Iben Rodriguez, Author at Gigaom Your industry partner in emerging technology research Wed, 06 Sep 2023 01:32:56 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 Managing Vulnerabilities in a Cloud Native World https://gigaom.com/video/managing-vulnerabilities-in-a-cloud-native-world/ Wed, 19 Jan 2022 18:00:01 +0000 https://research.gigaom.com/?post_type=go_webinar&p=1002143 This free 1-hour webinar from GigaOm Research brings together experts in Cloud Native Vulnerability Management, featuring analyst Iben Rodriguez and special guest

The post Managing Vulnerabilities in a Cloud Native World appeared first on Gigaom.

]]>
This free 1-hour webinar from GigaOm Research brings together experts in Cloud Native Vulnerability Management, featuring analyst Iben Rodriguez and special guest from Palo Alto Networks, John Morello. The discussion will focus on optimizing cloud security posture and integration with enterprise tool sets.

We will review platforms delivering Security Posture Management and Workload Protection for Microservice based and Hybrid Cloud Workloads.

Registrants will learn how new customers can benefit from Prisma Cloud to better secure their complex multi-cloud environments. Existing customers will learn about new features they can take advantage of and how to optimize their limited resources.

Register now to join GigaOm and Palo Alto Networks for this free expert webinar.

The post Managing Vulnerabilities in a Cloud Native World appeared first on Gigaom.

]]>
GigaOm Radar for Vulnerability Management https://gigaom.com/report/gigaom-radar-for-vulnerability-management/ Mon, 17 May 2021 17:32:27 +0000 https://research.gigaom.com/?post_type=go-report&p=998339/ The challenges facing IT decision makers when it comes to modern vulnerability management include the integration of DevOps practices and increasing complexity

The post GigaOm Radar for Vulnerability Management appeared first on Gigaom.

]]>
The challenges facing IT decision makers when it comes to modern vulnerability management include the integration of DevOps practices and increasing complexity of IT systems.

With DevOps practices and cloud deployments becoming more widespread, the risk posed by vulnerabilities and insecure configurations in legacy workloads and web applications in the cloud continues to increase. In addition, modern IT systems have grown larger and more complex, which makes grappling with large amounts of data increasingly difficult, even as security personnel struggle with the overload of events that can make it difficult to extract actionable intelligence related to business risk and threat context.

When making decisions about vulnerability management products, IT decision makers should consider solutions that can address security issues at scale and reduce the overall vulnerability lifespan, from initial discovery to the final stages of remediation, patching, or image rotation. A successful vulnerability management program prioritizes vulnerabilities based on local context and outside threats to provide actionable insights to developers in their preferred workflow tools for more efficient resolution.

Modern vulnerability management tools focus on security bugs discovered not only during runtime, but also in the build phase of the software design lifecycle (SDLC) when software artifacts are developed. Shifting security left is an automated vulnerability detection and response capability that gets integrated into the developer toolkit as plugins in the IDE or as part of the CI/CD pipeline process. Issues are resolved as soon as possible to avoid the cost and complexity impact of doing this later on in the lifecycle. The SDLC security program aims to optimize the process of building applications, including architectural reviews, static and dynamic code analysis, and the use of software composition analysis (SCA) to examine all artifacts for known vulnerabilities, and to rotate images continuously from development through test to production.

In modern IaaS and PaaS delivery models, vulnerability management tools support the inspection of code that is responsible for the deployment, integration, management, security configuration, and overall compliance of the cloud infrastructure, including microservices. Infrastructure-as-Code should be included in the scope of your vulnerability management program to ensure that pipeline components used to run application microservices are deployed securely.

We have found that the best solutions can ingest vulnerability and local asset information, as well as threat management data, from various sources so as to prioritize recommendations. For patch management, image rotation, or other remediative strategies to be effective, we must prioritize the issues that matter most to your organization. This requires local context, such as critical vulnerabilities found within high-value assets that may contain sensitive data, systems that are exposed to the internet, and determining whether vulnerable packages are actively used by applications. Prioritization also requires external threat intelligence sources that can enrich detections with information about recent vulnerability exploits, and any vulnerabilities known to be exploited for ransomware attacks or that can spread across your network (wormability). This information can help filter out the vulnerabilities that matter most so you can focus on patching and adopting remediative controls to mitigate the possibility of attacks.

Each of the vulnerability management tools we evaluate in this report interacts with different phases of the SDLC. It is important to consider potential feature gaps in coverage when evaluating vulnerability management tools. Visibility into the respective phases of the application lifecycle can provide valuable insights, but it could also result in redundant findings when tools overlap. Duplicate data needs to be correlated and decisions on remediation should be prioritized based on risk, taking into account the threats being faced on a day-to-day basis.

These newer tools help us to be more effective with the limited resources of today’s cybersecurity teams. This is a great opportunity to take a fresh look at how the security operations center (SOC) is staffed and how duties and responsibilities are defined. When bringing on new staff or negotiating a contract with a managed service provider, be sure the upcoming threat landscape is covered from a policy compliance and vulnerability management perspective for the entire SDLC, extending from the developers’ workstations to the build environment to the kubernetes server.

This Radar Report evaluates the capabilities of notable players in the space against the points laid out in the Key Criteria Report.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Vendor Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post GigaOm Radar for Vulnerability Management appeared first on Gigaom.

]]>
Key Criteria for Evaluating Vulnerability Management Tools https://gigaom.com/report/key-criteria-for-evaluating-vulnerability-management-tools/ Thu, 01 Apr 2021 18:47:45 +0000 https://research.gigaom.com/?post_type=go-report&p=997790/ Vulnerability management tools scan your IT estate to help identify and mitigate security risks and weaknesses. These tools can facilitate the development

The post Key Criteria for Evaluating Vulnerability Management Tools appeared first on Gigaom.

]]>
Vulnerability management tools scan your IT estate to help identify and mitigate security risks and weaknesses. These tools can facilitate the development of a more comprehensive vulnerability management program. Leveraging people, processes, and technologies, successful initiatives effectively identify, classify, prioritize, and remediate security threats.

A security vulnerability is a weakness that can compromise the confidentiality, integrity, and availability (CIA) of information. Attackers are constantly looking to exploit defects in software code or insecure configurations. Vulnerabilities can exist anywhere in the software stack, from web applications and databases to infrastructure components such as load balancers, firewalls, machine and container images, operating systems, and libraries. This includes code used in the CI/CD pipeline as well as the infrastructure-as-code (IAC) that defines the compute, network, and storage infrastructure.

Recent cybersecurity events have exposed widespread vulnerabilities involving the exploitation of zero-day malware and unknown weaknesses. Threat actors continually discover new exploitation tactics, techniques, and procedures (TTPs) to take advantage of weaknesses throughout integrated systems. Moreover, identifying breach paths is increasingly complicated due to the widespread adoption of ephemeral services.

Vulnerability management solutions should provide end-to-end visibility of the protect-surface by aggregating both platform and application risks in a single pane of glass, while leveraging prioritized remediation based on business risk and threat context for efficiency. Containerized workloads deployed via DevOps pipelines have unique security requirements that demand a fully integrated vulnerability assessment to be automated into cloud platform services running containerized workloads.

The path to a mature security posture starts with the ability to identify vulnerabilities in software code, third-party libraries, and at runtime. In addition, the cloud platform used to host your applications should be scanned for misconfigurations. This requires the use of policy configuration baselines, benchmarks, and compliance standards that apply to both the infrastructure and the code used to build it. As organizations implement security guardrails early in the software development lifecycle (SDLC), they can take advantage of cloud-native culture to ensure network and security tools are used throughout all phases of the SDLC.

This GigaOm report explores the key criteria and emerging technologies that IT decision makers should evaluate when choosing a vulnerability management solution. The key criteria report, together with the GigaOm radar report that evaluates relevant products, provides a framework to help organizations assess the solutions currently available on the market and how these tools fit with their requirements.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Vendor Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post Key Criteria for Evaluating Vulnerability Management Tools appeared first on Gigaom.

]]>
Taking Network Strategy to the Edge https://gigaom.com/report/taking-network-strategy-to-the-edge/ Sun, 22 Dec 2019 18:47:29 +0000 https://research.gigaom.com/?post_type=go-report&p=964071/ As IT organizations try to keep up with the ever-changing business landscape, optimizing business outcomes is at the forefront of many considerations

The post Taking Network Strategy to the Edge appeared first on Gigaom.

]]>
As IT organizations try to keep up with the ever-changing business landscape, optimizing business outcomes is at the forefront of many considerations in the CIO office. These outcomes are increasingly dependent on the user experience at the edge. Intelligent devices are increasing exponentially, and the Internet of Things (IoT) is adding more and more instruments to the internet every day. These devices are consuming and sending data to the cloud, or edge-to-cloud workloads, as well as traditional data center backhaul. Now that the benefits of cloud computing are becoming available near the network boundaries, many technology improvements are needed in the overall user experience: response times, security, and cheap and reliable connectivity. As enterprises launch new business initiatives to further their digital transformation, new system architectures and partners are needed to deliver on the promise of new revenue as a result of rich user experiences.

Given the buildup regarding edge computing, what should organizations do about their current and future network strategy? How can network teams create or tune their plan to effectively meet these emerging challenges with appropriate efforts in connectivity, network performance, agility, and cost? By adopting a modern cloud NetOps framework, enterprises can eliminate data and networking silos, build for state streaming, incorporate APIs, and leverage advanced data analytics, all while automating network management. Thankfully, technologies and vendors are providing new ways to keep pace with these changes.

In this report, we find:

  • Effective network strategy must flow from the overall business goals, and be flexible enough to change as they move.
  • Enterprises should understand their national and global footprints from a physical and routing perspective while anticipating ongoing change.
  • Networking teams should fully leverage Software-Defined Networking (SDN) as well as implement and plan for Intent-Based Networking (IBN) and Software-Defined Perimeter (SDP).
  • Zero Trust network design adds resilience to large and agile networks for less cost. However, legacy networks and data centers still require a strong network perimeter with all the legacy security controls. Consider modernizing these older environments prior to adopting SDN.
  • Effective monitoring is essential for situational awareness and decision making. Time-based, operational databases are a powerful solution.
  • These key technologies (SDN, IBN, and SDP) are important enablers of mobile and IoT applications.

The post Taking Network Strategy to the Edge appeared first on Gigaom.

]]>
Zero Trust Cloud Security Provider Aporeto: Product Profile and Evaluation https://gigaom.com/report/zero-trust-cloud-security-provider-aporeto-product-profile-and-evaluation/ Wed, 06 Nov 2019 21:29:31 +0000 https://research.gigaom.com/?post_type=go-report&p=963031/ Microservices approaches such as Kubernetes are changing the way people think about applications, bringing the dual benefits of massive scalability and modularity.

The post Zero Trust Cloud Security Provider Aporeto: Product Profile and Evaluation appeared first on Gigaom.

]]>
Microservices approaches such as Kubernetes are changing the way people think about applications, bringing the dual benefits of massive scalability and modularity. Containers abstract the applications away from the systems and network infrastructure. As a result, goes the theory, application developers can create software without having to request network configuration or other operational changes. However, while this idea of masking what goes on “under the bonnet” is good, it can also be a source of risk. Not the least, for example, is that Kubernetes allocates services to server nodes dynamically. This leaves network and security engineers with a limited set of choices: for example, either restrict Kubernetes clusters to only run within a security-controlled subnetwork (which, of course, undermines the very principle of the distributed microservices architecture), or face the need to open up network firewalls to allow clusters to communicate, undermining security and losing visibility on network activity. Considered in isolation, neither option is particularly attractive. Given an already-challenging network environment, with multiple application types (each with different connectivity needs) and permissions systems, constantly changing endpoints, equipment refresh cycles, fault resolution, and new security vulnerabilities emerging all the time, the result creates a new set of problems to be solved. Engineers have only limited time, and such compromises can have knock-on effects on other systems, leading to inefficiency, cost, and frustration.

Micro-segmentation approaches, such as Aporeto, enable application-specific security controls to be allocated while keeping networking and security professionals assured of policy definition and enforcement. This creates a middle ground between an “anything goes” approach and having a fully locked-down environment, allowing application developers to define and control the ways their application elements communicate while working within predefined security stipulations.

In this report, we provide a comprehensive independent review of the Aporeto solution for network and identity management in a multi-cloud deployment. We review the practicalities of deploying Aporeto to deliver a stronger security architecture for Kubernetes container microservice applications running across distributed networks anywhere. We also evaluate the impact on the IT operations team of running Aporeto versus maintaining legacy security practices. The return on investment for an identity-based security solution becomes clear as we progress through the following series of tests.

The GigaOm Multi-Cloud Test Lab environments used in this report include Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure although the findings are relevant for other clouds and on-premises solutions such as VMware, Packet, IBM Softlayer, etc.

The post Zero Trust Cloud Security Provider Aporeto: Product Profile and Evaluation appeared first on Gigaom.

]]>
Aporeto Product Evaluation Test Lab Setup and Instructions https://gigaom.com/report/aporeto-product-evaluation-test-lab-setup-and-instructions/ Tue, 05 Nov 2019 14:10:21 +0000 https://research.gigaom.com/?post_type=go-report&p=963094/ This report documents the GigaOm Field Test Lab Setup instructions to evaluate Aporeto’s zero trust cloud security solution. This report corresponds to

The post Aporeto Product Evaluation Test Lab Setup and Instructions appeared first on Gigaom.

]]>
This report documents the GigaOm Field Test Lab Setup instructions to evaluate Aporeto’s zero trust cloud security solution. This report corresponds to the GigaOm Report: Zero Trust Cloud Security Provider Aporeto: Product Profile and Evaluation, Stronger Security, Simpler Operations, and Better ROI. Micro-segmentation approaches, such as Aporeto, enable application-specific security controls to be allocated while keeping networking and security professionals assured of policy definition and enforcement.

The GigaOm Multi-Cloud Test Lab environments used in this report include Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure although the findings are relevant for other clouds and on-premises solutions such as VMware, Packet, IBM Softlayer, etc.

The post Aporeto Product Evaluation Test Lab Setup and Instructions appeared first on Gigaom.

]]>