Network Threat Detection
PR Newswire | October 04, 2023
Kyndryl (NYSE: KD), the world's largest IT infrastructure services provider, today announced a strategic global alliance with Palo Alto Networks to provide end-to-end network and cybersecurity services, including the launch of a new service offering, powered by Prisma SD-WAN for enterprises and Industry 4.0 customers.
The alliance brings together Palo Alto Networks industry-leading platform security capabilities with Kyndryl's advanced network security services expertise to design, build, manage, and modernize mission-critical networking for customers across industries.
The companies are joining forces to capitalize on emerging opportunities in the SD-WAN infrastructure market that IDC estimates will grow at a compound annual growth rate of 10.1% through 2027. As the demands of enterprise mobility accelerate, enterprises are looking for greater operational agility to support their digital transformation. Businesses need to support the growing number of devices used to access the corporate network and cloud-based applications, while also meeting evolving security and compliance requirements.
Kyndryl and Palo Alto Networks are partnering to help businesses deliver consistent security and an enhanced user experience for customers everywhere, and across industries such as services, manufacturing, energy, healthcare, and retail. Kyndryl's new SD-WAN offering, powered by Prisma SD-WAN, will enable customers to transform and modernize their networks and meet the growing bandwidth demands of the proliferation of devices and cloud traffic. The new approach to network connectivity will provide a single pane of glass management to their networks, and simplifies deployment to branch-offices and edge services. By helping customers transition into a flexible and scalable network, Kyndryl will be able to help enterprises build a roadmap and incorporate new security paradigms such as SASE with Kyndryl Consulting services.
At Kyndryl, we are at the forefront of helping enterprises with their network transformation to meet the growing trends of remote work, multi-devices usage, and cloud and data access. As organizations move away from traditional hardware-centric models to OPEX consumption models, the need for agile, highly secure and reliable networks is imperative, said Stephen Leonard, SVP of Global Strategic Alliances, Kyndryl. We are delighted to partner with Palo Alto Networks to provide robust and versatile network security services that will provide many benefits to our customers.
"Together with Kyndryl, we are enabling enterprises to digitally transform confidently and innovate securely, while reaping the benefits of consolidating disparate security solutions into an integrated, best of breed platform," said Prem Iyer, SVP of Global Ecosystems for Palo Alto Networks. "We are committed to helping our joint customers achieve better security outcomes while protecting the modern connected organization from increasingly sophisticated attacks."
The global partnership between Kyndryl and Palo Alto Networks builds on the companies' established collaboration around security services and solutions. In July Kyndryl launched its new Security Operations as a platform (SOaap) solution leveraging Palo Alto Networks Cortex technology to drive operational savings and time-to-value through automation and orchestration.
Earlier this year, Kyndryl and Palo Alto Networks, together with Nokia, established an innovation lab in support of joint enterprise customers. By the end of the year, customers will be able to view innovative industrial edge use cases running on cloud, 4.9G/LTE and 5G private wireless connectivity. This will include remote manufacturing process control and real-time analytics on factory production sites, provisioning and management of mobile devices to improve the employee and frontline worker experience for onboarding and communication, and IT and OT security integration for worker safety and operational efficiencies. Kyndryl's industrial edge platform will be integrated with a multi-factor zero trust model built on Palo Alto Networks next-generation firewalls, run on Nokia's MXIE Industrial edge as part of Nokia Digital Automation Cloud (DAC)'s solutions, and with end-to-end managed services provided by Kyndryl.
About Kyndryl
Kyndryl (NYSE: KD) is the world's largest IT infrastructure services provider, serving thousands of enterprise customers in more than 60 countries. The company designs, builds, manages and modernizes the complex, mission-critical information systems that the world depends on every day. For more information, visit www.kyndryl.com.
Read More
Software Security
PR Newswire | October 06, 2023
IBM (NYSE: IBM) today unveiled the next evolution of its managed detection and response service offerings with new AI technologies, including the ability to automatically escalate or close up to 85% of alerts,1 helping to accelerate security response timelines for clients.
The new Threat Detection and Response Services (TDR) provide 24x7 monitoring, investigation, and automated remediation of security alerts from all relevant technologies across client's hybrid cloud environments – including existing security tools and investments, as well as cloud, on-premise, and operational technologies (OT). The managed services are delivered by IBM Consulting's global team of security analysts via IBM's advanced security services platform, which applies multiple layers of AI and contextual threat intelligence from the company's vast global security network – helping automate away the noise while quickly escalating critical threats.
Security teams today are not just outnumbered by attackers, but also by the number of vulnerabilities, alerts and security tools and systems they're tasked with managing on a day-to-day basis, said Chris McCurdy, General Manager, Worldwide IBM Consulting Cybersecurity Services. By combining advanced analytics and real-time threat intelligence with human expertise, IBM's new Threat Detection and Response Services can augment organization's security defenses with a capability that is scalable, continuously improving and strong enough for tomorrow's threats.
Intelligently Adapting Threat Defenses
The new TDR Services are underpinned by a set of AI-powered security technologies that support thousands of clients across the world, monitoring billions of potential security events per day. It leverages AI models that continuously learn from real-world client data, including security analyst responses, engineered to automatically close low priority and false positive alerts based on a client-defined confidence level. This capability also automatically escalates high risk alerts that require immediate action by security teams and provides investigation context.
IBM's TDR Services are designed to provide:
Crowdsourced detection rules, Optimized alerts. Leveraging real-time insights from IBM's threat management engagements, the new services use AI to continuously assess and auto-recommend the most effective detection rules – helping to improve alert quality, and speed response times. This capability helped reduce low-value SIEM alerts by 45% and auto escalate 79% more high-value alerts that required immediate attention2. Organizations can approve and update detection rules with just two clicks through its co-managed portal.
MITRE ATT&CK assessment. To stay prepared for ransomware and wipe-out attacks, organizations will be able to see how their environment is covering MITRE ATT&CK framework tactics, techniques, and procedures as compared to their industry and geography peers. By applying AI, the new services are designed to reconcile the multiple detection tools and policies currently in place at an organization, providing an enterprise view into how to best detect threats and assess gaps to update within an ATT&CK framework.
Seamless end-to-end integration. With its open API approach, the new services can quickly integrate with a client's enterprise-wide security assets, whether on premise or in the cloud. Organizations can continue to access their ecosystem while also having the option to connect and collaborate and define their own response playbooks through a co-managed portal. This provides a unified enterprise view, precise remediation capabilities, and consistently enforces security policies across IT & OT.
24x7 global support. Organizations will have access to more than 6,000 IBM Cybersecurity Services professionals across the globe 24/7 x 365 to help augment security programs. IBM Consulting Cybersecurity Services' vast global network serves more than 3,000 clients around the world – managing more than 2 million endpoints and 150 billion security events per day.
"Security leaders today are trying to escape the vicious cycle of staff shortages, increased threats, and rising demands from the C-Suite to mature their cyber program without breaking the bank. For many organizations the old playbook of swapping out their tools for a vendor's preferred platform does not work, as they cannot afford to write off prior SOC investments," said Craig Robinson, IDC Research VP of Security Services. "A service like IBM's Threat Detection and Response offering can provide an off-ramp to these concerns, without requiring a full rip-and-replace of their prior security investments and help shift their human capital in the SOC to more of a proactive mode."
To support continuous improvement for security operations capabilities, IBM's TDR Services, which are now available, include access to IBM's X- Force Incident Response Services along with the option to include additional proactive security services from IBM X-Force, such as penetration testing, adversary simulation or vulnerability management. X-Force will also provide guidance to help clients improve their security operations over time, based on the current threat landscape, clients' evolving IT environment, and insights gleaned from engagements with thousands of IBM Cybersecurity Services clients around the world.
Read More
Network Threat Detection
Business Wire | October 20, 2023
Juniper Networks (NYSE: JNPR), the leader in secure, AI-driven networks, today announced the expansion of its Connected Security portfolio with new products and capabilities that empower organizations to seamlessly extend security services and Zero Trust policies across distributed data center environments. The new Juniper Connected Security Distributed Services Architecture uniquely integrates Juniper’s unified security management paradigm with best-in-class routing and AI-Predictive Threat Prevention to bring much-needed operational simplicity and scale to data center security. In addition, four new high-performance firewall platforms deliver unmatched performance in a compact footprint that minimizes cost, space and power consumption.
With the adoption of edge computing, multicloud, 5G and IoT, business data is increasingly distributed across geographically dispersed locations, making it harder to secure and manage. To adapt to this changing environment, organizations need a new modern data center architecture that delivers reliability through automated data center operations, scalable performance to support the most stringent workloads (e.g., AI model training) and comprehensive data security, regardless of where the data resides.
The newest enhancements to Juniper’s Connected Security portfolio provide a secure bridge for customers to facilitate their transition to a modern data center, at their own pace. This is achieved via the following unique innovations:
Juniper’s Connected Security Distributed Services Architecture: Juniper is the first in the industry to deliver an architecture design that fully decouples the forwarding and security services layers that have traditionally been combined in a single firewall appliance. By decoupling these layers, customers can utilize their existing Juniper MX series routers as an intelligent forwarding engine and load balancer. This unique design gives customers independent scaling flexibility without chassis limitations, multi-path resiliency and cost efficiency. When coupled with Juniper Security Director Cloud, the operational experience is as simple as managing one logical element, regardless of the quantities and form factors of any additional firewall engines added to the architecture.
AI-Predictive Threat Prevention: Building on Juniper’s Adaptive Threat Profiling and Encrypted Traffic Insights, AI-Predictive Threat Prevention automatically generates custom signatures unique to the customer’s environment through a proxy-less architecture. Coupled with AI, customers gain even more effective malware prevention at line rate. Additionally, the enhanced URL filtering solution provides more granular control, with more than 200 categories to choose from and support for up to 200 languages, as well as a new portal for better insights on web content and easy recategorization. The AI-powered security solution enables customers and partners to predict and find real threats faster, leaving human experts to focus on more strategic security tasks.
Four new best-in-class high-performance firewalls: The new Juniper Networks SRX firewalls (SRX1600, SRX2300, SRX4300, SRX4700) are 1RU in size, scale up to 1.4 Tbps and include built-in Zero Trust capabilities, delivering the industry’s highest firewall throughput performance per rack unit. The new platforms feature wire-speed MACsec along with natively embedded TPM 2.0 chips and cryptographically signed device IDs that allow security administrators and network operators to easily verify the trust posture of devices remotely and mitigate the risks of supply chain attacks. These new firewalls, like the whole SRX family, support industry-standard EVPN-VXLAN Type 5 integration, providing full fabric awareness to security operators and allowing them to respond to threats faster.
When combined with Juniper’s Connected Security Distributed Services Architecture, these additions to the Juniper SRX series family offer customers even more options to build and expand their data center architectures securely and with sustainability objectives top of mind.
Read More