Cloud Hosting

Versa Recognized as Industrys Only Comprehensive Integration of Cloud Security, Networking, SD-WAN, Secure Access, and Analytics for Branch, Remote and Home Users

Versa Networks, the leader in SASE, today announced that TMC, a global, integrated media company, has named the Versa SASE Secure Access work-from-home (WFH) solution as a 2021 Product of the Year winner, as presented by Cloud Computing Magazine.

Versa SASE for work-from-home delivers tightly integrated SASE via the cloud, on-premises, or as a blended combination of both via Versa Operating System (VOS) with a Single-Pass Parallel Processing architecture and managed through a single pane of glass. Versa began delivering SASE services such as VPN, Secure SD-WAN, Edge Compute Protection, Next-Generation Firewall, Next-Generation Firewall as a Service, Secure Web Gateway, and Zero Trust Network Access 5 years ago. Versa uniquely provides contextual security based on user, role, device, application, location, security posture of the device, and content. As the leader in the fastest growing security and networking category, SASE, and executing on SASE services for years, Versa is the only solution proven to deliver the industrys leading and differentiated architecture for high performance and security. Gartner has identified Versa SASE as having the most SASE components out of all 56 vendors Gartner evaluated. Enterprise Management Associates (EMA) also found that Versa SASE has the most SASE supported functions, as published in its recent industry report.

"Congratulations to Versa Networks for being honored with a Cloud Computing Product of the Year Award," said Rich Tehrani, CEO, TMC. "Versa SASE Secure Access is truly an innovative product and is amongst the best solutions available within the past 12 months that facilitates business-transforming cloud computing and communications. I look forward to continued excellence from Versa Networks in 2021 and beyond."

Story continues

"It is an honor to receive the Cloud Computing 2021 Product of the Year Award, recognizing Versa SASE for unique delivery of fully integrated SASE services via the cloud or if customers prefer delivered on-premises or as a blended combination of both," said Michael Wood, Chief Marketing Officer for Versa Networks. "Versa SASE adoption continues to rapidly expand worldwide in 2021, as does its list of accolades, including leadership position listings in industry analyst reports and a growing collection of awards won. Versa is the modern secure network."

Unlike competing solutions, Versa SASE was built from the ground up to deliver a tightly integrated SASE solution within a single software stack managed via a single interface, eliminating service chaining, cascading, and virtual interconnect between services, which is required by competitors. Competing solutions have hidden costs and gaps in security because they require multiple product and service components. Achieving visibility and control from solutions requiring service chaining to connect multiple components together proves ineffective, increasing the costs and attack surfaces for organizations.

Versa SASE runs on VOS, which is designed with the Versa Single-Pass Parallel Processing architecture combining extensive security, advanced networking, industry leading SD-WAN, genuine multitenancy, and sophisticated analytics into one software image. This integration and design methodology dramatically decreases latency, significantly improves performance, and mitigates security vulnerabilities which other solutions introduce by running multiple software stacks, service chains, or appliances.

About Cloud Computing Magazine

Cloud Computing magazine is the industrys definitive source for all things cloud from public, community, hybrid and private cloud to security and business continuity, and everything in between. This quarterly magazine published by TMC assesses the most important developments in cloud computing not only as they relate to IT, but to the business landscape as a whole.

About Versa Networks

Versa Networks, the leader in SASE, combines extensive security, advanced networking, industry leading SD-WAN, genuine multitenancy, and sophisticated analytics via the cloud, on-premises, or as a blended combination of both to meet SASE requirements for small to extremely large enterprises and Service Providers. Versa SASE is available on-premises, hosted through Versa-powered Service Providers, cloud-delivered, and via the simplified Versa Titan cloud service designed for Lean IT. Thousands of customers globally with hundreds of thousands of sites trust Versa with their networks, security, and clouds. Versa Networks is privately held and funded by Sequoia Capital, Mayfield, Artis Ventures, Verizon Ventures, Comcast Ventures, Liberty Global Ventures, Princeville Global Fund and RPS Ventures. For more information, visit https://www.versa-networks.com or follow Versa Networks on Twitter @versanetworks.

Versa Networks, VOS, the Versa logo, and Versa Titan are or may be registered trademarks of Versa Networks, Inc. All other marks and names mentioned herein may be trademarks of their respective companies.

View source version on businesswire.com: https://www.businesswire.com/news/home/20210408005299/en/

Contacts

Dan Spaldingdspalding@versa-networks.com (408) 960-9297

Go here to read the rest:
Cloud Computing Magazine Names Versa SASE Secure Access a 2021 Product of the Year Award Winner - Yahoo Finance

Microsoft has revealed the root cause of the recent outage affecting Azure, which lasted about an hour and was due to a surge in Domain Name System (DNS) requests coupled with a code defect.

Users were reporting that Azure Portal, Azure Services, Dynamics 365, and Xbox Live were inaccessible during the worldwide outage between 21:21 UTC and 22:00 UTC on 1 Apr 2021. Microsoft said in its root cause analysis report that the majority of services recovered by 22:30 UTC.

While Microsoft quickly confirmed the outage was related to its DNS capabilities, the company's final root cause analysis published April 4 sheds a bit more light on the cause being a previously unseen code defect in its DNS service that was triggered by excessive DNS client retries.

SEE: Office 365: A guide for tech and business leaders (free PDF) (TechRepublic)

"Azure DNS servers experienced an anomalous surge in DNS queries from across the globe targeting a set of domains hosted on Azure," Microsoft states.

"Normally, Azure's layers of caches and traffic shaping would mitigate this surge. In this incident, one specific sequence of events exposed a code defect in our DNS service that reduced the efficiency of our DNS Edge caches."

Microsoft's DNS service was swamped as DNS clients retried requests, which added further pressure on the service. Microsoft notes DNS client retries are considered legitimate DNS traffic, so this traffic was not dropped by Microsoft's volumetric mitigation systems, in turn reducing the availability of its DNS service across multiple regions.

Microsoft says it mitigated the issue by updating the logic on the volumetric spike mitigation system to protect the DNS service from excessive client retries.

The technology giant apologized to affected customers and explained that it had repaired the code defect to handle all requests efficiently in the cache. It has also improved automatic detection and mitigation of anomalous traffic patterns.

This latest outage was not as lengthy as its 14-hour Azure outage in mid-March, which was attributed to an error that occurred in the rotation of keys used to support Azure AD's use of OpenID.

Read more here:
Microsoft: Here's what caused our Azure cloud-computing outage - ZDNet

Amid the continued acceleration and focus on cloud initiatives as remote working turns into a necessity instead of a nice-to-have, it is always nice to get a helping of realism to accompany the hype.

The Cloud Security Alliance (CSA), in association with cloud security management provider AlgoSec, has done just that in its latest report. The study, State of Cloud Security Concerns, Challenges, and Incidents, polled almost 1,900 IT and security professionals across a variety of organisation sizes and locations.

The first clear finding was that organisations continue to move to complex cloud environments.

More than half (52%) of respondents said at least two fifths or more of their workloads (41%) were in public cloud environments as of last year. For the rest of 2021, this is predicted to rise to 61%. In terms of specific cloud providers, Amazon Web Services (AWS) just outbids Microsoft Azure with 67% to 65% share. Google Cloud (37%) is a distant third. These figures are not dissimilar trends to the Flexera State of the Cloud 2021 which was published last month; the needle is still moving to public and multi-cloud.

Like the Flexera, security continues to be the top challenge. This may not be too surprising given the report authors, but the data digs deeper into specific concerns. The CSA and AlgoSec study found respondents biggest issues were network security cited by 58% of respondents and a lack of cloud expertise (47%). One in three respondents (32%) noted there was insufficient staff to manage cloud environments.

In total, almost four in five (79%) of those polled reported staff-related issues. The CSA called this notable, and a clear indicator that organisations were struggling with handling cloud deployments and a largely remote workforce.

Another interesting comparison with the Flexera benchmark can be found in management. The Flexera report found a wide range of stakeholders managing cloud spend. In the majority of cases, a specific cloud team took charge, but stragglers, such as forecasting cloud costs, saw input from infrastructure and ops, as well as finance.

Looking at cloud security, the CSA and AlgoSec data again see a less-than-clear-cut path. 35% of respondents said their security operations team managed cloud security, followed by the cloud team (18%), and IT operations (16%). Yet wider stakeholders, from network operations, to DevOps, and even application owners, were cited. The CSA said this showed confusion.

The survey also asked whether organisations had suffered a cloud-related operational incident over the past 12 months. Only one in 10 (11%) said they had, remaining consistent with 2019 figures. Hold the bunting and celebrations, however; two in five (41%) said they were unsure a significant uptick on two years previous with a full quarter (27%) preferring not to answer.

Ultimately, the reports keynote was around a general sense of confusion among organisations. This is not a new sensation this publication has reported variously on how complexity breeds confusion but cloud security tools which supplement the workforce are now the order of the day.

This chimes with the ecosystem John Morgan, CEO at cloud cybersecurity detection provider Confluera, sees. As the gap narrows between cloud adoption and IT resources to secure the cloud or hybrid environment, I expect more organisations to adopt a new class of cloud-based security solutions as they will be required to accelerate business, provide better user experiences, and create new security processes to keep with modern application development practices, Morgan told CloudTech.

You can download the full report here (pdf, email required).

Read more: Cloud Security Alliance and ISACA come together for new cloud auditing certificate

Photo by Yang yang on Unsplash

Want to find out more about topics like this from industry thought leaders? TheCloud Transformation Congress, taking place on 13 July 2021, is a virtual event and conference focusing on how to enable digital transformation with the power of cloud.

Go here to read the rest:
Cloud Security Alliance serves up a needed shot of realism with sprawling remote cloud initiatives - Cloud Tech

The COVID-19 outbreak has speeded up the growth of Internet traffic. The number of websites is rising rapidly, and there are more eCommerce businesses than ever. Therefore, the shared web hosting companies are doing a roaring trade. But unfortunately, these are not the only numbers that are growing. Cyberattacks are also on the rise, and no business is safe nowadays. By now, cybercrime is one of the most frequently reported economic crimes in the organizations, making cybersecurity a C-suite and board-level concern.

Today we will talk about how to detect and remove obfuscated malware from shared web hosting servers.

The obfuscation technique is for hiding the real purpose of a program. The hacker creates a code that is not readable by humans, but the functionality behind it remains the same. So, when you run the program, it will behave like the encapsulated program it was designed for.

There are two different types of analysis when we talk about malware: static and dynamic.

The static analysis includes hash algorithms, string matching, code-based detection, and there is a new, patent-pending technique invented by George Egri (Co-founder and CEO of BitNinja), the source code structure analysis.

This creates a special structure-based signature from the source code and then does the matching on the structure. This way, no matter how the source is altered, the structure will be the same. It is very similar to how plagiarism checker systems work.

But jump back to the types of analyses. Besides the static analysis, there is the dynamic analysis. When using the dynamic analysis, you run the source code partially or entirely and observe the programs behavior.

One of the behavior analysis methods is deobfuscation. If you find the obfuscation mechanism, you can deobfuscate the code. After that, you can decapsulate the real program and match the deobfuscated source code. But believe me, there are too many different obfuscation techniques. So, its not that easy to deobfuscate the code, and there are other aspects that are hard to analyze without partially running the code.

Another technique is from the output when you analyze the output of the program. Most of the time, when you run malware, you can find traces of malicious behavior from the output.

Within the confines of the Function Calls analysis, you run the code, and you find which functions are used for malicious activities.

The next one is variable content analysis. This program contains something phishy, as you can see in the picture. Its always suspicious when a source code includes function names like explode and basic commands used to decode interesting variable names.

It can happen with real files or within a simulated environment to safely analyze file manipulations.

Finally, you can do multi-path execution when you analyze what would happen if you forced the interpreter into a code branch. This way, you can find locked code parts, and this technique is also quite helpful in discovering malicious behaviors.

Sandboxing is one way to use these techniques if you have a couple of special servers for that purpose.

These servers can spin up virtual servers, and you upload the PHP file to it, run the code and do the above-mentioned analyzing methods. The disadvantage of this technique is that it takes around 20 seconds to analyze one PHP file. Analyzing all of your PHP files would take a lot of time and eat up too many resources.

BitNinja has built a PHP simulator. Its a safe environment where you can partially run PHP files on the server and run all the analyses that we were talking about. With this feature, you can analyze old PHP files on the servers and can discover the most recent zero-day malware, even if they are obfuscated.

You need different solutions against DoS attacks, brute force, botnets, vulnerability scans, backdoors, and the list is almost never-ending. The best way to secure your servers is to set up a multi-layered defense system that stops the attacks on each layer.

Thats exactly what BitNinja provides. You can install it with a one-line code, and then you have a complex system of layers from real-time IP reputation through honeypots, DoS detection, WAF, log analysis, and of course, malware detection.

View original post here:
Disruptive innovation in cybersecurity - Web Hosting | Cloud Computing | Datacenter | Domain News - Daily Host News

Every digital experience matters. Whether youre downloading a new app, installing privacy software or deploying a platform that will support transformational change we expect all of our digital interactions to be frictionless and secure.

However, the pandemic has caused an inadvertent shift in this thinking. Now, almost every experience relies on some kind of technology, blurring the solid line between digital and real-world experiences. For the past year, Canadians have been banking online, seeing doctors via telehealth, conducting business virtually, to name but a few. As a direct impact, many businesses, large and small, have embraced digital transformation and are adopting cloud to enable these experiences and interactions.

New research from IDC suggests that 63 per cent of organizations in Canada are planning to implement a hybrid cloud environment over the next 12 to 24 months. This means hybrid cloud solutions are top of mind for many, providing a greater level of scale, resources and capabilities. And while there is an expectation that clouds are the most secure technology, over two-fifths of Canadians have reported a cyber incident since the start of the pandemic (Statistics Canada).

During the pandemic, cloud-based cyber-attacks rose 630 per cent between January and April 2020 (McAfee). Every few weeks we see a security breach in the news, so its no wonder CIOs and CSOs are up at night thinking about running workloads in a cloud environment that they trust to provide frictionless and secure interactions for consumers.

This is especially true in highly regulated industries like financial services, telecommunications, government and healthcare that steward vital data. When normality becomes disrupted, there is an opportunity to exploit.

With confidential computing, its easier than ever for global enterprises to modernize and build new business applications on the cloud without jeopardizing security and control. For technology leaders, confidential computing enables you to have full authority and privacy in your computing, code, and data, even when running in a cloud environment.

Only you have access to that data. It provides greater assurance that the data is protected and visible. Not even the cloud vendor that hostss the data even during processing can see it. Data is protected in transit, at rest and in use. With confidential computing, you can run in a cloud computing environment with others also running workloads but still have full privacy and authority over what youre doing, effectively in an enclave.

To support mission-critical applications, you need continuous availability, high resiliency and faster, interconnected speeds. Across the board, we see businesses invest in security innovation as they embrace confidential computing in their hybrid cloud environments.

This is a proven way to protect data during processing and at rest, and even the most regulated industries will move to hybrid cloud thanks to new security technologies. Designed to address the unique challenges and security requirements of industries like banking, telco and even government, industry-specific clouds are the way of the future.

With the massive shift and reliance on digital interactions in every aspect of life, businesses and people need to feel confident that each digital transaction they experience is seamless and secure.

Risks emerge daily, but with built-in controls and standards around cloud with security at its core, we can alleviate these emerging threats. As businesses adjust their technology roadmaps, the need to deliver a frictionless experience is top of mind for many leaders.

Were making a big bet on hybrid cloud during a time of uncertainty so that decision-makers can accelerate their digital transformation securely while pivoting their business where needed.

Link:
Hybrid cloud spurs innovation in Canada's most regulated industries - IT World Canada