mark
Security Magazine
[*] [-] [-] [x] [A+] [a-]  
[l] at 9/21/23 9:25am
Looking to significantly reinforce its security software portfolio, Cisco has struck a $28 billion cash deal to acquire enterprise and cloud protection company Splunk.Founded in 2003, Splunk’s software platform is known for its wide-reaching ability to search, monitor and analyze data from a variety of systems. Network security teams can use this information to gain better visibility into and gather insights about network traffic, firewalls, intrusion detection systems (IDSes), intrusion prevention systems (IPSes), and security information and event management (SIEM) systems, from on premise and or its cloud-based package, according to Splunk.To read this article in full, please click here

[Category: Cisco Systems, Network Security, Cloud Security, Security, Mergers and Acquisitions]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/21/23 4:15am
For the last twelve years, 100% of CIOs have said that they expect to spend more on IT security, making security the only category that just keeps on absorbing investment. Every year in the last three years, over 80% of enterprises have said that their IT security still needed improvement. So, like death and taxes, is security spending growth inevitable? If we keep on the way we have, it sure seems like it. But what might change?Let’s start with what’s important to users. External threats, meaning hacking, are a problem for every CIO. Internal threats, from badly behaving employees, are a problem for three out of four. Data theft is a universal fear, and malware that interferes with applications and operations is an important problem for over 90% of CIOs. As far as approaches or targets are concerned, 100% say access security on applications and data is essential and so is regular malware scanning. If you ask CIOs to pick a single thing they think is essential for IT security, it’s access security.To read this article in full, please click here

[Category: Network Security, SASE]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/18/23 4:00am
As the volume of IoT devices connecting to enterprise networks continues to climb, the number of security threats has been increasing in lockstep. Cybersecurity threats, alongside supply chain issues, chip shortages and geopolitical instability, are a major reason that IoT growth has been slower than many analysts had predicted.Even so, the scale of the IoT security problem is great enough that 52 IoT startups raised a total of $840 million in the latest quarter, and even cautious analysts believe the IoT market will grow steadily in the coming years. In fact, research firm IDC predicts that the IoT market will expand to 55.7 billion connected IoT devices by 2025, with those devices generating 80B zettabytes (ZB) of data.To read this article in full, please click here

[Author: Vance@csoonline.com] [Category: Internet of Things, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/15/23 9:36am
As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That's one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials’ popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here

[Category: Cloud Security, Cloud Computing, Cloud Management, Network Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/12/23 9:14am
Cisco is adding a security module to its observability platform that promises to help enterprises assess threat risks and protect cloud-based resources.The Cisco Secure Application module, available now, is part of the vendor’s Full Stack Observability (FSO) platform, which is designed to correlate data from application, networking, infrastructure, security, and cloud domains to make it easier for customers to spot anomalies, preempt and address performance problems, and improve threat mitigation.FSO is designed to make intelligent use of metrics, events, logs and traces. With it, organizations can consolidate to fewer tools, collect data from any source, correlate information, and enable AI-driven analysis to predict and prevent problems, Cisco said at the FSO launch event in June.  To read this article in full, please click here

[Category: Cisco Systems, Cloud Management, Cloud Security, Network Security, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/6/23 9:48am
In 2019, Gartner created the term secure access service edge (SASE) to describe a cloud-based service that combines networking and security in order to give remote workers safe access to internet-based resources.Gartner had put its finger on a new set of challenges that enterprise IT faced as employees shifted to remote work during Covid and applications migrated to the cloud. But Gartner overshot the runway a bit; vendors were caught flatfooted and scrambled to cobble together full suites of SASE features.On the customer side, a recent Gartner survey of CISOs revealed that “a majority of buyers are planning for a two-vendor strategy for SASE,” with security and networking teams making separate buying decisions rather than opting for single-vendor SASE.To read this article in full, please click here

[Category: SASE, SD-WAN, Networking, Network Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/30/23 3:15pm
VMware is advising customers to upgrade or patch its Aria for Network Operations software because of potential security problems.VMware Aria is the vendor’s multi-cloud management platform that integrates previously separate VMware services such as vRealize Automation, vRealize Operations, vRealize Network Insight, and CloudHealth. A single Aria Hub console provides centralized views and controls and lets customers see and manage the entire multi-cloud environment.The vulnerabilities are in Aria Operations for Networks, a monitoring component that can find the cause of application delays based on TCP traffic latency and retransmissions and trigger alerts on the applications dashboard.To read this article in full, please click here

[Category: VMware, Cloud Security, Network Security, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/30/23 3:15pm
VMware is advising customers to upgrade or patch its Aria for Network Operations software because of potential security problems.VMware Aria is the vendor’s overarching multi-cloud management platform that integrates previously separate VMware services such as vRealize Automation, vRealize Operations, vRealize Network Insight, and CloudHealth onto a single Aria Hub console, which provides centralized views and controls and lets customers see and manage the entire multi-cloud environment.The vulnerabilities are in the Aria Operations for Networks component which includes the ability help run applications more smoothly by finding the cause of delay based on TCP traffic latency and retransmissions by triggering alerts on the applications dashboard.To read this article in full, please click here

[Category: VMware, Cloud Security, Network Security, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/29/23 11:41am
Google Cloud has added a new service that promises to make it easier for enterprise customers to securely network multiple cloud-based resources.The Cross-Cloud Network service consists of new and existing Google Cloud technology and includes a partner ecosystem to help organizations develop, build and support distributed enterprise applications across clouds.“We know that 70-plus percent of our enterprises are going to adopt multicloud. [The] idea behind Cross-Cloud Network is that today many organizations operate bespoke networks with turnkey security to connect to those clouds that are operationally complex to manage and build, thereby resulting in a much higher total cost of ownership and soaring costs,” said Muninder Sambi, vice president and general manager of networking for Google Cloud. “They set up private data centers to connect and secure the hybrid workforce to access cloud and on-prem resources and manage multiple CDN clouds to accelerate web apps. All of this can also lead to an inconsistent security posture and drives up total costs,” Sambi said.To read this article in full, please click here

[Category: Google, Cloud Computing, Cloud Security, Cloud Management, Networking]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/29/23 7:54am
Fortinet continues to enhance its Secure Access Service Edge (SASE) package by adding support for microbranches, extending wireless LAN protections, and improving data loss prevention (DLP) and end-user monitoring capabilities.The vendor added the new features to its FortiSASE offering, which includes SD-WAN, secure web gateway, firewall as a service, cloud access security broker, and zero trust network access (ZTNA), all running on top of its FortiOS operating system. The package can be centrally managed via the firm’s FortiManager software, which sets network and security policies across the Fortinet product line.To read this article in full, please click here

[Category: SASE, SD-WAN, Cloud Security, Network Security, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/28/23 10:50am
The appeal of promising network technologies can be jaded by pressure to adopt untested ideas. When I look over the comments I’ve gotten from enterprise technologists this year, one thing that stands out is that almost three-quarters of them said that entrenched views held by company executives is a “significant problem” for them in sustaining their network and IT operations.“Every story that comes out gets me a meeting in the board room to debunk a silly idea,” one CIO said. I’ve seen that problem in my own career and so I sympathize, but is there anything that tech experts can do about it? How do you debunk the “big hype” of the moment?For starters, don’t be too dismissive. Technologists agree that a dismissive response to hype cited by senior management is always a bad idea. In fact, the opening comment that most technologists suggested is “I agree there’s real potential there, but I think there are some near-term issues that need to be resolved before we could commit to it.” The second-most-cited opening is “I’ve already launched a study of that, and I’ll report back to you when it’s complete.” There’s usually a grain (yeah, often a small grain) of truth underneath the hype pile, and the best approach is to acknowledge it somehow and play for time. Hype waves are like the tides; they come in and they go out, and many times management will move on.To read this article in full, please click here

[Category: 5G, Generative AI, Network Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/24/23 8:13am
Cisco and Kyndryl have expanded their partnership to offer new services that are aimed at helping enterprise customers better detect and respond to cyber threats.Specifically, Kyndryl will be integrating its own cyber resiliency offering with Cisco’s overarching Security Cloud platform that includes security components such as Cisco’s Duo access control, extended detection and response features, and Multicloud Defense, which orchestrates security and policy across private and public clouds.Security Cloud operates as a layer on top of the infrastructure across a customer’s cloud services – including Azure, AWS, GCP and private data-center clouds – to protect core applications, Cisco said. It features a unified dashboard, support for flexible trust policies, and open APIs to encourage third-party integrators. By correlating data and employing artificial intelligence and machine learning, Cisco Security Cloud can detect and remediate threats quickly throughout an organization, Cisco says.To read this article in full, please click here

[Category: Cisco Systems, Cloud Security, Network Security, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/23/23 11:00am
Versa is bolstering the AI security management features of its integrated Secure Access Service Edge (SASE) package to include improved malware detection for Advanced Threat Protection, network microsegmention and generative AI protection to help customers better detect and quickly mitigate threats to their networked service and applications.The vendor supports AI in its integrated Versa SASE package that includes SD WAN, a next-generation and web application firewall, intrusion prevention, zero trust support and data loss prevention.To read this article in full, please click here

[Category: SASE, SD-WAN, Cloud Security, Network Security, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/15/23 1:20pm
As enterprise networks get more complex, so do the firewall deployments.There are on-premises firewalls to manage, along with firewalls that are deployed in virtual machines and firewalls deployed in containers. There are firewalls for clouds and firewalls for data centers, firewalls for network perimeters, and firewalls for distributed offices. According to Gartner, by 2026, more than 60% of organizations will have more than one type of firewall deployment."A firewall used to be a box or a chasse with multiple cards," says Omdia analyst Fernando Montenegro. "Then we had a firewall in a virtual machine. And now we have a container form factor for a firewall because customers are deploying containers. And, oh, we need firewalls-as-a-service to support SASE."To read this article in full, please click here

[Category: Firewalls, Network Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/8/23 9:29am
Aruba Networks is showing off some enhancements to its security platform – including new zero trust and sandboxing features – that promise to help customers advance fortification of their hybrid cloud and enterprise network environments.Hewlett Packard Enterprise’s network subsidiary is also detailing the progress it has made in integrating the security technology from its March purchase of Axis Security into Aruba’s security service edge (SSE) platform with Aruba's SD-WAN and Secure Access Services Edge (SASE) offerings.Some of the new features and directions will be demoed and discussed as part of Aruba’s presence at this week’s Black Hat 2023 event which will focus on everything security including AI, automation and threat intelligence issues.To read this article in full, please click here

[Category: HPE, Network Security, Security, Cloud Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/7/23 2:12pm
The last few years have seen an explosion of interest in Zero Trust Network Access (ZTNA). The zero trust approach replaces the perimeter defense model with a "least privilege" framework where users authenticate to access specific data and applications, and their activities are continuously monitored.ZTNA gained a boost in the wake of the COVID-19 pandemic, with more employees working remotely. The old perimeter defense model, exemplified by VPNs, provides a secured internet connection that gives remote users privileges as if they were on an internal private network. This doesn't match up with a zero trust mindset; and to make things worse, many organizations found that their infrastructure couldn't handle the traffic loads created by large numbers of remote workers connecting via VPN. To read this article in full, please click here

[Category: Access Control, Akamai, Cisco Systems, Citrix Systems, Remote Access, Network Security, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/3/23 11:15am
Fortinet has added new features to its SD-WAN software and a next-generation firewall series that promise to help customers better monitor and protect distributed enterprise resources.On the SD-WAN front, Fortinet is introducing two services – a network underlay and overlay option to let customers better manage WAN traffic to remote sites. The Underlay Performance Monitoring Service for SD-WAN utilizes the vendor’s core central management system FortiManager and FortiGuard’s database of hundreds of popular SaaS and cloud implementations, to offer visibility into the performance of the underlay network.  The underlay network is typically made up if the physical network infrastructure supporting traffic between distributed cloud or remote office resources.To read this article in full, please click here

[Category: SD-WAN, Network Security, SASE, Network Monitoring]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/1/23 10:04am
Aiming to bolster its assessment of Internet traffic health, Cisco has acquired Code BGP, a privately held BGP monitoring startup, for an undisclosed amount.Code BGP will slide into Cisco’s ThousandEyes network intelligence product portfolio and bring a cloud-based platform that, among other features, maintains an inventory of IP address prefixes, peerings and outbound policies of an organization via configured sources, like BGP feeds. Border Gateway Protocol (BGP) tells Internet traffic what route to take, and the BGP best-path selection algorithm determines the optimal routes to use for traffic forwarding.Then, the system lets customers see and interact with this inventory in real-time through an open API and bring real-time detection of BGP hijacking, route leaks, and other BGP issues according to the company. Adding such capabilities will let ThousandEyes further expand its BGP monitoring and incident analysis capabilities to maintain health of the Internet as well as key applications and services, according to Joe Vaccaro vice president of products for Cisco’s ThousandEyes in a blog about the acquisition. To read this article in full, please click here

[Category: Cisco Systems, Router, Network Security, Security, Internet]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/1/23 10:04am
Aiming to bolster its assessment of Internet traffic health Cisco said it would buy  startup Border Gateway Protocol monitoring firm Code BGP for an undisclosed amount.Privately held Code BGP will slide into Cisco’s ThousandEyes network intelligence product portfolio and bring a cloud-based platform that among other features,  maintains an inventory of IP address prefixes, peerings and outbound policies of an organization via configured sources, like BGP feeds. BGP tells Internet traffic what route to take, and the BGP best-path selection algorithm determines the optimal routes to use for traffic forwarding.Then, the system lets customers see and interact with this inventory in real-time through an open API and bring real-time detection of BGP hijacking, route leaks, and other BGP issues according to the company.  Adding such capabilities will let ThousandEyes further expand its BGP monitoring and incident analysis capabilities to maintain health of the Internet as well as key applications and services, according to Joe Vaccaro vice president of products for Cisco’s ThousandEyes in a blog about the acquisition. To read this article in full, please click here

[Category: Cisco Systems, Router, Network Security, Security, Internet]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/1/23 7:35am
Cisco has added ransomware detection and recovery support to its recently unveiled Extended Detection and Response (XDR) system.The new features target recovery from ransomware attacks and come courtesy of integration with Cohesity’s DataProtect and DataHawk offerings which offer configurable ransomware recovery and rescue support for systems assigned to a protection plan. Cohesity’s platform can preserve potentially infected virtual machines for forensic investigation and protect enterprise workloads from future attacks.Cisco said that the exponential growth of ransomware and cyber extortion has made a platform approach crucial to effectively counter adversaries.  It also noted that during the second quarter of 2023, the Cisco Talos Incident Response team responded to the highest number of ransomware engagements in more than a year.To read this article in full, please click here

[Category: Cisco Systems, Network Security, Cloud Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 7/25/23 12:54pm
A group of industry stalwarts is banding together to help enterprises, services providers and telcos fight cyber foes.The Network Resilience Coalition includes AT&T, Broadcom, BT Group, Cisco Systems, Fortinet, Intel, Juniper Networks, Lumen Technologies, Palo Alto Networks, Verizon and VMware. Its aim is to deliver open and collaborative techniques to help improve the security of network hardware and software across the industry.The coalition was brought together under the Center for Cybersecurity Policy & Law, a nonprofit organization dedicated to improving the security of networks, devices and critical infrastructure. The Center has a broad security mission, but at least for now, it wants the Resilience group to focus on routers, switches and firewalls that are older, may have reached end-of-life vendor support, or have been overlooked for security patching or replacement. To read this article in full, please click here

[Category: Cisco Systems, Juniper Networks, Network Monitoring, Network Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 7/18/23 10:38am
Fortinet has released two new high-speed, next generation firewalls designed to protect data center assets.The 387Gbps 3200F series and 164Gbps 900G series feature support for the vendor’s AI-Powered Security Services, which blend AI and machine-learning technologies to make customers aware of cyber threats and act on protecting resources much more quickly, according to Nirav Shah, vice president of products and solutions at Fortinet.FortiGuard AI-Powered Security Services use real-time data from Fortinet’s threat researchers at FortiGuard Lab to monitor for new dangers. “We look at terabytes of data every day, and that's where we run our AI and machine learning to see different things – whether we need to enable AI-powered services with IPS, or utilize sandbox technologies to mitigate them,” Shah said. “If you look at the cybersecurity industry, and the amount of data that we see, and the patterns and other things that we need to recognize to find the threats – [it] is extremely tough if you do it manually.”To read this article in full, please click here

[Category: Firewalls, Network Security, Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 7/17/23 12:43pm
Cisco announced a containerized firewall package for its venerable Catalyst switch family that’s designed to help enterprise customers with mixed IT and OT systems more easily segment network resources and save money by consolidating network and security deployments.Specifically, Cisco built a Docker-based container for its Secure Firewall Adaptive Security Appliance (ASA) that can be hosted on its Catalyst 9300 access switches. Cisco Secure Firewall ASA combines firewall, antivirus, intrusion prevention, encryption and virtual private network (VPN) support.The firewall supports up to 10 logical interfaces, which can be used for segmentation. This segmentation helps limit the ability of an attacker to move laterally within the network by containing any breach to a specific zone, wrote Pal Lakatos-Toth, an engineering product manager with Cisco’s security business group, in a blog about the news.To read this article in full, please click here

[Category: Cisco Systems, Firewalls, Network Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 7/14/23 9:19am
Cisco is continuing its summer buying spree with the acquisition of security startup Oort for an undisclosed amount.Oort offers an identity threat detection and response platform for enterprise security.  Founded in 2019, Oort raised $15 million in Series A funding that included money from Cisco’s venture capital arm.“With Oort’s API-driven, cloud-native, and agentless platform, they eliminate identity visibility gaps across disparate data sources, show misconfigurations, check for security vulnerabilities, and offer predictive identity analytics to proactively stop attacks,” wrote Raj Chopra, senior vice president and chief product officer for Cisco Security, in a blog about the acquisition. To read this article in full, please click here

[Category: Cisco Systems, Network Security, Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 7/13/23 8:40am
Microsoft is jumping into the competitive Secure Service Edge (SSE) arena with a software package aimed at protecting its Windows and Azure customers as well as other cloud-based enterprise resources.The new software is part of Microsoft’s Entra identity and network access suite, and it features two new elements – Entra Internet Access and Entra Private Access – that will control and secure access to cloud-based resources. Those two new pieces, coupled with Microsoft’s existing SaaS-focused cloud-access security broker (CASB), called Microsoft Defender for Cloud apps, comprise Microsoft's SSE package.To read this article in full, please click here

[Category: Network Security, Microsoft, Microsoft 365, Microsoft Azure, Cloud Security, SASE, SD-WAN]

[*] [-] [-] [x] [A+] [a-]  
[l] at 7/12/23 11:58am
Cisco unveiled a new version of its Secure Network Analytics (SNA) software aimed at making it easier to track more data flows and act faster on relevant security alerts. Enhancements in SNA release 7.4.2 include the ability to more efficiently gather, process and store data; advanced detection capabilities; improved telemetry support; and the ability to run on Cisco’s high-performance UCS M6 hardware.Cisco’s network analytics software is designed to help organizations detect and respond to security threats by harnessing telemetry data from multiple sources and providing insights into network behavior to proactively identify risks, according to a blog post by Jay Bethea, product marketing manager with Cisco’s secure email group.To read this article in full, please click here

[Category: Cisco Systems, Network Management Software, Network Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 7/12/23 3:00am
The market for managed security services is shifting as enterprises weigh their requirements for cloud-based security capabilities and vendors refine their feature sets and product integrations.Converged security services can offer significant benefits to enterprises when it comes to manageability, scalability, security, and price, according to research firm Gartner, which introduced the term SASE, or secure access service edge. SASE is a network architecture that combines software-defined wide area networking (SD-WAN) and security functionality into a unified cloud service that promises simplified WAN deployments, improved efficiency and security, and application-specific bandwidth policies.To read this article in full, please click here

[Category: SD-WAN, SASE, Network Security, Networking]

[*] [-] [-] [x] [A+] [a-]  
[l] at 7/11/23 3:00am
Enterprises over the past several years have embraced SD-WAN for many reasons, including the flexibility of cloud architecture, enhanced security, centralized management of distributed locations, and improved application availability and performance. In turn, the popularity of SD-WAN has helped propel interest in secure access service edge (SASE), a network architecture that converges connectivity and security services.To read this article in full, please click here

[Category: Networking, SD-WAN, SASE, Network Security]

As of 9/25/23 8:00pm. Last new 9/21/23 10:31am.

Next feed in category: Network World