Apples boosts its cloud security

Apple introduced three advanced security features to protect user data in the cloud:

• iMessage Contact Key Verification, allows users to verify they are communicating only with whom they intend. 
• 
  Security Keys for Apple ID - users have the choice to require a physical security key to sign in to their Apple ID account. 
• Advanced Data Protection for iCloud -  uses end-to-end encryption to provide Apple’s highest level of cloud data security, users have the choice to further protect important iCloud data, including iCloud Backup, Photos, Notes, etc.

“At Apple, we are unwavering in our commitment to provide our users with the best data security in the world. We constantly identify and mitigate emerging threats to their personal data on device and in the cloud,” said Craig Federighi, Apple’s senior vice president of Software Engineering. 

https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/

Read More

Rackspace Hosted Exchange hit by ransomware attack

Rackspace Technology reported a ransomware incident affecting its Hosted Exchange environment. The company’s Hosted Exchange customers have been impacted by service outages.

Rackspace said it has taken proactive measures to isolate the Hosted Exchange environment to contain the incident and at this time believes the attack has spread to other aspects of its business. Rackspace Technology’s other products and services are fully operational, and the company has not experienced an impact to its Email product line and platform.

The company has engaged a leading cyber defense firm to investigate. 

Rackspace Technology is in ongoing communication with Hosted Exchange customers to help them migrate to a new environment as quickly as possible. Rackspace Technology has surged support staff and will be taking additional steps to help guide customers through this process in order to limit the impact to their own operations. Although Rackspace Technology is in the early stages of assessing this incident, the incident has caused and may continue to cause an interruption in its Hosted Exchange business and may result in a loss of revenue for the Hosted Exchange business, which generates approximately $30 million of annual revenue in the Apps & Cross Platform segment.  In addition, Rackspace Technology may have incremental costs associated with its response to the incident.

https://ir.rackspace.com/news-releases/news-release-details/rackspace-technology-hosted-exchange-environment-update

Read More

Google implements post-quantum cryptography for internal comms

Google Cloud has enabled a post-quantum cryptography (PQC) algorithm on its internal Application Layer Transport Security (ALTS) protocol to protect its internal communications.

Althought PQC standards by the National Institute of Standards and Technology (NIST) are still pending, Google said it has acted to implement PQC now because attackers might capture conventionally-encrypted now with the intention of breaking it once they gain access to quantum capabilities at some point in the future (also known as the store-now-decrypt-later attack).

"Protecting ALTS against quantum-capable adversaries is a huge step forward in Google’s mission to protect our assets and users’ data against current and future threats."

https://cloud.google.com/blog/products/identity-security/why-google-now-uses-post-quantum-cryptography-for-internal-comms

Read More

ArmorCode secures $14M for its AppSecOps

ArmorCode, a start-up based in Palo Alto, California, secured a $14 million in Series A funding for its AppSecOps.

ArmorCode's AppSecOps platform provides application security posture, vulnerability and compliance management, as well as DevSecOps automation. 

The funding round was led by Ballistic Ventures, the venture capital firm solely focused on backing cybersecurity startups, founded by Kevin Mandia, Barmak Meftah, Ted Schlein, Jake Seid, and Roger Thornton. Other investors include Sierra Ventures, Cervin, and industry luminaries such as John Donovan, the former CEO of AT&T Communications, Oliver Friedrichs, founder and former CEO of Phantom Cyber (acquired by Splunk), John M. Jack, current board member at Contrast Security and Illumio, among others, and Tom Reilly, former CEO of Cloudera and ArcSight. Founded in July 2020, ArmorCode's Series A brings its total funding to $25 million, underscoring its momentum, which includes a seven-figure annual recurring revenue within its first financial year and revenue doubling in consecutive quarters with customers that include Fortune 100 enterprises.

"The need for applications to ship fast, secure, and compliant has become more critical than ever," said Nikhil Gupta, CEO and Co-founder of ArmorCode. "This funding, and being able to close it in only two weeks, provides further evidence of the importance of improving AppSec and breaking down the silos separating development, security, and operations. This funding will help our business scale as we provide the industry leading AppSecOps platform and enable more organizations to secure their AppSec posture."

https://www.armorcode.com

Read More

Open Compute Project and LF target Silicon Root of Trust

The Open Compute Project Foundation (OCP) and the Linux Foundation (LF), which are now collaborating on hardware-software co-design strategy, announced "Caliptra", a new effort to standardize silicon embedded hardware root of trust (ROT) security.

Caliptra is supported by AMD, NVIDIA, Microsoft and Google. The hardware root of trust provides a set of security properties that anchor the security of a system-on-a-chip (SOC), including CPUs, GPUs and SSDs, into the hardware.

"An important part of the OCP mission, on top of serving our hyperscale operator community, is to make it easy for everyone to consume hyperscale innovations, which end up embedded in OCP recognized products. Understanding that deployable solutions need hardware and software that is integrated into a complete and validated solution, we are pleased to be able to bring together the strengths of the Linux Foundation for collaborative open source software development and the OCP for hardware specifications, and ability to develop supply chains for emerging markets. As part of the expanded collaboration with LF, we are pleased to have new security contributions from Google and Microsoft," said George Tchaparian, CEO Open Compute Project Foundation.

"The Linux Foundation is happy to collaborate with the OCP to create communities that participate on both LF and OCP projects with a common goal and harmonized process to deliver market ready solutions combining open hardware and software," said Arpit Joshipura, general manager, Networking, Edge, and IoT, the Linux Foundation. "We also look forward to partnering with the OCP on go-to-market initiatives developing emerging market supply chains in support of our vendor and system integrator members."

"Independent hardware and software initiatives by different communities and consortiums often require significant integration efforts by the industry. Vendors need to convert and integrate the initiative into solutions with the market need in mind. The net effect is that many innovations never see the light of the day or serve the needs of the broader market. The expanded collaboration between the Open Compute Project and Linux Foundation has the strong potential to accelerate the absorption of open innovations into meaningful products and services", said Ashish Nadkarni, Group Vice President and General Manager, Worldwide Infrastructure at IDC.

https://www.opencompute.org/blog/cloud-security-integrating-trust-into-every-chip

Read More

Video: Key thoughts on CISA's Shields Up

https://youtu.be/ooLtVCLPM6s

Where is the U.S. critical infrastructure 6 months after CISA launched the "Shields Up" program?

Can the "shields" ever be taken down at this point with so many adversaries interested in disrupting the US? Given the disparities in resources across certain industries, which area is most behind? 

Ron Fabela, CTO and Co-founder, SynSaber, offers his thoughts.

Read More

Google Cloud blocks massive Layer 7 DDoS attack

On June 1, Google Cloud blocked what it claims to be the largest Layer 7 DDoS attack. On that date, a Google Cloud Armor customer was targeted with a series of HTTPS DDoS attacks which peaked at 46 million requests per second. 

In addition to its unexpectedly high volume of traffic, Google noted sever other noteworthy characteristics of the attack. There were 5,256 source IPs from 132 countries contributing to the attack. pproximately 22% (1,169) of the source IPs corresponded to Tor exit nodes, although the request volume coming from those nodes represented just 3% of the attack traffic. Also, the geographic distribution and types of unsecured services leveraged to generate the attack matched the Mēris family of attacks. 

https://cloud.google.com/blog/products/identity-security/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps

Read More

Lumen thwarts 1.06 Tbps DDoS attack

Lumen Technologies mitigated  a 1.06 Tbps Distributed Denial of Service (DDoS)attack that was part of a larger campaign targeting a single victim. 

The incident was one of the largest DDoS attacks experienced by Lumen to date.

Size was not the only notable element of the failed attack; it was also part of a larger campaign in which the threat actor attempted to leverage multiple techniques. These techniques are called out in the report as emerging trends in the second quarter.

Read the full Q2 2022 DDoS report: https://tinyurl.com/Q2DDoSReport

Read More

VMware observes a big uptake in cyberattacks

 In the past few months, there has been a significant uptick in cyberattacks, such as deepfakes, attacks on APIs, and cybercriminals targeting incident responders, according to VMware's newly released its eighth annual Global Incident Response Threat Report

“Cybercriminals are now incorporating deepfakes into their attack methods to evade security controls,” said Rick McElroy, principal cybersecurity strategist at VMware. “Two out of three respondents in our report saw malicious deepfakes used as part of an attack, a 13% increase from last year, with email as the top delivery method. Cybercriminals have evolved beyond using synthetic video and audio simply for influence operations or disinformation campaigns. Their new goal is to use deepfake technology to compromise organizations and gain access to their environment.”

Additional key findings from the report include:

• Cyber pro burnout remains a critical issue. Forty-seven percent of incident responders said they experienced burnout or extreme stress in the past 12 months, down slightly from 51% last year. Of this group, 69% (versus 65% in 2021) of respondents have considered leaving their job as a result. Organizations are working to combat this, however, with more than two-thirds of respondents stating their workplaces have implemented wellness programs to address burnout.
• Ransomware actors incorporate cyber extortion strategies. The predominance of ransomware attacks, often buttressed by e-crime groups’ collaborations on the dark web, has yet to let up. Fifty-seven percent of respondents have encountered such attacks in the past 12 months, and two-thirds (66%) have encountered affiliate programs and/or partnerships between ransomware groups as prominent cyber cartels continue to extort organizations through double extortion techniques, data auctions, and blackmail.
• APIs are the new endpoint, representing the next frontier for attackers. As workloads and applications proliferate, 23% of attacks now compromise API security. The top types of API attacks include data exposure (encountered by 42% of respondents in the past year), SQL and API injection attacks (37% and 34%, respectively), and distributed Denial-of-Service attacks (33%).
• Lateral movement is the new battleground. Lateral movement was seen in 25% of all attacks, with cybercriminals leveraging everything from script hosts (49%) and file storage (46%) to PowerShell (45%), business communications platforms (41%), and .NET (39%) to rummage around inside networks. An analysis of the telemetry within VMware Contexa, a full-fidelity threat intelligence cloud that’s built into VMware security products, discovered that in April and May of 2022 alone, nearly half of intrusions contained a lateral movement event.

https://www.vmware.com/content/microsites/learn/en/1553238_REG.html

Read More

Ghost Security raises $15 million for protecting APIs

Ghost Security, a start-up based in Austin, Texas, emerged from stealth mode to announced $15 million in venture funding for its work in defending APIs.

Ghost is backed by 68 Capital, DNX Ventures, and Munich Re Ventures.

“As an industry, we are still seeing a lot of legacy thinking around how to deal with the application, data, and microservice sprawl that large scale cloud adoption has created,” said Greg Martin, Ghost Co-founder and Chief Executive Officer. “Existing approaches and application security solutions are now dated and losing effectiveness. At Ghost, we are completely rethinking the approach to securing modern applications from the ground up. We believe the explosive growth of microservices and APIs in the cloud will continue to outpace the capabilities of existing security solutions. We see this creating an even larger gap between the defensive capabilities of enterprise businesses and the capabilities of skilled hackers.”

“What’s exciting about the Ghost platform is that it removes the complex and invasive processes required to protect applications and APIs making this type of technology more accessible to organizations across the globe,” said Florian Leibert, General Partner and Co-founder at 468 Capital.

“The surge in adoption of applications, APIs, and microservices represents great growth potential for businesses but also introduces many new attack surfaces,” said Hiro Rio Maeda, Managing Partner at DNX Ventures. “A better approach to securing these assets is needed, and Ghost is well-positioned to address that challenge.”

https://ghost.security

Read More

The Global State of DDoS Weapons

https://youtu.be/eCxQqWbOoeI

It is well-reported that the pandemic caused a spike in cyber attacks, including malware, ransomware and DDoS attacks.

In the 2H 2021 reporting period, A10 Networks security research team tracked over 15.4 million DDoS weapons in 2021. Recently, A10 Networks’ threat intelligence detailed the use of DDoS attacks to disrupt infrastructure and communications in Ukraine in February 2022 just as Russia launched its ground attack.

Paul Nicholson, Sr. Director of Product Marketing at A10 Networks, provides us with highlights of the report, which can be downloaded from the A10 website.

Read More

New frameworks for network detection and response

Work-from-home and other trends over the past two years have increased the threat landscape faced by enterprises and service providers. So how should network operators improve their security posture?

Accedian's newly launched Skylight Interceptor helps enterprises and service providers protect their networks by delivering prioritized, context-rich incidents that speed detection and response to security threats. It enables organizations to identify the sophisticated zero-day threats that are often missed by traditional perimeter security solutions. 

Presented by Accedian's Sergio Bea, Vice President, Global Enterprise and Channels, and Tom Foottit, Vice President, Product Management.

https://youtu.be/m_DbVSduHoI

Filmed at #RSAC2022

Read More

Innovations driving the next wave of SASE at Juniper

 

https://youtu.be/GRuqODW6doc

Secure Access Service Edge (SASE) has been around now for a couple of years, enabling organizations to adopt a variety of subscription-based security services.  But what's next? Expect the path of innovation to focus on Unified Management Experience, says Kate Adam, Senior Director of Security, Juniper Networks. Here's a 2-minute explanation.

Filmed at #RSAC2022 in San Francisco.

Read More

Immuta raises $100 million for its data security

Immuta, a start-up based in Boston, secured $100 million in Series E funding for its platform can automate access to data by discovering, securing, and monitoring data on any cloud service. The new investment brings Immuta’s total financing to date to $267 million.

Led by NightDragon, the funding round also includes new investor Snowflake Ventures, the venture capital arm of the Data Cloud company, as well as participation from existing investors Dell Technologies Capital, DFJ Growth, IAG, Intel Capital, March Capital, StepStone, Ten Eleven Ventures, and Wipro Ventures. This new infusion of capital builds upon Immuta’s record growth in 2021, which included increasing commercial annual recurring revenue (ARR) by more than 100 percent, doubling its customer base, and continuing its global expansion into EMEA and APJ. Immuta will use the investment to accelerate product innovation, expand sales, marketing, and customer success teams to meet growing global demand, and deepen strategic partnerships within the cloud data ecosystem.

“There is a major shift in the modern data stack as organizations scale to derive value from their data more quickly, while also protecting their data assets and adhering to privacy regulations,” said Immuta CEO Matthew Carroll. “We’ve entered the next wave of the cloud data evolution where automation and security are essential to meeting modern cloud and data demands. This new funding will help propel Immuta into our next phase of growth as we continue to revolutionize cloud data access and data security.”

“As the threat landscape continues to escalate and cloud migration continues, we’re seeing increased global interest in the need for secure data access solutions,” said Dave DeWalt, former CEO of FireEye, McAfee, Documentum and now Founder and Managing Director at NightDragon. “Immuta is the clear market leader in providing secure data access, providing data teams with one universal platform to control access to data at scale. Many of the world’s top data-driven organizations – Roche, Mercedes-Benz Group, IAG, and the U.S. Army – rely on Immuta every day to quickly, safely, and efficiently share more data with more users. We’re excited to be making this investment in such a critical part of the modern data stack.”

“With this expanded partnership, enterprise customers can benefit from both Snowflake’s native data policies for data governance and Immuta’s simple, centralized, and comprehensive method for managing and automating data policy within specific workflows,” said Christian Kleinerman, Snowflake SVP of Product. “Together, customers have a solution for more seamless enforcement of data policy, ultimately allowing for more customer value. We look forward to partnering with Immuta through the next stages of its growth.”

http://www.immuta.com

Read More

Intel's Project Amber promises to be a trust authority for edge and cloud

Intel introduced Project Amber, an independent trust authority in the form of an innovative service-based security implementation.

Intel said the foundational basis of trust in a confidential computing environment is established via a process called attestation. The verification of this trustworthiness is a critical requirement for customers to protect their data and intellectual property as they move sensitive workloads to the cloud. Project Amber is the first step in creating a new multi-cloud, multi-TEE service for third-party attestation:

• Designed to be cloud-agnostic, this service will support confidential computing workloads in the public cloud, within private/hybrid cloud and at the edge. Interposing a third party to provide attestation helps provide objectivity and independence to enhance confidential computing assurance to users.
• In its first version, Project Amber intends to support confidential compute workloads deployed as bare metal containers, virtual machines (VMs) and containers running in virtual machines using Intel TEEs. The initial release will support Intel TEEs, with plans to extend coverage to platforms, devices and other TEEs in the future.
• Intel is also working with independent software vendors (ISVs) to enable trust services that include Project Amber. New software tools, such as published APIs that enable ISVs to incorporate Project Amber to augment software and services, will complement Intel’s platforms and technologies, and bring more value to customers and partners.

Intel plans to launch a customer pilot of Project Amber in the second half of 2022, followed by general availability in the first half of 2023.

“As organizations continue to capitalize on the value of the cloud, security has never been more top of mind. Trust goes hand in hand with security, and it is what our customers expect and require when delivering on Intel technology,” said Greg Lavender, chief technology officer, senior vice president and general manager of the Software and Advanced Technology Group at Intel. “With the introduction of Project Amber, Intel is taking confidential computing to the next level in our commitment to a zero-trust approach to attestation and the verification of compute assets at the network, edge and in the cloud.”

https://www.intel.com/content/www/us/en/newsroom/news/vision-2022-project-amber-security.html

Read More

Nokia opens cybersecurity 5G testing lab in Dallas

 

Nokia has opened an Advanced Security Testing and Research (ASTaR) lab in Dallas, Texas. It will be staffed by U.S.-based specialists in cybersecurity and leverage the security research capabilities of Nokia Bell Labs. Nokia’s Dallas office also features the Executive Experience Center, Energy Innovation Center, O-RAN Collaboration and Testing Center, Cloud Collaboration Hub and Nokia Services Lab, making it a convenient destination for customers seeking a broad view of Nokia’s entire portfolio and capabilities. 

As the central lab dedicated solely to security forensics and research, ASTaR will use and develop cutting-edge tools and techniques to assess the security resilience of 5G networks, as well as their associated software, hardware and applications. ASTaR will then use these assessments to address emerging security threats, and lab researchers will engage with the cybersecurity community to identify emerging threat vectors and potential vulnerabilities.

The lab will serve as a central repository for cybersecurity knowledge that will be shared across Nokia and with its operator, enterprise and government customers. In addition, Nokia will partner with customers to consider attack scenarios against networks and observe how security measures will fare against real security incursions.

Nishant Batra, Chief Strategy and Technology Officer, Nokia, said: “5G will enable countless new services for consumers, government and businesses, and the industry must be hyper-vigilant in ensuring these 5G ecosystems are secure. To demonstrate our leadership and commitment to security, Nokia will be the first to inaugurate a lab in the U.S. with the singular mission of identifying and preventing cybersecurity attacks. ASTaR lab will be an ideal testing ground to assess security in the larger context of network use and abuse scenarios.”

 

 

Read More

NIST probase 5G's security capabilities

by Jim Carroll

The National Institute of Standards and Technology (NIST) published a draft document concerning 5G cybersecurity capabilities.

The publication describes a standalone 5G network that NIST’s National Cybersecurity Center of Excellence (NCCoE) is constructing, largely for the purpose of demonstrating 5G cybersecurity capabilities in different situations. The network, which the NCCoE team is constructing from off-the-shelf commercial technology, is currently being deployed, and the team is seeking comments on the publication in part to ensure the finished network will allow the researchers to develop practical guidance that the wireless security community will find useful.

The publication, titled 5G Cybersecurity Volume B: Approach, Architecture and Security Characteristics (NIST Special Publication 1800-33B), describes the cybersecurity capabilities that their example 5G network will enable. It also provides a risk analysis for the security capabilities that the network will demonstrate. Its authors, who characterize it as a preliminary draft, plan to develop it to include actionable guidance on using standards and recommended practices for multiple use case scenarios. 

“The information contained in the document highlights security features that 5G offers,” said Jeff Cichonski, a NIST information technology specialist and one of the publication’s authors. “Understanding what’s available can be critical to help operators and users of 5G understand and manage their cybersecurity risk when it comes to 5G.”

https://www.nist.gov/news-events/news/2022/04/nist-requests-public-comment-draft-guidance-5g-cybersecurity

Accelerating Virtual 5G Distributed Unit Processing

 What's hot at #MWC22? In the drive toward O-RAN and v-RAN, silicon vendors are racing toward smaller geometries, and Marvell is on the leading edge with portfolio optimized for the RU, DU and now the virtualized DU, says Joel Brand, Senior Director, Product Marketing, Marvell. https://youtu.be/upKd1yp6YOMThe idea with the virtualized DU is to process some of the functionality in a host server leveraging cloud technologies and a new generation...

READ MORE

LF Networking highlights progress with its 5G Super Blueprint

Tuesday, April 12, 2022    

LF Networking cited progress with its 5G Super Blueprint,  a community-driven integration/illustration of multiple open source initiatives, projects, and vendors coming together to show use cases.The 5G Super Blueprint is now integrated across additional projects––including Magma (1.6), EMCO, and Anuket––building open source components applicable to a variety of industry use cases. Preliminary scoping for future integrations with the O-RAN Software...

READ MORE

O-RAN releases Minimum Viable Plan 002

Wednesday, April 06, 2022  O-RAN, Silicon  

The O-RAN ALLIANCE announced the second release of specifications encompassing an O-RAN Minimum Viable Plan for products that meet the highest priority needs of operators.O-RAN Release 001, released last year, focused on creating Open Interfaces that include Open Fronthaul, transport, hardware and cloud.The new O-RAN Release 002 focuses on enabling Open Intelligence. Features in Release 002 include specifications for Traffic Steering, Quality of...

READ MORE

Read More

FCC seeks comment on BGP vulnerabilities

The FCC is seeking public comment on any steps that the Commission should consider taking to help protect and strengthen the nation’s communications network and other critical infrastructure from vulnerabilities posed by BGP.

The FCC observes that a bad network actor may deliberately falsify BGP reachability information to redirect traffic to itself or through a specific third-party network, and prevent that traffic from reaching its intended recipient. The FCC says Russian network operators have been suspected of exploiting BGP’s vulnerability to hijacking, including instances in which traffic has been redirected through Russia without explanation.

Specifically, the FCC is seeking comment on the extent to which Internet Service Providers, public Internet Exchange Providers, and providers of interconnected VoIP service have deployed BGP routers in their networks.  Do content delivery networks, and providers of cloud services operate BGP routers in their networks as well?  What other types of entities operate BGP routers?  

https://www.fcc.gov/document/fcc-launches-inquiry-internet-routing-vulnerabilities

Read More

Arista embeds network detection and response into switches

Arista Networks is adding embedded security and packet analysis capabilities to its 720XP series of switches. 

By embedding NDR (Network Detection and Response) capabilities into the Arista EOS-based switches themselves, Arista says it can deliver broader visibility and threat hunting across the modern cognitive campus. 

The new capabilities build on Arista's Autonomous Virtual Assist (AVA) platforms with two key components: AVA Sensors and the AVA Nucleus. AVA Sensors support a variety of form factors from stand-alone appliances and virtual to cloud workloads and now, within campus power over ethernet (PoE) switches. The AVA Sensors analyze the full packet, including application layer data which sets the stage for automated and manual threat hunting. The sensors then transfer the “just right” deep-packet data to the AVA Nucleus, which is offered as both on-premises and SaaS. 

Arista will deliver the capabilities via a switch software upgrade . The company cites minimal impact on switch performance or reliability.

“Network security has been an ongoing challenge for most organizations due to hardware deployments and configuration changes needed at the network infrastructure level. While organizations acknowledge that the network presents a unique vantage point, security teams have been forced to trade off network visibility and ongoing operational costs,” said Rahul Kashyap, Vice President and General Manager of Cybersecurity and CISO at Arista Networks. “By building NDR capabilities into the switching infrastructure itself, Arista enables a built-in, secure network that reduces organizational risk by speeding up both time to detection and time to remediation.”

The new capabilities are expected to be generally available in Q2, 2022, with early trials in March 2022.

Read More

Juniper adds Firewall-as-a-Service to its SASE

Juniper Networks is expanding its Secure Access Service Edge (SASE) architecture with the addition of Juniper Secure Edge, a Firewall-as-a-Service (FWaaS) managed by its Security Director Cloud.

Key benefits of Juniper Secure Edge:

Unified policy management from a single UI for all security use cases. Create policies once and apply them anywhere and everywhere with unified policy management, including user- and application-based access, IPS, anti-malware and secure web access within a single policy. 

Secure user access from anywhere. Secure Edge supports the remote workforce whether employees are in the office, at home or on the road with secure user access to the applications and resources needed to do their job effectively. Security policies follow the user wherever they go, protecting the user, device and applications without having to copy over or recreate rule sets.

Dynamic Zero Trust segmentation. Maintain the security of data around identity- and risk-driven policies. Secure Edge delivers consistent security policy framework with policies that automatically adapt based on new risk and attack vectors and follow the user wherever they go, providing automated access controls to employees and third-party contractors through granular policy control.

Investment protection. Juniper customers can use the physical, virtual, containerized – and now cloud-delivered – SRX firewall, completely managed by Security Director Cloud with a single-policy framework, allowing for full visibility and consistent security across both the edge and the data center from one UI.

Integration with any identity provider. Secure Edge allows customers to use the identity provider that works for them by integrating with leading identity providers, such as Azure AD, Okta and others, through SAML 2.0 support.

Validated security effectiveness. Juniper provides cyberattack protection that has been validated by objective, third-party testing to be highly effective against client- and server-side exploits, malware and C2 traffic, regardless of where the users and applications are located. This includes achieving the highest security efficacy rating at 99.5% from CyberRatings.org compared to leading security vendors for Enterprise Firewall, and 100% effectiveness with zero false positives in ICSA Labs’ Advanced Threat Defense test in Q4 of 2021. Secure Edge delivers policies from the cloud, as a service, empowered with these proven threat prevention technologies, ensuring consistent security enforcement.

“We’re excited to take the next big leap in the SASE market with Juniper Secure Edge,” said Samantha Madrid, VP of Security Business & Strategy, Juniper Networks. “First, we empowered our customers to manage security anywhere, all within a single UI with Security Director Cloud. Now, with the introduction of Juniper Secure Edge, Juniper is enabling its customers to seamlessly secure remote workforces with consistent security policies that follow users wherever they go, all while leveraging existing investments as they transition to a cloud-delivered architecture. Secure Edge makes it easy for customers to deploy effective threat protection without breaking visibility.”

https://www.juniper.net/us/en/security.html

Read More