Hyper-Converged Infrastructure, Data Storage
businesswire | August 03, 2023
Ermetic, a leading cloud infrastructure security company, today announced CNAPPgoat, an open source project that allows organizations to safely test their cloud security skills, processes, tools and posture in interactive sandbox environments that are easy to deploy and destroy. CNAPPgoat supports AWS, Azure and GCP platforms for assessing the security capabilities included in Cloud Native Application Protection Platforms (CNAPP).
The CNAPPgoat project will be officially presented at DEF CON Demo Labs in Las Vegas on Friday, August 11 from 12:00pm-1:55pm by Noam Dahan, Research Lead and Igal Gofman, Head of Research for Ermetic. On Wednesday, August 16 at 10am PST/1pm EST, Ermetic will present a webinar on using CNAPPgoat, to register visit thislink.
Unlike projects that illustrate possible attack paths, CNAPPgoat provides a large and expanding library of scenarios that security teams can execute to create a customized cloud environment for simulating unsecured and vulnerable assets and validating their defenses. The ability to easily provision a vulnerable environment with a broad range of risk scenarios provides the following benefits:
Create a sandbox for testing an organization’s security posture by assessing security team capabilities, procedures and protocols
Use vulnerable environments for hands-on workshops to train team members on new skills and techniques
Provision a “shooting range” for pentesters to test their skills at exploiting the scenarios and developing relevant capabilities
Benchmark CNAPP tools against known environments to evaluate their capabilities
“Compared to existing open-source projects that create ‘capture the flag’ scenarios where participants are expected to follow a certain path, CNAPPgoat spans the leading cloud provider platforms and CNAPP capabilities while providing a modular and granular approach for provisioning specific categories of risks and vulnerabilities,” said Igal Gofman, Director of Research for Ermetic.
“This breadth and depth allows pentesters and defenders to precisely isolate the elements they want to explore for training, new skills acquisition, prevention and security posture assessments,” added Noam Dahan, Research Lead.
CNAPPgoat enables security teams, trainers and pentesters to provision and run vulnerable scenarios from the following modules that make up the CNAPP specification defined byGartner:
Cloud Infrastructure Entitlement Management (CIEM) - covers risks associated with identities and entitlements, such as the unintended ability of an identity to escalate its privileges
Cloud Workload Protection Platform (CWPP) - includes the exposure of workloads to vulnerabilities such as running vulnerable/end of life software or OS versions
Cloud Security Posture Management (CSPM) - spans the misconfiguration of cloud infrastructure components, such as publicly exposed storage resources
Infrastructure as Code (IaC) scanning - will be added soon for finding misconfigurations directly in the code
CNAPPgoat is an open community initiative designed to be used by anyone for commercial, technical and educational purposes. See today’sblogfor implementation details. Additional artifacts including deeper technical dives and guides will be released soon. Contributions are encouraged including new scenarios, scenario proposals, issues, suggestions, feature requests or simply sharing feedback. To learn more and access CNAPPgoat visit thislink.
About Ermetic
Ermetic reveals and prioritizes security gaps in AWS, Azure and GCP and enables organizations to remediate them immediately. The Ermetic cloud native application protection platform (CNAPP) uses an identity-first approach to unify and automate cloud infrastructure entitlement management (CIEM), cloud security posture management (CSPM), cloud workload protection and Kubernetes security posture management (KSPM). It unifies full asset discovery, deep risk analysis, runtime threat detection and compliance reporting, combined with pinpoint visualization and step-by-step guidance. The company is one of America’s Best Startup Employers according toForbesand led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra Capital and Target Global.
Read More
Data Storage
Business Wire | September 21, 2023
Astera Labs, the global leader in semiconductor-based connectivity solutions for AI infrastructure, today announced that its Leo Memory Connectivity Platform enables data center servers with unprecedented performance for memory intensive workloads. Leo is the industry’s first Compute Express Link™ (CXL™) memory controller that increases total server memory bandwidth by 50% while also decreasing latency by 25% when integrated with the forthcoming 5th Gen Intel® Xeon® Scalable Processor. Through new hardware-based interleaving of CXL-attached and CPU native memory, Astera Labs and Intel eliminate any application-level software changes to augment server memory resources via CXL. Existing applications can effortlessly “plug-and-play” to take advantage of the highest possible memory bandwidth and capacity in the system.
“The growth of computing cores and performance has historically outpaced memory throughput advancements, resulting in degraded server performance efficiency over time,” said Sanjay Gajendra, COO of Astera Labs. “This performance scaling challenge has led to the infamous ‘memory wall,’ and thanks to our collaboration with Intel, our Leo Memory Connectivity Platform breaks through this barrier by delivering on the promise of PCIe 5.0 and CXL memory.”
Data center infrastructure scaling limitations due to the memory wall are none more evident than in AI servers where memory bandwidth and capacity bottlenecks result in inefficient processor utilization. The CXL innovations delivered by Astera Labs and Intel directly address these bottlenecks and lay the foundation for cloud, hybrid-cloud and enterprise data centers to maximize accelerated computing performance.
Extending leadership of PCIe® 5.0 and CXL 2.0 solutions
Astera Labs has a history of delivering industry-first solutions that are critical to advancing the PCIe and CXL ecosystems. In addition to memory performance advancements with Leo, Astera Labs is also driving interoperability leadership with its Aries PCIe 5.0 / CXL 2.0 Smart Retimers on state-of-the-art Intel server platforms. As the most widely deployed and proven PCIe/CXL retimer family in the industry, Aries features a low-latency CXL mode that complements Leo to form the most robust CXL memory connectivity solution.
“We applaud Astera Labs for their contributions to the CXL ecosystem and are delighted to extend our ongoing collaboration. We believe Memory Connectivity Platforms containing innovations from companies like Astera Labs will help deliver enhanced performance on next generation Intel Xeon processors, and accelerate a myriad of memory intensive workloads,” said Zane Ball, Corporate Vice President and General Manager, Data Center Platform Engineering and Architecture Group, Intel.
Visit Astera Labs at Intel Innovation!
Astera Labs will showcase Leo and Aries together with Intel’s latest Xeon® Scalable processors at Booth #210, September 19-20 at the San Jose Convention Center. Talk to Astera Labs’ experts to learn more about industry benchmarks and how to optimize PCIe/CXL memory solutions in data center architectures to deliver optimized performance for applications ranging from AI, real time analytics, genomics and modeling.
About Astera Labs
Astera Labs, Inc. is a global leader in semiconductor-based connectivity solutions purpose-built to unleash the full potential of intelligent data infrastructure at cloud-scale. Its class-defining, first-to-market products based on PCIe, CXL, and Ethernet technologies deliver critical connectivity in accelerated computing platforms optimized for AI applications.
Read More
Hyper-Converged Infrastructure, Data Storage
PR Newswire | September 01, 2023
TrueNet Communications Corp., an industry leading outside plant engineering and professional services company supporting the telecommunications market, announces the introduction of Digital Twin Technology to augment its service offerings. This groundbreaking mobile mapping solution marks a significant milestone in TrueNet Communications' commitment to delivering innovative and holistic solutions to meet current and future needs. It also represents TrueNet's expansion of services into industries including energy delivery networks, and urban, transportation and utility infrastructures.
With Digital Twin Technology, TrueNet can visualize and analyze field assets in ways that were previously impossible, while simultaneously ensuring data is captured in usable outputs for future needs like predictive modeling and analysis. It's powered by state-of-the-art LiDAR and specialty photogrammetry drones that collect data and generate 3D digital replicas, or "digital twins," of field assets and environments. From optimizing network performance to enhancing infrastructure management, TrueNet's Digital Twin Technology is poised to revolutionize how companies operate.
"Innovation is intrinsic to who we are and how we operate at TrueNet. We're proud to be on the forefront of finding ways to leverage new technologies, like Digital Twin Technology, to support our customers with advanced, end-to-end solutions," says Erich Schlegel, TrueNet's Chief Executive Officer. "Our customers can expect to feel the benefits of our Digital Twin approach by having access to more robust and accurate data that will enhance their overall experience."
About TrueNet Communications Corp.
TrueNet Communications Corp. is an industry leading outside plant (OSP) engineering, construction, and professional services company serving the largest telecommunications service providers and multi-service operators (MSOs) in North America. Since 1985, the company has provided advanced outside plant solutions by utilizing the latest innovative, exclusive, automation tools across the United States and Canada. In 2016, TrueNet was acquired by Fujitsu, one of the world's largest IT and Network services companies, adding world-class expertise and resources as a total network solution provider.
Read More