StackRox brings container and Kubernetes security for Stratus Medicine on Google Cloud Platform

StackRox, a provider of container and Kubernetes security, announced on Tuesday that Stratus Medicine has deployed the StackRox Kubernetes Security Platform to secure healthcare data and achieve Health Insurance Portability and Accountability Act (HIPAA) compliance.

Stratus Medicine provides a platform-as-a-service for healthcare providers and technology suppliers to collaborate on innovative applications. Using the Stratus Platform running in Google Cloud Platform, these healthcare entities can test and validate new technologies while keeping patient and other sensitive data protected by Stratus. Stratus Medicine relies on StackRox to secure and protect critical customer and healthcare data running in its multi-tenant platform.

StackRox finds and secures all deployments and pods across namespaces and clusters, allowing Stratus to run at the speed and scale of DevOps while protecting applications and development infrastructure. It also streamlines vulnerability management for Stratus’ Kubernetes environments by integrating with the CI/CD pipeline to prevent known vulnerabilities from ever getting deployed.

StackRox automates checks for HIPAA compliance, identifies gaps or non-compliance with controls, provides clear and detailed remediation information, and exports evidence of compliance ahead of audits. It also provides a dynamic, multi-factor risk assessment that enables Stratus to immediately prioritize and triage the highest-risk deployments in the environment at all times, and leverages a combination of rules, whitelists, and behavioral modeling to automatically detect threats and leverage built-in controls in Kubernetes for response.

“Containers and Kubernetes enable us to deploy new applications rapidly while maintaining isolation, decreasing the risk of data breach,” said Chris Mutzel, principal architect for Stratus Medicine. “StackRox enables us to protect patient data, ensure HIPAA compliance, and protect our systems from vulnerabilities in the applications that our customers upload. The StackRox platform continuously hardens our container and Kubernetes environments, and it automatically detects and prevents threats. As we evaluated vendors, we found that StackRox was the only solution that was both container-centric and Kubernetes-centric, which provides both deeper context for risk prioritization and Kubernetes-native policy enforcement.”

“Stratus Medicine is providing critical infrastructure that is much needed in improving health outcomes and reducing costs,” said Kamal Shah, CEO of StackRox. “StackRox helps Stratus Medicine to realize all the benefits of containers and Kubernetes and address their various security and compliance requirements. Furthermore, StackRox was seamless to deploy within their environment, enabling security to be automated and part of their DevOps workflow.”

The StackRox Kubernetes Security Platform supports all Kubernetes deployments, including self-managed clusters; managed services such as Amazon EKS, Azure AKS, and Google GKE; and Kubernetes distributions such as Red Hat OpenShift and Docker Enterprise Edition. The latest StackRox update includes capabilities to enable organizations to verify and provide evidence for compliance with NIST SP 800-190, PCI DSS 3.2, and HIPAA standards.

Actifio unveils Actifio GO backup-as-a-service offering on Google Cloud

Actifio announced Tuesday at Google Cloud Next '19 the availability of Actifio GO Backup-as-a-Service on the Google Cloud Platform (GCP) Marketplace, extending the software that enables organizations everywhere for faster and simpler backup and restore, the acceleration of DevOps and analytics initiatives, as well as compliance with regulatory requirements without the need for additional on-premises licensing or infrastructure.

As a Google Cloud Technology Partner, Actifio has already helped numerous enterprises accelerate access to their mission-critical databases and other workloads on Google Cloud.

Actifio GO on GCP addresses not only the need to contain copy data sprawl and reduce storage costs, but also enables enterprises to meet today's scale, speed and data transformation requirements while delivering the low-friction cloud experience.

Actifio GO accelerates customers' time to go-live by up to 17x, by eliminating the need to deploy and manage copy data management software, by requiring no on-premises storage, and with a no-risk free trial, pay-per-use model and no lock-in -- not even to Actifio GO.

"Enterprises are modernizing and optimizing their IT infrastructure by utilizing the security and reliability of Google Cloud," said Rich Sanzi, VP of Engineering, Google Cloud. "Backup-as-a-Service solutions from technology partners like Actifio enable organizations with an easy way to protect their cloud workloads as an extension of their business continuity strategy with Google Cloud."

"Applications and data are increasingly distributed across multi-cloud environments and need to be seamlessly protected, managed, moved and accessed anywhere,” said Ash Ashutosh, co-founder and CEO of Actifio. “We have worked closely with Google Cloud to integrate pioneering multi-cloud operational automation technologies with our battle-tested data virtualization and data pipelining technologies. Actifio GO for Google Cloud will deliver an outstanding user experience and proven business value at cloud scale, cloud speed and cloud agility."

Kaspersky Lab exposes Genesis underground e-shop with large number of digital doppelgangers for sale to bypass financial anti-fraud solutions

Kaspersky Lab has published on Tuesday the results of an investigation into Genesis, an e-shop that is trading over 60,000 stolen and legitimate digital identities, making successful credit card fraud that much easier to conduct. This marketplace as well as other malicious tools involve abusing the machine-learning based anti-fraud approach of ‘digital masks’, a unique, trusted customer profile based on known device and behavior characteristics.

Every time someone enters financial, payment and personal information in an online transaction, advanced, analytic, machine learning anti-fraud solutions match that person against something called a digital mask. These masks are unique to each user and combine the fingerprints of devices and browsers commonly used to make payments/bank online (i.e. screen and OS information, a range of browser data like headers, time zone, installed plugins, window size, etc.) with advanced analytics and machine learning (the individual user’s cookies, online and computer behavior, etc.).

That way, the financial organizations’ anti-fraud teams can determine whether it is truly that person entering their credentials, or a malicious carder trying to buy goods using a stolen card, and either approve or deny the transaction, or send it on for further analysis.

However, the digital mask can be copied or created from scratch, and Kaspersky Lab’s investigation has found that cybercriminals are actively using such digital doppelgangers to bypass advanced anti-fraud measures.

In February, Kaspersky Lab research uncovered the Genesis Darknet marketplace – an online shop selling stolen digital masks and user accounts at prices ranging from $5 to $200 each. Its customers simply buy previously stolen digital masks together with stolen logins and passwords to online shops and payment services, and then launch them through a browser and proxy connection to mimic real user activity. If they have the legitimate user’s account credentials, the attacker can then access their online accounts or make new, trusted transactions in their name.

“We see a clear trend of carding fraud increasing around the world,” said Sergey Lozhkin, security researcher, Kaspersky Lab. “While the industry invests heavily in anti-fraud measures, digital doppelgangers are hard to catch. An alternative way to prevent the spread of this malicious activity is to shut down the fraudsters’ infrastructure. That is why we urge law enforcement agencies across the world to pay extra attention to this issue and join the fight.”

Other tools enable attackers to create from scratch their own unique digital masks that won’t trigger anti-fraud solutions. Kaspersky Lab researchers have investigated one such tool, a special Tenebris browser with an embedded configuration generator to develop unique fingerprints. Once created, the carder can simply launch the mask through a browser and proxy connection and conduct any operations online.

In order to enhance security, Kaspersky Lab recommends businesses enable multi-factor authentication at every stage of user validation processes; consider introducing new methods of additional verification, such as biometrics; harnessing advanced analytics for user behavior; and integrating Threat Intelligence feeds into SIEM and other security controls in order to get access to the most relevant and up-to-date threat data, and to prepare for possible future attacks.

WatchGuard Cloud Platform helps MSPs’ demand for simplified, scalable security deployments, management and reporting

WatchGuard Technologies unveiled on Tuesday the WatchGuard Cloud platform, which centralizes security management and reporting from a single cloud-based interface. Built from the ground up to support and enable managed service providers (MSPs), WatchGuard Cloud reduces infrastructure costs, accelerates customer acquisition, and minimizes time spent on reporting and operational tasks.

The WatchGuard Cloud platform is the management platform of the future for MSPs because it simplifies how they protect their customers while enabling rapid, efficient and profitable growth. It delivers true multi-tier, multi-tenant capabilities, scaling automatically to allow MSPs to create and manage an unlimited number of customer accounts, deploy new WatchGuard appliances, manage and deploy WatchGuard applications, and gain valuable insights into a customer’s network.

WatchGuard Cloud is built on a multi-tier, multi-tenant architecture, allowing service providers to create and onboard any number and type of customer accounts, while ensuring separation of data between tenants and role-based access to information. The platform responds immediately and automatically to changing compute and storage requirements, allowing the platform to maintain high performance, running reports in seconds across terabytes of data while providing summarized insights.

WatchGuard Cloud’s inventory management features let service providers view and track licensing across all customers. They can also allocate and deallocate services to those customers on terms that fit their service models. Additionally, WatchGuard Cloud provides tenants with the ability to delegate access to another tenant, including control over duration and permissions.

As a centralized management interface, the WatchGuard Cloud platform allows users to quickly and easily configure alerts and notifications across all security applications, including visibility of Firebox UTM and AuthPoint multi-factor authentication events. MSSPs can access notifications on anything from customer licenses, usage or expirations to security and performance updates.

WatchGuard Cloud offers a variety of data retention options — including 30 days with the WatchGuard Total Security Suite — removing the need to configure, deploy, maintain and scale servers and appliances for logging and reporting. As a cloud-hosted service, the platform has no hardware requirements for service providers to deploy, resulting in reduced cost and time spent deploying and maintaining servers either locally or in data centers.  

Building upon the Dimension solution, WatchGuard Cloud comes equipped with more than 100 dashboards and reports that identify key network security threats, issues and trends, while accelerating users’ ability to set and enforce meaningful security policies. Security of the centrally managed, cloud-hosted platform itself is a top priority for WatchGuard.

Not only are user logins protected by advanced multi-factor authentication, but WatchGuard Cloud offers built-in security for data in transit, and at rest, which enables users to implement role-based access control and supports the logical separation of data between tenants, as well as partitions between subscriber accounts.

“MSPs need a modern, cloud-hosted security solution that’s capable of providing powerful security insights, unlimited scalability and easy deployment processes,” said Andrew Young, SVP of product management at WatchGuard. “WatchGuard’s mission is to make cyber security simple, and this applies not just to end users, but also to the partners who deploy, configure, and manage our products and services. Simplicity is in our DNA, so we are extending that to our partners with the launch of WatchGuard Cloud.”

“WatchGuard Cloud’s easy deployment, granular insight and cost-effectiveness has been a game-changer for our business,” said Carl Mazzanti, president of eMazzanti Technologies. “In the retail industry, delays, downtime and breaches can be impossible to come back from. Our customers have unrivaled peace of mind knowing that through the intuitive WatchGuard Cloud interface we can spin up new stores that are highly secure and compliant, manage and monitor each location from anywhere, and always access in-depth insight into performance and security anomalies in real time.”

The WatchGuard Cloud platform provides centralized management of security applications and strengthens MSPs’ ability to deliver differentiated, profitable services to their customers.

CentralSquare debuts cloud-based software for mid-tier government; delivers security, lowers costs

CentralSquare announced that Tehama County, California, has begun their migration to Public Administration Finance Professional, CentralSquare’s cloud-hosted finance suite, to manage the county’s accounting, payroll and treasury functions.

CentralSquare Finance Pro provides numerous benefits, including more secure and resilient environments as a result of greater emphasis on disaster recovery and backup, ongoing and automated updates for leveraging the latest functionality and lower total cost of ownership, making it the most compelling software suite for local governments nationwide.

In the digitally connected world, emerging technologies have the potential to transform public service operations. Yet government agencies are challenged by increased demands on limited resources and cumbersome IT systems, even as they recognize the need to rethink their use and adoption of technology.

CentralSquare Public Administration Suite Pro answers this challenge by delivering a unified, end-to-end enterprise suite for finance, asset management, community development, human capital management, municipal services, utilities and citizen engagement.

Among its advancements, Public Administration Suite Pro helps improve government operations and citizen satisfaction by offering workspaces that enable easy access to finance, utility billing, community development and analytics software from a single, intuitive user interface. It also delivers single sign-on and user-management launch point that simplifies the login process and eliminates the hassle of remembering multiple passwords.

The offering also delivers workflow engine that streamlines paper forms into digital workflows and automates land-use planning, permitting and inspection processes for community development; and citizen engagement portal which empowers citizens with the convenience of applying online for building permits, business licenses, code compliance and utilities, without the extra effort of having to call or visit the municipality.

By taking advantage of the benefits of the cloud, public sector agencies maximize limited resources, increase IT flexibility and improve service. Shared infrastructure and economies of scale leverage scarce budget dollars by enabling agencies to scale their usage to match requirements, pay for only the IT resources they use and centralize IT services and data elements on a secure network.

Additionally, Public Administration Pro’s embedded analytics and automation unify business processes spanning multiple applications and datasets through a single user interface. As a result, governments realign organizational thinking by shifting their focus away from managing data to providing services, which creates a significant and measurable impact for citizens.

“We no longer have to maintain servers onsite, so there’s an extra level of security and reliability,” said Krista Peterson, Assistant Auditor for Tehama County. “That’s especially important right now with several neighboring counties experiencing massive fires recently, so having our data storage securely maintained by CentralSquare offsite is a big plus for us.”

She adds, “It has been difficult to find the budget for upgrades and additional IT services for our onsite system. Now, anytime there’s an update, we’ll have the latest and greatest without the need to contract out for IT assistance to help with basic needs like W-2 or 1099 updates.”

NetApp MAX Data joins with Intel Optane DC persistent memory for improved performance

NetApp announced NetApp Memory Accelerated Data (MAX Data) 1.3 supporting the Intel Optane DC persistent memory. The combination of MAX Data and Intel Optane DC persistent memory enables organizations to stay competitive by doing more with their data so they can do more for their customers.

Companies are challenged with using unprecedented volumes of data to achieve real business impact. Taking advantage of data is often easier said than done. New applications such as artificial intelligence, machine learning, deep learning, real-time analytics, and Internet of Things (IoT), all of which are memory hungry and fueled by massive datasets, compound this challenge.

By using a promising new memory tier, NetApp helps customers put their data to work without having to re-architect their critical applications. MAX Data gives customers the tools to unlock the value of enormous datasets and extend a Data Fabric strategy all the way into their servers with applications and data that are critical to their business.

MAX Data is an enterprise storage solution using Intel Optane DC persistent memory in servers to store persistent data delivering affordable, memory-like low latency and flash-like capacity, without any rewrites required to application code, allowing companies to take full advantage of the benefits of real-time apps.

"As the leading developer of digital humans technology and creative content, we chose NetApp MAX Data to support our SUNFLOWER Framework that enables acquisition of huge 3D and 4D data sets, for which intense development work is then fueled with more application workloads per server," said Milan Kljajic, system engineer, 3Lateral.

“With NetApp MAX Data now supporting Intel Optane DC persistent memory, organizations can accelerate data pipelines across an entire enterprise to power applications such as Oracle and MongoDB with the simplicity, choice, and scale necessary for real business impact,” said Joel Reich, executive vice president, Storage Systems and Software, NetApp. “With the volume of data generated and managed across on-premises data centers, IoT devices and sensors, as well as in hybrid cloud environments, having a Data Fabric strategy that spans edge, core, and cloud is essential to business success.”

“Customers can unlock the value of their data stockpiles with the powerful combination of 2nd generation Intel Xeon Scalable processors and Intel Optane DC persistent memory,” said Jennifer Huffstetler, vice president and general manager, Datacenter Product Management and Storage at Intel. “Working with innovators like NetApp will help us move, store and process more data than ever before.”

Close to 43% of employees grapple to locate documents, making collaboration and communication a challenge

Igloo Software released its second annual State of the Digital Workplace report, which examines trends and progress in the ways employees communicate, collaborate, and share knowledge in the workplace.

The study found 43 percent of employees have avoided sharing a document with a colleague because they couldn’t locate it or believed that tracking it down would take too long, pointing to a disconnect in the way company information is stored and accessed. As organizations continue to digitally transform, it’s crucial for decision-makers to prioritize knowledge sharing and collaboration – a challenge businesses have faced for decades.

In addition to uncovering knowledge sharing and communication challenges as a whole, the study examined specific trends like privacy, remote working, and social media habits.

Igloo assists companies move beyond traditional intranets to inspiring digital destinations that improve communication, knowledge sharing, collaboration, and culture.  All Igloo solutions are fully, cloud-based, mobile-enabled, and integrate with enterprise systems and cloud apps that the business relies on. By centralizing all information, Igloo provides a single-source-of-truth and enables a more productive and engaged workforce.

Other findings from the report include 69% of remote workers feel that the tools they use are causing them to miss out on important communication and collaboration opportunities that working in an office would not present;

55% use a non-company approved communication app because it’s more user friendly and less likely to be monitored or tracked; and 71% of directors (and above) said they have not posted something to social media because they have concerns a coworker might see it.

“There’s no shortage of communication or knowledge management apps available to businesses today, but it’s important to understand your workforce’s specific challenges before rolling them out,” said Igloo Software CMO Mike Hicks. “We’re seeing businesses adopt more applications with the goal of increasing productivity, yet this approach continues to yield discouraging results for both employees and the organization. This study provides business leaders with a closer look into the major workplace challenges of 2019, and will assist in determining the type of digital workplace solutions that best fit their company’s needs.”

“Igloo has now conducted this study for two consecutive years, and the feedback we receive helps us understand how we can continue to develop innovative digital workplace solutions,” added Hicks. “What motivates Igloo each day is continuing to find better ways to unite organizations and improve the way work happens. Every organization needs to be aware of the workplace challenges identified in this study and take corrective actions to address them. Modernizing their intranet and creating a digital destination for employees is a great first step that helps drive productivity, innovation, and creates a real competitive advantage. Improving the employee experience has a direct impact on the customer experience. It’s really that simple.”

Kingston Digital debuts high endurance microSD cards, with memory solution for multiple write cycles, seamless recording

Kingston Digital introduced on Monday its new High Endurance microSD card, designed for write-intensive application use such as home security and surveillance cameras, dash cameras and body cameras.

As write-intensive applications critically depend on a high level of reliability and performance, Kingston’s High Endurance microSD card provides durability, high-storage capacity and prolonged endurance to meet the recording demands of security cameras and dash cameras.

The High Endurance microSD card stores up to 20,000 hours of seamless video recording in full 1080p HD to capture a reliable record of what happens whether at home or on the road.

Kingston’s High Endurance microSD cards are engineered and tested for use in harsh conditions and are durable enough to protect from extreme temperatures, shock, water and x-rays. When needed the most, the High Endurance microSD card is the reliable solution to capture critical moments over a long period of time without the risk of compromised or lost data.

Kingston’s High Endurance microSD cards are engineered and tested for use in harsh conditions and are durable enough to protect from extreme temperatures, shock, water and x-rays. When needed the most, the High Endurance microSD card is reliable to capture critical moments over a long period of time without the risk of compromised or lost data.

“Surveillance footage captured by home security systems and dash cams can prove to be incredibly valuable. Consumers need to feel confident their memory cards are built to withstand extreme conditions while still providing a stable storage solution to capture critical recordings when they need it the most,” said Annette Chan, Flash card business manager, Kingston. “Dash cameras in vehicles and security cameras at home are becoming more commonplace and with the addition of our new High Endurance microSD card we’re able to meet the ever-growing demand for capturing hours of video monitoring content, while providing high performance, seamless recording and trusted Kingston reliability.”

Kingston’s High Endurance microSD cards are available in 32GB, 64GB and 128GB capacities and are backed by a two-year warranty, free technical support and legendary Kingston reliability.

Splice Machine introduces ML Manager Beta program to meet growing demand for operational AI

Splice Machine launched on Monday its beta program for ML Manager, a native data science and machine learning platform. Operating on top of Splice Machine's data platform, ML Manager empowers data science teams to maximize the performance of their machine learning models by removing the latency associated with building complex data pipelines, performing cumbersome transformations and training models on updated data.

With ML Manager, data scientists can experiment on ten times as many data pipelines to optimize their models, and when they eventually deploy the model into the production environment, it can immediately start making predictions in real time.

ML Manager provides data scientists and data infrastructure administrators with data science libraries, including MLlib, and familiar tools, such as Apache Zeppelin, Scala, Python, SQL and R. In addition, ML Manager delivers superior performance through seamless integration of Splice Machine tables and Spark DataFrames.

To simplify the machine learning lifecycle process, ML Manager integrates with MLflow (beta), an open source platform for managing the end-to-end machine learning lifecycle. With MLflow, data scientists can determine the effectiveness of their models by logging the parameters, code, and metrics for each experiment. Data scientists can then visualize and compare the various experiments, and ultimately deploy the model with the highest predictive power into production.

MLflow also provides data science managers with model governance and audit capabilities through visibility into datasets, transformations, and parameters that underlie the model deployed into the production environment.

With these enterprise-grade capabilities in place, MLflow-packaged models can then be deployed via Amazon Sagemaker for seamless implementation. MLflow and Sagemaker, as part of ML Manager, makes it possible for data scientists to build a higher number of effective models by spending less time on the challenges of experimentation, tracking, and deployment.  

IT data infrastructure consisting of separate transactional, analytical, and data science platforms is not viable for today's modern machine learning-powered applications because it is not agile enough to deliver the real-time data that is needed to continuously train the machine learning model in minutes versus hours or days.

ML Manager helps enhance the productivity of data scientists by running the machine learning models at the database level using the most current data available. This approach facilitates retraining the model whenever the underlying data attributes change, ensuring that the model is operating at its optimum performance.

"At Euler, we see first-hand how enterprises have tried to integrate machine learning and artificial intelligence into their business. Often times, companies are held back by their existing data infrastructure and the inherent latency it adds into the process," said Himanshu Nautiyal, CEO at Euler Systems. "With ML Manager as part of Splice Machine's operational AI data platform, companies now have a modern option to power applications and take control of machine learning on a unified platform."

"Enterprises can no longer afford to have latency in the machine learning models they rely on to power their mission-critical applications," said Monte Zweben, CEO, Splice Machine. "Whether you are relying on real-time data to combat online fraud, or want to serve up relevant recommendations to customers in real time, the need for reliable, timely data is omnipresent across industries. ML Manager removes the friction and delays in the data science process, allowing for optimal performance through fast, continuous learning and training of ML models."

Western Digital, AMD cater to memory scaling demand for growing in-memory computing workloads

Western Digital announced latest memory extension solution with AMD to meet the need of a growing number of customers to scale addressable memory sizes of existing servers for business-critical in-memory workloads such as real-time analytics.

The combined solution of AMD EPYC processors with the Ultrastar DC ME200 Memory Extension Drive expands memory footprints at a higher memory-per-core ratio, in a scalable and cost-effective way.

The Ultrastar DC ME200 Memory Extension Drive improves the AMD EPYC processor-based server memory-to-core ratio compared to conventional scale-out DRAM compute clusters using only DIMMs. The memory expansion scalability of the Ultrastar memory drives also enables lower TCO of in-memory infrastructure through consolidation.

For example, a cluster holding 30TiB of data in memory, using 30 nodes of 1TiB each, can be reduced to only eight nodes with 4TiB system memory each, with the added benefit of increased per-node CPU utilization.

The Ultrastar memory drive is an ideal solution for in-memory database engines like SAP HANA, Oracle, IBM and Microsoft, as well as scale-out memory-centric architectures, such as, Redis, Memcached, Apache Spark and large-scale databases.

Introduced last October, the Ultrastar DC ME200 Memory Extension Drive is drop-in ready and PCIe-device compatible for scalable in-memory computing to address higher application performance needs and increasingly dynamic workloads and architectures.

The latest version of the Ultrastar memory drive now supports AMD EPYC processors so cloud architects, DevOps leaders and digital platform managers can accommodate growing data sets onto larger memory pools by augmenting DRAM without requiring changes to existing Linux OS and application stacks.

“For customers needing access to a broader memory footprint at a higher memory-per-core ratio, a server using AMD EPYC processors and Ultrastar memory drives can significantly scale addressable memory sizes of existing and new servers for in-memory applications and databases,” said Raghu Nambiar, CVP & CTO, datacenter ecosystems and application engineering, AMD. “This means that customers can achieve increased productivity with additional cost savings from greater addressable memory density, as well as reduced data center operations and resource consumption.”

“AMD EPYC processor-based servers, combined with Ultrastar memory drives, can greatly increase the amount of overall memory per server to provide more cost-effective data center infrastructure for in-memory applications,” said Eyal Bek, vice president, data center and client computing devices at Western Digital. “We are deeply committed to working with partners like AMD to improve the ability of digital business customers to grow data sets without the imposing data center infrastructure costs.”

Available now, the Ultrastar memory drive is drop-in ready and PCIe-device compatible with most servers. Available in 1TiB, 2TiB and 4TiB, the solution requires no modifications to the operating system, system hardware, firmware or application stacks. For expandability, a 1U server can typically support up to 24TiB of system memory using the Ultrastar memory drive for in-memory compute clusters. Supported server interfaces are NVMe and PCIe with either U.2 or AIC (add-in-card) HH-HL form factors.