Cloud Security, IOT, ICS security

Ixia, Yubico, Fortinet, and ZeroStack – Enterprise Security Weekly #118

December 6, 2018
Ixia extends collaboration with ProtectWise, Ping Identity brings in New Customer Identity as a service solution, Fortinet introduces new security automation capabilities on AWS, and Yubico announces YubiHSM 2 integration with AWS IoT Greengrass!

Enterprise News

  1. Ixia extends collaboration with ProtectWise - Ixia´s Vision ONE network packet broker and the CloudLens visibility platform, combined with The ProtectWise Grid, an on-demand platform with full-packet memory that delivers real-time and retrospective detections and advanced network forensics, offers enterprises esy collection and visualization of NetFlow, metadata, truncated flows, and full-fidelity packet capture (PCAP) by protocol and application for complete visibility into data assets in a hybrid environment including enterprise, cloud, or hybrid deployments from a single-pane-of-glass graphical user interface.
  2. Ping Identity Brings in New Customer Identity-as-a-Service Solution - The cloud-based Identity as a Service (IDaaS) offering, aimed at the developer community, offers API-based identity services for customer-facing applications. It can enable large enterprises to launch apps faster, substitute custom identity services that are tough to maintain, and enable the transition from on-premises deployments to cloud-hosted services.
  3. CyberX partners with GE to strengthen IIoT cybersecurity
  4. Fortinet introduces new security automation capabilities on Amazon Web Services - Curious how the WAF works (or doesn't): Containers, AWS Security Hub, and Broad Protection: On top of the existing broad set of Fortinet security offerings on AWS, Fortinet is announcing support for AWS Security Hub. Fortinet now also offers FortiWeb Web Application Firewall in AWS Container Marketplace, enhancing multi-layer security protection at the API level, the VM level and the container level for applications running on AWS.
  5. eSentire Launches New Risk Advisory and Managed Prevention Services Designed to Strengthen Organizations' Resiliency Against the Evolving Threat Landscape - . Through a tailored set of services, organizations can now: Identify blind spots and risk - assesses an organization's people, process, policies and technology, from on-premise to the cloud, for systemic risks and potential security gap and Build a strategy and define a plan evaluates current security program maturity, policies, architecture and response capabilities
  6. Yubico Announces YubiHSM 2 Integration with AWS IoT Greengrass; Delivering Hardware-based Private Key and Secrets Storage - Yubico announced that the YubiHSM 2 (hardware security module) is qualified for Amazon Web Services (AWS) Internet of Things (IoT) Greengrass Hardware Security Integration. AWS IoT Greengrass introduced a new feature that will utilize a small subset of the YubiHSM 2 PKCS#11 library, allowing the YubiHSM 2 to perform the crypto operations for AWS IoT Greengrass to use secure hardware to store private keys. AWS IoT Greengrass allows users to securely and locally run compute, messaging, data caching, sync, and machine learning inference capabilities for connected devices. Interesting:
  7. Pulse Secure Expands Zero Trust Security for IoT with Firewall Auto-provisioning and Behavioural Analytics - Pulse Policy Secure (PPS) is an integral part of Pulse Secure’s combined VPN and NAC solution that provides corporate networks with Zero Trust Security through visibility, “comply to connect” policy enforcement and security orchestration with popular network and security infrastructure. PPS dynamically profiles the network to discover, classify and apply policy to IoT devices, and includes a built-in IoT device identification library. The solution also integrates with Next Generation Firewall (NGFW) solutions to provide identity and device security state data, as well as to fortify micro-segmentation to isolate and manage IoT devices on enterprises networks.
  8. OPAQ Named a Hottest Cyber Security Startup of 2018 by CRN - OPAQ is the premier network security cloud company. OPAQ’s platform-as-a-service enables partners to deliver Fortune 100-grade security-as-a-service to midsize enterprises on a fully encrypted SD-WAN optimized for speed and performance. With OPAQ, service providers are equipped with a simplified ability to centrally monitor security performance and compliance maturity, generate reports, manage security infrastructure, and enforce policies – all through a single interface.
  9. AI cyber security disruptor launches new platform to give instant oversight of business threats - I think the word disrupt is overused and overstated: The Senseon platform will solve this issue by using Sensory AI to perform the heavy lifting. Senseon’s technology has both the intelligence and context to separate benign activity from genuine threats, meaning it is able to carry out automated investigations with accuracy. This helps overstretched security teams to focus their efforts where they matter the most – investigating actual threats.
  10. A10 Introduces Centralized Management and Advanced Security Analytics for SSL Inspection
  11. NeuVector Improves Container Security With Admission Control - I really believe this should be native functionality: By integrating with Kubernetes, via kube-apiserver, NeuVector can get notification for any image attempting to be deployed, then apply the policy, which an admin has configured in NeuVector to decide whether to allow or block the deployment through Kubernetes.
  12. ZeroStack delivers AI-as-a-Service - This sounds cool: ZeroStack’s AI-as-a-service capability gives customers features to detect GPUs and make them available for users to run their AI applications. In order to maximize utilization of this resource, cloud admins can configure, scale, and allow access control of GPU resources to end users.
  13. Firmware Security Firm Eclypsium Raises $8.75 Million | SecurityWeek.Com - Interesting, seems to target enterprises, though device manufacturers, and even better firmware developers, seem to be a better audience. Shouldn't my firmware be secure before I buy it?
Full Show Notes Visit for all the latest episodes!


[caption id="attachment_210" align="alignleft" width="120"]John Strand John Strand - Founder; Security Professional, Black Hills Information Security.[/caption] [caption id="attachment_210" align="alignleft" width="120"]Paul Asadorian Paul Asadorian - CEO, Security Weekly.[/caption] [audio src="" ]
prestitial ad