Infrastructure-as-code templates are source of cloud infrastructure weaknesses

TechCentral.ie | February 06, 2020

In the age of cloud computing where infrastructure needs to be extended or deployed rapidly to meet ever-changing organisational needs, the configuration of new servers and nodes is completely automated. This is done using machine-readable definition files, or templates, as part of a process known as infrastructure as code (IaC) or continuous configuration automation (CCA). A new analysis by researchers from Palo Alto Networks of IaC templates collected from GitHub repositories and other places identified almost 200,000 such files that contained insecure configuration options. Using those templates can lead to serious vulnerabilities that put IaC-deployed cloud infrastructure and the data it holds at risk. “Just as when you forget to lock your car or leave a window open, an attacker can use these misconfigurations to weave around defences,” the researchers said. “This high number explains why, in a previous report, we found that 65% of cloud incidents were due to customer misconfigurations. Without secure IaC templates from the start, cloud environments are ripe for attack.”

Spotlight

Data centers are complex to plan, build, and continuously operate and manage. With NVIDIA Omniverse, the platform for developing custom 3D pipelines and simulating virtual worlds, data center architects and operators can build full-fidelity, real-time (via NVIDIA Modulus), interactive digital twins of their data centers, connecting the infrastructure, simulation, layout, network stack (via NVIDIA Air simulation), and monitoring tools they use today.

Spotlight

Data centers are complex to plan, build, and continuously operate and manage. With NVIDIA Omniverse, the platform for developing custom 3D pipelines and simulating virtual worlds, data center architects and operators can build full-fidelity, real-time (via NVIDIA Modulus), interactive digital twins of their data centers, connecting the infrastructure, simulation, layout, network stack (via NVIDIA Air simulation), and monitoring tools they use today.

Related News

HYPER-CONVERGED INFRASTRUCTURE,APPLICATION INFRASTRUCTURE,DATA STORAGE

Introducing MoEngage Inform, A Unified Messaging Infrastructure for Multichannel Transactional Notifications Through One API

MoEngage | November 17, 2022

MoEngage, the insights-led customer engagement platform, today announced its new product, MoEngage Inform, a unified messaging infrastructure that enables brands to build and manage multichannel transactional alerts through one API. Consumers expect immediate updates on critical transactional notifications at their fingertips. Using MoEngage Inform, brands can provide real-time transactional alerts to improve the customer experience, such as an order or booking confirmation after a product is purchased, a delivery notification when a package arrives, one-time passwords (OTPs) for approving transactions or logging in securely, or notifications around password resets, among other time-sensitive alerts. Oftentimes, building, updating, and delivering these critical alerts requires significant engineering bandwidth and resources. There is a heavy reliance on development teams to maintain a transactional messaging infrastructure and add new channels; in some cases, integrating a new vendor or new communication channel provider can take at least eight weeks of engineering efforts. Moreover, brands often encounter a siloed customer experience due to multiple delivery providers and API demands, resulting in limited visibility into customers' actions. There is no unified view of notifications received by customers, meaning product teams cannot easily identify if a customer has already received or has acted on an alert; potentially leading to customers receiving duplicate alerts across channels. Inform makes transactional alert management seamless so brands can focus more on delivering the cohesive, time-sensitive messages that consumers want. Inform's single API requires a one-time setup, freeing up engineering bandwidth and pushing control to the product or marketing teams. MoEngage Inform is a component of the MoEngage Customer Engagement Platform, which together enables brands to have one platform to support all of their customer messaging and notifications needs, both transactional and marketing-related. Product and marketing teams will be able to have a unified view of the customer journey, so they can collectively understand and gather insights to inform future initiatives to deliver a better customer experience. With MoEngage Inform, brands can achieve: Unified Customer Experiences - Get a unified view of how customers engage with the brand, including transactional and promotional messages across channels, and leverage an advanced algorithm that uses AI to determine what channels each customer prefers to receive critical alerts on and set a priority order automatically. Centralized Visibility and Performance - Track and optimize the performance of your multichannel transactional and promotional messages in one central dashboard. Reduced Engineering Resources and Improved Effectiveness - Power all transactional messaging with a single API and integrate with any communication channel with ease, supporting more than 30 providers. More Autonomy, Faster Delivery of Alerts - Get out-of-the-box templates to create new alerts in minutes, with alerts being delivered in under 5 seconds. A built-in fallback mechanism ensures critical alerts are delivered on other channels upon disruptions. Improved Data Security and Reporting - Achieve unified notification logs and delivery reports across channels, making identifying and debugging issues easier. "As organizations grow, their messaging and communication needs become more complex. With MoEngage Inform, engineering teams can focus on delivering core offerings instead of building backend infrastructures, and product and marketing teams can deliver critical transactional alerts without breaking customer experiences," said Raviteja Dodda, CEO and co-founder of MoEngage.

Read More

APPLICATION INFRASTRUCTURE, DATA STORAGE

Virtual-Q Selects Juniper Networks to Provide Scalable, Automated Data Center Infrastructure

Juniper Networks | October 11, 2022

Juniper Networks, a leader in secure, AI-driven networks, today announced that Virtual-Q, a provider of IT Services and IT Consulting, has selected Juniper Apstra data center solutions to modernize and automate its network infrastructure to provide a scalable and seamless customer experience. Based in Houston, Texas, Virtual-Q specializes in IT-as-a-Service through its hosted desktop solution, streamlining the costs associated with remote IT solutions. The company delivers enterprise-class security, computing, support and disaster recovery solutions to businesses across all sectors and sizes. Virtual-Q had been operating with a network that lacked scalability and struggled to meet the increasing hybrid and virtual customer demands associated with the pandemic. With the need to accommodate large-scale growth but also be able to easily manage and operate, Virtual-Q turned to Juniper Networks to help design and build their new network, along with support from Juniper’s partner GDT. Apstra was deployed to simplify and automate data center operations management from design to deployment through everyday operations and assurance. Additionally, Apstra delivers a high level of visibility into the network fabric, allowing for faster resolution times and increased operational efficiencies. With an approach to data center operations based on the insight that a reliability-focused strategy results in speed and efficiency, Apstra enables Virtual-Q to transform their operations. By also deploying Juniper’s QFX switches, EX switches and MX series universal routing platforms, Virtual-Q is well-positioned to expand its capacity with 400G bandwidth, develop a cloud-ready network infrastructure that can grow alongside its evolving data center needs and meet its 1,082 percent annual growth rate. The company also utilizes Juniper professional services. Supporting Quotes: “Juniper Apstra allows us to seamlessly manage and automate our data center infrastructure without compromising our ability to serve our customers. With Apstra’s intent-based design, operators can focus on what needs to be accomplished in the data center instead of how it should be done. As one of the most user-friendly products on the market, we are excited to see the transformation Apstra will bring to our network operations.” Victor J. Quinones, Jr., Founder and CEO, Virtual-Q “In addition to simplifying data center management, Apstra allows its customers to automate each aspect of the design, deployment and operation of their data center infrastructure. Apstra enables Virtual-Q to lay a strong foundation for reliable and flexible operations regardless of vendor.” Mansour Karam, VP of Products, Juniper Networks About Juniper Networks Juniper Networks is dedicated to dramatically simplifying network operations and driving superior experiences for end users. Our solutions deliver industry-leading insight, automation, security and AI to drive real business results. We believe that powering connections will bring us closer together while empowering us all to solve the world’s greatest challenges of well-being, sustainability and equality.

Read More

HYPER-CONVERGED INFRASTRUCTURE, APPLICATION INFRASTRUCTURE

Exelon Optimizes its Operations with Oracle Cloud Infrastructure

Oracle | September 27, 2022

Oracle today announced that the Exelon Corporation, the nation's largest transmission and distribution utility company, is moving its cloud-first vision forward with Oracle Cloud Infrastructure (OCI). By moving several of its Oracle utility applications to OCI, Exelon will be able to further meet its sustainability goals by consolidating data centers, reducing costs, and continuing to deliver on its strong record of customer satisfaction. "Exelon is a leader in the utility market who has long been at the forefront of investing in technologies that create a better experience for its customers while also being proactive in achieving important sustainability goals," said Rodger Smith, senior vice president and general manager of Oracle Energy and Water. "The move to OCI is a natural progression of Oracle's work with Exelon to help the company continue to meet its aggressive growth, cost-efficiency, and net-zero by 2050 commitments." Exelon serves more than 10 million customers in the Midwest and Mid-Atlantic United States through six fully regulated transmission and distribution utilities. "Our mission is to deliver the clean, reliable, and affordable energy needed to create a brighter, more sustainable future. "Oracle has supported this mission by innovating with Exelon across critical pieces of our operations - from energy efficiency to customer service. Oracle's unique utility and back-office applications combined with the price, performance, and security of OCI is a powerful combination that will continue to help us scale our cloud-first strategy." Michael Menendez, vice president of IT Architecture & Engineering, Exelon Corporation From the cloud to carbon reduction and customer care Accenture, a long-time digital transformation partner of Exelon, will help the company move a number of integral applications to the cloud. These include Oracle's customer information system (CIS) and meter data management solutions. The CIS application, in conjunction with Oracle CX solutions, is currently being used across several of the Exelon utilities, providing a single view of the customer that helps Exelon foster a better, more personalized experience – from service call interactions to accurate billing. Likewise, meter data management is helping Exelon capture smart meter data to optimize its use to help support its core operations, energy reliability, and customer innovation. In addition, by leveraging the Oracle Support Rewards, Exelon will be able to shift key applications to OCI for better performance, availability, and security - all for a lower cost. "Evolving customer and employee expectations make delivering impactful, sustainable experiences a critical imperative," said Laurence Bellenguez, the Accenture Oracle Business Group Industry lead for North America. "OCI, coupled with Accenture's technology and industry expertise, is helping Exelon reimagine its employee and customer experience – providing more personalized interactions and significant operational efficiencies, with sustainability at its core." Exelon is also taking advantage of the Oracle Cloud Infrastructure Resident Architect Program, a highly personalized service designed to streamline adoption and successful use of OCI based on Exelon's specific workloads. With the Resident Architect Program, Exelon is supported by a dedicated team of Oracle Enterprise Cloud Architects and Specialists to augment its existing team and provide deep industry expertise and broad technical OCI proficiency. About Oracle Oracle offers integrated suites of applications plus secure, autonomous infrastructure in the Oracle Cloud.

Read More