HYPER-CONVERGED INFRASTRUCTURE,APPLICATION INFRASTRUCTURE,STORAGE MANAGEMENT
Wallarm | November 14, 2022
Wallarm, the end-to-end API security company, today released its Q3 API ThreatStats™ Report, which provides deep analysis into all published API vulnerabilities and exploits for the quarter. The Wallarm research team dissected the data from a variety of perspectives, including software type, vendor, CVSS scores, CWEs and both OWASP Top-10 (2021) for web apps and OWASP API Security Top-10 (2019). The team also examined publicly disclosed exploit POCs to determine where the risk lies.
The initial analysis indicated that API vulnerabilities and the impacted vendors were leveling off from the significant increase reported in the Q2 API Vulnerability Report, with minimal to no change. Vulnerabilities and vendors impacted experienced a 16% increase, while high to critical rated vulnerabilities remained steady at 57% total.
However, deeper analysis revealed three key findings, which may have costly implications on an organization’s API security program:
Infrastructure. A vast majority of the most impactful vulnerabilities analyzed in Q3 impacted DevOps tools and infrastructure, resulting in a shift of an organization’s security focus.
Injections. While the OWASP Top-10 Injection categories (A03:2021 for web apps and API8:2019 for APIs) top the charts at over 33% of all CVEs analyzed, further inspection reveals many, many variations, which will require extra effort to remediate.
Exploits. A surprising finding was that the average gap between CVE and exploit POC publication was zero days, which greatly impacts a mitigation timeline.
“Almost everyone involved in the API economy, from CISOs and their security teams to DevOps teams and beyond, are talking about API Security this year. However, only a few vendors can explain what it really means, and how to measure and calculate the risks and impact when things go badly. “Wallarm has been committed to tracking and analyzing API vulnerabilities and exploits, and sharing this with the community via our API ThreatStats reports. This Q3-2022 report is the third in a row, and we clearly see a chilling trend in the number, severity and focus of API vulnerabilities and exploits. No joke: the top 10 API issues we're seeing affect core DevOps and PaaS products, such as Kubernetes, Rancher, GitLab, HashiCorp, and several others.”
Ivan Novikov, CEO & co-founder of Wallarm
For more highlights from the final report, please see the Q3-2022 API ThreatStats™ Report executive summary. To learn more, register for Wallarm’s webinar on Thursday, November 10 at 11 AM PT where the research team will present all of its findings.
About Wallarm
Wallarm end-to-end API security products provide robust protection for APIs, web applications, microservices, and serverless workloads running in cloud-native environments. Hundreds of Security and DevOps teams choose Wallarm to get unique visibility into malicious traffic, robust protection across their whole API portfolio, and automated incident response for better risk management. The company is committed to supporting modern tech stacks, offering dozens of deployment options in cloud and Kubernetes-based environments, and also provides a full cloud solution. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.
Read More
HYPER-CONVERGED INFRASTRUCTURE,APPLICATION INFRASTRUCTURE
Rescale | November 16, 2022
Rescale, the leader in high performance computing built for the cloud to accelerate engineering innovation, and RedLine Performance Solutions, announced today the availability of the Slurm Rescale Connector to provide Slurm users seamless access to cloud directly from the Slurm interface covering over 1000 managed full-stack HPC applications and access to all major cloud providers worldwide.
"Slurm Rescale Connector provides an easy button to burst workflows to public clouds such as AWS, Azure, OCI, GCP from any existing on-prem HPC environment" said Don Avart, CTO of RedLine Performance Solutions, "We are excited to partner with Rescale on this hybrid solution to allow customers to take advantage of cloud-scale capacity and architectural choices available in the cloud."
With high performance computing (HPC) workloads increasingly run in the cloud, many organizations are developing hybrid cloud strategies. But replicating data center infrastructure in dynamic cloud environments can be prohibitively complex and expensive.
Hybrid Cloud Directly from Slurm
With the Slurm-Rescale Connector, the entire multi-cloud world fully managed by Rescale is presented as one additional infrastructure scheduled by Slurm. This means Slurm users do not need to change how they use the scheduler to get the benefits of cloud-based specialized computing architectures or work at cloud-scale. Administrators can similarly get full visibility to cloud software and infrastructure spend, define policies on which architecture or geographies can be used, all without ever having to directly maintain any cloud-based infrastructure. From a cost perspective, HPC organizations can define budgets to keep cloud spending under control, and work directly with a single unified control, while providing users multi-cloud infrastructure or a rich software catalog. Rescale fully-managed HPCaaS is available with FedRAMP Moderate and ITAR compliance.
"Slurm Rescale Connector enables HPC users and administrators to continue using the tools they know, while getting access to Rescale's catalog of over 1000 HPC fully managed applications, the ability to run any container, features to publish and manage your own software, and all specialized architectures through our intelligent multi-cloud infrastructure - available directly from their on-prem Slurm environment, "In addition, users can also benefit from Rescale's administrative controls and performance optimization features so they can get the best capabilities from the cloud with trust and confidence in full-stack security and delivery."
Peter Lyu, VP of Global Solutions & Customer Success at Rescale
This unique approach to hybrid is possible because Rescale is a fully managed solution for HPC cloud operations that brings full stack security, and support. Users can bring their own software and containers and run it anywhere on Rescale's multi-cloud infrastructure based on IT policies. Additionally, Rescale also maintains popular commercial and open source software in its catalog. Lastly, Rescale provides performance intelligence and guidance on how to best configure workloads to help users get the best performance possible - whether it's to minimize cost or minimize job run time.
The Slurm Rescale connector will be released in 2022 Q4 as open source under the terms of the GNU General Public License as published by the Free Software Foundation.
About Rescale
Rescale is high performance computing built for the cloud, to empower engineers while giving IT security and control. From supersonic jets to personalized medicine, industry leaders are bringing new product innovations to market with unprecedented speed and efficiency with Rescale, a cloud platform delivering intelligent full-stack automation and performance optimization. IT leaders use Rescale to deliver HPC-as-a-Service with a secure control plane to deliver any application, on any architecture, at any scale on their cloud of choice.
Read More
APPLICATION INFRASTRUCTURE,STORAGE MANAGEMENT,DATA STORAGE
Amazon Web Services | December 01, 2022
At AWS re:Invent, Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company, and Atos, a global leader in digital transformation, high performance computing and information technology infrastructure, today announced a Global Strategic Transformation Agreement that enables Atos customers with large-scale infrastructure outsourcing contracts to accelerate workload migrations to the cloud and achieve digital transformation. The multiyear, industry-first agreement extends the strategic relationship between Atos and AWS, with Atos selecting AWS as its preferred enterprise cloud provider and AWS naming Atos as a strategic partner for IT outsourcing and data center transformation. This agreement provides business and technology advisory, digital engineering, and managed services to Atos’ customers to accelerate their journeys to the cloud. AWS will also work with Atos to develop and deliver new industry solutions for IT outsourcing and data center transformation to customers globally, as well as to upskill Atos’ workforce and drive efficiencies in its data center, cloud, and security operations, including selective migration of legacy data centers and IT hardware assets.
As part of the agreement, Atos will proactively consult with more than 800 managed infrastructure services customers spanning the globe to offer a new managed, hybrid-cloud service portfolio that features the option to move selected workloads to AWS. The offering will include highly industrialized migration methodology, solution accelerators, and the companies’ combined expertise in large-scale cloud migrations to support customers as they adopt and move their workloads to AWS. Atos’ customers will be able to leverage the breadth and depth of AWS’s portfolio of services—including analytics, compute, databases, machine learning, and storage—and Atos’ expertise as a Global Systems Integrator to benefit from the flexibility, security, resilience, innovation and sustainability offered through the cloud.
As part of the strategic partnership, Atos’ employees will also be trained on AWS, scaling up their skills and knowledge to continue supporting customers on their digital transformation journeys. Over the next three years, Atos plans to train its employees to achieve more than 20,000 AWS certifications in order to expedite customers’ cloud adoption and help them leverage the advantages of the cloud.
“We are proud to strengthen our partnership with AWS in a first-of-its-kind collaboration, which is transformational in both its approach and its impact on our customers and the IT outsourcing industry. In addition, this partnership represents another significant step in Atos’ transformation. “As a trusted partner, we are offering our customers the opportunity to accelerate their migration to AWS’s powerful, proven, cost-effective, and scalable cloud infrastructure, while supporting them in their digital transformation journey.”
Nourdine Bihmane, Co-CEO in charge of the Tech Foundations Business line at Atos
“This marks the beginning of a significant transformation of the infrastructure outsourcing industry. Through our collaboration, Atos’ customers will be able to realize the benefits of moving to the cloud, including reduced operating costs and carbon emissions, as well as increased business value and accelerated digital innovation,” Ruba Borno, vice president, Worldwide Channels & Alliances, AWS. “We’re excited at the opportunity to work with Atos to upskill their workforce, helping to expand their expertise in cloud technologies so they can enable customers to build, develop, and innovate on the world’s leading cloud.”
“We are delighted to hear that Atos has signed a new strategic agreement with AWS. Having been our strategic IT partners for many years, the announcement further demonstrates Atos’ and AWS’s commitments to maximizing the potential of moving critical systems to the public cloud in terms of agility and cost effectiveness, all while minimizing environmental footprint.” Peter Brown, director of IT Operations and Infrastructure, Britvic.
Britvic is a UK Headquartered corporation that makes drinks in Great Britain, Brazil, France and Ireland and exports to more than 100 countries around the world. It owns major soft drinks brands including Robinsons squash, J20 and Fruit Shoot, and is the PepsiCo bottler in the UK.
About Amazon Web Services
For over 15 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud offering. AWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 200 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 96 Availability Zones within 30 geographic regions, with announced plans for 15 more Availability Zones and five more AWS Regions in Australia, Canada, Israel, New Zealand, and Thailand. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs.
About Amazon
Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth’s Most Customer-Centric Company, Earth’s Best Employer, and Earth’s Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon.
About Atos
Atos is a global leader in digital transformation with 112,000 employees and annual revenue of c. € 11 billion. European number one in cybersecurity, cloud and high-performance computing, the Group provides tailored end-to-end solutions for all industries in 71 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos is a SE (Societas Europaea) and listed on Euronext Paris.
Read More