Trusted by 50% of the UAE and KSA-based companies listed in the Forbes Global 2000, Proofpoint’s comprehensive AI-driven cybersecurity solutions help organizations navigate today’s complex threat landscape with confidence, delivering robust protection. Available in Q1 2025, Proofpoint’s offerings will enable UAE-based customers to comply with local data residency policies and meet regulatory compliance.

The cyber threat landscape in the UAE continues to evolve. While Emirati CISOs continue to fear cyber-attacks, they are demonstrating increasing confidence in their ability to defend against them. Proofpoint’s 2024 Voice of the CISO Report reveals that two-thirds (66%) of CISOs in the UAE feel prepared to cope with a cyberattack, an increase from 43% last year. This growing confidence may be attributed to the 89% of Emirati CISOs surveyed looking to deploy AI-powered capabilities to help protect against human error and advanced human-centered cyber threats.

To address this, Proofpoint’s ongoing investments in the region will help organizations in the UAE address human-centric cybersecurity risks, providing the opportunity to benefit from Proofpoint’s market-leading email security solutions, running through an in-country data centre. Proofpoint Email Protection is the only AI/ML-powered, cloud-based threat protection platform that disarms today’s advanced attacks, including email fraud, ransomware, weaponized URLs, multifactor authentication (MFA) bypass for credential phishing, and more.

“Organizations in the United Arab Emirates face a rapidly evolving threat landscape and our main objective over the coming years is to continue protecting even more companies in the region, with innovative, AI-powered solutions,” said Sumit Dhawan, CEO at Proofpoint. “Our solutions being delivered through local a data center underscores our unrelented investment in a key region for us and highlights our commitment to keep pace with the region’s accelerating digital transformation. This will enable organizations in the UAE to roll out multi-layered, cloud-native cybersecurity protection that safeguards people and data from today’s biggest threats, while keeping their data in-country.”

Proofpoint Middle East by the Numbers:

• Proofpoint is trusted by 50% of the UAE and KSA-based companies listed in the Forbes Global 2000 and protects more than 1,200,000 employees across the Middle East.
• Proofpoint’s Middle East customer base saw a growth of more than 20% in 2024, with continued growth at-pace expected in the coming years
• Since 2019, Proofpoint has increased its employee base by more than 40% across the region
• Proofpoint works with over 550 partners across the Middle East, Turkey & Africa

“Organisations in the Middle East are leading the charge in implementing cybersecurity measures to protect their customers from today’s threat landscape,” said Emile Abou Saleh, Vice President, Northern Europe, Middle East, Turkey and Africa at Proofpoint. “At Proofpoint, we remain committed to empowering organizations with the tools and knowledge needed to safeguard their most valuable assets—their people. With our solutions being delivered through a local data center, we will bring our industry-leading human-centric cybersecurity to more organizations in the region, while better meeting local customer and regulatory needs.”

At GITEX 2024, Cloudflare will demonstrate how its technologies are reshaping the landscape of digital infrastructure and security. The company will spotlight the connectivity cloud, a state-of-the-art solution designed to enhance connectivity and optimize performance for enterprises across the globe. This AI-enabled platform offers unparalleled visibility, reliability, security, privacy and speed by leveraging Cloudflare’s extensive global network that spans 330 cities in over 120 countries.

Key highlights of Cloudflare’s GITEX 2024 showcase will include:

• Connectivity cloud: A revolutionary platform that empowers enterprises with seamless, high-performance connectivity. By integrating advanced routing and traffic management technologies, the connectivity cloud helps organizations improve application performance and reliability while reducing latency and downtime.
• Zero Trust Security: Cloudflare One, Cloudflare’s comprehensive Zero Trust solutions will be on display, offering robust protection against modern cyber threats. This includes identity and access management, secure web gateways, and advanced threat detection capabilities.
• Scalable DDoS Protection: Demonstrations of Cloudflare’s industry-leading DDoS protection solutions will highlight how enterprises can safeguard their digital assets from malicious attacks while maintaining service availability.
• Optimised Content Delivery: Attendees will experience Cloudflare’s cutting-edge Content Delivery Network (CDN) services that accelerate website performance and ensure smooth, uninterrupted user experiences.
  The latest Cloudflare innovations announced at its recently concluded Birthday Week:
  • AI Audit tool – giving power back to creators and builders
  • Workers AI – helping to accelerate the development of AI applications
  • Speed Brain – helping web pages load 45% faster
  • The Democratisation of Critical Security Tools
  • The securitisation of Whatsapp, the world’s most popular messaging application
  • The free sharing of insights and findings of Cloudforce One, Cloudflare’s Threat Intelligence Research team

Bashar Bashaireh, RVP Middle East and Türkiye at Cloudflare commented on the company’s commitment to the region: “Today, everything needs to be connected to everything everywhere, all the time. This hyperconnectivity creates new challenges related to security, performance, resilience and privacy. As the world’s first connectivity cloud, Cloudflare helps connect and protect millions of customers globally. Everyone from individuals to the world’s largest enterprises uses our unified platform of networking, security, and developer services to succeed in the everywhere world.”

“The Middle East is experiencing rapid digital transformation, and we are proud to be at the forefront of this evolution. Cloudflare’s solutions are designed to meet the unique challenges faced by enterprises in this region, providing them with the tools they need to achieve secure, reliable, private and high-performance connectivity. Our participation at GITEX 2024 underscores our dedication to supporting Middle Eastern businesses as they navigate the complexities of today’s digital landscape,” Bashaireh continued.

Highlights of Cisco Secure Access include:  

1. Common Access Experience: Delivers a single, easy way to access all applications and resources (not just some) by intelligently and securely steering traffic to private and public destinations without end-user intervention.
2. Single, Cloud-Managed Console: Simplifies security operations by converging multiple functions into one easy-to-use solution that protects all traffic. Instead of managing a broad set of tools, administrators, and analysts can go to one place to see all traffic, set all policies, and analyze security risks. This translates into efficiency gains, cost reductions, and a flexible IT environment.
3. Faster Detection and Response: Provides analysis to speed up investigations and is backed by Cisco Talos AI-driven threat intelligence to detect and block more threats.

“Cisco is collaborating with leading mobile device vendors to create the safest and best user experience no matter where users work. Cisco collaborated with Apple to incorporate Zero Trust Access (ZTA) capabilities powered by Cisco Secure Access into a native experience on iOS and macOS, making secure access to applications pervasive while making it simpler for IT and more secure for everyone,” the company said.

“At Apple, we believe deeply in providing privacy and security that is built in from the ground up,” said Susan Prescott, Apple’s Vice President of Enterprise & Education Marketing. “Later this year, iPhone, iPad, and Mac will have native support for network relays. Together with Cisco Secure Access, enterprises will have a secure and seamless remote access solution, to do their best work from anywhere, on the best devices for business.”

Cisco Secure Access is taking a hybrid Points of Presence (POP) approach with Cisco Data Centers and public cloud providers to rapidly extend global reach for our customers. As part of the Cisco Security Cloud, it leverages capabilities from the rest of the Cisco security and networking portfolio, including embedded network visibility from Cisco ThousandEyes, and can be easily integrated with solutions from third-party vendors. Cisco Secure Access will be in limited availability starting in July 2023 and will be Generally Available in October 2023. 

“Organisations are deploying SSE for a variety of reasons, but improving security outcomes is arguably at the top of the list. Achieving this requires an emphasis on users to create a frictionless experience and simplifying security team processes to improve efficiency and ensure consistency,” said John Grady, Principal Analyst of Enterprise Strategy Group. “Security teams making plans for SSE should prioritize integrated solutions that focus on simplicity, scale, and user experience.” 

“At WWT our goal is to provide security solutions and services that help our customers achieve their business goals. As a Cisco partner, we are really excited about the direction Cisco is taking with the launch of their Cisco Secure Access solution,” said Neil Anderson, Area Vice President, Cloud & Infrastructure Solutions at WWT. “With Cisco Secure Access our customers gain a simplified way of accessing both private, cloud, and SaaS applications private and internet resources, while transparently securing against threats and boosting user productivity while reducing frustration.” 

Further delivering on its strategic vision, Cisco is previewing the first generative AI capabilities in the Security Cloud. Today, most organizations have a patchwork of security products, forcing teams to set and maintain extremely complex security policies as well as track and remediate threats across numerous solutions.  

• Reduce Policy Complexity: The Cisco Security Cloud will leverage a generative AI-powered Policy Assistant that enables Security and IT administrators to describe granular security policies and evaluate how to best implement them across different aspects of their security infrastructure. For the first implementation, customers will be able to reason with Cisco’s AI Assistant to evaluate and produce more efficient firewall policies. It will leverage customers’ existing rulesets in Cisco Secure Firewall Management Center to drive unmatched efficiency without sacrificing granular control and will be available later this year.
• Quickly Detect and Remediate Threats: Cisco’s SOC Assistant will support the Security Operations Center (SOC) to detect and respond to threats faster. When an incident occurs, the assistant will contextualize events across email, the web, endpoints, and the network to tell the SOC analyst exactly what happened and the impact. Analysts can then interact and reason with the assistant to determine the best remediation approach leveraging an extensive knowledgebase of potential actions while also taking into account the analyst’s input. Cisco first shared the concept at RSA Conference 2023 and is excited to share that the event summarization feature will be available by the end of calendar 2023 with the remaining capabilities in the first half of calendar 2024.

The world is hybrid, and users require seamless connected experiences at the office and on the road. As the demands of the firewall as the foundation of the security stack continue to expand, the new Cisco Secure Firewall 4200 Series raises the bar for performance and flexibility with cryptographic acceleration, clustering and modularity.  

Running the new 7.4 version of the operating system, Secure Firewall 4200 features: 

• AI and ML-based encrypted threat blocking without decryption.
• Evolution of Zero Trust Network Access (ZTNA) with complete threat inspection and policy for each individual application.
• Simplified branch routing that brings security, control, and visibility to traffic from remote offices to applications in hybrid data centres.

Cisco Secure Firewall 4200 Series appliance will be generally available in September 2023 supporting the 7.4 version of the operating system. The 7.4 OS will be generally available for the rest of the Secure Firewall appliance family in December 2023.  

“Cisco is also proud to announce Cisco Multicloud Defense following its recent acquisition of Valtix. Multicloud Defense extends the traditional firewall concept into a service-oriented, multi-cloud world.   SecOps teams can now manage security across AWS, GCP, Azure, and OCI with a single policy, in real-time, from a single SaaS platform. In addition, teams can rapidly spin up security for any cloud environment, leading to increased security and efficiency. Cisco Multicloud Defense is available today,” the company said.

“Cisco is delivering an integrated approach to secure cloud-native applications from code to cloud with new capabilities in Panoptica, Cisco’s cloud-native application security solution. Adding to the Cloud Workload Protection (CWPP) that Panoptica currently provides, Cloud Security Posture Management (CSPM) will be available starting Fall 2023 to deliver continuous cloud security compliance and monitoring at scale, giving customers visibility into their entire inventory of cloud assets, including Kubernetes clusters. In addition, a new attack path engine that uses graph-based technology to deliver advanced attack path analysis will help security teams quickly identify and remediate potential risks across cloud infrastructures. Further, Panoptica’s integration with Cisco’s Full Stack Observability portfolio provides real-time visibility to prioritize business risks. These integrated capabilities will help security and developer teams alike gain the visibility, control and actionable intelligence required to protect dynamic cloud applications and infrastructure,” the company added.

Furthermore, organizations are finding that the overall cost of deploying and managing security solutions, including SIEM solutions, is higher than the price of managed security services. Due to these factors, more and more enterprises are looking to MSSPs for their security needs. However, MSSPs also face specific business challenges, such as managing the security of their clients without compromising on data segregation as well as optimizing resource utilization and maintenance costs to increase their profit margins.

“The MSSP market is set for expansion, but MSSPs have to assure their clients that data segregation and security are ensured continually. This requires additional investments in the appropriate technology, hardware, and personnel, reducing the profit margins of MSSPs,” said Manikandan Thangaraj, vice president of ManageEngine.

The MSSP Edition of Log360 Cloud is designed to address the unique business challenges of MSSPs and thereby drive up their profit margins. “Leveraging the advantages of cloud deployment, MSSPs can ensure data segregation and security with no additional effort. Log360 Cloud also offers multi-tenancy; RBACs in addition to security analytics; and incident management and threat detection, investigation, and response (TDIR) features, making it the perfect fit to address the requirements of MSSPs,” said Thangaraj.

Log360 Cloud’s MSSP Edition offers the following capabilities:

• Data segregation with multi-tenancy: Log360 Cloud’s MSSP Edition offers ways to seamlessly manage multiple customer profiles from a single console without compromising data security. Each customer’s data is logically separated from that of the others using a set of secure protocols in the framework.
• Commitments to data security: The data of MSSPs and their customers are securely stored in the cloud and encrypted at rest and in transit. Also, Log360 Cloud is compliant with the GDPR, the CSA STAR, CLOUD 714132 ISO/IEC 27017, and more, thus ensuring continuous monitoring to secure customers’ data.
• Guaranteed around-the-clock availability of services: Log360 Cloud is hosted on Zoho’s cloud infrastructure and follows Zoho’s operational security protocols, ensuring high availability, resilience, and business continuity.
• Role-based access controls (RBACs): Addressing the stricter restrictions of who can view which customer’s data, Log360 Cloud’s MSSP Edition also offers RBACs that allow each of the MSSP’s security analysts to view the information of only a specific customer.
• High-end security features: Log360 Cloud’s capabilities cover extensive auditing and reporting, forensic analysis, TDIR, compliance management, security analytics, and cloud security.
• Performance is unaffected by granular retention configurations: Log360 Cloud offers flexible pricing, which allows MSSPs to choose granular data retention policies and storage space allocation for each of their customers. Thus, MSSPs can save a lot on resource utilization and log storage costs.
• A fast time to value with quick deployment: SIEM services are notorious for taking months to deploy and demonstrate value. With a simple sign-up process, preconfigured modules, and simple enablement procedures, Log360 Cloud quickly fulfills the deployment, configuration, and resource management requirements of customers.

The platform also encompasses F5 Distributed Cloud WAAP (Web Application and API Protection), which augments multiple security capabilities across F5 technologies in a single SaaS offering. As organizations enhance digital services users and pursue a wider breadth of infrastructure models to improve performance and reduce costs, application service environments have become more complex.

Research from F5 2022 State of Application Strategy Report reveals that as many as 88% of organizations operate both legacy and modern application architectures. 70% also operate in multiple clouds, which expands the threat surface area as companies are forced to deploy separate, and often inconsistent, security controls across different environments. Furthermore, 78% of organizations are currently focused on API security measures.

“Nearly all organizations in the Middle East and beyond find themselves at the epicenter of two significant trends: the evolution of applications as the center of their customers’ digital lives and the escalation of threats against them,” said Mohammed Abukhater, RVP for the Middle East, Turkey, and Africa at F5.

“At F5, we’ve transformed both our business and our portfolio to meet these challenges. F5 Distributed Cloud Services is central to this shift, offering a new approach to app security with SaaS-based solutions that are centrally managed but can be deployed anywhere the app needs to be. This maximizes business impact and delivers a superior customer experience.”

GITEX 2022 will also see the Middle East debut of F5’s new security-focused awareness drive. Through individual stories, the ‘A Force For’ campaign focuses on how cybersecurity impacts individuals in all walks of life. This also includes the CIOs, CISOs, DevOps, NetOps, SecOps and other IT professionals that count on F5 technologies to keep their business, their employees, and their customers safe.

“Cybercrime might harm organizations, but the true victims are people. ‘A Force For’ is all about making cybersecurity personal,” added Abukhater.  “It is explicitly driven by what we value most: the people in our lives that depend on us to ensure their digital worlds are secure.

As hybrid or remote working is being adopted by many companies globally and becoming the ‘new norm’ for millions of workers, cyberattacks meanwhile continue unabated. Building a secure and reliable IT environment has therefore become an increasingly important priority for many businesses who are exploring opportunities in the global digital economy. While moving to the cloud and using cloud-based security features is a good way to challenge cyber risks, it’s important to delve deeper into how best to construct a secure and reliable cloud environment that can fend off even the most determined attacker.

In today’s digital environment, discussions about cyber security’s best practices have never been more important. The UAE in particular established the Cybersecurity Council to develop a cybersecurity strategy and build a secure cyber infrastructure by creating related regulations. Following this move, the nation ranked 5^th place on the International Telecommunications Union’s Global Cybersecurity Index 2020, jumping 33 places and it continues to prioritize cyber security and awareness. Creating a secure cloud environment – from building the architecture to adopting cutting-edge security technologies and putting in place important security management practices – will inspire more thorough conversations on this subject.

A resilient and robust security architecture is essential for creating a cloud environment capable of assuring an organisation about the availability, confidentiality and integrity of its systems and data. From the bottom up, the architecture should include security modules of different layers, so that companies can build trustworthy data security solutions on the cloud layer by layer – from the infrastructure security, data security, and application security to business security layers.

In addition to the security modules of all of the layers, there are a variety of automated data protection tools that enable companies to perform data encryption, visualisation, leakage prevention, operation log management and access control in a secure computing environment. Enterprises can also leverage cloud-based IT governance solutions for custom designs of cloud security systems to meet compliance requirements from network security and data security to operation auditing and configuration auditing. This ensures full-lifecycle data security on the cloud, with controllable and compliant data security solutions in place.

Another consideration is to build a multi-tenant environment, abiding by the principle of least privilege and adopting consistent management and control standards to protect user data from unauthorised access. In addition, establishing strict rules for data ownership and operations on data, such as data access, retention and deletion, is also pivotal in creating a safe environment.

Moreover, enterprises can embrace the zero-trust security architecture and build a zero-trust practice by design to protect the most sensitive systems. The architecture requires everything (including users, devices and nodes) requesting access to internal systems to be authenticated and authorised using identity access protocols. As such, the zero-trust security architecture cuts down on automatic trust, or trust without continuous verification, addressing modern challenges in securing remote working environments, hybrid cloud settings and increasingly aggressive cyber threats.

Cutting-edge security technologies such as comprehensive data encryption, confidential computing and many more emerging tech solutions, can be leveraged to ensure we stay on top of the trends in cybersecurity. Comprehensive data encryption provides advanced data encryption capabilities on transmission links (such as data-in-motion), compute nodes (such as data-in-use), and storage nodes (such as data-at-rest). Key Management Service and Data Encryption Service help users securely manage their keys and use a variety of encryption algorithms to perform encryption operations.

Another emerging technology to safeguard the cloud environment is confidential computing. Confidential computing is dedicated to securing data in use while it is being processed, protecting users’ most sensitive workloads. Confidential computing based on trusted execution environments (TEEs), ensures data security, integrity and confidentiality while simplifying the development and delivery of trusted or confidential applications at lower costs.

It is equally important to adopt proper security management practices and mechanisms to maximise the security protection of one’s critical system and important data. One essential mechanism to protect the cloud environment is to develop a comprehensive disaster recovery system, which enables businesses to configure emergency plans for data centres based on factors such as power, temperature and disasters, and establish redundant systems for basic services such as cloud computing, network and storage. It helps companies to deploy their business across regions and zones and build disaster recovery systems that support multiple recovery models.

Setting the effective reviewing and response mechanism for your cloud security issues is imperative. First, having vulnerability scanning and testing in place is important to assess the security status of systems; second, it is vital to use cloud-native monitoring tools to detect any anomalous behaviour or insider threats; furthermore, establishing proper procedures and responsibility models to quickly and accurately assess where vulnerabilities exist and their severity, will help ensure that quick remedy actions can be taken when security problems emerge.

In the future, developing the security architecture, technologies, management and response mechanism will no longer be perceived as a cost-centre burden for companies, but rather, as critical capabilities to safeguard the performance and security of daily business operations. Crafting a comprehensive cloud security plan, adopting the best industrial practices, and choosing a professional cloud service provider with strong security credentials to work with, should be an imperative subjects in a CXO’s agenda.

Today’s enterprises have faced many challenges with the pace of change over the last few years because of digital transformation, and the need for that transformation to be resilient and secure. These challenges have been amplified by the disruption of the global pandemic. There have been massive global macro-economic shifts that have fundamentally changed the way companies operate, from the rise of remotely working employees to the adjustments of customer engagement strategies.

Remote work was in full swing before the pandemic and it already had an impact on IT strategy and the shift to cloud, including hybrid cloud. This trend has only accelerated due to the ease of remote deployment and accessibility of software, SaaS, and cloud options. With all these changes, the specter of security breaches is high. This explains the rise and popularity of Zero Trust as a framework for securing networks in these new realities, and as an effective tool to drive cybersecurity initiatives within the entire enterprise.

All this means that in a post-pandemic era, digital resilience is a top priority and cyber threats are only accelerating. As a result, we are witnessing a broad spectrum of concerns as enterprise organizations look to shore up their defenses. Analyzing the events of the last two years, it is an ideal time to explore enterprise perceptions about the future. To gain these insights, we surveyed 2,425 senior application and network professionals from ten regions around the globe. Not surprisingly, we found high levels of concern around all aspects of digital transformation solutions and resilience with a strong focus on business continuity. The top findings we uncovered included:

Private Clouds are the Preferred Enterprise IT Environment
|Even though we witnessed a rapid pivot to cloud in the last couple of years, plenty of on-premises environments remain. Twenty-three percent of respondents have retained an on-premises environment and this is unlikely to change in the future. Private clouds were the preferred environment for 30 percent of respondents, while just under one quarter said their environment was in a public cloud with a similar percentage in SaaS environments.

New Working Patterns and Digitalization Prompt Rethinking the Strategy
Resilience is a board-level discussion as senior leaders look to ensure that the business can cope with any future disruption. Our enterprise respondents said that digital transformation solutions, business continuity (technically and organizationally), and stronger security requirements have all become paramount. This puts tremendous pressure on IT professionals to rethink their architectures and IT strategies to meet the challenge.

Asked to rate their concern about 11 different aspects of business resilience, nine out of 10 respondents expressed some level of concern about every issue. The top concerns were around the challenge of optimizing security tools to ensure competitive advantage, utilizing IT resources in the cloud, and enabling remote access and hybrid working while ensuring that staff feels supported in whatever work style they wish to adopt.

Top Cyber Threat Concerns for Enterprise IT
Without a doubt, the escalating threat landscape is causing a broad array of concerns from respondents. Chief among them is the loss of sensitive assets and data followed by the disruptive impact of downtime or network lockdown. In response, there was an evident shift to a Zero Trust security approach. One-third (30%) of enterprise organizations said that they had already adopted a Zero Trust model.

Looking to the future, we expect the adoption of cybersecurity initiatives to not only remain high but to become higher. This includes a more pervasive adoption of the Zero Trust model within the enterprise as all employees become more aware of the benefits of such a strategy and approach.

It’s clear that there is unlikely to be any relief from the pressures for enterprises and their IT practitioners, whether in infrastructure or security domains. We will be dealing with the impact of these recent pandemic-related changes for years to come, including the continuing integration of newer technologies and evolving standards. Therefore, IT organizations must continue to invest in modern technologies that support ongoing digital transformation initiatives but strike the balance between strong Zero Trust defense and operational agility for their multifaceted digital resiliency needs.

Containerized applications present unique runtime security challenges, including how to only allow legitimate traffic in, how to enable least-privileged communications between services and defend against the lateral movement of attackers, and how to validate that the workload itself is operating within the expected guardrails. VMware provides customers with a robust end-to-end security offering that addresses these challenges at the edge, in the microservices network layer, and in the workload itself.

This gives organizations greater visibility and control over both their overall security posture as well as the compliance of their containerized applications for improved protection from development to production. “At VMware, we aspire to be the best in the world at protecting applications from within,” said Tom Gillis, senior vice president and general manager, Networking and Advanced Security Business Group, VMware. “Protecting the runtime is the foundation of securing the inner workings of a modern application. With the introduction of container runtime protection, our end-to-end security offering is now tightly integrated across the entire application lifecycle, protects all east-west traffic, and brings a new level of distributed visibility and security to APIs.”

As threat actors increasingly launch attacks targeting containers, 97 percent of technology leaders surveyed by VMware say they have concerns about Kubernetes security, and 1 in 5 cite securing containerized workloads at runtime as their biggest concern. To help customers stay one step ahead of attackers, VMware is adding container runtime protection capabilities to enhance its end-to-end security offering for cloud-native workloads. These capabilities build upon the VMware Carbon Black Container solution released in April 2021.

VMware’s new container runtime security capabilities include:

1. Runtime cluster image scanning enables security and DevOps teams to automate runtime vulnerability scanning and customize policies to reduce risk and ensure images used in running containers are secure. This expansion for image scanning capabilities allows for images to be scanned in Kubernetes clusters, whether they are on-premises or in the cloud.
2. Integrated alerts dashboard provides a single pane of glass for security teams to view events and address anomalies in their runtime environment, and enable faster investigation and correlation of events from both host and container layers.
3. Kubernetes visibility mapping allows DevOps and security teams to quickly understand the architecture of an application that was set pre-deployment to better identify egress destination connections, potential workload policy violations, and vulnerable images.
4. Workload anomaly detection leverages artificial intelligence to standardize networking modules and alert SecOps teams on any deviation from that module, which is critical when setting up new workloads.
5. Egress and ingress security provide security teams with added visibility into the external source that is reaching out to the Kubernetes service and easier detection of malicious egress connectivity based on the IP address and the behavioral data.
6. Threat detection allows customers to scan open ports to check for vulnerabilities and quickly see if there is a lateral attack in progress. If an attacker tries to exploit a vulnerability to find the next lateral move, the internal port scan, and egress port scan will raise an alert.

Attackers often attempt to hide in the noise of an environment, so container runtime security helps to reduce the noise and alert on real, active events, or block the events immediately while minimizing impact to the application and user experience. By consolidating these events to a single dashboard, security teams can accelerate their investigation into incidents impacting endpoints, virtual machine workloads, and containerized workloads. This provides VMware’s customers with a better understanding of their overall security posture while reducing alert fatigue, effectively managing risk, and easing enforcement of compliance.

According to a recent study, 70 percent of developer and security managers believe better alignment between their teams creates more secure applications. VMware Cross-Cloud services help customers reduce team silos to accelerate the development lifecycle and enable security to be built in from the beginning. For example, VMware Carbon Black is highly complementary with VMware Tanzu solutions in addressing the security challenges of modern applications. Together, the two solutions enable more secure applications and simplify operations for security and DevOps teams.

Container runtime protection is currently available through the VMware Carbon Black Cloud Container Advanced Bundle.

Accelerated digital transformation is pushing organizations to deploy new applications faster and innovate at an increasing pace. This, combined with the move to a distributed environment, is driving development teams to cloud-native methods, such as low code platforms. By 2023, over 500 million digital apps and services will be developed and deployed using cloud-native approaches – the same number of apps developed in the last 40 years. This poses clear and immediate security risks to cloud applications, including data leakage, misconfigurations, and exposed secrets. To address this massive challenge, developers now require the right tools to ensure cloud security is implemented with no compromise on productivity.

Spectral, a startup founded in 2020, is a key innovator in developer security with a thriving open-source community. Spectral’s developer-first approach to security focuses on code safety and trust, fast code scanning, and simple and cool developer experience. Spectral’s security tools support a wide range of automated code security use cases including:

• Infrastructure as Code Scanning
• Code Tampering Prevention
• Hardcoded Secrets Detection
• Source Controls and CI/CD Security
• Source Code Leakage Detection

Spectral’s solutions deploy in less than five minutes and fast code scanning delivers comprehensive and accurate results within seconds. The tools are used by developers from over 300 organizations worldwide. Spectral tools will be integrated into Check Point’s Infinity security platform as part of its CloudGuard offering, making it the industry’s most comprehensive security platform from code to cloud.

“As leaders in IT security Check Point is constantly looking at how cloud security will morph in the future so we can invest today in securing whatever comes next,” said Dr. Dorit Dor, Chief Product Officer at Check Point Software. “The acquisition of Spectral, further emphasizes our commitment to cloud developers. This is Check Point´s fifth cloud security acquisition in the last three years, reaffirming our commitment to support the cloud developer´s community and our mission of delivering cloud security automation, usability, and trust across any cloud to every enterprise.”

“Spectral’s undertaking is to enable developers to build and ship software without worry. By joining Check Point, we will be able to help more developers, across more regions, and build our community and open source offering faster and more effectively” says Dotan Nahum, CEO, and co-founder of Spectral. “The combination of Check Point’s deep cloud security capabilities and threat intelligence tools with Spectral’s best in class security tools for developers will allow organizations to shift-left security with tools developers love and security teams trust.”

Check Point Software Technologies entered into a definitive agreement to acquire Spectral, and the transaction is expected to close imminently. Spectral´s products will be available immediately under the CloudGuard product suite.

With the release of Tenable.cs, Tenable will help organizations protect the full cloud-native stack throughout the DevOps lifecycle, from the time applications and infrastructure are defined in code through production usage. Tenable.cs scans Infrastructure as Code (IaC) to detect and remediate any flaws, policy violations, and potential breach paths before provisioning to the cloud infrastructure.

Implementing secure and compliant IaC is a cornerstone to aligning DevOps, security, and compliance, which helps prevent cloud security risk, improve developer productivity and ultimately strengthen security and compliance. DevOps and security teams today face the challenge of “staying in their lanes” while attempting to effectively collaborate without impeding innovation. This pursuit is further complicated by cloud-native environments that are ever-evolving and increasing in complexity.

Tenable.cs brings the Accurics platform into the Tenable ecosystem, giving teams pragmatic, real-world solutions from build through runtime. The solution also delivers a best practices framework that unites DevOps and Security teams so companies can innovate in the cloud with confidence.

“Tenable.cs expands our capabilities further into the cloud stack,” said Nico Popp, chief product officer, Tenable. “Our aim is to enable organizations to embrace both the technical and cultural change that is DevSecOps. This is a natural evolution as services increasingly leverage the cloud and IaC. By analyzing this codified state of cloud environments, we enable users to shift security left and address misconfigurations and vulnerabilities before they are deployed.”

This inaugural release of Tenable.cs builds on established Accurics capabilities by optimizing the user experience, enhancing runtime capabilities and reporting, and enabling tighter integration with development workflows.

• Optimized user experience:
  • Unified management console for multiple control planes including code repositories, cloud accounts, Kubernetes clusters & CI/CD or GitOps pipelines
  • A streamlined user experience for configuring complex AWS, Azure, and GCP environments, and projects
  • A new low code security policy editor simplifies the management of policy logic while eliminating the need to learn another policy language
• Enhanced runtime capabilities and reporting:
  • Continuous monitoring of AWS configuration changes, enabling real-time management of cloud posture
  • Comprehensive posture management for Kubernetes applications, including detecting configuration drifts in Kubernetes runtime infrastructure
• Tighter integration with development workflows:
  • Improved integration into development pipelines, including new policies for application vulnerabilities and the ability to enforce policies during build time
  • Kubernetes policy guardrails based on recent NSA & CISA Kubernetes Hardening Guidance