Table of Contents
Introduction
1. Ruby on Jets
2. AWS Amplify
3. Architect
4. Pulumi
5. Zappa
Conclusion

Introduction

In the digital world, the serverless framework is one of the most innovative technologies that allows software developers (SDEs) to build and deploy applications without the requirement to address the underlying server infrastructure.

Numerous organizations are gradually switching to serverless computing frameworks as they help them achieve faster, simpler software development and eliminate traditional monolithic software models. However, implementing serverless computing SDEs requires frameworks that will help them to focus solely on writing code to implement their application’s logic.

In this article, we’ll explore the top five serverless frameworks that SDEs can use to deploy code faster and scale seamlessly.

1. Ruby on Jets

Software developers who have expertise in the Ruby language and wish to develop applications in this language can opt for Ruby on Jets. Jets further have unique functionalities that can be used to assemble diverse AWS resources. This tool aids in the creation and deployment tasks of programs employing SQS, DynamoDB, AWS Lambda, SNS, and many more. 

2. AWS Amplify

With the AWS Amplify framework, SDEs can rapidly create robust serverless applications for web apps and enjoy unlimited versatility. With a few taps, you can supervise and launch single-page web applications, static websites, server-side-produced applications, and status web pages. Using this application’s intelligent processes, you can easily set up your serverless backends with information, storage, and authorization. 

3. Architect

Architect is a comprehensive framework that uses AWS, node.js, NPM, and other languages to create applications. It is an open-source serverless platform with more than 30 collaborators on GitHub, keeping it safe and reliable to use. It is also quite user-friendly for novice developers, aiding them to operate faster and adapt to changes easily. This framework has the potential to build, operate, and manage serverless applications and further simplifies the configuration and provisioning.

4. Pulumi

The Pulumi framework is an open-source tool to create, deploy, and manage cloud-based software. The software uses existing computer languages, native toolkits, and frameworks for YAML, and a few domain-specific languages such as TypeScript, JavaScript, Python, Go, and .NET for coding. Pulumi can ease AWS, Azure functions, GCP, and Kubernetes platform management duties as it simplifies the installation and maintenance of Lambda features.

5. Zappa

Zappa is one of the prominent serverless frameworks, as it aims to be quite prevalent for web-based applications as well as possibly even. It offers a perfect interface for re-platforming systems that rely on things such as Flask apps. For instance, if you are operating on a Flask app, try to involve Zappa; it allows SDEs to leverage AWS Lambda and API gateways without having to modify a significant amount of coding. Zappa offers improved security since it permits the identity and access management (IAM) security technique by the standard.

Conclusion

As modern technologies grow rapidly, it can be challenging for developers to maintain pace with them. Therefore, the above five serverless frameworks aim to enable faster and more seamless serverless deployment. However, these applications might differ in terms of technicalities and use cases; therefore, software developers must consider factors such as supported programming languages, community, pricing model, execution time, and control to select the right serverless frameworks.

Explore AITechPark for top AI, IoT, Cybersecurity advancements, And amplify your reach through guest posts and link collaboration.

The post The Top Five Serverless Frameworks to Look for in 2024 first appeared on AI-Tech Park.

Eric, could you please introduce yourself and elaborate on your role as president at ProserveIT?

Hello, I’m Eric Sugar, President at ProServeIT, my focus is on helping clients set their strategic direction with regards to technology that enables their business.  Eric’s passion is teaching how technology can be leveraged by businesses to enable growth and added value.  As President at ProServeIT  I support our clients and team in creatively deploying and using technology. 

Eric holds a Bachelor of Arts (Economics and Math) from the University of Toronto.

I’m an avid rower, cyclist and hockey player who can put a golf ball in the woods better than most.

Can you provide a concise overview of Zero Trust Architecture and its significance in modern cybersecurity?

Zero Trust Architecture (ZTA) is a security model that assumes that any user, system, or service operating within or outside of an organization’s network perimeter is untrustworthy until proven otherwise. It is based on the principle of “never trust, always verify” and requires strict identity verification for every person and device trying to access resources on a private network, regardless of their location. The principles behind a Zero Trust network include Identity and Access Management (IAM), Data Protection, and Network Segmentation

In the context of ZTA, how does the concept of “never trust, always verify” apply to both internal and external network environments? What are the key implications of this approach for organisations?

In the context of ZTA, the concept of “never trust, always verify” applies to both internal and external network environments. This approach has key implications for organizations, as it requires them to implement strict identity verification and access controls for every person and device trying to access their resources, regardless of their location. This helps organizations mitigate cybersecurity risks and protect sensitive data effectively

What are the key benefits of implementing Zero Trust Architecture, and how does it help organisations mitigate cybersecurity risks and protect sensitive data effectively?

The benefits of implementing ZTA include reducing the attack surface and preventing lateral movement by attackers within the network, as each resource is isolated and protected by granular policies and controls. It also enhances the visibility and monitoring of network activity and behavior, as each request and transaction is logged and analyzed for anomalies and threats. Additionally, it improves the compliance and governance of data and assets, as each access is based on the principle of least privilege and verified by multiple factors.

Could you share some best practices for organisations looking to adopt ZTA? What are the essential steps and considerations in the implementation process?

As for best practices for organizations looking to adopt ZTA, some recommendations include assessing the current network architecture and identifying the assets, services, workflows, and data that need to be protected, defining the policies and controls that govern access to each resource based on the Zero Trust principles, and deploying the ZTA components that enforce the policies and controls across the network.

Can you provide examples or case studies of organisations that have successfully implemented ZTA? What challenges did they face, and how did ZTA help address those challenges?

There are real-world case studies that show Zero Trust in action. For example, a shipping company that operates a fleet of cargo vessels across different regions improved its cybersecurity posture by adopting ZTA. The company identified its key resources, classified them according to their criticality and sensitivity levels, and defined its policies and controls for accessing each resource based on the Zero Trust principles. The company then deployed the ZTA components that enforced the policies and controls across the network, and monitored and evaluated the performance and effectiveness of the ZTA components regularly.

Are there any notable industries or sectors where ZTA has shown exceptional promise or results? What can other organisations learn from these success stories?

Transportation, Finance, Healthcare businesses have all been leveraging ZTA and when implemented they are better able to protect their organization from breach.   Other organizations can look at Identity Access Management as a first workload that they can use ZTA to pilot and learn. 

As ZTA continues to evolve, what do you see as the future of cybersecurity and network security? How does continuous verification play a role in this future landscape?

As ZTA continues to evolve, it is shaping the future of cybersecurity by providing a more effective and adaptive security model for the modern environment. With the increasing sophistication and frequency of cyberattacks, the growing adoption of cloud computing, mobile devices, and the internet of things (IoT), and the changing nature of work, traditional perimeter-based security models are no longer sufficient. Zero Trust provides a more comprehensive and dynamic approach to securing digital assets, and is becoming the new standard for organizations of all sizes and industries.

What advice do you have for organisations looking to strengthen their cybersecurity posture in today’s ever-evolving threat landscape?

As for personal advice for organizations looking to strengthen their cybersecurity posture in today’s ever-evolving threat landscape, it is important for organizations to stay up-to-date with the latest developments in cybersecurity and to implement best practices for protecting their data and assets. This includes adopting a Zero Trust approach to security, implementing strict identity verification and access controls, and continuously monitoring and analyzing network activity for anomalies and threats.

What key takeaways would you like to leave our audience with regarding the importance of adopting ZTA principles in the future of cybersecurity?

The key takeaway for organizations is the importance of adopting ZTA principles in the future of cybersecurity. By implementing a Zero Trust approach to security, organizations can better protect their data and assets from cyber threats and ensure the safety and security of their operations.

Eric Sugar

President at ProServeIT

Whether it’s helping his employees remove roadblocks, educating customers on how various technologies can make their jobs and their lives better, or instructing leaders on the importance of corporate and personal cybersecurity, Eric Sugar, President of ProServeIT, always takes a people-centric approach to his role. With over 25 years in the IT industry, Eric’s been with ProServeIT since its inception in 2002.

He loves seeing what technology can do for people and how technology can have such a positive impact on organizations. But it’s not just about helping those already in their careers – as the father of 3 young daughters, Eric also wants to see future generations succeed, so he has spearheaded several initiatives with local grade schools to introduce boys and girls to the wonders of technology. In his free time, Eric is a big supporter of the Princess Margaret Cancer Foundation and actively participates in many of their annual fundraising activities.

The post AI-Tech Interview with Eric Sugar, President at ProServeIT first appeared on AI-Tech Park.

Could you please share some insights into your professional journey as APJ Field CISO Director at SentinelOne?

Prateek: The role of Field CISO is very interesting as it focuses on the value proposition of the security initiatives and deployments. This role helps me in cutting the prevailing noise in the industry because of the overwhelming number of jargon, overmarketing, and overpromises of the providers. At the same time, it helps the security leaders climb the maturity curve and define the security charter. 

Can you provide an overview of the current cloud security landscape in the Asia Pacific Japan region and explain why it’s becoming an increasingly critical concern?

Prateek: The adoption of cloud technologies and platforms is only accelerating in the APJ region alongside the threat landscape, and the risks are increasing too. With businesses moving their critical business applications, data, and operations to the cloud, they are increasingly being targeted by threat actors as the organizations’ maturity level in cloud security is relatively lower than the traditional architecture. Additionally, the data protection and privacy laws in different countries and regions emphasize the need for cloud security. 

According to you, what could be the key strategies and best practices that organizations should prioritize when securing their cloud platforms within the Asia Pacific Japan region?

Prateek: The first step is the realization that the approach to securing the cloud is different from the traditional approaches and understanding the shared responsibility model between the cloud service provider and the client. Cloud is not inherently secured but can be secured with the right policy, configurations, and controls. The journey to securing the cloud should start with Cloud Security Governance. 

Can you identify specific challenges that organizations in the Asia Pacific Japan region typically encounter when it comes to maintaining the integrity and security of their cloud-stored data?

Prateek: Security in the cloud is more of an identity and access management issue. When the identities and access to cloud resources such as data storage are configured with secured configuration such as no public access to storage buckets, expiration of API tokens, etc, it will ensure the integrity and security of the data stored in the cloud. 

What are the primary drivers behind the 30% increase in cloud-targeted cyber incidents in the ASEAN region. Are there any proactive measures that can be taken to save from such threats?

Prateek: Because of the sudden pivot to the cloud and rapid adoption of digitalization because of the COVID pandemic, the attack surface of the organization became endless and ever-expanding. This came off as an easy opportunity for the threat actors to capitalize on and exploit the vulnerabilities and security gaps to reach their objectives. These attacks on the cloud environment could have been prevented by implementing cyber hygiene measures such as secure configurations, identity and access management, privilege access management, vulnerability management, patching, etc. 

Which emerging trends or technological advancements do you anticipate will have a substantial impact on cloud security within the Asia Pacific Japan region in the near future?

Prateek: The adoption of cloud computing and services for both critical and non-critical business applications, use of edge computing, and automation of the workflow will increase the business’s reliance on the cloud. This digital progression will make the attack surface endless. Hence, cloud security would have to be taken far more seriously. 

In your opinion, what could be the concrete steps for creating and implementing a cloud-specific incident response plan?

Prateek: Cloud Incident Response (IR) today needs to grapple with a radically different set of challenges, including data volume, accessibility, and the speed at which threats can multiply within cloud architectures. The interplay of various components, such as virtualization, storage, workloads, and cloud management software, intensifies the complexity of securing cloud environments.

That being said, Cloud IR cannot be done in isolation of the company’s overall incident response activities and business continuity plans. When possible, cloud security tools should use the same SOC, SOAR, and communication tools currently being used to secure other company elements. Using the same infrastructure ensures that suspicious and threatening cloud activities receive an immediate and appropriate response.

How do you envision SentinelOne in the next upcoming 5 years?

Prateek: SentinelOne helps organizations secure from tomorrow’s threats today by taking an approach of AI+ Data + People. These three components are vital for providing effective cybersecurity. AI helps organizations cut the noise and identify the needle in the haystack, stitching the data points, and also helps scale humans, data analytics on the security data collected from various attack surfaces to identify the patterns and analyze the attacks and people to identify the root cause of the attack whether it’s the policy design, culture, operations, etc and work to fix it. 

With your extensive experience, what advice do you have for APAC organizations looking to strengthen cloud security amid evolving threats?

Prateek: The first step is to understand the Cloud Shared Responsibility model and design controls according to the attack surfaces the organization is responsible for. The organization should focus on cyber hygiene and implementing real-time visibility of cloud environments for threat prevention, detection, and response. These simple measures will elevate the cloud security posture of the business.

Prateek Bhajanka

APJ Field CISO Director at SentinelOne

Prateek is a Cyber Security professional with expertise in domains such as Security Operations, Vulnerability Management, Penetration Testing, Endpoint Security (EPP/EDR), Digital Forensics and Incident Response, etc. He advises cybersecurity vendors on their Product Messaging and Positioning, Go To Market strategy, Licensing, Product Strategy.

He holds an MBA in Information Security Management from Symbiosis Centre for Information Technology. Prior to MBA he has worked with Accenture Services Pvt. Ltd. where he was working as the lead of Technology and Workforce Enablement for over two years, this role acted as a stepping stone in his career. He also holds B.E. in Electronics and Telecommunication from the University of Pune.

He is also a firm believer in community development and learning.

The post AITech Interview with Prateek Bhajanka, APJ Field CISO Director at SentinelOne first appeared on AI-Tech Park.

Nutanix (NASDAQ: NTNX), a leader in hybrid multicloud computing, today announced Nutanix Central, a cloud-delivered solution that provides a single console for visibility, monitoring, and management across public cloud, on-premises, hosted or edge infrastructure. This will extend the universal cloud operating model of the Nutanix Cloud Platform to break down silos and simplify consistently managing apps and data anywhere.

Most organizations today are struggling with the complexity of managing an increasing number of environments across on-premises, public cloud, and the edge, leading to management silos, costs, security risks, and more, according to the Enterprise Cloud Index. Organizations looking for a seamless hybrid multicloud experience require a universal cloud operating model, meaning consistent management across endpoints, integrated security, self-service and on-demand resources, governance and full license portability that allow customers to run apps and data anywhere. The Nutanix Central solution will greatly simplify management at a large, federated scale across endpoints.

“The reality for most enterprise customers today is that they’re managing a vast number of applications across multiple environments. This is leading to significant management challenges that are only going to increase as hybrid multicloud deployments grow,” said Thomas Cornely, SVP, Product Management at Nutanix. “With Nutanix Central, we will extend our hybrid multicloud platform to deliver a truly universal cloud operating model to include consistent management across public clouds, on-premises, hosted and edge environments.”

Nutanix Central will provide cloud-delivered unified management and reporting of the entire Nutanix environment distributed across private, public, and edge clouds from a single place. It will also support multi-domain use cases including federated identity and access management (IAM), global projects and categories, global fleet management, all enabling IT teams to deliver self-service infrastructure at scale while remaining in control of governance and security.

From the Nutanix Central dashboard, customers will access domain and cluster-level metrics, including capacity utilization and alert summary statistics, to get a quick overview of the state of each domain. This functionality will also enable seamless navigation to individual domains, based on individual user role-based access control (RBAC), across all domains registered. Additionally, customers will be able to discover, deploy, and manage Nutanix solutions and interoperable partner solutions. Nutanix Central will be available to customers as part of their Nutanix Cloud Infrastructure (NCI) license.

Organizations struggling with managing applications and data across environments, including multiple public clouds, on-premises, hosted datacenter, and edge endpoints, will benefit from Nutanix Central and a universal cloud operating model. For example, an organization with hosted datacenters in multiple locations, as well as different public cloud vendors across geographies will be able to enable a centralized governance and security program. Similarly, retailers with a large number of stores would greatly benefit from having one control plane to manage edge locations.

In addition to Nutanix Central, the company today also announced new capabilities in the Nutanix Cloud Platform to support higher performant and more secure applications and data – all of which will be managed through Nutanix Central. Specifically, the improvements enable independent scaling of compute-only nodes running database virtual machines on either AHV or ESXi, to tune performance and reduce total cost of ownership, and the introduction of high-performance storage-only nodes. Nutanix will also deliver enhanced software-defined networking and simplified micro-segmentation capabilities across customer, partner, and hyperscaler-owned networks by using Flow Virtual Networking (FVN) capabilities and Flow Network Security (FNS) features, allowing customers to exercise defense-in-depth for greater cyber resilience.

Nutanix Central and new functionality in Flow Network Security are under development. New performance capabilities in the Nutanix Cloud Platform and new functionality in Flow Virtual Networking are available to customers now. More information is available here.

Supporting Quotes:

“Leading Global Enterprises rely on TCS to help them choose, orchestrate, and optimize their hybrid multi-cloud strategy. Nutanix is often TCS’ platform of choice for delivering this technology ask and creating business value. With its seamless governance & security management, Nutanix Central helps TCS and its customers break down IT silos and bring the focus back to business metrics.”
– Dinanath Kholkar, SVP and Global Head of Partner Ecosystems & Alliances at TCS

“One of the biggest shifts in IT that we have seen since the pandemic is that businesses don’t want to be caught flat footed anymore. One of the elements of ensuring this is cloud adoption and datacenter modernization but the other, equally important, element is developing an operational approach that is universal across environments. With Nutanix Central, Nutanix will push the envelope on what hybrid multicloud means by delivering the same operating model and management across multiple clouds along with full license portability.”
– Scott Sinclair, Practice Director, ESG

“Solving real-world challenges requires robust infrastructure solutions that generate faster insights from edge to cloud. Lenovo is helping Nutanix customers implement AI-enabled Edge deployments with solutions designed for the unique performance, footprint, and cost needs of this fast-growing segment. As edge computing grows in popularity, the Nutanix Central cloud-delivered management service will help our joint customers monitor and manage these distributed environments with a federated management view.”
– Brian Connors, VP and GM, Software & Business Development at Lenovo

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

The post Nutanix Announces Nutanix Central first appeared on AI-Tech Park.

RSA Conference–Stack Identity, a Silicon Valley startup automating identity and access management (IAM) governance to identify and eliminate cloud data threat vectors, today announced its emergence from stealth mode. The company also announced the closing of a $4 million seed funding round co-led by WestWave Capital and Benhamou Global Ventures.

In the rapidly evolving realm of cloud-based identity and access management (IAM), businesses are unable to protect sensitive data if they don’t know who has access, why, and for how long. Stack Identity was created to solve this problem, making it easier for customers to protect critical and sensitive data stored in the cloud by eliminating applications and services from rogue access, and preventing unauthorized data sharing and data exfiltration.

Protecting sensitive data in a complex data sharing environment is only possible by addressing the access layer and specifically what Stack Identity defines as ‘shadow access’.

Additional investors in the round include Plug and Play and notable cybersecurity investors. The investment capital will enable Stack Identity to further invest in solving the challenge of automating cloud security as enterprises accelerate the development of data-centric and AI powered applications. Stack Identity will use the funds to scale product development, strengthen go-to-market strategies and expand customer reach, including SMBs, mid-market and enterprises.

“The security landscape has profoundly changed—and the market demand for identity and access management to evolve was an inspiration for creating something unique and different from status quo IAM solutions,” said Venkat Raghavan, CEO and founder of Stack Identity. “It’s our vision and conviction that the future of cloud security must be identity-first, access-centric and with a deep context of data, applications and software. The support of our investors brings this vision to reality.”

Stack Identity was created to address the problem of shadow access—unauthorized, unmonitored, and invisible cloud data access patterns created by the myriad of human and machine cloud identities accessing the cloud. Businesses of all sizes can now benefit from Stack Identity’s automated breach detection leveraging advanced heuristics that continuously detects and removes bad actors from cloud environments.

Eliminating Shadow Access as DevOps and SecOps Battle for Cloud Access Control

Security concerns have become more significant as more companies move operations and data into the cloud. Cloud data is continuously exposed via thousands of automated, distributed access controls and entitlements, both human and API-based. One of the greatest challenges for organizations is ensuring that authorized identities have access to sensitive data while, at the same time, detecting and eliminating threats from unidentified users.

Without visibility, risky behavior cannot be effectively identified, prioritized and remediated. Despite security measures put in place by security teams, lack of visibility causes blindspots and shadow access for attackers to wreak havoc on organizations.

Through its patent-pending Breach Prediction Index (BPI) algorithm, Stack Identity reduces the risk of cloud vulnerabilities and improves IAM audits, compliance and governance. The BPI enables Stack Identity customers to prioritize both risk and impact. Using its BPI, Stack Identity customers are empowered to detect the 2% of toxic combinations that impact 90% of data assets.

Investor & Customer Thoughts on Stack Identity Seed Funding Round

“We are very proud to co-lead the investment in Stack Identity,” said Gaurav Manglik, General Partner at Westwave Capital. “Venkat and the team are tackling an untenable security problem created by the proliferation of thousands of automated and human identities in the cloud, with an identity-first data security approach. We believe in the team’s expertise in security, and Stack Identity’s deep technology to differentiate in a crowded IAM market.”

“Stack Identity represents the winning formula we look for in our deal evaluation frameworks, namely, the combination of technology and team,” said Yashwanth Hemaraj, Partner at Benhamou Global Ventures. “As we accelerate into an Enterprise 4.0 world, Stack Identity is primed to emerge as a future market leader in the IAM space as enterprises accelerate digital transformation initiatives and the sanctity and security of data continue to increase in importance and value.”

“Our AWS cloud ecosystem is a mix of automated DevOps and manually managed infrastructure,” said Steve De Jong, distinguished engineer at Vercara. “Stack Identity gives continuous visibility into our data exposure risks with the ability to automate least privileged enforcement for both our security and engineering operations teams.”

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

The post Stack Identity Emerges from Stealth with $4M Seed Funding first appeared on AI-Tech Park.

SPHERE, a woman-owned cybersecurity business focused on providing best-of-breed software and services for access governance across data, platforms and applications, today announced that Cyber Defense Magazine, the industry’s leading electronic information security magazine, has recognized SPHERE as a winner for the Editor’s Choice Identity Access Management (IAM) category in the 11^th Annual Global Infosec Awards at RSA 2023. These prestigious global awards recognize innovators from any company stage with compelling value propositions for their products in competitive infosecurity industries.

SPHEREboard, SPHERE’s flagship product, is an end-to-end workflow built to understand the state of an organization’s environment, automate collection, identify immediate risks and seamlessly remediate. SPHEREboard finds and remediates open access by identifying owners and defining collections, reporting on high-risk permissions, streamlining entitlements with owners, and fixing and standardizing access. The platform allows users to evaluate access and data protection controls, protect users and data on-premise and across cloud, and remediate vulnerable users, groups and data – all while maintaining an evergreen estate. What makes SPHEREboard truly innovative is its focus on the last mile of proper identity hygiene – remediating risk, rather than simply reporting it.

“We’re thrilled to receive this recognition and accomplishment as a leader in the identity access management space, both as a company and a product,” said Rita Gurevich, CEO and Founder of SPHERE. “This accomplishment further illustrates SPHERE’s position as a key industry leader, dedicated to constantly delivering beyond our customers’ expectations with every aspect of our work.” 

This news comes on the heels of SPHERE’s recent appointment of Scott Gibson as Chief Operating Officer (COO), as the company continues to expand its offerings and serve a greater variety of customers. SPHERE also recently secured a $31 million Series B funding round in 2022, positioning the company to address the recently increasing threats to enterprise security.

Visit SPHERE at RSA

To learn more about SPHERE and the offerings it provides, visit SPHERE at booth #2449 in the South Expo Hall at this year’s 2023 RSA Conference, located at the Moscone Center in San Francisco, CA from April 24-27. You can visit SPHERE’s website here. 

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

The post SPHERE Wins in 2023 Global Infosec Awards at RSA 2023 first appeared on AI-Tech Park.

JumpCloud integrates with Google Workspace to extend enterprise-quality security capabilities to small and midsize organizations

Google Cloud today announced a series of new security alliances to bring more choice, capability, and simplicity to enterprise and public sector IT teams tasked with managing hybrid work at scale.

Google Workspace comes with industry-leading security built into its cloud-native, zero trust architecture. These capabilities combine threat defenses powered by Google AI, client-side encryption, data privacy controls, and simple access to Google Cloud cybersecurity products like BeyondCorp Enterprise and Chronicle Security Operations, to automatically stop the vast majority of online threats before they emerge—while also supporting customers’ regulatory and sovereignty needs. Through its ecosystem of cybersecurity partners, Google Workspace can extend these capabilities further by combining them with tools from the industry’s leading security companies, enabling customers to adopt comprehensive, secure collaboration solutions to meet their specific security needs as part of a single Google Workspace offering. 

“Global enterprises want to provide their workforces with more effective and secure ways of collaborating, with tools that increase productivity and avoid the vulnerabilities of legacy productivity solutions,” said Sunil Potti, VP and GM of cloud security, Google Cloud. “Through its growing ecosystem of security partners, Google Workspace offers the most enterprise-ready platform for hybrid work, providing organizations with confidence and flexibility to work securely.”

Securing Enterprise Workforces with Okta and VMware
Today, Google Cloud is extending the built-in identity, device, and access management capabilities of Google Workspace through new alliances with Okta and VMware, enabling large-scale businesses and public sector organizations to provide their workforces with FedRAMP-authorized collaboration and communication tools. Google Workspace works seamlessly with the enterprise-grade identity and access management capabilities in Okta Workforce Identity Cloud and the device and application management capabilities in VMware Workspace ONE, providing organizations with more choice and flexibility in how they enable safer collaboration for their workforce.

• Okta’s Workforce Identity Cloud brings Okta’s leading identity and access management capabilities to Google Workspace customers, securely connecting employees, contractors, and business partners from any device and any location. Workforce Identity Cloud’s flexible rules and policies ensure employees have just the right level of access they need to get their work done. With Okta, employees can use their Google Workspace credentials across more than 7,000 pre-built apps in the Okta Integration Network to reduce password sprawl for increased security.
• VMware Workspace ONE extends VMware’s industry-leading unified endpoint management and zero trust access capabilities to Google Workspace. IT teams can manage all Google Workspace apps through VMware’s comprehensive platform, which provides users with quick and easy access to business applications and makes it simple for administrators to onboard devices, change configurations, push automated OS updates, and more, without requiring a combination of disjointed third-party solutions. Workspace ONE administrators can also access a collection of device-health dashboards and reports, along with multi-tenancy for management across geographies, organizations, and use cases.

“Identity is the connective tissue between a business’s ecosystem of people and the technologies they need to be successful in hybrid and remote work,” said Arnab Bose, chief product officer, Workforce Identity Cloud at Okta. “This partnership allows us to bring identity-powered security to Google Workspace customers while giving them an easy button to optimize their employee experiences and increase operational efficiency.”

“The rapid shift to hybrid work has highlighted the need for IT teams to do more with less, while simultaneously balancing the increasing demands of security and productivity,” said Renu Upadhyay, VP of product marketing, End-User Computing, VMware. “This VMware and Google Cloud partnership unlocks a transformative approach to end-user computing by creating an automated, unified, and secure experience across all endpoints, apps, and enterprise services, no matter where employees work.”

Helping Small and Midsize Organizations Replace Legacy Directory Services with JumpCloud
JumpCloud Open Directory Platform provides customers with an alternative directory service to replace aging Microsoft Active Directory servers that is a modern, cloud-based solution. The platform works seamlessly with Google Workspace, enabling identity workflows and synchronization to thousands of applications, HRIS systems, and cloud infrastructure. It also combines these features with desktop and mobile device fleet management capabilities to ensure secure, frictionless access to applications and other resources from any operating system or location an employee chooses to work from.

“IT teams are looking for solutions that centralize access, device, and identity management. They need easier and more effective ways to secure how work happens,” said Greg Keller, CTO and co-founder, JumpCloud. “The Google Cloud and JumpCloud solution gives IT teams a modern and affordable option to securely manage today’s work on-prem, in the cloud or on the go. This offering provides IT teams, and channel IT solution providers, a more affordable, best in class alternative to expensive, legacy Microsoft packages.”

Google Workspace’s Flexible, Secure Ecosystem
Google Workspace is committed to offering more choice by providing organizations of any size with the ability to combine purpose-built security tools from its ecosystem of cybersecurity partners. New updates with JumpCloud, Okta, and VMware will build on existing offerings with CrowdStrike, which extends endpoint protection and Zero Trust through the CrowdStrike Falcon platform, and Palo Alto Networks, which extends endpoint protection and Zero Trust through Prisma Access and Cortex XDR. Over the coming year, deeper technical integrations with these partners will expand the joint capabilities available to Google Workspace customers, making it even easier to adopt Google Workspace for organizations with the most rigorous security and regulatory requirements.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

The post Google Cloud announces a series of new security alliances first appeared on AI-Tech Park.

Tailscale today announced the next evolution of its pioneering mesh networking technology with new features that make it easy for large organizations to deploy zero trust networking at scale. The new release introduces robust security capabilities, ensuring that all company traffic is encrypted end-to-end, each network connection is authenticated, and every endpoint is reachable only by approved users.

With hundreds of thousands of users and millions of connected devices, Tailscale has seen viral adoption among developers and small teams that need to access resources easily and securely in the cloud, on-premises, and everywhere in between. Now Tailscale is making zero trust a reality for enterprise.Gartner estimates that less than one percent of large enterprises have a mature and measurable zero-trust program in place today.

“The big conundrum with zero-trust is, how do you lock down access without bringing productivity to a screeching halt and overhauling your entire tech stack?” said Avery Pennarun, Tailscale CEO and cofounder. “Tailscale is the zero-trust easy button enterprises have been looking for. Unlike other solutions, we work with your existing infrastructure so it can be set up within minutes — a powerful tool to protect against unauthorized access and data breaches.”

Tailscale also announced the hiring of Kevin Kotecki as Vice President of Sales, who will oversee the expansion of the company’s enterprise sales operation to meet market demand. Kotecki brings extensive experience in the enterprise software market, most recently at Gong.

As security risks have grown, so has demand for zero trust solutions that can be implemented easily and at scale. Enterprises have seen their attack surfaces expand as they enabled remote work policies, increasing the number of endpoint devices outside of corporate walls.

“Every IT team wants to implement zero trust, but it’s always on the other side of the horizon,” said Clint Sharp, CEO of Cribl. “Tailscale’s overlay network for enterprises brings us one step closer to making it a reality. Now our teams can work on mission-critical projects without worrying about security gaps and tedious configurations.”

To date, over 2,000 organizations have deployed Tailscale to their workforces, including Instacart, Duolingo, and Mercari. Designed around the principle of least privilege, Tailscale’s enterprise functionality enhances and automates fine-grained controls, so every user and device is granted the right amount of access to keep the business running smoothly without compromising sensitive data. Enterprise customers can now access features including:

• Enhanced Network Logging: A real-time log of a company’s Tailscale network activity, allowing them to monitor and review traffic as part of their security processes. Uniquely, and unlike standard Internet connections, all Tailscale network activity is tied to specific users’ identity, enabling more detailed attribution and enhancing customers’ security posture.
• Custom Identity Integrations: In addition to integrating with existing identity providers like Okta, Azure AD, and Google, enterprise customers with complex identity requirements or self-hosting their own solution can now authenticate to Tailscale with an OpenID Connect (OIDC)-compliant identity provider of their choice, including JumpCloud, Auth0, Duo, and GitLab.
• SSH Session Recording: Tailscale Enterprise allows customers to authenticate and encrypt SSH connections between devices. Organizations can also record the contents of a shell session, including the commands run using Tailscale SSH, and stream session logs to another node in their network. Recordings are end-to-end encrypted and only visible to authorized users — not even Tailscale can see them.

Leveraging cutting-edge zero-trust architecture and the gold standard WireGuard® encryption protocol, Tailscale Enterprise is an all-in-one zero trust solution for Secure Access Service Edge (SASE), Identity and Access Management (IAM), and Privileged Access Management (PAM) that simply works.

This announcement comes on the heels of continued growth and momentum for Tailscale. Over the past year, the company achieved over 300% growth in ARR and customer logos. Last year Tailscale raised $100 million in Series B funding led by CRV and Insight Partners.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

The post Tailscale Unveils Zero-Trust Networking Solution first appeared on AI-Tech Park.

Elevate Security, the pioneering leader in User Risk Management, today announced it has achieved Microsoft’s Azure IP Co-Sell Incentivized status, extending an already strong relationship to include a joint selling motion. Microsoft sellers around the globe are now incentivized to sell Elevate Security’s leading SaaS user risk solutions. Elevate will now be designated as a preferred solution on the Microsoft Azure Marketplace, and the two organizations will begin jointly selling integrated offerings to customers looking to identify their most high-risk people, and automate personalized responses and safeguards.

The partnership between Microsoft and Elevate enables customers to benefit from deep out-of-the-box integration of Elevate’s rich, broad-spectrum user risk intelligence with Microsoft Azure Active Directory and the entire Microsoft Security suite, empowering identity and access management (IAM), security operations, as well as awareness and training frameworks.

“We are one hundred percent complimentary to Microsoft Security solutions, and we work closely with Microsoft to help customers better protect themselves and their employees from human-centered attacks,” said Robert Fly, CEO of Elevate. “Now, as a Microsoft preferred solution with Co-sell incentivized status, we will significantly expand Elevate’s commercial reach and more importantly, our ability to strengthen user security protections for enterprises worldwide.”

New research from Elevate and Cyentia Institute recently determined that a small number of high-risk users are responsible for the majority of cyber security incidents. These high-risk employees and contractors are found in every department and function of the organization. While they make up only a small percentage of the population, high-risk users represent a sizable threat to the organization. In fact, one leading industry analyst firm recently predicted that in the next four years, more than half of large enterprises will adopt human-centric security solutions in response to this rising risk vector.

Much like consumer credit risk analysis, Elevate analyzes billions of independent data points from across the organization and beyond to understand each individual’s cyber risk. Factors such as worker susceptibility to real phishing and malware, poor handling of sensitive data, and unsafe browsing habits along with demographics and other characteristics are continually aggregated and updated into detailed, transparent, high-confidence risk metrics.

By integrating directly with Microsoft Azure AD, Elevate user risk intelligence can drive automated responses, such as enforcing conditional access policies or revoking tokens for high-risk individuals, to better protect both the worker and the entire organization from human-based attacks. See a quick demonstration of the simplicity and effectiveness of the new integrated Microsoft and Elevate solution here.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

The post Elevate Security Achieves Microsoft Co-Sell Incentivized Status first appeared on AI-Tech Park.

Today, Columbus A/S has signed an agreement to acquire the Danish cyber security company, ICY Security ApS. ICY Security is among the largest consultancies and implementation companies in the Nordics within Identity & Access Management (IAM) with many years of experience within cyber security. IAM includes Identity, Governance & Administration (IGA), Access Management (AM), Privileged Access Management (PAM) and CIAM (Customer Identity & Access Management).

With the acquisition of ICY Security, Columbus expands its business to meet customers’ increasing demand for secure access to business-critical data. The focus on Identity & Access Management is a natural step for many of Columbus’ customers that are looking to raise the organisation’s cyber security level.

“In the past couple of years, Columbus has focused on organic growth and on streamlining the core business. Having achieved organic growth in the last seven quarters, we are now adding acquisitions to augment our continued organic growth. The acquisition of ICY Security is an important investment in extending Columbus’ offerings following the increased need for cyber security services from our customers. At the same time, Columbus secures a strong position in a fast-growing market,” says CEO & President Søren Krogh Knudsen.

Columbus takes over 50 highly skilled employees in Ballerup, Aarhus and Aalborg. In addition, Columbus takes over the customer base comprising more than 70 customers, characterized by medium-sized and large enterprise companies.

Columbus offers a wide portfolio of digital solutions, including Cloud ERP (Enterprise Resource Planning), Change Management, and Application Management Systems. ICY Security’s expertise in Cyber Security and Identity & Access Management complements Columbus’ broad portfolio of business-critical solutions to new and existing customers.

ICY Security is a good match for Columbus, both when it comes to the potential synergies with Columbus’ offerings and in relation to the company values and culture.

The ambition is to expand to the rest of the Nordic countries where Columbus already has a strong presence with close to 1,000 employees. Globally, Columbus has around 1,500 employees.

In 2022, ICY Security had a revenue of DKK 66.5m and EBITDA of DKK 4.6m (unaudited).

The acquisition was signed and closed on 11 April 2023 with financial effect from 1 April 2023.

Transaction overview
The agreed acquisition price is DKK 125m (Enterprise Value). DKK 40m is paid at closing, and the remaining amount of DKK 85m is dependent on reaching the agreed earnings targets and is expected to be paid over the next three years.

The acquisition is financed by Columbus’ available funds.

Based on the above transaction, Columbus is adjusting the full year guidance for 2023 accordingly:

• Revenue guidance: From DKK 1,500m – 1,550m to DKK 1,550m – 1,600m, corresponding to a growth of 12-15% and an organic growth of 8-12%, both in constant currencies.
• EBITDA guidance: From DKK 115m – 135m to DKK 119m – 139m, corresponding to a margin of 7.4% – 9.0%.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

The post Columbus A/S acquires ICY Security ApS first appeared on AI-Tech Park.