Analyst-centric Security Operations

Let’s face it, cybersecurity is a geeky domain. While much of IT has shifted its focus to things like business processes enablement and digital transformation, infosec pros still spend much of their waking hours in the weeds, looking at things like protocol anomalies, SQL statements, command shells, etc. This technical purview has been a highlight of security operations products since their inception. In the early days (late 1990s), security analysts’ jobs depended upon technical tools like TCPdump and Ethereal/Wireshark to look for suspicious activities within network packets. The next step was searching for clues through Syslog and then this led to the use of log management tools and then the evolution of SIEM in the 1999-2000 timeframe. To read the complete article, CLICK...

Read More

SOAPA Video with FireEye (Part 1)

Paul Nguyen, VP of product strategy at FireEye, stopped by the ESG studio recently to talk about how the company is moving forward with SOAPA. Paul and I discussed things like: 1-Technology integration. Through its history, FireEye has grown through acquisition, purchasing companies like iSight Partners, Mandiant, and nPulse. Heck, Paul joined FireEye because of its acquisition of Invotas in 2016. While each of these products can stand on its own, FireEye realized that it could deliver a lot more by stitching all these products together in a common platform. Paul spends a lot of his time figuring out how to combine the elements of each product into a FireEye security operations cocktail to maximize customer value. To read the complete article, CLICK...

Read More

Containers are Here! What About Container Security?

The industry is gaga for container technologies like Docker and for good reason. According to ESG research, containers make up about 19% of hybrid cloud production workloads today, but in just 2 years’ time, containers will make up one-third of hybrid cloud production workloads. Not surprisingly, rapid growth and proliferation of application containers have led to several security issues: -35% of cybersecurity professionals claim that their organization’s current server workload security solutions do no support the same functionality for containers, requiring the use of separate container security technologies. This adds cost and complexity to safeguarding valuable IT assets. -34% of cybersecurity professionals claim that they need to verify images stored in container registries meet their organization’s security and compliance requirements. Again, they tend to need specialized tools to accomplish this task. -33% of cybersecurity professionals claim that there is a lack of mature solutions available for container security. This is understandable as container security is dominated by startups and point tools at present (i.e., Aporeto, Aqua Security, Cavirin, CloudPassage, Layered Insight, Neuvector, StackRox, Twistlock, etc.). We are seeing more and more coverage from established players as well like Tenable Networks, Trend Micro, VMware, etc. Cybersecurity pros should pay close attention to this market as vendors and tools are evolving quickly. -30% of cybersecurity professionals claim that the potential for container sprawl creates loose access controls between containers that could leave their production environment more vulnerable. This indicates process and management problems that lead to security vulnerabilities. -27% of cybersecurity professionals claim that portability makes containers more susceptible to “in motion” compromises. And a lot of security pros don’t have the tools to monitor transient containers and microservices as they appear and disappear. To read the complete article, CLICK...

Read More
DTW18 & Connecting The DoTs (Part 1 of 3)
May10

DTW18 & Connecting The DoTs (Part 1 of 3)

LAS VEGAS: During one of my Dell Technologies World 2018 briefings last week I had to stop part way through and explain that I meant digital transformation, not Dell Technologies, when I used the DT acronym. The business phenomenon digital transformation (AKA digitization or Industry 4.0) and its related technologies — cloud computing, Internet of Things (IoT), big data and analytics (BDA), mobility, social media and security — is literally an extinction-level event — it’s ‘go digital or die’. While clarifying acronym anomalies is not a unique experience, it made me think of the greatest challenge I see facing Dell: how will the biggest IT infrastructure vendor — i.e. products and services — continue to prosper when the customer focus is moving to business outcomes, and not the bits and bytes that facilitate those outcomes? The answer is “better than everyone else.” I don’t think it’s hyperbole to say Dell is better-positioned than every other vendor out there. That’s not to say countless companies won’t provide one or more superior offerings in the fast-emerging software-driven, cloud-first IT environment, but that when it comes down to the vendor to trust most — and most often — it will probably come down to Dell. During his opening keynote to the approximately 14,000 customers, partners, employees, media and analysts in attendence — and an estimated 35,000 online — Michael Dell talked in generalities, stressing digital (along with IT, workforce and security) transformation  and the latest buzzword trifecta — AI (artificial intelligence), ML (machine learning) and NN (neural networks), ‘Make It Real’ (the event’s DT theme), and how “our customers are using technology to change the world for the better, whether through a reimagined process or a reimagined industry.” He noted that since starting the company 34 years ago, it had grown to over a trillion dollars in revenues and a trillion customer successes but all that is “absolutely noting compared to what’s ahead.” The DT future — with or without Dell — is incredibly bright: spending on related hardware, software and services is expected to reach approximately $1.3 trillion in 2018, a 16.8% year-over-year increase, and continue growing at a compound annual growth rate of 17.9% through 2021 to more than $2.1 trillion. And the reasons so much money is being thrown at DT initiatives are equally compelling, as Dell (along with Intel and the Enterprise Strategy Group) told us in survey data released last month: -transformed companies are 22x more likely to get new products and services to market ahead of the competition; -81% of firms (4,000 were surveyed) agree if they do not embrace IT Transformation, their companies will no...

Read More

DTW18 & Connecting The DoTs (Part 2 of 3)

LAS VEGAS: As usual, there was a lot to see and do at this year’s Dell Technologies World, so I’ve selected a number of analysts’ comments to provide a better synopsis of the week’s events. First up is the digital transformation research, released in April, that set the stage for DTW18. “Companies today need to be agile to stay competitive and drive growth, and IT Transformation can be a major enabler of that,” said John McKnight, Vice President of Research, Enterprise Strategy Group. “It’s clear that IT Transformation is increasingly resonating with companies and that senior executives recognize how IT Transformation is pivotal to overall business strategy and competitiveness. While achieving transformation can be a major endeavor, our research shows ‘Transformed’ companies experience real business results, including being more likely to be ahead of the competition in bringing new products and services to market, making better, faster data-driven decisions than their competition, and exceeding their revenue goals.” Another research initiative resulted in last week’s Built to Adapt Benchmark, a ‘quantitative framework of indicators that gauges how well an organization builds and operates software’ from Pivotal. According to the survey of more than 1,600 of the world’s top organizations in six countries and across five industries, software release velocity does not meet business needs: -38% of organizations polled report deploying code on a continuous, hourly, or daily basis; -50% only deploy code on a monthly, quarterly, or annual basis; -37% of apps were built, or have been refactored, to run in the cloud; and, -20% of software launches and upgrades were delayed due to defects. Patrick Moorhead, Founder and President of Moor Insights & Strategy, noted that the event started well, and built from there. ‘One of my biggest takeaways from Day 1 was that Dell Technologies is more connected than I have ever seen before … which is very powerful to customers and partners.’ He was equally positive about the various product announcements. ‘From machine learning to hyper-converged, to VDI, The Dell Technologies family continues to make progress, and the industry is better for it. Moor also credited Michael Dell for leading credit ‘Dell Technologies to be a much more interconnected and valuable company while maintaining best of breed components. This is very hard to do. There is still a tremendous amount of work to be done in enabling, optimizing and getting revenue from the software-defined datacenter and the future of work, but I am liking what I am seeing.’ Jason Bloomberg, President, Intellyx, believes that the event proved that the company had ‘largely succeeded in rationalizing a complex, diverse product line’ but that digital transformation posed a challenge...

Read More