Connect with us

News

Kasten by Veeam Announces New Kasten K10 V5.0 with Enhanced Kubernetes Security

Published

on

Kasten by Veeam has announced the new Kasten by Veeam K10 V5.0 Kubernetes data management platform. Purpose-built for Kubernetes, this latest release is focused on delivering a comprehensive risk management strategy, streamlined CI/CD pipelines, and new ecosystem advancement details that optimize and de-risk Kubernetes investments. These advancements all aim to help the expanding Kubernetes community work more efficiently and securely in cloud-native applications.

“As ransomware attacks continue to remain the highest concern for organizations, a comprehensive risk management strategy to help continuously identify risk, protect data, detect attacks and deliver disaster recovery for cloud-native applications is crucial,” said Gaurav Rishi, Vice President of Products and Partnerships at Kasten by Veeam. “Our latest release remains focused on helping enterprises minimize the financial impact caused by attacks on data and cloud applications. At the same time, we’re also supporting developer needs for backup solutions that not only integrate with the CI/CD tools they use but pave the way for automation to detect and protect applications as they get deployed.”

Backing up Kubernetes applications while accommodating agile, shift-left development and distributed deployment environments remain a challenge for many organizations. Appliance-based approaches do not properly account for the unique characteristics of Kubernetes and replication doesn’t protect against infrastructure failures, data corruption, data loss, or ransomware. Having a cloud-native solution in place ensures secure and reliable backup without disrupting workflows or adding complexity that could inhibit innovation.

New key features of Kasten K10 V5.0 include:

  • Security everywhere: Enhanced platform hardening, including KMS integration with AWS KMS and HashiCorp Vault, coupled with the ease of use of Kubernetes-native RBAC objects exposed in UI dashboards, ransomware attack detection with AWS S3 or S3-compatible storage supporting S3 Object Lock, data protection policy guardrails and support for Veeam-hardened Linux repositories with immutability that offers comprehensive ransomware protection.
  • Shift-left applied to data protection: Fully integrated add-ons for newly launched Amazon EKS Blueprints, Level III certified Red Hat OpenShift Operator with full lifecycle capabilities, new built-in Kanister blueprints for MS SQL and PostgreSQL Operator, and simplified UX for Operations with new Blueprint Editor for a more intuitive and streamlined workflow, and new Reports Generator for critical metrics.
  • Expanded ecosystem: Enabling integrations with industry-leading technologies and platforms ensures that customers can have freedom of choice in an expanding array of solutions across the ecosystem, including support for Red Hat Marketplace, SUSE Rancher Marketplace, VMWare vSphere with Tanzu and Falco.

“Cloud-native applications are being developed at a pace never seen before, and with DevOps and shift-left principles, application deployment in Kubernetes is proving faster and far more scalable. Yet, at the same time, backing up Kubernetes applications remains a constant challenge,” said Danny Allan, CTO at Veeam. “This latest release provides secure backup and recovery for Kubernetes data and applications while eliminating the complexity in deployment and operations for Kubernetes in the enterprise. As more Veeam customers look to leverage Kubernetes, Kasten K10 V5.0’s ease-of-use will be critical to support data protection and backup in their new environments.”

“The alarming rate of ransomware attacks and the increased use of cloud-native application development means it’s only a matter of time before cloud-native applications become more heavily targeted,” said Johnny Yu, Research Manager, Storage, and Computing at IDC. “Now more than ever, enterprises need a backup solution that is flexible across multiple clouds and can proactively offer visibility into a potential attack before it happens. With its new K10 V5.0 release, Kasten by Veeam has positioned itself as a solid choice for companies that are looking for comprehensive, end-to-end ransomware protection for Kubernetes environments.”

The capabilities introduced in NEW Kasten K10 V5.0 underscore Kasten’s dedication to Kubernetes users by integrating DevOps and shift-left principles and hardened security. General availability of the new Kasten K10 V5.0 is expected in June. To learn more about Kasten and see Kasten K10 V5.0 in action, visit Kasten by Veeam at KubeCon + CloudNativeCon Europe 2022, as well as at VeeamON 2022.

Continue Reading

Cyber Security

Group-IB Unveils Unified Risk Platform

Published

on

Group-IB has today unveiled the Unified Risk Platform, an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real-time. Every product and service in Group-IB’s now consolidated security suite is enriched with information from a Single Data Lake, which contains 60 types of sources of adversary intelligence. The Unified Risk Platform automatically configures your Group-IB defenses with the precise insights needed to provide the best possible defense against targeted attacks on the infrastructure and endpoints, breaches, fraud, brand, and IP abuse.

“At the heart of the Unified Risk Platform is a Single Data Lake that has the most complete and detailed insight into threat actors. Group-IB has collected the industry’s broadest range of adversary intelligence, with 60 types of sources across 15 categories,” the company said in a statement.

The data is gathered by and exclusive to Group-IB, providing customers with unprecedented visibility of threat actors’ operations. The raw data is enriched with context, converted into actionable intelligence, and added to Group-IB’s Single Data Lake. The patented technology is continuously refined by state-of-the-art research, science, and modeling conducted by Group-IB’s dedicated analyst teams spanning 11 cybersecurity disciplines.

The modular architecture of the Unified Risk Platform allows additional capabilities to be easily activated, providing increased protection from cybercrime without friction. A range of out-of-the-box integrations and flexible APIs enable the Unified Risk Platform to easily enhance any existing security ecosystem. When organisations need specialist support, Group-IB’s comprehensive suite of services is available for any purpose, from one-off red teaming exercises or incident response to in-life managed detection and response.

In addition to the services, every Group-IB product is powered by the platform to provide complete coverage of the Cyber Response Chain:

  • Group-IB Threat Intelligence provides deep insight into adversary behaviors. Threat Intelligence was independently evaluated as creating a 10% increase in team efficiency over alternative vendors and in a case study generated a 339% return on investment.
  • Group-IB Managed XDR enables organizations to respond 20% faster to threats according to an analyst study.
  • Group-IB Digital Risk Protection allows organizations to reduce the risk of brand abuse, piracy, data leaks, and more with best-in-breed protection. Group-IB has been benchmarked as detecting pirated content in 30 min on average and taking down 80% of the content within 7 days.
  • Fraud Protection was calculated by consultants to reduce the rate of false-positive fraud cases by 20% and enable 10% to 20% more fraud attempts to be detected and prevented. Furthermore, Group-IB identified 30% more one-time password fraud.
  • Attack Surface Management continuously discovers external assets to identify shadow IT, forgotten infrastructure, misconfigurations, and other hidden risks. As part of the Unified Risk Platform, the solution provides a threat actor’s view of the attack surface so that weak spots can be quickly and proactively strengthened.
  • Business Email Protection defends corporate email from sophisticated attacks. The solution monitors for indicators of compromise identifies malicious behavioral markers and extracts artifacts to identify risky emails before they reach their destination.
Continue Reading

Cyber Security

Genetec Announces Availability of its Synergis Cloud Link PoE-Enabled IoT Gateway

Published

on

Genetec has announced the immediate availability of a new generation of its Synergis Cloud Link PoE-enabled IoT gateway for access control. Manufactured in North America to mitigate supply chain delays, Synergis Cloud Link addresses the increasing demand for non-proprietary access control solutions and provides a safe and secure gateway to a cloud or hybrid deployment.

“When modernizing an existing security system, Synergis Cloud Link’s open architecture allows organizations to leverage their current access control infrastructure and easily upgrade to a secure IP-based solution. Synergis Cloud Link provides a more efficient approach to multi-site deployments and replaces the need for servers, reducing the cost of ownership.  The Synergis Cloud Link IoT gateway has embedded functionalities that keep an organization’s access control running even when the connection to the server is down,” the company said in a statement.

“The new generation of Synergis Cloud Link provides more features, enhanced cybersecurity, and helps future-proof security installations. Synergis Cloud Link features enhanced cybersecurity such as encrypted user data, Secure Boot, and an EAL6+ industry gold standard Secure Element that stores cryptographic elements,” the company added.

“The need for non-proprietary access control solutions has never been greater,” said Thibault Louvet, Access Control Product Group Director, Genetec Inc. “Our new generation Synergis Cloud Link enables us to provide organizations with a powerful, secure, and intelligent gateway to the latest technology while allowing them to easily connect to hybrid or cloud access control environments and keep their existing security investment including hardware, wiring, and infrastructure.”

The device is compatible with non-proprietary access control modules from the industry’s most established manufacturers including HID Global, Axis Communications, ASSA ABLOY, Mercury Security, Allegion, SimonsVoss, STid, and others. A single Synergis Cloud Link device can support up to 256 readers and electronic locks, 600,000 cardholders, 150,000 offline events, as well as monitor hundreds of zones and alarms.

Synergis Cloud Link features a new firmware design, improving reliability and lifecycle management, and updates management. It also opens the door to containerized approach for operating software on the device, expanding its future capabilities.

Continue Reading

Cyber Security

Gartner Unveils the Top Eight Cybersecurity Predictions for 2022-23

Published

on

Executive performance evaluations will be increasingly linked to the ability to manage cyber risk; almost one-third of nations will regulate ransomware response within the next three years; and security platform consolidation will help organizations thrive in hostile environments, according to the top cybersecurity predictions revealed by Gartner, Inc. today.

In the opening keynote at the Gartner Security & Risk Management Summit in Sydney, Richard Addiscott, Senior Director Analyst, and Rob McMillan, Managing Vice President at Gartner discussed the top predictions prepared by Gartner cybersecurity experts to help security and risk management leaders be successful in the digital era.

“We can’t fall into old habits and try to treat everything the same as we did in the past,” said Addiscott. “Most security and risk leaders now recognize that major disruption is only one crisis away. We can’t control it, but we can evolve our thinking, our philosophy, our program, and our architecture.” Gartner recommends that cybersecurity leaders build the following strategic planning assumptions into their security strategies for the next two years.

Through 2023, government regulations requiring organizations to provide consumer privacy rights will cover 5 billion citizens and more than 70% of global GDP. As of 2021, almost 3 billion individuals had access to consumer privacy rights across 50 countries, and privacy regulation continues to expand. Gartner recommends that organizations track subject rights request metrics, including cost per request and time to fulfill, to identify inefficiencies and justify accelerated automation.

By 2025, 80% of enterprises will adopt a strategy to unify web, cloud services, and private application access from a single vendor’s SSE platform. With a hybrid workforce and data everywhere accessible by everything, vendors are offering an integrated security service edge (SSE) solution to deliver consistent and simple web, private access, and SaaS application security. Single-vendor solutions provide significant operational efficiency and security effectiveness compared with best-of-breed solutions, including tighter integration, fewer consoles to use, and fewer locations where data must be decrypted, inspected, and re-encrypted.

60% of organizations will embrace Zero Trust as a starting point for security by 2025. More than half will fail to realize the benefits. The term zero trust is now prevalent in security vendor marketing and in security guidance from governments. As a mindset — replacing implicit trust with identity- and context-based risk-appropriate trust — it is extremely powerful. However, as zero trust is both a security principle and an organizational vision, it requires a cultural shift and clear communication that ties it to business outcomes to achieve the benefits.

By 2025, 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements. Cyberattacks related to third parties are increasing. However, only 23% of security and risk leaders monitor third parties in real-time for cybersecurity exposure, according to Gartner data. As a result of consumer concerns and interest from regulators, Gartner believes organizations will start to mandate cybersecurity risk as a significant determinant when conducting business with third parties, ranging from simple monitoring of a critical technology supplier to complex due diligence for mergers and acquisitions.

By 2025, 30% of nation-states will pass legislation that regulates ransomware payments, fines, and negotiations, up from less than 1% in 2021. Modern ransomware gangs now steal data as well as encrypt it. The decision to pay the ransom or not is a business-level decision, not a security one. Gartner recommends engaging a professional incident response team as well as law enforcement and any regulatory body before negotiating.

By 2025, threat actors will have weaponized operational technology environments successfully to cause human casualties. Attacks on OT – hardware and software that monitors or controls equipment, assets, and processes – have become more common and more disruptive. In operational environments, security and risk management leaders should be more concerned about real-world hazards to humans and the environment, rather than information theft, according to Gartner.

By 2025, 70% of CEOs will mandate a culture of organizational resilience to survive coinciding threats from cybercrime, severe weather events, civil unrest, and political instabilities. The COVID-19 pandemic has exposed the inability of traditional business continuity management planning to support the organization’s response to a large-scale disruption. With continued disruption likely, Gartner recommends that risk leaders recognize organizational resilience as a strategic imperative and build an organization-wide resilience strategy that also engages staff, stakeholders, customers, and suppliers.

By 2026, 50% of C-level executives will have performance requirements related to risk built into their employment contracts. Most boards now regard cybersecurity as a business risk rather than solely a technical IT problem, according to a recent Gartner survey. As a result, Gartner expects to see a shift in formal accountability for the treatment of cyber risks from the security leader to senior business leaders.

Continue Reading
Advertisement


Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.