Home > News > Top Stories > Ermetic Releases CNAPPgoat Open Source Project for Assessing Multi Cloud Security

Hyper-Converged Infrastructure, Data Storage

Ermetic Releases CNAPPgoat Open Source Project for Assessing Multi Cloud Security

ermetic-releases-cnappgoat

Ermetic, a leading cloud infrastructure security company, today announced CNAPPgoat, an open source project that allows organizations to safely test their cloud security skills, processes, tools and posture in interactive sandbox environments that are easy to deploy and destroy. CNAPPgoat supports AWS, Azure and GCP platforms for assessing the security capabilities included in Cloud Native Application Protection Platforms (CNAPP).

The CNAPPgoat project will be officially presented at DEF CON Demo Labs in Las Vegas on Friday, August 11 from 12:00pm-1:55pm by Noam Dahan, Research Lead and Igal Gofman, Head of Research for Ermetic. On Wednesday, August 16 at 10am PST/1pm EST, Ermetic will present a webinar on using CNAPPgoat, to register visit this link.

Unlike projects that illustrate possible attack paths, CNAPPgoat provides a large and expanding library of scenarios that security teams can execute to create a customized cloud environment for simulating unsecured and vulnerable assets and validating their defenses. The ability to easily provision a vulnerable environment with a broad range of risk scenarios provides the following benefits:

  • Create a sandbox for testing an organization’s security posture by assessing security team capabilities, procedures and protocols
  • Use vulnerable environments for hands-on workshops to train team members on new skills and techniques
  • Provision a “shooting range” for pentesters to test their skills at exploiting the scenarios and developing relevant capabilities
  • Benchmark CNAPP tools against known environments to evaluate their capabilities

“Compared to existing open-source projects that create ‘capture the flag’ scenarios where participants are expected to follow a certain path, CNAPPgoat spans the leading cloud provider platforms and CNAPP capabilities while providing a modular and granular approach for provisioning specific categories of risks and vulnerabilities,” said Igal Gofman, Director of Research for Ermetic.

“This breadth and depth allows pentesters and defenders to precisely isolate the elements they want to explore for training, new skills acquisition, prevention and security posture assessments,” added Noam Dahan, Research Lead.

CNAPPgoat enables security teams, trainers and pentesters to provision and run vulnerable scenarios from the following modules that make up the CNAPP specification defined by Gartner:

  • Cloud Infrastructure Entitlement Management (CIEM) - covers risks associated with identities and entitlements, such as the unintended ability of an identity to escalate its privileges
  • Cloud Workload Protection Platform (CWPP) - includes the exposure of workloads to vulnerabilities such as running vulnerable/end of life software or OS versions
  • Cloud Security Posture Management (CSPM) - spans the misconfiguration of cloud infrastructure components, such as publicly exposed storage resources
  • Infrastructure as Code (IaC) scanning - will be added soon for finding misconfigurations directly in the code

CNAPPgoat is an open community initiative designed to be used by anyone for commercial, technical and educational purposes. See today’s blog for implementation details. Additional artifacts including deeper technical dives and guides will be released soon. Contributions are encouraged including new scenarios, scenario proposals, issues, suggestions, feature requests or simply sharing feedback. To learn more and access CNAPPgoat visit this link.

About Ermetic

Ermetic reveals and prioritizes security gaps in AWS, Azure and GCP and enables organizations to remediate them immediately. The Ermetic cloud native application protection platform (CNAPP) uses an identity-first approach to unify and automate cloud infrastructure entitlement management (CIEM), cloud security posture management (CSPM), cloud workload protection and Kubernetes security posture management (KSPM). It unifies full asset discovery, deep risk analysis, runtime threat detection and compliance reporting, combined with pinpoint visualization and step-by-step guidance. The company is one of America’s Best Startup Employers according to Forbes and led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra Capital and Target Global.

Spotlight

More featured news

Spotlight

Related News

Hyper-Converged Infrastructure

Cloudflare Helps Companies Reduce Their IT Infrastructure's Carbon Footprint By Up To 96% by Moving To The Cloud

Business Wire | September 26, 2023

Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today shared a new independent report published by Analysys Mason that shows switching enterprise network services from on premises devices to Cloudflare’s cloud-based services can cut related carbon emissions up to 78% for very large businesses to up to 96% for small businesses. The report is one of the first of its kind to calculate potential emissions savings achieved by replacing enterprise network and security hardware boxes with more efficient cloud services. Global Internet usage accounts for 3.7% of global CO2 emissions, about equal to the CO2 emissions of all air traffic around the world. The Internet needs to reduce its overall energy consumption, especially as regulators continue to implement the Paris Climate Accord, including plans to transition to a zero emissions economy. The European Climate Law requires that Europe’s economy and society become climate-neutral by 2050, with a target of reducing net GHG emissions by at least 55% by 2030, compared to 1990 levels. Regulators in the United States and the European Union, among others, have also announced plans to require companies to disclose climate-related information including carbon emissions resulting from their operations and supply chains, as well as climate related risks and opportunities. Finally, among the Fortune Global 500, 63% of companies now set 2050 targets for emissions reductions. Companies large and small will increasingly be looking to reduce carbon throughout their supply chains, particularly their IT infrastructure. “The best way to reduce your IT infrastructure’s carbon footprint is easy: move to the cloud,” said Matthew Prince, CEO and co-founder, Cloudflare. “At Cloudflare, we’ve built one of the world’s most efficient networks, getting the most out of every watt of energy and every one of our servers. That’s why, with Cloudflare, companies can help hit their sustainability goals without sacrificing security, speed, performance, or innovation.” The Analysys Mason study found that switching enterprise network services from on premises devices to Cloudflare services can cut related carbon emissions up to 96%, depending on the current network footprint. The greatest reduction comes from consolidating services, which improves carbon efficiency by increasing the utilization of servers that are providing multiple network functions. On premises devices are designed to host multiple workloads and consume power constantly, but are only used for part of the day and part of the week. Cloud infrastructure is shared by millions of customers, often all over the world. As a result, cloud providers are able to achieve economies of scale that result in less downtime, less waste, and lower emissions. Furthermore, the Analysys Mason study found that there are additional gains due to the high Power Usage Effectiveness of cloud data centres, and differences in the carbon intensity of generation in the local electricity grid. ​“Happy Cog is a full-service digital agency that designs, builds, and markets experiences that engage our clients and their audiences. We’ve relied on Cloudflare for many of those websites and apps because it's secure, reliable, fast, and affordable – but also aligns with many of our clients’ sustainability roadmaps and goals,” said Matt Weinberg, Co-Founder and President of Technology at Happy Cog. “Switching our clients from their previous on premises or other constant-usage infrastructure to Cloudflare's network and services has let them be greener, more efficient, and more cost effective. It's ideal when you can offer your clients a solution that covers all their needs and provides a delightful experience now, without having to compromise on their longer term priorities.” About Cloudflare Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company's Most Innovative Companies in 2021, and ranked among Newsweek's Top 100 Most Loved Workplaces in 2022.

Read More

Application Infrastructure

Penguin Solutions Certified as NVIDIA DGX-Ready Managed Services Partner

Business Wire | September 28, 2023

Penguin Solutions™, an SGH™ brand (Nasdaq: SGH) that designs, builds, deploys, and manages AI and accelerated computing infrastructures at scale, today announced that it has been certified by NVIDIA to support enterprises deploying NVIDIA DGX™ AI computing platforms under the NVIDIA DGX-Ready Managed Services program. NVIDIA DGX systems are an advanced supercomputing platform for large-scale AI development. The NVIDIA DGX-Ready Managed Services program gives customers the option to outsource management of DGX systems deployed in corporate data centers, including the implementation and monitoring of server, storage, and networking resources required to support DGX platforms. Generative AI requires a completely new computing infrastructure compared to traditional IT, said Troy Kaster, vice president, commercial sales at Penguin Solutions. These new computing infrastructures require services skills, which Penguin is uniquely qualified to support given our extensive experience partnering with some of the largest companies in AI. As a full-service integration and services provider, Penguin has the capabilities to design at scale, deploy at speed, and provide managed services for NVIDIA DGX SuperPOD solutions. Penguin has designed, built, deployed, and managed some of the largest AI training clusters in the world. Penguin currently manages over 50,000 NVIDIA GPUs for Fortune 100 customers including Meta’s AI Research SuperCluster – with 2,000 NVIDIA DGX systems and 16,000 NVIDIA A100 Tensor Core GPUs – one of the most powerful AI training clusters in the world. “AI is transforming organizations around the world, and many businesses are looking to deploy the technology without the complexities of managing infrastructure,” said Tony Paikeday, senior director, DGX platform at NVIDIA. “With DGX-Ready Managed Services offered by Penguin Solutions, our customers can deploy the world’s leading platform for enterprise AI development with a simplified operations model that lets them tap into the leadership-class performance of DGX and focus on innovating with AI.” Advantages of Penguin Solutions powered by NVIDIA DGX include: Design large-scale AI infrastructure combining the most recent DGX systems, ultra-high speed networking solutions, and cutting-edge storage options for clusters tailored to customer requirements Manage AI infrastructure making the most of multiple layers of recent hardware and software, such as acceleration libraries, job scheduling and orchestration Reduce risk associated with investments in computing infrastructure Optimize efficiency of AI infrastructure with best-in-class return on investment. About Penguin Solutions The Penguin Solutions™ portfolio, which includes Penguin Computing™, accelerates customers’ digital transformation with the power of emerging technologies in HPC, AI, and IoT with solutions and services that span the continuum of edge, core, and cloud. By designing highly-advanced infrastructure, machines, and networked systems we enable the world’s most innovative enterprises and government institutions to build the autonomous future, drive discovery and amplify human potential.

Read More

Data Storage

AMI to Drive Intel DCM's Future and Broaden Manageability Solutions for Sustainable Data Centers

Cision Canada | October 17, 2023

AMI, the leader in foundational technology for sustainable, scalable, and secure global computing, is set to drive the future of Intel Data Center Manager (DCM) as it takes over the development, sales, and support of DCM under an agreement with Intel. This strategic transition empowers AMI to lead further the innovation and expansion of the Intel DCM product. With a unique position in the industry, AMI plays a pivotal role in enabling the cloud and data center ecosystem for all compute platforms. Intel DCM empowers data centers with the capability to manage and fine-tune server performance, energy consumption, and cooling efficiency. This operational optimization reduces the total cost of ownership, improves sustainability, and elevates performance benchmarks. We thank Intel for trusting AMI to lead Intel DCM into the future. This solution for efficient data center management will play a crucial role in enhancing the operational eco-efficiency of the data centers. It empowers data center managers with real-time insights into energy usage, thermal status, device health, and asset management, says Sanjoy Maity, CEO at AMI. AMI remains steadfast in aiding data center operators in achieving their manageability and sustainability objectives. About AMI AMI is Firmware Reimagined for modern computing. As a global leader in Dynamic Firmware for security, orchestration, and manageability solutions, AMI enables the world's compute platforms from on-premises to the cloud to the edge. AMI's industry-leading foundational technology and unwavering customer support have generated lasting partnerships and spurred innovation for some of the most prominent brands in the high-tech industry. For more information, visit ami.com.

Read More

Hyper-Converged Infrastructure

Cloudflare Helps Companies Reduce Their IT Infrastructure's Carbon Footprint By Up To 96% by Moving To The Cloud

Business Wire | September 26, 2023

Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today shared a new independent report published by Analysys Mason that shows switching enterprise network services from on premises devices to Cloudflare’s cloud-based services can cut related carbon emissions up to 78% for very large businesses to up to 96% for small businesses. The report is one of the first of its kind to calculate potential emissions savings achieved by replacing enterprise network and security hardware boxes with more efficient cloud services. Global Internet usage accounts for 3.7% of global CO2 emissions, about equal to the CO2 emissions of all air traffic around the world. The Internet needs to reduce its overall energy consumption, especially as regulators continue to implement the Paris Climate Accord, including plans to transition to a zero emissions economy. The European Climate Law requires that Europe’s economy and society become climate-neutral by 2050, with a target of reducing net GHG emissions by at least 55% by 2030, compared to 1990 levels. Regulators in the United States and the European Union, among others, have also announced plans to require companies to disclose climate-related information including carbon emissions resulting from their operations and supply chains, as well as climate related risks and opportunities. Finally, among the Fortune Global 500, 63% of companies now set 2050 targets for emissions reductions. Companies large and small will increasingly be looking to reduce carbon throughout their supply chains, particularly their IT infrastructure. “The best way to reduce your IT infrastructure’s carbon footprint is easy: move to the cloud,” said Matthew Prince, CEO and co-founder, Cloudflare. “At Cloudflare, we’ve built one of the world’s most efficient networks, getting the most out of every watt of energy and every one of our servers. That’s why, with Cloudflare, companies can help hit their sustainability goals without sacrificing security, speed, performance, or innovation.” The Analysys Mason study found that switching enterprise network services from on premises devices to Cloudflare services can cut related carbon emissions up to 96%, depending on the current network footprint. The greatest reduction comes from consolidating services, which improves carbon efficiency by increasing the utilization of servers that are providing multiple network functions. On premises devices are designed to host multiple workloads and consume power constantly, but are only used for part of the day and part of the week. Cloud infrastructure is shared by millions of customers, often all over the world. As a result, cloud providers are able to achieve economies of scale that result in less downtime, less waste, and lower emissions. Furthermore, the Analysys Mason study found that there are additional gains due to the high Power Usage Effectiveness of cloud data centres, and differences in the carbon intensity of generation in the local electricity grid. ​“Happy Cog is a full-service digital agency that designs, builds, and markets experiences that engage our clients and their audiences. We’ve relied on Cloudflare for many of those websites and apps because it's secure, reliable, fast, and affordable – but also aligns with many of our clients’ sustainability roadmaps and goals,” said Matt Weinberg, Co-Founder and President of Technology at Happy Cog. “Switching our clients from their previous on premises or other constant-usage infrastructure to Cloudflare's network and services has let them be greener, more efficient, and more cost effective. It's ideal when you can offer your clients a solution that covers all their needs and provides a delightful experience now, without having to compromise on their longer term priorities.” About Cloudflare Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company's Most Innovative Companies in 2021, and ranked among Newsweek's Top 100 Most Loved Workplaces in 2022.

Read More

Application Infrastructure

Penguin Solutions Certified as NVIDIA DGX-Ready Managed Services Partner

Business Wire | September 28, 2023

Penguin Solutions™, an SGH™ brand (Nasdaq: SGH) that designs, builds, deploys, and manages AI and accelerated computing infrastructures at scale, today announced that it has been certified by NVIDIA to support enterprises deploying NVIDIA DGX™ AI computing platforms under the NVIDIA DGX-Ready Managed Services program. NVIDIA DGX systems are an advanced supercomputing platform for large-scale AI development. The NVIDIA DGX-Ready Managed Services program gives customers the option to outsource management of DGX systems deployed in corporate data centers, including the implementation and monitoring of server, storage, and networking resources required to support DGX platforms. Generative AI requires a completely new computing infrastructure compared to traditional IT, said Troy Kaster, vice president, commercial sales at Penguin Solutions. These new computing infrastructures require services skills, which Penguin is uniquely qualified to support given our extensive experience partnering with some of the largest companies in AI. As a full-service integration and services provider, Penguin has the capabilities to design at scale, deploy at speed, and provide managed services for NVIDIA DGX SuperPOD solutions. Penguin has designed, built, deployed, and managed some of the largest AI training clusters in the world. Penguin currently manages over 50,000 NVIDIA GPUs for Fortune 100 customers including Meta’s AI Research SuperCluster – with 2,000 NVIDIA DGX systems and 16,000 NVIDIA A100 Tensor Core GPUs – one of the most powerful AI training clusters in the world. “AI is transforming organizations around the world, and many businesses are looking to deploy the technology without the complexities of managing infrastructure,” said Tony Paikeday, senior director, DGX platform at NVIDIA. “With DGX-Ready Managed Services offered by Penguin Solutions, our customers can deploy the world’s leading platform for enterprise AI development with a simplified operations model that lets them tap into the leadership-class performance of DGX and focus on innovating with AI.” Advantages of Penguin Solutions powered by NVIDIA DGX include: Design large-scale AI infrastructure combining the most recent DGX systems, ultra-high speed networking solutions, and cutting-edge storage options for clusters tailored to customer requirements Manage AI infrastructure making the most of multiple layers of recent hardware and software, such as acceleration libraries, job scheduling and orchestration Reduce risk associated with investments in computing infrastructure Optimize efficiency of AI infrastructure with best-in-class return on investment. About Penguin Solutions The Penguin Solutions™ portfolio, which includes Penguin Computing™, accelerates customers’ digital transformation with the power of emerging technologies in HPC, AI, and IoT with solutions and services that span the continuum of edge, core, and cloud. By designing highly-advanced infrastructure, machines, and networked systems we enable the world’s most innovative enterprises and government institutions to build the autonomous future, drive discovery and amplify human potential.

Read More

Data Storage

AMI to Drive Intel DCM's Future and Broaden Manageability Solutions for Sustainable Data Centers

Cision Canada | October 17, 2023

AMI, the leader in foundational technology for sustainable, scalable, and secure global computing, is set to drive the future of Intel Data Center Manager (DCM) as it takes over the development, sales, and support of DCM under an agreement with Intel. This strategic transition empowers AMI to lead further the innovation and expansion of the Intel DCM product. With a unique position in the industry, AMI plays a pivotal role in enabling the cloud and data center ecosystem for all compute platforms. Intel DCM empowers data centers with the capability to manage and fine-tune server performance, energy consumption, and cooling efficiency. This operational optimization reduces the total cost of ownership, improves sustainability, and elevates performance benchmarks. We thank Intel for trusting AMI to lead Intel DCM into the future. This solution for efficient data center management will play a crucial role in enhancing the operational eco-efficiency of the data centers. It empowers data center managers with real-time insights into energy usage, thermal status, device health, and asset management, says Sanjoy Maity, CEO at AMI. AMI remains steadfast in aiding data center operators in achieving their manageability and sustainability objectives. About AMI AMI is Firmware Reimagined for modern computing. As a global leader in Dynamic Firmware for security, orchestration, and manageability solutions, AMI enables the world's compute platforms from on-premises to the cloud to the edge. AMI's industry-leading foundational technology and unwavering customer support have generated lasting partnerships and spurred innovation for some of the most prominent brands in the high-tech industry. For more information, visit ami.com.

Read More

More featured news