Executing Zero-Trust Security and Building a Protective Perimeter With HashiCorp Boundary Enterprise
Identity-driven security is critical to countering attempts of credential harvesting. HashiCorp Boundary Enterprise brings the capability to secure on-demand access with granular identity controls to organizations in regulated industries. As organizations transition to cloud-based infrastructures, traditional network perimeters become less relevant, and identity becomes the primary focus of security. By standardizing remote user access and utilizing the principle of least privilege, HashiCorp Boundary enables organizations to secure their infrastructure while granting granular authorizations and creating a centralized access workflow. Read about it at Gestalt IT or watch the demo here on the website.
Read More:
Executing Zero-Trust Security and Building a Protective Perimeter With HashiCorp Boundary Enterprise
Out-Of-Band Management – Useful Beyond Catastrophe
Aaron Conaway reflects on his participation in Tech Field Day Extra at Cisco Live, where he learned about Opengear’s out-of-band (OOB) management solutions. While traditionally used for catastrophic events, Opengear discussed how OOB gear can also be utilized for provisioning, device configuration, and monitoring purposes. This expanded functionality enhances day-to-day operations and remote troubleshooting capabilities, making an investment in OOB networks worth considering. Read more at Aaron’s blog!
Read More:
Out-Of-Band Management – Useful Beyond Catastrophe
Safety in the API Jungle
Bruno Wollmann discusses the increasing security vulnerabilities and attack vectors exposed by APIs in today’s digital landscape. Noname Security presented at Security Field Day 9 and provides a comprehensive solution to address this issue. Their platform encompasses four key pillars: discovery, posture, runtime, and testing, allowing organizations to gain visibility, detect vulnerabilities, monitor traffic, and implement dynamic application security testing (DAST) for a proactive approach to API security. Read more of Bruno’s thoughts on his blog!
Read More:
Querying Data at Source With Cribl Search
At the recent Security Field Day event, Cribl presented Cribl Search, a service included in Cribl Suite. Cribl Search allows users to query data in scattered addresses without having to move them. No matter where the data resides, Cribl Search lets users explore and investigate datasets in real time. Read about Cribl Search at Gestalt IT or watch the demo live on the website.
Read More:
Querying Data at Source With Cribl Search
Overlay Management
Aaron Conaway highlights his participation in Tech Field Day 27, specifically focusing on Men & Mice, a company that presented Micetro, their overlay management product for DHCP, DNS, and IPAM. He explains the benefits of using an overlay management system like Micetro, such as centralized changes, deferred service expertise, and scalability.
Read More:
Embedding Security in the Code With Noname Security’s Active Testing V2
API security is front and center in cybersecurity, and integral to the future of APIs. Noname Security’s Active Testing v2 offers dynamic testing of APIs in shift left security, enabling organizations to infuse security deep within the code. By integrating security into the CI/CD processes, Active Testing v2 enables teams to proactively detect vulnerabilities and minimize the chances of API exploits. With its user-friendly interface and comprehensive testing capabilities, the solution empowers developers to embrace shift left security and ensure the early detection and mitigation of potential issues. Read about it at Gestalt IT or watch the demo live on the website.
Read More:
Embedding Security in the Code With Noname Security’s Active Testing V2
RackN Bridges the Gap Between People and Platforms
Adam Fisher discusses the power of Digital Rebar from RackN in this Tech Note, the first of a series sponsored by RackN. With technology evolving rapidly, the need for automation in deploying applications at scale has become crucial. RackN’s Digital Rebar serves as a reliable automation platform that empowers IT Ops to effectively manage infrastructure in the modern era, bridging the gap between people and platforms.
Read More:
RackN Bridges the Gap Between People and Platforms
Fast-Tracking Decision Making and Incident Response With Cisco’s Secure Network Analytics and XDR
The relentless onslaught of cyberattacks has made it amply clear that the appropriate countermeasure is a stringent routine of intelligently devised and religiously enforced practices. Cisco makes the path from observation to action short and speedy with Cisco Secure Network Analytics and the new Cisco XDR. Secure Network Analytics (SNA) serves as a collector and aggregator of network telemetry, providing broad security analytics, while XDR collects telemetry from various sources and analyzes it to identify threats and incidents. Together, these solutions streamline data processing, enhance threat detection, and enable prompt response, making high-security standards a priority. Read the review at Gestalt IT or watch the demo here at the website.
Read More:
Fast-Tracking Decision Making and Incident Response With Cisco's Secure Network Analytics and XDR
Cross Training for Career Completeness
The importance of cross-training with different technology disciplines is emphasized in a thought-provoking blog post by Tom Hollingsworth. Drawing inspiration from martial artist Bruce Lee, the author highlights the value of incorporating new skills and knowledge into one’s expertise to stay relevant in the ever-evolving tech industry. Using the example of wireless engineers understanding the bigger security picture, the article encourages professionals to embrace cross-training and see the bigger picture to have a successful and prolonged career.
Read More:
Cross Training for Career Completeness
Designing a Lossless AI/ML Network With Cisco Data Center Networking Blueprint
Cisco presented the Cisco Data Center Networking Blueprint for AI/ML Applications, a detailed and instructive handbook on AI/ML network, at the recent Tech Field Day event. The document decodes the strict requirements of modern AI/ML workloads, and provides a blueprint for building a high-performing AI/ML network. Cisco’s Nexus 9000 Series switches offer high throughput, low latency, and congestion management features necessary for AI/ML applications, including RDMA over Converged Ethernet (RoCE) in network transport. Read about it at Gestalt IT or watch the presentation here at Tech Field Day.
Read More:
Designing a Lossless AI/ML Network With Cisco Data Center Networking Blueprint
Introducing FortiAIOPs 2.0 at Mobility Field Day 9
Fortinet introduced FortiAIOps 2.0 at Mobility Field Day 9, combining troubleshooting tools with network insights to simplify network management and enhance security. The solution provides various tools for quick issue resolution, network performance insights, automation of network operations, and predictive analytics to prevent potential problems. Troy Martin was impressed that it is built for different-sized customer networks, and that flexible licenses are available to match specific needs.
Read More:
Introducing FortiAIOPs 2.0 at Mobility Field Day 9
Achieving a Consistent Policy Across Enterprise With Cisco Security Group Tag
A common policy across products and use cases can cut the chaos and solve the challenges of policy management in enterprises. Cisco’s Security Group Tag enables a central policy control, allowing teams to collaborate more effectively, and put up a strong front against cyber threats. Cisco’s approach to bridging policy islands through context sharing and the use of Security Group Tag (SGT) are described as effective solutions for centralized policy control, interoperability, and cost benefits. Read about it at Gestalt IT or watch the demo on the website.
Read More:
Achieving a Consistent Policy Across Enterprise With Cisco Security Group Tag
Security Is Hard
In this article, Alex Neihaus acknowledges the difficulty and challenging nature of enterprise security. Calling attention to the recent delegate roundtable discussion at Security Field Day, Alex highlights the asymmetric nature of the battle, where securing an environment requires perfection while attackers only need to exploit a single vulnerability.
Read More:
Thirty-Six GigaToasters
In this episode of Chaos Lever, Chris Hayner and Ned Bellavance cover Security Field Day 9, highlighting presentations by Comvault, Noname Security, Cisco, Cribl, and NetAlly’s Cyberscope. They discuss Comvault’s ThreatWise platform, which focuses on ransomware detection, and the use of fake hosts and lures to trap potential attackers. They also mention Cisco’s new hardware firewalls, the 4200 series, and their multicloud network security model. Chris shares insights on NetAlly’s Cyberscope, a handheld cybersecurity analyzer.
Read More:
Enhancing Data Protection: The Power of Real-Time Intruder Deception and Detection
In this LinkedIn article by Lars Trøen, the innovative approach to data protection showcased by Commvault at Security Field Day 9 is discussed. The article highlights the incorporation of Metallic Threatwise, a honeypot and deception service, into Commvault’s data protection software system. This integration enables real-time detection of intruders and provides tailored recommendations for deploying honeypots within the network, enhancing organizations’ ability to stay ahead of evolving cybersecurity threats.
Read More:
Enhancing Data Protection: The Power of Real-Time Intruder Deception and Detection
Cisco Live 2023 Review
Cisco Live must have been a load of fun! That’s what we take away from this article by Eric Stewart as he reflects on the event. He also shares his experience with the Tech Field Day presentations and highlights the importance of the social aspect of Cisco Live and being able to connect with friends. We’ll be watching for more from Eric soon!
Read More:
Segmentation Is a Key Edge Building Block with Mako Networks
In this Gestalt IT Tech Note, Brian Chambers discusses the importance of segmentation in operating edge environments at scale. He emphasizes that while edge environments resemble cloud architectures, they also face unique challenges, such as lack of on-site staff and poor physical security. Chambers highlights how effective network segmentation can improve performance, enhance security, and enable better network traffic management. He explores the role of segmentation in various industries, particularly retail, and emphasizes the need for a capable partner like Mako Networks to provide effective segmentation services in edge computing solutions. Read this article, sponsored by Mako Networks, to learn more about edge connectivity.
Read More:
Segmentation Is a Key Edge Building Block with Mako Networks
Thwarting Malicious Cyberattacks With the New Lightspin CNAPP From Cisco
In this Gestalt IT article, Sulagna Saha discusses Cisco’s cloud security solution, Lightspin CNAPP, and its capabilities in protecting microservices applications from vulnerabilities and malicious cyberattacks. Saha highlights the complex nature of microservices applications and the need for layered security across development and runtime phases. She explains how Lightspin CNAPP, with its graph database technology and comprehensive scanning capabilities, can identify vulnerabilities, correlate events, and provide remediation recommendations. The article also mentions the recent acquisition of Lightspin Technologies by Cisco and provides a link to watch Cisco’s demo of Lightspin CNAPP.
Read More:
Thwarting Malicious Cyberattacks With the New Lightspin CNAPP From Cisco
Democratizing Security Testing
In this post, Michael Davis discusses the democratization of security testing and validation. He highlights NetAlly’s introduction of Cyberscope, an Android-powered handheld tool that simplifies network security testing. Cyberscope offers a user-friendly interface to powerful tools like Nmap, enabling non-experts to leverage long-standing security testing programs. James Kahkoska, CTO of NetAlly, presented Cyberscope at Security Field Day and Davis provides a link to watch the presentation and the ensuing discussion on privacy matters related to RF signal collection in unlicensed spectrum.
Read More:
Democratizing Security Testing
Seeing Through Hybrid Multi-Cloud With Forward Networks
In this Tech Note article at Gestalt IT, Justin Warren discusses the challenges of securing cloud environments in the world of hybrid multi-cloud. He emphasizes that full visibility and understanding of network configurations are crucial for effective security. Forward Networks, known for network observability, offers a solution that simplifies the complex topology of cloud environments, provides consistent visibility across networks, and enables operators to ask the right security questions. Warren highlights the importance of combining existing techniques with new methods to navigate the diversity of environments and avoid overwhelming complexity. Read more in this article, which was sponsored by Forward Networks.
Read More:
