Tag Archive for: Observability

Gigamon Announces Deep Observability Integration with Amazon Security Lake | National Business

/in


SANTA CLARA, Calif.–(BUSINESS WIRE)–Jun 8, 2023–

Gigamon, the leading deep observability company, today announced that its Deep Observability Pipeline now efficiently delivers network-derived application metadata intelligence (AMI) into Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake, so customers can act on security data faster and simplify security data management across hybrid and multicloud environments. This integration provides organizations the ability to access and analyze data-in-motion across hybrid cloud infrastructure to more efficiently and effectively secure and manage workloads, applications, and data.

The integration of network-derived intelligence with Amazon Security Lake supports important use cases for organizations seeking both completeness and efficiency across their security tools stack. With Amazon Security Lake, Gigamon can provide:

  • Security analytics based on actual data communications to completely and correctly identify any usage of vulnerable protocols, deprecated ciphers, and expired certificates
  • Forensics that compare what applications actually did with what logs report
  • A richer and deeper data set on which to base new AI-driven security analytics via tools like NDR or XDR

Gigamon uniquely leverages deep packet inspection (DPI) to extract more than 7,500 application-related metadata attributes derived from network packets. With Amazon Security Lake integration, users can centralize and gain deep observability into security data across their entire organization. The new integration helps organizations to:

  • Efficiently deliver AWS traffic to multiple security tools without installing individual agents for each tool
  • Contain excessive tool and transit costs by filtering unnecessary traffic and deduplicating redundant traffic
  • Generate NetFlow for SIEMs and raw packets for NPMs and packet sniffer tools

Gigamon is also a launch…

Source…

Accelerating DevOps with Autonomous Security Observability: Webinar Recap

/in


Contrast and NowSecure Discuss Application Security Challenges and Best Practices

In a recent webinar, “Accelerating DevOps with Autonomous Security Observability,” Brian Reed, chief mobility officer of NowSecure, spoke with Jeff Williams, co-founder and CTO at Contrast Security, on how autonomous security can power DevOps teams and take continuous integration/continuous deployment (CI/CD) pipelines to the next level. I highly recommend listening to the full webinar—it has many insights both for developers and security teams. In the following, I will tease out the highlights of their conversation and extract some key takeaways.

While Contrast focuses on application security for web applications, NowSecure specializes in protecting apps that run on mobile devices. In this conversation, Brian and Jeff discuss the unique challenges of mobile apps and their web-based back ends.

Background: Mobile App Security Status Quo

Brian, who has been working with mobile apps for 15 years, spends a lot of time talking to customers about mobile technology’s role in their digital transformations. He laments what he sees as a mismatch between the huge investment in securing software and the less-than-stellar security outcomes. For example, organizations spent $3.2 billion on application security in 2020 and are projected to spend $4.5 billion in 2024 (according to this Gartner report) and yet …

  • 85% of mobile apps have security risks
  • 70% of mobile apps leak personal data in violation of the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)
  • Only 9% of organizations are able to automate at least 75% of their test cases 

Jeff echoes those sentiments when he talks about web applications. Scanning the data from the tens of thousands of applications monitored by the Contrast Security Platform, Jeff found that almost all of them (96%) have at least one vulnerability; the average is 35 per web application! Vulnerabilities come from both custom and open-source code. Some of the latest research from Contrast Labs confirms his assertion. A few highlights include:

Takeaway: Vulnerabilities put applications at risk; few are entirely safe.  

The…

Source…