Connect with us

Cloud

SolarWinds Survey: Only 18% of IT Professionals Satisfied with Cloud Infrastructure

Published

on

According to new data from SolarWinds, less than one in five (18%) IT professionals believe their present cloud infrastructure satisfies their business needs, indicating a large disconnect between expectations and reality when it comes to cloud adoption. The research, based on a survey of 272 global IT professionals, shows that despite the cloud’s promises of scalability and cost savings, the reality is mixed for many IT teams: only a quarter of those surveyed (25%) feel their organisation’s approach to the cloud is carefully considered and successful, while 23% admit their hybrid cloud strategy has created an overly complex IT environment. Despite this, less than a quarter (22%) of respondents have invested in external IT services to help with their cloud migration strategy.

In response to these cloud challenges, more than one in ten (16%) respondents have already repatriated workloads back to on-premises. Meanwhile, a further 12% acknowledge that poorly planned cloud transitions have already resulted in long-term financial impacts on their organisations. This goes to show that rushed cloud migrations can lead to costly fixes or reversals.

The data also indicates a lack of trust in cloud security, with nearly half (46%) of IT pros still storing their most sensitive data on-premises due to persistent security worries. However, the findings do highlight a continued focus on cloud strategies to reduce costs. Nearly a third (29%) of respondents say they are prioritising cloud migration to cut operational costs.

Commenting on the findings, Sascha Giese, Global Tech Evangelist at SolarWinds, said, “The truth is, managing complex hybrid-cloud ecosystems isn’t easy. While the cloud promises scalability and cost savings, the gap between expectation and execution is becoming increasingly evident. In this landscape, many businesses find themselves grappling with overly complex infrastructures that struggle to meet evolving needs.”

In a hybrid cloud world with increasingly complex networks, systems, devices, and applications, managing microservices and containers adds to the challenge. Without proper planning and comprehensive visibility, organisations risk finding themselves in a dire situation. Tool sprawl, information silos, and alert fatigue can all lead to an unpleasant cloud experience, making it harder to identify the root causes of complex issues.

“To overcome these challenges, IT leaders must adopt a more strategic and informed approach to cloud migration, focusing on tools that are reliable, secure, and accelerate modernisation. One key advantage businesses can leverage to successfully manage their hybrid cloud infrastructures is comprehensive observability. That means gaining real-time visibility into every layer of the IT estate and acting proactively with the assistance of machine learning algorithms and AI-driven analytics. Cloud infrastructure can be a powerful growth enabler, but with a mess of mismatched tools and poor visibility, it will be a bumpy ride,” added Giese.

Cloud

Fortinet Boosts Cloud Security by Introducing Lacework FortiCNAPP

Published

on

Fortinet has announced the general availability of Lacework FortiCNAPP, a unified, AI-driven platform to secure everything from code to cloud from a single vendor. “Lacework FortiCNAPP is based on Lacework’s proven cloud-native application protection platform with tight integration with the Fortinet Security Fabric,” said John Maddison, Chief Marketing Officer at Fortinet. “We’re pleased to expand our cloud-native security offerings and provide the industry’s most comprehensive, full-stack cloud security platform that empowers teams to seamlessly eliminate risk across their multi-cloud environments.”

The introduction of Lacework FortiCNAPP offers additional benefits that extend beyond Lacework’s leading offering. These include automated remediation and blocking of active runtime threats and enhanced visibility into FortiGuard Outbreak Alerts, which provide key information about new and emerging threats and the risk they pose within an organization’s environment.

As customers continue to adopt cloud infrastructure and services, they are quickly realizing that traditional security tools simply lack the native capabilities required to address the scale, velocity, and dynamic nature of the cloud. Security teams are fundamentally challenged by the lack of time to address cloud security at scale due to limited cloud security knowledge, a proliferation of cloud security products that do little to help customers resolve issues, and an overwhelming number of security and compliance alerts.

With Lacework FortiCNAPP, Fortinet simplifies and strengthens cloud security with a unified platform from a single vendor that brings together multiple tools to significantly cut down the time to detect, prioritize, investigate, and respond to cloud-native threats. Lacework FortiCNAPP introduces a unique AI approach that never stops learning, maximizing cloud security with minimal time and effort for development, operations, and security teams by automatically connecting risk insights with runtime threat data, and ensuring that the most critical issues are prioritized and addressed.

Fortinet enables customers to address all their cloud security needs by delivering key features such as:

  1. A unified platform: Fragmented tools create complex, expensive, and limited protection. As a platform, Lacework FortiCNAPP provides full visibility from code to cloud and correlates build and runtime risk and threat data to prioritize what matters most.
  2. AI-based anomaly detection: Given that cloud threats evolve as quickly as the cloud itself, creating rules for every potential attack scenario is nearly impossible. Lacework FortiCNAPP’s AI-based anomaly detection allows security analysts to detect previously undefined attack patterns that traditional rules-based systems cannot accomplish.
  3. Integrated code security: Code security integrated with cloud security empowers teams to address issues at the earliest and most cost-effective stage in the application life cycle. By offering code security as an integral capability within the platform, customers can save time and money by fixing security issues, and reducing the risk of vulnerable applications and infrastructure while maintaining developer productivity and innovation velocity.
  4. Composite alerts: Lacework FortiCNAPP is unique in detecting early signs of active attacks by automatically correlating various signals into a single, high-confidence composite alert. The platform uses behavioural analytics, anomaly detection, in-house threat intelligence, and insights from cloud service provider activity logs and threat services to identify active attacks, including compromised credentials, ransomware, and crypto-jacking.
  5. Integrations with the Fortinet Security Fabric: Integrations with Fortinet solutions such as FortiSOAR enable customers to streamline their response to active runtime threats, such as compromised hosts and compromised access keys, through automated remediation playbooks. Additionally, its integration with FortiGuard Outbreak Alerts helps teams understand how Lacework FortiCNAPP delivers enhanced visibility and deeper insights into the latest threats and where the solution can disrupt potential attacks.
  6. Cloud Infrastructure Entitlement Management (CIEM): Lacework FortiCNAPP provides CIEM with complete visibility into cloud identities and their permissions. It automatically discovers identities, assesses net-effective permissions, and highlights excessive ones by comparing granted versus used permissions. Each identity is assigned a risk score based on more than 30 factors, helping prioritise high-risk identities. Lacework FortiCNAPP also offers automated remediation guidance for right-sizing permissions, ensuring least-privileged access.
Continue Reading

Cloud

Cisco Boosts Cloud Security Offerings in the UAE

Published

on

Ahead of GITEX Global 2024, Cisco has announced plans to establish a Point of Presence (PoP) for cloud-delivered security in the United Arab Emirates (UAE). This initiative aims to help customers protect their users, infrastructure, and investments against threat actors. The announcement is part of Cisco’s continued effort to empower organizations locally and regionally with flexible security services and data loss protection for devices, remote users and distributed locations. Cisco targets service availability by the end of 2024 for the Secure Service Edge (SSE) PoP.

“Today’s announcement reaffirms Cisco’s commitment to rapidly extend its global reach for customers and provide advanced cloud security protection and services to the UAE and the surrounding region,” said Abdelilah Nejjari, Managing Director for Cisco in the Gulf and Levant region. “Our goal is to help companies in the UAE accelerate the deployment of cybersecurity capabilities by adopting a platform approach. This will enable the seamless integration of various solutions within their stack, allowing them to maximize their potential.”

The new PoP will play an important role in delivering agile, highly resilient, high-capacity secure access closer to users in the UAE. It will support Cisco’s cloud services including its Secure Service Edge (SSE) solution, Cisco Secure Access. This cloud-delivered platform helps organizations solve a variety of security challenges.

Users can now safely and seamlessly access the resources and apps they need, regardless of protocol, port or level of customization. As a result, customers can move away from the complex web of point products that weren’t designed to support today’s highly distributed environment. With Cisco Secure Access, decisions about how users connect to the Internet, Software-as-a-Service (SaaS) and private applications are automated, removing complexity and helping to increase productivity.

“This initiative marks a new milestone in Cisco’s commitment to helping strengthen the region’s cybersecurity efforts,” Fady Younes, Managing Director of Cybersecurity, Middle East, Africa and Romania, commented. “In February, we announced a local data centre for our Duo multifactor authentication (MFA) offering and I am pleased to say that this is already up and running, in line with our original schedule. As a next step, with the new PoP for the converged cloud security SSE solution, grounded in zero trust, to provide our customers with seamless, transparent, and secure access from anything to anywhere.”

In the UAE, organizations will experience the benefits of Cisco’s SSE PoP with the scalability of the public cloud. The PoP will be carrier-neutral and available on any Internet Service Provider (ISP) in UAE. The findings of the Cisco Cybersecurity Readiness Index underscore the importance of security resilience. The study revealed that in the UAE, only 2% of organizations are at the Mature stage of readiness, 33% are at the Progressive stage, 54% are Formative and 11% are Beginners. It also found that 73% of companies expect a cybersecurity incident to disrupt their business in the next 12-24 months.

Continue Reading

Cloud

Critical Vulnerability Found in Google Cloud Functions

Published

on

Tenable has disclosed that its Tenable Cloud Research Team has discovered a vulnerability in Google Cloud Platform (GCP), involving its Cloud Function serverless compute service and its Cloud Build CI/CD pipeline service. GCP has remediated ConfusedFunction for future Cloud Build accounts, however existing Cloud Build instances remain at risk with immediate evasive action required.

Cloud Functions in GCP are event-triggered, serverless functions. They automatically scale and execute code responding to specific events like HTTP requests or data changes. A multi-step backend process is triggered when a GCP user creates or updates a Cloud Function. This process, among other things, attaches a default Cloud Build service account to the Cloud Build instance that is created as part of the function’s deployment. This default Cloud Build service account gives the user excessive permissions. This process happens in the background and isn’t something ordinary users would be aware of.

An attacker who gains access to create or update a Cloud Function can take advantage of the function’s deployment process to escalate privileges to the default Cloud Build service account and other GCP services including Cloud Storage, and Artifact Registry or Container Registry. By exploiting the deployment flow and the flawed trust between services an attacker could run code as the default Cloud Build service account.

“The ConfusedFunction vulnerability highlights the problematic scenarios that may arise due to software complexity and inter-service communication in a cloud provider’s services,” explains Liv Matan, senior research engineer, Tenable. “To support backward compatibility, GCP has not changed the privileges from Cloud Build service accounts created before the fix was implemented. This means that the vulnerability is still affecting existing instances and we highly recommend customers take immediate action.”

GCP confirmed it had remediated ConfusedFunction, to some extent, for Cloud Build accounts created after February 14, 2024. While the fix has reduced the severity of the problem for future deployments, it hasn’t eliminated it. For every cloud function using the legacy Cloud Build service account, the advice is to replace it with a least-privilege service account.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.