Technology and Enterprise Leaders Combine Efforts to Improve Open Source Security

New collaboration called Open Source Security Foundation (OpenSSF) consolidates industry efforts to improve the security of open source software

SAN FRANCISCO, Calif., Aug 3, 2020 – The Linux Foundation, today announced the formation of the Open Source Security Foundation (OpenSSF). The OpenSSF is a cross-industry collaboration that brings together leaders to improve the security of open source software (OSS) by building a broader community with targeted initiatives and best practices. It combines efforts from the Core Infrastructure Initiative, GitHub’s Open Source Security Coalition and other open source security work from founding governing board members GitHub, Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation and Red Hat, among others. Additional founding members include ElevenPaths, GitLab, HackerOne, Intel, Okta, Purdue, SAFECode, StackHawk, Trail of Bits, Uber and VMware.

Continue reading “Technology and Enterprise Leaders Combine Efforts to Improve Open Source Security”

Advertisements

EDM Council Launches Cloud Data Management Work Group to Develop Best Practice Framework to Accelerate Cloud Adoption

NEW YORK and LONDON – July 30, 2020 – EDM Council, the leading trade association for data management, has launched the Cloud Data Management Capabilities (CDMC) Best Practices Work Group. This new group includes participation from Amazon Web Services (AWS), Google Cloud, IBM Cloud, and Microsoft Azure, as well as over 20 leading financial industry firms. The Work Group has been formed to develop an open source CDMC Best Practice Framework to accelerate Cloud adoption and automate the associated controls. The EDM Council Work Group is being co-chaired by Morgan Stanley and Refinitiv, with project management provided by Capco.

Continue reading “EDM Council Launches Cloud Data Management Work Group to Develop Best Practice Framework to Accelerate Cloud Adoption”

Prometheus 2.20 gets better at service discovery, hits WAL by default

Monitoring system Prometheus has recently hit version 2.20, improving the CNCF project’s service discovery, query language, and user interface, amongst other things.

The main change the Prometheus team wanted to put front and centre was a new default in the system’s time series database (TSDB). Namely, compression of the write-ahead-log (WAL) is now standardly enabled.

Continue reading “Prometheus 2.20 gets better at service discovery, hits WAL by default”

Box and Google Cloud Deepen Strategic Partnership to Transform Work in the Cloud

Box will leverage Google Cloud as a key infrastructure and storage provider globally, and the companies will deeply integrate Box and G Suite to help businesses seamlessly and securely work across both environments

Google Cloud and Box, Inc. (NYSE: BOX), a leader in cloud content management, today announced a strategic partnership to help customers transform the way they work. Under the strategic partnership, Box will leverage Google Cloud and its advanced capabilities to enhance the scale, performance, and the intelligence of its cloud content management platform globally. Box and Google Cloud will also create a seamless experience for the thousands of enterprises using G Suite with Box to power secure, remote work in the cloud.

Continue reading “Box and Google Cloud Deepen Strategic Partnership to Transform Work in the Cloud”

Fortinet’s Latest Acquisition Is Further Proof Cloud Is the Future of Cybersecurity

The redundancy crisis brought on by the COVID-19 economic lockdown has sent already high-flying cloud-based security stocks soaring. Firms like CrowdStrike Holdings and Zscaler, services that were born in and cater to modern cloud computing-based operations, have gotten a boost as organizations try to deal with shelter-in-place orders and a suddenly dispersed workforce. The two stocks are up over 110% and 170%, respectively, so far in 2020.

Continue reading “Fortinet’s Latest Acquisition Is Further Proof Cloud Is the Future of Cybersecurity”

Google improves connectivity with upgrades to its cloud infrastructure

Google LLC today announced a series of upgrades to its global infrastructure services, giving customers more ways to connect to its cloud computing services. It also announced more deployment options for its cloud, plus new functionality for customers.

The announcements were made by Brad Calder, Google Cloud’s vice president of engineering, in a blog post today as part of Google’s ongoing Cloud Next OnAir online conference that runs through Sept. 8.

Continue reading “Google improves connectivity with upgrades to its cloud infrastructure”

Cloudflare launches Workers Unbound, the next evolution of its serverless platform

Cloudflare yesterday announced the private beta launch of Workers Unbound, the latest step in its efforts to offer a serverless platform that can compete with the likes of AWS Lambda.

The company first launched its Workers edge computing platform in late 2017. Today it has “hundreds of thousands of developers” who use it, and in the last quarter alone, more than 20,000 developers built applications based on the service, according to the company. Cloudflare also uses Workers to power many of its own services, but the first iteration of the platform had quite a few limitations. The idea behind Workers Unbound is to do away with most of those and turn it into a platform that can compete with the likes of AWS, Microsoft and Google.

Continue reading “Cloudflare launches Workers Unbound, the next evolution of its serverless platform”

Release: New N2WS Backup and Recovery v3.1

Taking next-gen AWS cloud backup to a new level

Last week N2WS announced the general availability of N2WS Backup & Recovery v3.1. The new 3.1 AMI can be accessed from the AWS Marketplace and is ready for launch. N2WS v3.1 takes the leading solution for backup and recovery for AWS to the very next level. This version is jam-packed with features that allow IT teams to customize, automate and optimize their backup & recovery workflows and drills. It enhances N2WS unique Data Lifecycle Management for additional significant cost savings, has more recovery automation and scheduling to perfect your disaster recovery drills, and has a brand new capability to replicate Amazon S3 object storage.

Continue reading “Release: New N2WS Backup and Recovery v3.1”

Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

The US Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902 on June 30, 2020.[1] Unpatched F5 BIG-IP devices are an attractive target for malicious actors. Affected organizations that have not applied the patch to fix this critical remote code execution (RCE) vulnerability risk an attacker exploiting CVE-2020-5902 to take control of their system. Note: F5’s security advisory for CVE-2020-5902 states that there is a high probability that any remaining unpatched devices are likely already compromised.

Continue reading “Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902”