HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE
Code42 | September 16, 2022
Code42 Software, Inc., the Insider Risk Management (IRM) leader, today announced its Incydr product fully supports all major Desktop-as-a-Service (DaaS) and Virtual Desktop Infrastructure (VDI) environments. The Code42® Incydr™ product detects when valuable and sensitive files are moved to untrusted locations, including personal email and cloud accounts, and removable media – and allows security teams to quickly respond in order to stop data leaks and theft.
According to a recent survey of IT professionals published by Citrix, nearly 70% of organizations are planning to implement VDIs to accommodate hybrid or remote work strategies, with just under 60% accelerating the adoption of cloud tools. Though DaaS and VDI solutions help security teams better protect against vulnerabilities, malicious actors and other external threats, they do little to reduce the risk from insiders, as virtual environments inherently depend on cloud tools.
“We’ve seen a notable uptick in the number of teams that have deployed DaaS and VDI solutions throughout their environments. Given the continued popularity of bring-your-own-device (BYOD) and remote work, coupled with an unstable hardware supply chain, we absolutely expect this trend to continue,” said Rob Juncker, CTO of Code42. “In virtual-first organizations where there is pervasive use of cloud collaboration tools, such as Git, Salesforce, GDrive, OneDrive and iCloud, Incydr wraps a layer of protection around data put at risk by insiders, complementing solutions that focus on external threats and malicious actors.”
Learn more about Code42’s Insider Risk Management Offering
Code42 Incydr: The Industry’s Leading Data Security Product for Exfiltration Detection and Response
Incydr is an Insider Risk Management solution that provides the visibility, context and controls needed to stop data leak and IP theft. Organizations utilize Incydr to detect and respond to data exposure and exfiltration from corporate computer, cloud and email systems. It deploys in hours so security teams can address material risk to the business in a matter of days and drive the secure work habits needed to decrease how often employees put data at risk in the future.
Code42 Instructor: Education-Led Insider Risk Response
The Code42 Instructor™ micro-learning solution improves Insider Risk awareness by focusing on the creation of holistic, security-oriented cultures. The solution delivers actionable, hyper-targeted and bite-sized video lessons to end-users when they’re needed most, helping to change security behavior for the long term. The Instructor solution helps organizations rapidly mature their Insider Risk Management programs by incorporating data-driven Insider Risk behavioral guidance for end-users.
Combining the Power of Incydr and Instructor
Instructor works in tandem with Incydr, allowing security, compliance and education teams to immediately send corrective video lessons triggered by employee actions that create risk for the business. For example, when Incydr flags file movement to an untrusted location, like an unauthorized cloud application, an Instructor video specifically explaining the correct activity is sent to educate the employee in real-time through the Incydr solution.
Code42 Services: Measure, Manage, Mitigate
IRM technology is simpler and faster to deploy than other technologies, such as DLP and CASB, but it does require a strategy and mindset shift. Insider Risk Management isn’t only about data – it’s about a company’s employees and culture. Code42 IRM Services are designed to help organizations establish an efficient and effective IRM program rooted in transparency, training and technology. Code42’s services take a collaborative approach to helping organizations develop, operationalize, and mature an end-to-end IRM program.
Visit our Incydr and Instructor solution pages to learn more about our offerings.
Join the conversation with Code42 on our blog, LinkedIn, Twitter and YouTube.
Read our book, Inside Jobs: Why Insider Risk is the Biggest Cyber Threat you can’t Ignore.
Learn more about insider risk at the Insider Risk Summit™ event, taking place Sept 27-29, 2022. Register now for the free virtual community event.
Code42 is the leader in Insider Risk Management (IRM), offering end-to-end data loss detection and response solutions. The Code42 Incydr product is native to the cloud and rapidly detects data exposure, loss, leak and theft as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. Accelerating the effectiveness of Insider Risk programs are the Code42 Instructor microlearning solution, and Code42’s full suite of expert services.
HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE
Micro Focus | September 12, 2022
Global digital transformation leader Micro Focus today announced the successful modernisation of AG's mission-critical business systems. By using Micro Focus solutions and services, Belgium's largest and oldest insurance provider has established a contemporary, collaborative application development environment that meets the company's current needs, while enabling continued evolution and future change.
During the significant modernisation project, critical applications comprising more than 80 million lines of code were moved from the incumbent mainframe system to new infrastructure that supports 14 million transactions per day. The project began in mid-2018 with a completion goal of four years. The efficiency of the project resulted in its completion in three years. Vitally, during the transition and since, there were no interruptions to daily business activities for AG or the services offered for its three million clients.
"The whole operation has resulted in an innovative and open environment that enables a new data-driven strategy, as well as our company enjoying a lower total cost of ownership now and far into the future. The modernisation project opened the door for utilising the cloud and aligned operational systems more closely with the data analytics systems. The end result is a modern IT infrastructure that allows AG to efficiently meet its customer and distribution partners expectations and needs. We couldn't have realised this huge project without the partnership and excellent collaboration with Micro Focus."
Philippe Van Belle, Chief Information & Technology Officer of AG
In addition to bolstering its already excellent customer services, AG is now accelerating its own digital transformation with its modernised IT architecture. As part of this change, AG will now offer more services and conduct business operations in the cloud as they leverage new technologies in their continued digital evolution. Another advantage of the modernisation project is that AG has a cutting-edge environment for the recruitment of a new generation of developers, as well as the retention of existing talent with an uplift in development skills and program knowledge.
"The completion of this project with AG is the latest in an extensive line of successful core business system modernisation projects for Micro Focus," said Neil Fowler, Micro Focus AMC General Manager. "Our role was to enable and support AG's modernisation journey as they delivered their business outcomes through a combination of application, process and infrastructure modernisation. This has resulted in an agile platform that allows AG to leverage their core applications and continue to deliver increasing value to their customers. With Micro Focus' more than 40 years of experience in modernising business-critical applications running on the mainframe or distributed environments, we as a company are proud of the results that we were able to deliver to AG.
"AG has been a Micro Focus customer for more than ten years, and we look forward to seeing the positive impacts that this modernisation project has on the insurance services AG provides to its customers and the company's reduction in TCO for its infrastructure."
The modernisation project entailed the shift of AG's z/OS workloads to a Windows-based environment. To do so, AG utilised the Micro Focus Enterprise Developer and Enterprise Server products, as well as the expertise of the company's Professional Services group. The AG modernisation project also included collaboration from HP Enterprise as system integrator and Capgemini as the testing partner.
As a company, Micro Focus supports its customers' choice for modernising their applications, process and infrastructure. Digital transformation demands a flexible and adaptive strategy aimed at improving results and accelerating time to value. Through the Micro Focus Modernisation Maturity Model, IT leaders can quickly map their current IT environment to their future business strategy—while finding the right balance between costs, risk and speed.
About Micro Focus
Micro Focus is one of the world's largest enterprise software providers, focused on solving the IT dilemma—how to balance today's needs with tomorrow's opportunities. We deliver mission-critical technology that helps tens of thousands of customers worldwide manage core IT elements of their business. Strengthened by our strategic services and support organisations, and an extensive partner network, our broad set of technologies for security, IT operations, application delivery, governance, modernisation, and analytics provides the innovative solutions organisations need to run and transform— at the same time.
With a share of 29,5% in the Life insurance market and 16.7% in Non-life, AG is the undisputed leader in the Belgian insurance market. To better tailor its offer to fulfil different customer needs, AG has a multi-channel distribution strategy that includes independent brokers and Fintro agents, bank branches (BNP Paribas Fortis, bpost bank) and collaboration with large corporate clients and sectors for their group insurance. AG employs over 4,000 specialised staff members.
HYPER-CONVERGED INFRASTRUCTURE,APPLICATION INFRASTRUCTURE,STORAGE MANAGEMENT
Wallarm | November 14, 2022
Wallarm, the end-to-end API security company, today released its Q3 API ThreatStats™ Report, which provides deep analysis into all published API vulnerabilities and exploits for the quarter. The Wallarm research team dissected the data from a variety of perspectives, including software type, vendor, CVSS scores, CWEs and both OWASP Top-10 (2021) for web apps and OWASP API Security Top-10 (2019). The team also examined publicly disclosed exploit POCs to determine where the risk lies.
The initial analysis indicated that API vulnerabilities and the impacted vendors were leveling off from the significant increase reported in the Q2 API Vulnerability Report, with minimal to no change. Vulnerabilities and vendors impacted experienced a 16% increase, while high to critical rated vulnerabilities remained steady at 57% total.
However, deeper analysis revealed three key findings, which may have costly implications on an organization’s API security program:
Infrastructure. A vast majority of the most impactful vulnerabilities analyzed in Q3 impacted DevOps tools and infrastructure, resulting in a shift of an organization’s security focus.
Injections. While the OWASP Top-10 Injection categories (A03:2021 for web apps and API8:2019 for APIs) top the charts at over 33% of all CVEs analyzed, further inspection reveals many, many variations, which will require extra effort to remediate.
Exploits. A surprising finding was that the average gap between CVE and exploit POC publication was zero days, which greatly impacts a mitigation timeline.
“Almost everyone involved in the API economy, from CISOs and their security teams to DevOps teams and beyond, are talking about API Security this year. However, only a few vendors can explain what it really means, and how to measure and calculate the risks and impact when things go badly. “Wallarm has been committed to tracking and analyzing API vulnerabilities and exploits, and sharing this with the community via our API ThreatStats reports. This Q3-2022 report is the third in a row, and we clearly see a chilling trend in the number, severity and focus of API vulnerabilities and exploits. No joke: the top 10 API issues we're seeing affect core DevOps and PaaS products, such as Kubernetes, Rancher, GitLab, HashiCorp, and several others.”
Ivan Novikov, CEO & co-founder of Wallarm
For more highlights from the final report, please see the Q3-2022 API ThreatStats™ Report executive summary. To learn more, register for Wallarm’s webinar on Thursday, November 10 at 11 AM PT where the research team will present all of its findings.
Wallarm end-to-end API security products provide robust protection for APIs, web applications, microservices, and serverless workloads running in cloud-native environments. Hundreds of Security and DevOps teams choose Wallarm to get unique visibility into malicious traffic, robust protection across their whole API portfolio, and automated incident response for better risk management. The company is committed to supporting modern tech stacks, offering dozens of deployment options in cloud and Kubernetes-based environments, and also provides a full cloud solution. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.