HYPER-CONVERGED INFRASTRUCTURE,APPLICATION INFRASTRUCTURE,STORAGE MANAGEMENT
Wallarm | November 14, 2022
Wallarm, the end-to-end API security company, today released its Q3 API ThreatStats™ Report, which provides deep analysis into all published API vulnerabilities and exploits for the quarter. The Wallarm research team dissected the data from a variety of perspectives, including software type, vendor, CVSS scores, CWEs and both OWASP Top-10 (2021) for web apps and OWASP API Security Top-10 (2019). The team also examined publicly disclosed exploit POCs to determine where the risk lies.
The initial analysis indicated that API vulnerabilities and the impacted vendors were leveling off from the significant increase reported in the Q2 API Vulnerability Report, with minimal to no change. Vulnerabilities and vendors impacted experienced a 16% increase, while high to critical rated vulnerabilities remained steady at 57% total.
However, deeper analysis revealed three key findings, which may have costly implications on an organization’s API security program:
Infrastructure. A vast majority of the most impactful vulnerabilities analyzed in Q3 impacted DevOps tools and infrastructure, resulting in a shift of an organization’s security focus.
Injections. While the OWASP Top-10 Injection categories (A03:2021 for web apps and API8:2019 for APIs) top the charts at over 33% of all CVEs analyzed, further inspection reveals many, many variations, which will require extra effort to remediate.
Exploits. A surprising finding was that the average gap between CVE and exploit POC publication was zero days, which greatly impacts a mitigation timeline.
“Almost everyone involved in the API economy, from CISOs and their security teams to DevOps teams and beyond, are talking about API Security this year. However, only a few vendors can explain what it really means, and how to measure and calculate the risks and impact when things go badly. “Wallarm has been committed to tracking and analyzing API vulnerabilities and exploits, and sharing this with the community via our API ThreatStats reports. This Q3-2022 report is the third in a row, and we clearly see a chilling trend in the number, severity and focus of API vulnerabilities and exploits. No joke: the top 10 API issues we're seeing affect core DevOps and PaaS products, such as Kubernetes, Rancher, GitLab, HashiCorp, and several others.”
Ivan Novikov, CEO & co-founder of Wallarm
For more highlights from the final report, please see the Q3-2022 API ThreatStats™ Report executive summary. To learn more, register for Wallarm’s webinar on Thursday, November 10 at 11 AM PT where the research team will present all of its findings.
Wallarm end-to-end API security products provide robust protection for APIs, web applications, microservices, and serverless workloads running in cloud-native environments. Hundreds of Security and DevOps teams choose Wallarm to get unique visibility into malicious traffic, robust protection across their whole API portfolio, and automated incident response for better risk management. The company is committed to supporting modern tech stacks, offering dozens of deployment options in cloud and Kubernetes-based environments, and also provides a full cloud solution. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.
HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE, STORAGE MANAGEMENT
Alphawave IP | October 17, 2022
Alphawave IP Group plc, a global leader in high-speed connectivity for the world's technology infrastructure today announced the acquisition of Banias Labs, an Israel-based optical Digital Signal Processing ("DSP") chip developer for data centers for approximately US$240 million. The acquisition strengthens Alphawave's roadmap of optical DSP silicon products for data centers, a core high growth market for Alphawave.
Alongside the acquisition of Banias Labs, Alphawave has negotiated a non-binding, multi-year purchasing framework with a leading North American hyperscaler that proposes a multi-year roadmap for Alphawave to develop and sell a portfolio of optical products and DSPs, including coherent DSP technology from Banias Labs, with sales potentially ramping to over US$300 million.
"Banias Labs optical DSP technology provides a strong strategic advantage for Alphawave, strengthening our roadmap of DSP silicon solutions for data centers. This acquisition enhances our portfolio of electrical and optical solutions in the most advanced process technologies. The multi-year purchasing framework includes coherent optical solutions, and with the Banias acquisition, Alphawave is expanding its total addressable market by delivering next generation coherent optical solutions for the most advanced data centers."
Tony Pialis, President and Chief Executive Officer of Alphawave
John Lofton Holt, Executive Chairman of Alphawave said: "We are pleased to welcome the talented Banias Labs team to Alphawave. This acquisition aligns with the strategic priorities that we articulated at our IPO, expanding our technology portfolio in high-speed connectivity to support long-term growth. Coherent optics will enable the next level of efficiencies in data center communications, addressing the increasing bandwidth and power efficiency requirements."
About Coherent Optics
Coherent optics is the next evolution of optical solutions, the cornerstone of the industry's efforts to achieve 800G and 1.6T Ethernet speeds while maintaining the required reaches inside and outside of data centers and also significantly reducing power consumption. Coherent technology is predominantly used today in long reaches of over 100km connecting data centers and in telecommunications. Banias Labs' optical DSP technology strengthens Alphawave's optical products roadmap by targeting a growing opportunity for coherent optical technology intra-data center, as shorter reaches adopt this technology.
HYPER-CONVERGED INFRASTRUCTURE,APPLICATION INFRASTRUCTURE
Rescale | November 16, 2022
Rescale, the leader in high performance computing built for the cloud to accelerate engineering innovation, and RedLine Performance Solutions, announced today the availability of the Slurm Rescale Connector to provide Slurm users seamless access to cloud directly from the Slurm interface covering over 1000 managed full-stack HPC applications and access to all major cloud providers worldwide.
"Slurm Rescale Connector provides an easy button to burst workflows to public clouds such as AWS, Azure, OCI, GCP from any existing on-prem HPC environment" said Don Avart, CTO of RedLine Performance Solutions, "We are excited to partner with Rescale on this hybrid solution to allow customers to take advantage of cloud-scale capacity and architectural choices available in the cloud."
With high performance computing (HPC) workloads increasingly run in the cloud, many organizations are developing hybrid cloud strategies. But replicating data center infrastructure in dynamic cloud environments can be prohibitively complex and expensive.
Hybrid Cloud Directly from Slurm
With the Slurm-Rescale Connector, the entire multi-cloud world fully managed by Rescale is presented as one additional infrastructure scheduled by Slurm. This means Slurm users do not need to change how they use the scheduler to get the benefits of cloud-based specialized computing architectures or work at cloud-scale. Administrators can similarly get full visibility to cloud software and infrastructure spend, define policies on which architecture or geographies can be used, all without ever having to directly maintain any cloud-based infrastructure. From a cost perspective, HPC organizations can define budgets to keep cloud spending under control, and work directly with a single unified control, while providing users multi-cloud infrastructure or a rich software catalog. Rescale fully-managed HPCaaS is available with FedRAMP Moderate and ITAR compliance.
"Slurm Rescale Connector enables HPC users and administrators to continue using the tools they know, while getting access to Rescale's catalog of over 1000 HPC fully managed applications, the ability to run any container, features to publish and manage your own software, and all specialized architectures through our intelligent multi-cloud infrastructure - available directly from their on-prem Slurm environment, "In addition, users can also benefit from Rescale's administrative controls and performance optimization features so they can get the best capabilities from the cloud with trust and confidence in full-stack security and delivery."
Peter Lyu, VP of Global Solutions & Customer Success at Rescale
This unique approach to hybrid is possible because Rescale is a fully managed solution for HPC cloud operations that brings full stack security, and support. Users can bring their own software and containers and run it anywhere on Rescale's multi-cloud infrastructure based on IT policies. Additionally, Rescale also maintains popular commercial and open source software in its catalog. Lastly, Rescale provides performance intelligence and guidance on how to best configure workloads to help users get the best performance possible - whether it's to minimize cost or minimize job run time.
The Slurm Rescale connector will be released in 2022 Q4 as open source under the terms of the GNU General Public License as published by the Free Software Foundation.
Rescale is high performance computing built for the cloud, to empower engineers while giving IT security and control. From supersonic jets to personalized medicine, industry leaders are bringing new product innovations to market with unprecedented speed and efficiency with Rescale, a cloud platform delivering intelligent full-stack automation and performance optimization. IT leaders use Rescale to deliver HPC-as-a-Service with a secure control plane to deliver any application, on any architecture, at any scale on their cloud of choice.