Bridgecrew Drops New Developer-first Platform, Streamlines Infrastructure Security from Code to Cloud

Bridgecrew | June 09, 2020

  • Bridgecrew transforms how teams secure their public cloud by embedding infrastructure security earlier in development lifecycles.

  • With new run-time and build-time integrations, Bridgecrew equips developers with automated fixes for cloud security issues—and delivers them as code.

  • Infrastructure-as-code allows teams to provision cloud workloads at scale, presenting both a challenge and opportunity when it comes to security.


Bridgecrew transforms how teams secure their public cloud by embedding infrastructure security earlier in development lifecycles. With new run-time and build-time integrations, Bridgecrew equips developers with automated fixes for cloud security issues—and delivers them as code. Public cloud security posture in run-time Bridgecrew connects seamlessly to cloud environments with run-time scanning for AWS, Azure, and Google Cloud. As teams expand their cloud footprints, Bridgecrew automatically identifies run-time issues that expose them to risk.


But unlike compliance and reporting tools, Bridgecrew comes fully equipped with automated playbooks to correct misconfigured resources. Infrastructure-as-code and workload protection in build-time. Infrastructure-as-code allows teams to provision cloud workloads at scale, presenting both a challenge and opportunity when it comes to security. Bridgecrew helps teams keep infrastructure-as-code secure by scanning for issues in Kubernetes, Terraform, and AWS CloudFormation. Bridgecrew also provides fixes at the infrastructure-as-code level—developers can open pull requests through version control system integrations with GitHub and Bitbucket or run code in their local environments.



Read more: NEED FOR EASY IT INFRASTRUCTURE MANAGEMENT IS DRIVING THE ADVANCED STRUCTURED CABLING MARKET

Infrastructure-as-code allows teams to provision cloud workloads at scale, presenting both a challenge and opportunity when it comes to security, Bridgecrew helps teams keep infrastructure-as-code secure by scanning for issues in Kubernetes, Terraform, and AWS CloudFormation.

~ AWS CloudFormation


Developer ecosystem integrations. In addition to providing cloud security posture visibility and automated remediations, Bridgecrew prevents cloud misconfigurations through CI/CD pipeline integrations with GitHub Actions, CircleCI, and Jenkins. Teams get cloud security monitoring as part of every build, ensuring that misconfigurations aren't unknowingly deployed. Ecosystem integrations with Jira, Splunk, and Slack provide real-time alerts where developers need them. Open-source software is key to Bridgecrew's platform and its mission to advance the codified cloud security movement.


Their engineering team supports community-led projects and develop their own tools: Checkov, a static analysis tool for infrastructure-as-code. AirIAM, a least-privilege automation framework for AWS IAM. TerraGoat, a "vulnerable-by-design" Terraform security training tool To empower developers to take a hands-on role in securing their public cloud infrastructure, Bridgecrew's free Community plan now includes both scanning and remediations.


Bridgecrew also provides fixes at the infrastructure-as-code level—developers can open pull requests through version control system integrations with GitHub and Bitbucket or run code in their local environments.


Bridgecrew is the codified cloud security platform trusted by teams from Brex, DataBricks, OneMain Financial, and more. Founded in 2019 by industry leaders Idan Tendler, Barak Schoster Goihman, and Guy Eisenkot, Bridgecrew is based in San Francisco and is backed by top-tier VCs, including Battery Ventures, NFX, and Sorensen Ventures. and is backed by top-tier VCs, including Battery Ventures, NFX, and Sorensen Ventures. Bridgecrew’s developer-first solution allows DevOps and engineering teams to save critical time and money as they address these ongoing security tasks with just the click of a button.


Traditional cloud security tools merely detect gaps in infrastructure security, pushing open issues and violations to DevOps and engineering teams to resolve. This requirement of manual remediation means issues take days or weeks to resolve, leaving a company’s infrastructure vulnerable. It’s also become the main deterrent for companies implementing cloud security and migrating to the cloud. The automated technology is also well-suited for the age of COVID-19 and today’s volatile market environment in which many organizations are trying to automate security and DevOps processes to cut costs and become significantly more efficient.


Read more: CARTESI CREATES LINUX INFRASTRUCTURE FOR BLOCKCHAIN DAPPS

Spotlight

Worldwide demand for new and more powerful IT-based applications, combined with the economic benefits of consolidation of physical assets, has led to an unprecedented expansion of data centers in both size and density. Limitations of space and power, along with the enormous complexity of managing a large data center, have given rise to a new category of tools with integrated processes – Data Center Infrastructure Management (DCIM). Once properly deployed, a comprehensive DCIM solution provides data center operations managers with clear visibility of all data center assets along with their connectivity and relationships to support infrastructure – networks, copper and fiber cable plants, power chains and cooling systems. DCIM tools provide data center operations managers with the ability to identify, locate, visualize and manage all physical data center assets, simply provision new equipment and confidently plan capacity for future growth and/or consolidation. These tools can also help control energy costs and increase operational efficiency. Gartner predicts that DCIM tools will soon become the mainstream in data centers, growing from 1% penetration in 2010 to 60% in 2014.

Spotlight

Worldwide demand for new and more powerful IT-based applications, combined with the economic benefits of consolidation of physical assets, has led to an unprecedented expansion of data centers in both size and density. Limitations of space and power, along with the enormous complexity of managing a large data center, have given rise to a new category of tools with integrated processes – Data Center Infrastructure Management (DCIM). Once properly deployed, a comprehensive DCIM solution provides data center operations managers with clear visibility of all data center assets along with their connectivity and relationships to support infrastructure – networks, copper and fiber cable plants, power chains and cooling systems. DCIM tools provide data center operations managers with the ability to identify, locate, visualize and manage all physical data center assets, simply provision new equipment and confidently plan capacity for future growth and/or consolidation. These tools can also help control energy costs and increase operational efficiency. Gartner predicts that DCIM tools will soon become the mainstream in data centers, growing from 1% penetration in 2010 to 60% in 2014.

Related News

APPLICATION INFRASTRUCTURE

Napatech Delivers Industry-Leading Data Center Capacity and Monitoring for 5G Packet Core Infrastructure

Napatech | February 19, 2022

Napatech the leading provider of programmable Smart Network Interface Cards (SmartNICs) used in telecom, cloud, enterprise, cybersecurity and financial applications worldwide, today announced the integration of 5G User Plane Function (UPF) offload within its Link-Inline™ software suite. This will enable communications service providers (CSPs) to maximize the number of users supported in an edge or core data center. Unlike in most 4G networks based on purpose-built appliances, the 5G packet core is implemented as virtualized or cloud-native software running on servers located within edge and core data centers. As CSPs worldwide scale up the deployments of their 5G networks, they face strong financial pressure to maximize the number of users that can be supported on each server, whether individual subscribers or IoT devices, thereby minimizing the net cost-per-user. Within 5G packet core software, the subsystem that represents the highest compute workload is the User Plane Function (UPF), which performs critical packet inspection, routing and forwarding functions associated with connecting user and device traffic from the Radio Access Network (RAN) to the Data Network (DN). General-purpose server CPUs aren't well suited to the performance and latency requirements of real-time packet processing, so CSPs and 5G core software vendors typically adopt solutions for offloading the UPF to accelerator cards that are optimized for executing such workloads. Napatech addresses the key business challenges around packet core deployments through its new, integrated hardware/software solution that delivers industry-leading UPF performance. The solution comprises a fully offloaded UPF fast path implemented within the Link-Inline™ software stack, running on programmable PCI-Express (PCIe) SmartNICs available in configurations that support a total bandwidth of either 100Gbps (NT100 card) or 200Gbps (NT200 card). The UPF data path is implemented as a port-to-port inline or "hairpinned" architecture, which ensures that following initial setup all flows are processed on the SmartNIC with no need to pass traffic to and from the server CPU, maximizing the overall performance of the system. Using a single 200Gbps NT200 SmartNIC to sustain 100Gbps of full duplex traffic, the Napatech UPF Offload solution processes up to 100 million concurrent flows, with a flow learning rate greater than 1.5 million flows per second. This results in a total throughput of up to 85 million packets per second on stateful connections and ensures full wire speed operation for typical packet sizes. In a representative use case analyzed by the company, the Napatech UPF offload solution enables CSPs to support seven times more users per server than with competing solutions. "Napatech's UPF offload solution supports industry-standard Application Programming Interfaces (APIs) such as DPDK RTE_FLOWS, ensuring a straightforward integration with existing 5G core software, Similarly, full support for Kubernetes container orchestration ensures that the solution can be deployed within a standard cloud-native environment." Charlie Ashton, senior director of business development, Napatech As an additional benefit for CSPs, Napatech's UPF offload solution enables them to improve the efficiency of their network monitoring systems. In a typical 5G network, multiple packet core instances are deployed at physical locations ranging from edge nodes to on-premise clouds to metro Points of Presence (PoPs) to telco data centers. CSPs, however, need a holistic, real-time view of network traffic trends to ensure Quality of Service (QoS) and proactively identify actual or potential problems. Napatech addresses this monitoring challenge by implementing high-performance traffic mirroring and tunneling functions within the Link-Inline software running on its SmartNICs. Both "N3" (RAN to Core) and "N6" (Core to Data Network) traffic can be tunneled over a mirror feed and forwarded to a centralized monitoring system located at the Network Operations Center (NOC). This enables CSPs to implement an efficient, cost-effective network monitoring system that's centralized, rather than being forced to replicate individual monitoring appliances at many remote locations. It also ensures a cost-effective solution for implementing Lawful Intercept (LI) functions with zero packet loss. "Napatech is addressing a critical industry challenge with its 5G UPF offload solution," said Roy Chua, founder and principal, AvidThink. "As deployments of both public and private 5G networks proliferate, CSPs are under increasing pressure to maximize the profitability of their services. Napatech's solution can enable them to maximize the efficiency of their packet core servers and network monitoring systems, contributing significantly to improving the ROI for their 5G infrastructure." About Napatech Napatech is the leading supplier of programmable FPGA-based SmartNIC solutions used in telecom, cloud, enterprise, cybersecurity and financial applications worldwide. Through commercial-grade software suites integrated with robust, high-performance hardware, Napatech accelerates telecom, networking and security workloads to deliver best-in-class system-level performance while maximizing the availability of server compute resources for running applications and services. Additional information is available at www.napatech.com.

Read More

APPLICATION INFRASTRUCTURE

DISH and Qualcomm to Collaborate on the Development of the Nation's First O-RAN Compliant 5G Network

prnewswire | November 11, 2020

DISH Network Corporation and Qualcomm Technologies, Inc. today reported their cooperation to test open and virtualized RAN 5G arrangements containing the new Qualcomm® 5G RAN Platforms to assist quick with following DISH's rollout of the country's first cloud-local, Open RAN-agreeable 5G network. DISH will use the Qualcomm 5G RAN Platforms through DISH's organization merchants and gadget accomplices. The stages are intended to permit arising network merchants to quicken arrangement and commercialization of vRAN and interoperable organizations that can convey on the wide cluster of utilization cases and openings imagined for 5G. "By further expanding its portfolio of 5G infrastructure solutions to include O-RAN specifications that are compliant with DISH's open architecture and implementation, Qualcomm Technologies will enable greater flexibility in the deployment of our 5G vRAN equipment. With this move, Qualcomm Technologies will also enrich a diverse ecosystem of RAN applications by delivering data insights natively through the future chipset family. These insights are the foundation of our data-centric and fully-automated network architecture. We are pleased to see Qualcomm Technologies embracing O-RAN and virtualization, creating even more possibilities for the future of 5G across the industry," said Marc Rouanne, DISH executive vice president and chief network officer. "We are excited about working with DISH to accelerate their strategy to bring flexible, scalable, and interoperable 5G deployments to a more competitive North American market. With our vast 5G portfolio, from smartphone to infrastructure, we are committed to supporting DISH's network vendors and device partners to bring new capabilities to life, with standalone 5G and Vo5G across all DISH spectrum bands," said Durga Malladi, senior vice president and general manager, 4G/5G, Qualcomm Technologies, Inc. About DISH DISH Network Corporation is a connectivity company. Since 1980, it has served as a disruptive force, driving innovation and value on behalf of consumers. Through its subsidiaries, the company provides television entertainment and award-winning technology to millions of customers with its satellite DISH TV and streaming SLING TV services. In 2020, the company became a nationwide U.S. wireless carrier through the acquisition of Boost Mobile. DISH continues to innovate in wireless, building the nation's first cloud-native, Open RAN-based 5G broadband network. DISH Network Corporation (NASDAQ: DISH) is a Fortune 250 company. About Qualcomm Qualcomm is the world's leading wireless technology innovator and the driving force behind the development, launch, and expansion of 5G. When we connected the phone to the internet, the mobile revolution was born. Today, our foundational technologies enable the mobile ecosystem and are found in every 3G, 4G and 5G smartphone. We bring the benefits of mobile to new industries, including automotive, the internet of things, and computing, and are leading the way to a world where everything and everyone can communicate and interact seamlessly. Qualcomm Incorporated includes our licensing business, QTL, and the vast majority of our patent portfolio. Qualcomm Technologies, Inc., a subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of our engineering, research and development functions, and substantially all of our products and services businesses, including our QCT semiconductor business.

Read More

APPLICATION INFRASTRUCTURE

Polte and VMware To Unlock 5G Precise Positioning for Open Radio Access Networks

Polte | October 08, 2021

Polte, the innovator of Cloud Location over Cellular (C-LoC) technology, today announced a partnership with VMware to enable an Open Radio Access Network (Open RAN) solution for global "5G Precise Positioning," leveraging Polte as an xApp on VMware's RAN Intelligent Controller (RIC) platform. This partnership aims to address the challenges of security, accuracy, and seamless cellular continuity that previously created barriers to access for 5G Precise Positioning within use cases ranging from Industry 4.0 to 5G Critical IoT. Together, through the augmentation of Open RAN architecture, Polte and VMware endeavor to stimulate innovation while subsequently offering systems integrators more RAN vendor choice. "Together, Polte's and VMware's 5G Precise Positioning solution aims to meet the increasing demands for enterprise security while providing accuracy down to the sub-meter level with private networks," said Stephen Spellicy, vice president of product marketing and business development, Service Provider and Edge, VMware. "We plan to unlock a plethora of new global asset tracking use cases, especially within 5G Industrial and Critical IoT." The RIC, as introduced by the O-RAN Alliance, is a core element of Open RAN architecture that allows operators to launch and optimize new cloud-native services and xApps, uninterrupted. VMware's RIC offers a software development kit (SDK) for third parties to develop new innovative applications for Open RAN, and enables operators to seamlessly integrate such applications into their networks. It will enable Polte's location xApp to not only democratize 5G Precise Positioning, but offer a foundation for other xApps that benefit from location awareness. Solutions providers should think of location as a system, not a feature.Taking a holistic approach to location at the earliest stages of any 5G deployment is fundamental to the success of offering value in 5G to enterprises Polte CEO Ed Chao As a leading provider of cellular location, Polte's domain expertise and 70 global patents and patents pending are key to unlocking the full potential of 5G positioning for enterprises. 5G allows Polte to transform the utility of cellular location, bringing the optimum level of accuracy for macro networks and 5G private networks. Polte's and VMware's Open RAN RIC-based 5G Precise Positioning solution will provide enterprises with more secure communication to all devices and to their own cloud architecture, required for the most advanced, mission-critical communications. Polte and VMware are both contributing members of the O-RAN Alliance, as well as participants in the 5G Open Innovation Lab, a collaborative ecosystem bringing together leading enterprise partners with cutting-edge startups harnessing the power and potential of 5G and edge computing to build what's next. About Polte: Polte, the innovator of Cloud Location over Cellular (C-LoC) technology, provides disruptive, low-cost indoor and outdoor IoT location solutions that empower enterprises with unprecedented, real-time visibility into all the things that matter. Leveraging global 4G and 5G cellular signals, Polte transforms what is possible with asset tracking by driving heightened accessibility and greater speed to ROI for supply chain, logistics, manufacturing, and a wide range of other sectors.

Read More