud, another new service, merges the robust AI with pragmatic analysis and breach protection technologies. The technology offers 365-day retention and visibility into network data, built-in playbooks, and threat-hunting tools for detecting aberrant and malicious network behavior.

FortiRecon now provides expanded proactive threat intelligence about crucial supply chain vendor and partner risks, such as externally exposed assets, hacked data, and ransomware attack intelligence. And FortiDeceptor now provides vulnerability outbreak protection, tricking attackers from tangible assets to false assets and isolating the attack early in the kill chain.

Michael Xie, Founder, President, and Chief Technology Officer at Fortinet, stated, “From our founding, Fortinet’s broad portfolio has been built with integration and automation in mind. Our commitment to this vision has made Fortinet a leader in supporting customers by consolidating point products into one unified cybersecurity platform. With today’s news, we are taking this commitment one step further by adding new real-time response and automation capabilities to improve efficacy, increase effectiveness and accelerate time to resolve sophisticated attacks.”

]]>
https://evaluatesolutions38.com/news/security-news/fortinet-announces-upgrades-to-network-and-security/feed/ 0
Cado Security Releases Masked-AI, an Open Source Library https://evaluatesolutions38.com/news/security-news/cado-security-releases-masked-ai-an-open-source-library/ https://evaluatesolutions38.com/news/security-news/cado-security-releases-masked-ai-an-open-source-library/#respond Mon, 03 Apr 2023 15:12:34 +0000 https://evaluatesolutions38.com/?p=51704 Highlights:

  • The free, open-source Python SDK and CLI tool complements Cado’s enterprise/commercial cloud forensics and incident response software.
  • It made headlines when Cado Security raised USD 20 million in fresh capital earlier this month for global expansion and product development.

Recently, Cado Security Ltd., a cloud forensics and incident response platform startup, announced the launch of a new security solution geared towards APIs for large language models.

The open-source library known as Masked-AI provides secure use of LLM APIs like OpenAI LP’s GPT-4 without transmitting private data. It may be downloaded from the GitHub source, enabling programmers to use OpenAI APIs without worrying about security issues.

Co-founder and chief technology officer of Cado Security, Chris Doman, said, “Masked-AI is an open-source tool that anyone can use to ensure better security and privacy when leveraging OpenAI/ChatGPT, which is especially important in the context of incident response. As active participants in the security community, this is an impactful milestone for empowering security professionals to respond to threats at cloud speed. This simple yet powerful tool demonstrates that we can use LLMs securely without compromising on the quality of the responses generated.”

With the help of GPT-3, Cado Security’s platform previously provided an Interactive Incident Response tool that streamlined forensic investigations and ramped up responses. However, the business detected a number of potential issues, including privacy-related issues, with GPT-3 in production systems for the incident response use case.

Through Masked-AI, Cado Security hopes to create a community around enhancing the effectiveness of security teams while safely utilizing LLM APIs to speed up incident response in the cloud.

The service hides user names, IP addresses, credit card numbers, email addresses, and phone numbers. After replacing sensitive data with a placeholder, the tool submits the masked request to the API. To recreate the API result, the solution keeps a lookup table locally. The user can then access sensitive info after that.

The free, open-source Masked-AI Python software development kit and command line interface tool complement Cado’s enterprise and commercial cloud forensics and incident response product. The new open-source application has also been linked with the Cado platform to further streamline and speed up the incident response process.

It made headlines when Cado Security secured USD 20 million in fresh funding for international growth and product development earlier this month. Eurazeo S.A., CyLon Ventures Ltd., Ten Eleven Ventures LLC, and Blossom Capital LLP are a few of the company’s investors.

]]>
https://evaluatesolutions38.com/news/security-news/cado-security-releases-masked-ai-an-open-source-library/feed/ 0
F5’s Secure Multi-Cloud Networking Solutions Simplify Operations for Distributed Application Deployments https://evaluatesolutions38.com/news/cloud-news/f5s-secure-multi-cloud-networking-solutions-simplify-operations-for-distributed-application-deployments/ https://evaluatesolutions38.com/news/cloud-news/f5s-secure-multi-cloud-networking-solutions-simplify-operations-for-distributed-application-deployments/#respond Wed, 22 Mar 2023 17:20:22 +0000 https://evaluatesolutions38.com/?p=51606 Highlights:

  • F5 Distributed Cloud Services links applications at the network and workload levels by offering businesses an integrated services stack.
  • Microservices and API-heavy distributed applications have grown in popularity while cloud and hybrid architectures have proliferated.

F5 Inc., a company specializing in network traffic management and application security, recently announced new multi-cloud networking capabilities that extend application and security services across cloud platforms, hybrid architectures, native Kubernetes environments, and the network edge.

F5 Distributed Cloud Services’ new features offer connection and security at the network and application layers. This allows businesses to securely connect applications hosted in various locations while operating across multiple computing environments.

F5 asserts that doing this has, up until now, been extremely challenging. As a result of the growing adoption of multi-cloud, the typical organization currently manages hundreds of applications across many distributed computing platforms. They need an integrated services stack to link such applications at the network and workload levels. As a result, the lack of communication between applications increases the complexity of telemetry data collection, reduces visibility, and increases the attack surface.

According to Michael Rau, Senior Vice President, and General Manager of distributed cloud platform and security services at F5, secure app-to-app communication is a goal for any digital enterprise. Yet, he said, only some have succeeded in doing so.

Rau said, “The proliferation of cloud and hybrid architectures has coincided with the rise of microservices and API-heavy distributed applications — all of which contribute complexity and diminish visibility. F5’s platform-based approach greatly expands our ability to serve customers’ hybrid and multi-cloud use cases.”

According to the company, F5 Distributed Cloud Services gives businesses access to an integrated services stack that integrates applications at network and workload levels. With comprehensive networking and application security features and quicker installation, companies can manage their dispersed applications from a single console.

With the automated or one-click provisioning of additional security services like web application firewalls, API security, and DDos or bot mitigation, it offers advanced networking services for applications across any cloud or environment. These services include load balancing, ingress/egress controls, API gateways, and visibility.

To increase security and hasten the delivery of apps, the service also gains from native Kubernetes integration, which enables fine-grained control for particular applications without exposing the underlying network. According to the firm, the Distributed Cloud Network Connect architecture from F5 makes it easier to integrate and connect apps to additional cloud locations and providers with automatic provisioning.

According to Zeus Kerravala of ZK Research, these networks must offer application-layer connection as enterprise cloud strategies go from using various apps and clouds to a real multi-cloud architecture with distributed workloads. “F5 has long been a leader in application networking, and its Distributed Cloud Services provides a fully integrated set of layer 3 to 7 services for securely connecting across clouds and workloads, even those deployed at the edge or branch office,” he said.

]]>
https://evaluatesolutions38.com/news/cloud-news/f5s-secure-multi-cloud-networking-solutions-simplify-operations-for-distributed-application-deployments/feed/ 0
ForgeRock Introduces a Passwordless Authentication System https://evaluatesolutions38.com/news/tech-news/artificial-intelligence-news/forgerock-introduces-a-passwordless-authentication-system/ https://evaluatesolutions38.com/news/tech-news/artificial-intelligence-news/forgerock-introduces-a-passwordless-authentication-system/#respond Tue, 21 Mar 2023 12:45:32 +0000 https://evaluatesolutions38.com/?p=51579 Highlights:

  • Employees and customers can say goodbye to remembering passwords with the aid of ForgeRock, the only solution that offers a full spectrum of passwordless possibilities.
  • Users can add security signal analyses, include third-party capabilities, and establish user registration, lost devices, and help desk processes using a no-code orchestration engine with a drag-and-drop setup.

ForgeRock Inc., a provider of digital identity management services, recently unveiled Enterprise Connect Passwordless. This new authentication method does away with the use of passwords by users inside sizable corporations.

The new solution, integrated into the ForgeRock Identity Platform to protect frequently used and vulnerable enterprise resources like servers, workstations, remote desktops, and virtual private networks, was developed through a strategic partnership between password authentication firm Secret Double Octopus Ltd. and ForgeRock.

By enabling users to access legacy applications, systems, and services without a password, Enterprise Connect Passwordless assists major companies in actively defending against expensive cyberattacks and unwanted access. By removing employee interaction with passwords and lowering the danger of password compromise, the company claims that organizations using the new service become more secure. Advantages include decreased information technology issues and employee account lockouts, improved user experiences, and more productive workforces.

The service takes advantage of next-generation identity orchestration capabilities to create and implement passwordless logins specific to each enterprise’s security and user experience requirements.

Peter Barker, Chief Product Officer, said, “The move to passwordless authentication will fundamentally change every digital experience on the planet, starting with the most common experience of all — logging in. With the addition of Enterprise Connect Passwordless, ForgeRock is the only solution to offer a full spectrum of passwordless capabilities that help employees and consumers say goodbye to remembering their passwords.”

The service, which will go live in the second quarter, will build on the company’s current passwordless capabilities and further the effort it has been making for more than a decade to do away with consumer passwords.

With the Identity Cloud’s FIDO2 WebAuthn standards and passkeys, ForgeRock already provides passwordless authentication. It also supports low- and no-code access orchestration with Intelligent Access and AI-driven threat protection with Autonomous Access.

]]>
https://evaluatesolutions38.com/news/tech-news/artificial-intelligence-news/forgerock-introduces-a-passwordless-authentication-system/feed/ 0