We will review platforms delivering Security Posture Management and Workload Protection for Microservice based and Hybrid Cloud Workloads.

Registrants will learn how new customers can benefit from Prisma Cloud to better secure their complex multi-cloud environments. Existing customers will learn about new features they can take advantage of and how to optimize their limited resources.

Register now to join GigaOm and Palo Alto Networks for this free expert webinar.

The post Managing Vulnerabilities in a Cloud Native World appeared first on Gigaom.

With DevOps practices and cloud deployments becoming more widespread, the risk posed by vulnerabilities and insecure configurations in legacy workloads and web applications in the cloud continues to increase. In addition, modern IT systems have grown larger and more complex, which makes grappling with large amounts of data increasingly difficult, even as security personnel struggle with the overload of events that can make it difficult to extract actionable intelligence related to business risk and threat context.

When making decisions about vulnerability management products, IT decision makers should consider solutions that can address security issues at scale and reduce the overall vulnerability lifespan, from initial discovery to the final stages of remediation, patching, or image rotation. A successful vulnerability management program prioritizes vulnerabilities based on local context and outside threats to provide actionable insights to developers in their preferred workflow tools for more efficient resolution.

Modern vulnerability management tools focus on security bugs discovered not only during runtime, but also in the build phase of the software design lifecycle (SDLC) when software artifacts are developed. Shifting security left is an automated vulnerability detection and response capability that gets integrated into the developer toolkit as plugins in the IDE or as part of the CI/CD pipeline process. Issues are resolved as soon as possible to avoid the cost and complexity impact of doing this later on in the lifecycle. The SDLC security program aims to optimize the process of building applications, including architectural reviews, static and dynamic code analysis, and the use of software composition analysis (SCA) to examine all artifacts for known vulnerabilities, and to rotate images continuously from development through test to production.

In modern IaaS and PaaS delivery models, vulnerability management tools support the inspection of code that is responsible for the deployment, integration, management, security configuration, and overall compliance of the cloud infrastructure, including microservices. Infrastructure-as-Code should be included in the scope of your vulnerability management program to ensure that pipeline components used to run application microservices are deployed securely.

We have found that the best solutions can ingest vulnerability and local asset information, as well as threat management data, from various sources so as to prioritize recommendations. For patch management, image rotation, or other remediative strategies to be effective, we must prioritize the issues that matter most to your organization. This requires local context, such as critical vulnerabilities found within high-value assets that may contain sensitive data, systems that are exposed to the internet, and determining whether vulnerable packages are actively used by applications. Prioritization also requires external threat intelligence sources that can enrich detections with information about recent vulnerability exploits, and any vulnerabilities known to be exploited for ransomware attacks or that can spread across your network (wormability). This information can help filter out the vulnerabilities that matter most so you can focus on patching and adopting remediative controls to mitigate the possibility of attacks.

Each of the vulnerability management tools we evaluate in this report interacts with different phases of the SDLC. It is important to consider potential feature gaps in coverage when evaluating vulnerability management tools. Visibility into the respective phases of the application lifecycle can provide valuable insights, but it could also result in redundant findings when tools overlap. Duplicate data needs to be correlated and decisions on remediation should be prioritized based on risk, taking into account the threats being faced on a day-to-day basis.

These newer tools help us to be more effective with the limited resources of today’s cybersecurity teams. This is a great opportunity to take a fresh look at how the security operations center (SOC) is staffed and how duties and responsibilities are defined. When bringing on new staff or negotiating a contract with a managed service provider, be sure the upcoming threat landscape is covered from a policy compliance and vulnerability management perspective for the entire SDLC, extending from the developers’ workstations to the build environment to the kubernetes server.

This Radar Report evaluates the capabilities of notable players in the space against the points laid out in the Key Criteria Report.

The post GigaOm Radar for Vulnerability Management appeared first on Gigaom.

A security vulnerability is a weakness that can compromise the confidentiality, integrity, and availability (CIA) of information. Attackers are constantly looking to exploit defects in software code or insecure configurations. Vulnerabilities can exist anywhere in the software stack, from web applications and databases to infrastructure components such as load balancers, firewalls, machine and container images, operating systems, and libraries. This includes code used in the CI/CD pipeline as well as the infrastructure-as-code (IAC) that defines the compute, network, and storage infrastructure.

Recent cybersecurity events have exposed widespread vulnerabilities involving the exploitation of zero-day malware and unknown weaknesses. Threat actors continually discover new exploitation tactics, techniques, and procedures (TTPs) to take advantage of weaknesses throughout integrated systems. Moreover, identifying breach paths is increasingly complicated due to the widespread adoption of ephemeral services.

Vulnerability management solutions should provide end-to-end visibility of the protect-surface by aggregating both platform and application risks in a single pane of glass, while leveraging prioritized remediation based on business risk and threat context for efficiency. Containerized workloads deployed via DevOps pipelines have unique security requirements that demand a fully integrated vulnerability assessment to be automated into cloud platform services running containerized workloads.

The path to a mature security posture starts with the ability to identify vulnerabilities in software code, third-party libraries, and at runtime. In addition, the cloud platform used to host your applications should be scanned for misconfigurations. This requires the use of policy configuration baselines, benchmarks, and compliance standards that apply to both the infrastructure and the code used to build it. As organizations implement security guardrails early in the software development lifecycle (SDLC), they can take advantage of cloud-native culture to ensure network and security tools are used throughout all phases of the SDLC.

This GigaOm report explores the key criteria and emerging technologies that IT decision makers should evaluate when choosing a vulnerability management solution. The key criteria report, together with the GigaOm radar report that evaluates relevant products, provides a framework to help organizations assess the solutions currently available on the market and how these tools fit with their requirements.

The post Key Criteria for Evaluating Vulnerability Management Tools appeared first on Gigaom.

Given the buildup regarding edge computing, what should organizations do about their current and future network strategy? How can network teams create or tune their plan to effectively meet these emerging challenges with appropriate efforts in connectivity, network performance, agility, and cost? By adopting a modern cloud NetOps framework, enterprises can eliminate data and networking silos, build for state streaming, incorporate APIs, and leverage advanced data analytics, all while automating network management. Thankfully, technologies and vendors are providing new ways to keep pace with these changes.

In this report, we find:

• Effective network strategy must flow from the overall business goals, and be flexible enough to change as they move.
• Enterprises should understand their national and global footprints from a physical and routing perspective while anticipating ongoing change.
• Networking teams should fully leverage Software-Defined Networking (SDN) as well as implement and plan for Intent-Based Networking (IBN) and Software-Defined Perimeter (SDP).
• Zero Trust network design adds resilience to large and agile networks for less cost. However, legacy networks and data centers still require a strong network perimeter with all the legacy security controls. Consider modernizing these older environments prior to adopting SDN.
• Effective monitoring is essential for situational awareness and decision making. Time-based, operational databases are a powerful solution.
• These key technologies (SDN, IBN, and SDP) are important enablers of mobile and IoT applications.

The post Taking Network Strategy to the Edge appeared first on Gigaom.

Micro-segmentation approaches, such as Aporeto, enable application-specific security controls to be allocated while keeping networking and security professionals assured of policy definition and enforcement. This creates a middle ground between an “anything goes” approach and having a fully locked-down environment, allowing application developers to define and control the ways their application elements communicate while working within predefined security stipulations.

In this report, we provide a comprehensive independent review of the Aporeto solution for network and identity management in a multi-cloud deployment. We review the practicalities of deploying Aporeto to deliver a stronger security architecture for Kubernetes container microservice applications running across distributed networks anywhere. We also evaluate the impact on the IT operations team of running Aporeto versus maintaining legacy security practices. The return on investment for an identity-based security solution becomes clear as we progress through the following series of tests.

The GigaOm Multi-Cloud Test Lab environments used in this report include Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure although the findings are relevant for other clouds and on-premises solutions such as VMware, Packet, IBM Softlayer, etc.

The post Zero Trust Cloud Security Provider Aporeto: Product Profile and Evaluation appeared first on Gigaom.

The GigaOm Multi-Cloud Test Lab environments used in this report include Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure although the findings are relevant for other clouds and on-premises solutions such as VMware, Packet, IBM Softlayer, etc.

The post Aporeto Product Evaluation Test Lab Setup and Instructions appeared first on Gigaom.