Security News

Elastic announces new capabilities and updates to the Elastic Stack and Elastic Cloud to make data onboarding and management faster, simpler, and more secure. The general availability of Elastic Agent, centrally managed by Fleet, enables users and customers to integrate data across multiple data sources while also providing endpoint security.

ACI Worldwide announced an expanded multi-year strategic alliance with Microsoft to deliver payments solutions in the cloud. The alliance will accelerate and expand ACI's cloud payments offerings in Microsoft Azure as more financial institutions embrace digital transformation.

Code42 announced that its Code42 Incydr software solution can now automatically distinguish between browser uploads to corporate and personal cloud applications, including Google Drive and Box. Today, 91% of security leaders believe that users are exfiltrating data through personal cloud accounts, yet nearly half don't have a tool to differentiate personal and corporate cloud application uploads.

This undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider. In a presentation earlier this week at the Black Hat USA 2021 security conference in Las Vegas, Nevada, Shir Tamari and Ami Luttwak from security firm Wiz, described how they found a DNS name server hijacking flaw that allowed them to spy on the dynamic DNS traffic of other customers.

On-premises, private cloud, and public cloud data are all vulnerable to insiders and malicious software. According to 451 Research, nearly 70% of CISOs say the public cloud can't be rationally trusted to keep sensitive data and workloads confidential.

The platform then distributes these central policies-configured by data stewards-into any repository or tool across clouds and on-premises for zero trust security. The delegated model enables CISOs to reduce the risk of storing and utilizing data, no matter where they are, by delivering consistent data security across on-premises and cloud settings.

Part of Elastic Security, Elastic Limitless XDR modernizes security operations by unifying the capabilities of security information and event management, security analytics, and endpoint security. Elastic Limitless XDR is anchored in SIEM and enriched by a single agent for endpoint security to eliminate data silos, reduce alert fatigue, and arm practitioners to stop threats at cloud scale.

NetWitness, an RSA business, unveiled NetWitness Ransomware Defense Cloud Services, a managed cloud service that monitors endpoints without traditional deployment and administration requirements. Ransomware Defense Cloud Services also includes detection intelligence developed from in-depth ransomware research and development, combined with experienced threat hunting in enterprise environments.

Pulumi announced that SANS Institute is using the Pulumi Cloud Engineering Platform to streamline the delivery of applications and infrastructure, increasing the speed of delivery by 3X. Pulumi enabled SANS to adopt cloud engineering best practices so that it could reduce deployment times, simplify its cloud architectures and ultimately create a better experience for end customers. SANS now delivers cloud infrastructure using TypeScript and GitOps workflows, allowing it to use the power of modern languages and software engineering to deploy and configure infrastructure through a single platform.

For cloud environments, striking the balance between innovation and security is a challenge that must be overcome to ensure organizations can successfully embrace digital transformation. With 92% of enterprises implementing a multi-cloud strategy, the cloud environment is becoming increasingly complex, and security is therefore harder to manage.