Thursday, December 26, 2024
Latest:

Networkworld

Networkworld 

VMware picks up partners for open-source confidential computing development

TH Author , ,

Virtualization technology provider VMware has announced that it is partnering with AMD, Samsung, and members of the RISC-V keystone community for the development and operations of confidential computing applications.RISC-V is a hardware standards organization that is designing low-power processors; the Keystone Enclave is an open source project for building customizable trusted execution environments (TEEs).The aim of the new partnership among VMware, AMD, Samsung and RISC-V participants is to collaborate to contribute to the open-source Certifier Framework project for confidential computing. The Certifier Framework is an open-source project started by VMware in 2022 to tackle the key barriers in the development of confidential computing applications.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco firewall upgrade boosts visibility into encrypted traffic

TH Author , , ,

The software that runs Cisco’s new Firewall 4200 Series now includes the ability to see into encrypted traffic without decrypting it, which the vendor says will allow enterprise customers to better protect hybrid and multicloud applications.The enhanced Cisco Encrypted Visibility Engine (EVE) is part of the 7.4 version of the Secure Firewall operating system. Version 7.4 also includes zero-trust capabilities and improved application access control. The 4200 Series’ operating system also helps improve overall firewall performance – it’s twice as fast as previous high-end Cisco firewalls, the company says.EVE, which has been available since version 7.2 of the software, takes things further than traditional firewalls because it now lets customers detect the client application within an encrypted tunnel, according to Rick Miles, vice president of product management, cloud and network security in Cisco’s security business group.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cato Networks launches AI-powered tracker for malware command and control

TH Author

Cato Networks’ new deep learning algorithms are designed to identify malware command and control domains and block them more quickly than traditional systems based on domain reputation, thanks to extensive training on the company’s own data sets.Cato, a SASE provider based in Tel Aviv, announced the new algorithmic security system today. The system is predicated on the idea that domain reputation tracking is insufficient to quickly identify the command servers used to remotely control malware. That’s because most modern malware uses a domain generation algorithm (DGA) to rapidly generate pseudorandom domain names — which the deployed malware also has a copy of.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

How IT pros can benefit from generative AI safely

TH Author , ,

The enterprise IT landscape is littered with supposedly paradigm-shifting technologies that failed to live up to the hype, and intil now, one could argue that AI fell into that category. But generative AI, which has taken the world by storm in the form of OpenAI’s ChatGPT chatbot, just might be the real deal.Chris Bedi, chief digital information officer at ServiceNow, says the release of ChatGPT last November was “an iPhone moment,” an event that captured the public’s attention in a way that “changed everything forever.” He predicts that generative AI will become embedded into the fabric of every enterprise, and he recommends that CIOs and other IT leaders should begin now to develop their generative AI strategies.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Network spending priorities for second-half 2023

TH Author , ,

OK, it’s not been a great first half for many companies, from end users to vendors and providers. The good news is that users sort of believe that many of the economic and political issues that have contributed to the problem have been at least held at bay.There’s still uncertainty in the tech world, but it’s a bit less than before. Most of the companies I’ve talked with this year have stayed guardedly optimistic that things were going to improve. Over the last month, of the nearly 200 companies I’ve emailed with, only 21 were “pessimistic” about the outlook for their tech spending in the second half.Lack of pessimism doesn’t translate to optimism, though, and optimism is a bit non-specific for network and IT planners to build on. What are the user priorities for tech for the rest of the year? Do they think their budgets will shift, and if so from what to what? Are they looking to make major changes in their networks, change their vendors, be more or less open? I thought I knew some of the answers to these questions, but for some I was wrong.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco spotlights generative AI in security, collaboration

TH Author , , ,

Looking to harness a decade of AI/ML development Cisco this week previewed generative AI-based features it will soon bring to its Security Cloud service and Webex collaboration offerings.Cisco said it was looking meld the network and security intelligence it has amassed over the years with the large language models (LLMs) of generative AI to simplify enterprise operations and address threats with practical, effective techniques.  The first fruits of this effort will be directed at the Cisco Security Cloud, the overarching, integrated-security platform that includes software such as Duo access control and Umbrella security as well as firewalls and  Talos threat intelligence access all delivered via the cloud.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco jumps into SSE arena, boosts application security

TH Author , , , ,

Cisco this week took the wraps off a security service edge (SSE) offering that aims to help enterprises securely connect growing edge resources, including cloud, private and SAAS applications.Along with the SSE package, the vendor made two additional application security-related announcements at its Cisco Live! customer event. It unveiled Cisco Multicloud Defense, which is a new service designed to protect cloud service workloads, and it upgraded Panoptica, its cloud-native security application development software.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco aims for AI-first security with Armorblox buy

TH Author , ,

Cisco plans to buy Armorblox, a six-year-old AI vendor, to help create “an AI-first Security Cloud.”“Leveraging Armorblox’s use of predictive and Generative AI across our portfolio, we will change the way our customers understand and interact with their security control points,” wrote Raj Chopra senior vice president and chief product officer for Cisco Security in a blog announcing the pending acquistion.While securing email was Armorblox’s first application of its AI techniques, they might also be applied to attack prediction, rapid threat detection, and efficient policy enforcement, Chopra wrote. “Through this acquisition though, we see many exciting broad security use cases and possibilities to unlock.”To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Why it makes sense to converge the NOC and SOC

TH Author , , ,

It’s been 17 years and counting since Nemertes first wrote about the logic of integrating event response in the enterprise: bringing together the security operations center (SOC) and network operations center (NOC) at the organizational, operational, and technological levels. Needless to say, this has not happened at most organizations, although there has been a promising trend toward convergence in the monitoring and data management side of things. It’s worth revisiting the issue.Why converge?
The arguments for convergence remain pretty compelling:
Both the NOC and SOC are focused on keeping an eye on the systems and services comprising the IT environment; spotting and understanding anomalies; and spotting and responding to events and incidents that could affect or are affecting services to the business.
Both are focused on minimizing the effects of events and incidents on the business.
The streams of data they watch overlap hugely.
They often use the same systems (e.g. Splunk) in managing and exploring that data.
Both are focused on root-cause analysis based on those data streams.
Both adopt a tiered response approach, with first-line responders for “business as usual” operations and occurrences, and anywhere from one to three tiers of escalation to more senior engineers, architects, and analysts.
Most crucially: When something unusual happens in or to the environment (that router is acting funny), it can be very hard to know up front whether it is fundamentally a network issue (that router is acting funny – it has been misconfigured) or a security issue (that router is acting funny – it has been compromised) or both (that router is acting funny – it has been misconfigured and is now a serious vulnerability). Having fully separate NOC and SOC can mean duplicative work as both teams pick something up and examine it. It can mean ping-ponging incidents that bounce from one to the other, or incidents that neither picks up, thinking the other has or will.

At the very least, the lower tiers of separate NOC and SOC operations should be converged, so that there is neither duplication nor a game of hot potato as staff try to figure out what a problem actually is, and whether the response will be network focused, security focused, or both. Maintaining separate or semi-separate escalation paths is supportable given that lower-level convergence.To read this article in full, please click here READ MORE HERE…

Read more