Rapid Adoption of Public Cloud Opens a Cybersecurity Gap, Warns Cybersecurity Professionals

Most European and Middle East cybersecurity professionals at organisations using DevOps practices within the public cloud think that their organisations are buying and selling speed for security. Inside a recently printed cloud security study commissioned by global security leader, Palo Alto Networks® (New york stock exchange: PANW), 72 percent of cybersecurity professionals established that the rate of public cloud adoption is presenting avoidable security risks to software updates.

The DevOps model increases collaboration between development and processes teams, allowing for a quick-paced method of application creation and enhancement. Organisations now utilize this model to attain faster application delivery, enhanced innovation, more stable operating environments, and gratifaction-focused worker teams.  Yet because the DevOps model is enthusiastically accepted, laptop computer findings indicate that cybersecurity has been overlooked and organisations might be vulnerable consequently.  Most particularly:

• There's concern among cybersecurity professionals about whether cybersecurity can match the rate and frequency of methods DevOps updates apps and services within the public cloud. Only 47 percent of survey respondents indicated that they're certain that cybersecurity is working well for DevOps teams operating within the public cloud.
• Only 22 percent of cybersecurity professionals stated they'd a strong grasp around the risks and requires that include securing DevOps-operated environments within the cloud
• Nearly 75 % (73 percent) are convinced that their organisations have either fully or partially adopted DevOps rise in the general public cloud.  They're regularly deploying and altering software, with one in five doing many updates every week.

As Greg Day, v . p . and CSO for EMEA at Palo Alto Systems, explains: “DevOps is shown to deliver strong results. Rapid delivery of code, infrastructure and knowledge enables organisations to meet the requirements of the customers quicker than ever and stand above their competitors. However, too frequently, the rate and complexity of delivery has led to traditional cybersecurity processes neglecting to complete even rudimentary checks and controls in the same rapid pace, leading to unnecessary risks. Indeed, we have seen over half neglecting to meet fundamental password management policies. Organisations won’t watch for security teams to trap up, so that they must leverage native integration points and automate their cybersecurity abilities to deal with the continual and real-time visibility and governance required to keep pace with DevOps practices.”

The Palo Alto Systems Security Operating Platform enables organisations to with confidence deploy applications within the cloud by stopping loss of data and business disruption. Palo Alto Systems customers operating in hybrid and multi-cloud environments take advantage of an extensive and consistent security offering that integrates directly with cloud platforms.

Leading Indonesian Bank Turns to Palo Alto Networks Next- Generation Firewalls to Future-Proof Its IT Security

Palo Alto Networks® (New york stock exchange: PANW), the worldwide cybersecurity leader, announced today that Bank Central Asia has switched to the next-generation firewalls and latest network security management. The move is supposed to future-proof the bank’s method of cybersecurity.

BCA is among Indonesia’s leading retail banks, with roughly 16 million customers, 1,213 branches and 17,207 ATMs. By having an annual 20 % rise in its mobile banking, the financial institution is digitizing a lot of its operations. As adware and spyware attacks be common as well as an growing quantity of customers conduct all their banking online, digital security has turned into a prime concern.

For digital banking to operate, BCA recognized its customers must enjoy an always-on knowledge about the reassurance of rock-solid security. The financial institution responded by picking out a suite of Palo Alto Systems next-generation firewalls, such as the PA-3000 Series and pop-5000 Series, in addition to WildFire® cloud-based threat analysis service and Panorama™ network security management.

Palo Alto Systems next-generation firewalls classify all traffic, including encrypted traffic, according to criteria for example application function, user and content. BCA’s network security team are now able to create comprehensive security policies, inducing the fast and safe enablement of recent applications. By enabling only approved users to operate sanctioned applications, the top area prone to cyberattacks continues to be considerably reduced over the entire bank. Furthermore, Panorama enables the financial institution to considerably reduce administrator workload via a single rule base for firewall, Threat Prevention, URL Filtering, Application-ID™ and User-ID™ technologies, in addition to file blocking and knowledge filtering.

BCA now enjoys complete visibility from one console, passing on greatly improved and simplified control. Consequently, the financial institution are now able to make any necessary changes in one location, with automation coping with bigger share from the work.

About Bank Central Asia

Bank Central Asia is really a leading private bank in Indonesia concentrating on business banking transactions, credit loan facilities, and financial solutions for corporate, commercial, and SME, in addition to individual customers. The financial institution presently facilitates banking transactions in excess of 16 million customers through 1,213 branches and 17,207 ATMs. Additionally, it supports 24-hour internet and mobile banking.

Palo Alto Networks Announces Intent to Acquire RedLock

Palo Alto Networks® (New york stock exchange: PANW), the worldwide cybersecurity leader, today announced it has joined right into a definitive agreement to get RedLock Corporation., a cloud threat defense company. Underneath the the agreement, Palo Alto Systems pays roughly $173 million in cash to get RedLock. The purchase is anticipated to shut during Palo Alto Systems fiscal first quarter, susceptible to the satisfaction of customary closing conditions. RedLock co-founders Varun Badhwar and Gaurav Kumar, will join Palo Alto Systems.

Palo Alto Systems already supplies a broad security offering for multi-cloud environments with inline, host-based, and API-based security, that was bolstered through the purchase of Apparent.io in March 2018. The organization presently serves greater than 6,000 cloud customers globally using its cloud security portfolio which includes VM-Series next-generation firewall, Aperture, Apparent, and GlobalProtect cloud service.

Palo Alto Systems will combine the Apparent and RedLock technologies to supply customers with cloud security analytics, advanced threat recognition, continuous security, and compliance monitoring in one offering anticipated early the coming year. The organization expects the new offering can help security teams respond faster towards the most important threats by replacing manual investigations with automated, real-time removal and reports that highlight an organization’s cloud risks.

About RedLock

RedLock provides effective threat defense across public cloud environments to assist organizations ensure compliance, govern security, and let security operations. The RedLock Cloud 360™ platform takes an AI-driven approach that correlates disparate security data sets to supply comprehensive visibility, identify threats, and let rapid response across an organization’s entire public cloud atmosphere.

About Palo Alto Systems

We're the worldwide cybersecurity leader, noted for always challenging the safety established order. Our mission would be to safeguard our method of existence within the digital age by stopping effective cyberattacks. It has provided us with the privilege of securely enabling thousands of organizations as well as their customers. Our pioneering Security Operating Platform emboldens their digital transformation with continuous innovation that seizes the most recent breakthroughs in security, automation, and analytics. By delivering a real platform and empowering an increasing ecosystem an increasing ecosystem of change-makers like us, we offer impressive and innovative cybersecurity across clouds, systems, and cellular devices.

Palo Alto Networks Recognized as a Leader in Gartner Magic Quadrant for Enterprise Network Firewalls Seven Times in a Row

Palo Alto Networks® (New york stock exchange: PANW), the worldwide cybersecurity leader, today announced that, for that seventh consecutive time, the organization continues to be recognized within the Leaders quadrant from the  "Magic Quadrant for Enterprise Network Firewalls" by Gartner Corporation.

Based on the report, "The Leaders quadrant contains vendors that build items that fulfill enterprise needs. These needs include an array of models, support for virtualization and virtual LANs, along with a management and reporting capacity that is made for complex and-volume environments, for example multitier administration and rule/policy minimization. A good NGFW capacity is a vital element, as enterprises still escape from getting dedicated IPS appliances in their perimeter and remote locations. Vendors within this quadrant lead the marketplace in offering additional features that safeguard customers from emerging threats, provide expert capacity instead of treat the firewall like a commodity and also have a good history of staying away from vulnerabilities within their security products. Common characteristics include handling the greatest throughput with minimal performance loss, offering choices for hardware acceleration and offering form factors that safeguard enterprises because they proceed to new infrastructure form factors."

Gartner doesn't endorse any vendor, service or product portrayed in the research publications, and doesn't advise technology users to pick only individuals vendors using the greatest ratings or any other designation. Gartner research publications contain the opinions of Gartner's research organization and cannot be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, regarding these studies, including any warranties of merchantability or fitness for the purpose.

About Palo Alto Systems

We're the worldwide cybersecurity leader, noted for always challenging the safety established order. Our mission would be to safeguard our method of existence within the digital age by stopping effective cyberattacks. It has provided us with the privilege of securely enabling thousands of organizations as well as their customers. Our pioneering Security Operating Platform emboldens their digital transformation with continuous innovation that seizes the most recent breakthroughs in security, automation, and analytics. By delivering a real platform and empowering an increasing ecosystem of change-makers like us, we offer impressive and innovative cybersecurity across clouds, systems, and cellular devices.

Roadmap to Success: Palo Alto ACE

Palo Alto firewalls emerged like a real pressure within the IT industry. Like a shocking quantity of organizations are embracing Palo Alto products to enhance security, the Palo Alto Accredited Configuration Engineer (ACE) has turned into a highly searched for after certification for employers. Roles that the ACE is efficacious include network security administrator, firewall administrator, network security engineer, and much more.

Palo Alto Accredited Configuration Engineer (ACE)

The Palo Alto Accredited Configuration Engineer (ACE) certification is made to test learners’ understanding from the core features of Palo Alto next-generation firewalls. The main objective of the ACE exam would be to function as a goal symbol of a learner’s capability to configure Palo Alto Systems firewalls while using PAN-OS. For that ACE certification, learners should be ready to address issues including interfaces, zones, security policies, guidelines, and much more.

The ACE certification consists of one exam, that is included in CBT Nuggets training:

Palo Alto Systems Firewall

The ACE is definitely an intermediate-level certification. Learners going after the ACE must have knowledge of networking concepts and fundamental knowledge of security concepts. Most typically, learners about this path have 2-5 experience working directly with networking and/or security.

Find out more about Palo Alto Network Firewalls from all of these previous blogs, webinars, and much more:

• Six Good reasons to Learn Palo Alto Firewalls
• Recording: Power Palo Alto Firewalls (web seminar recording)
• Cisco ASA versus Palo Alto Systems Firewalls

Exam Registration and Authorization

Palo Alto administers certification exams through its Learning Center. To join up to have an exam, learners must first on line.

Exam Details

The ACE exam is exclusive certification exam experience often. Carefully evaluate the information below to completely understand what to anticipate in the ACE exam.

Time allotted for exam: Limitless - there's virtually no time limit for that ACE exam.

Quantity of questions: 50

Passing score: Palo Alto doesn't publish the passing score, however, learners can retake test as numerous occasions as essential to acquire a passing score.

Question types: Multiple choice

Exam registration: Palo Alto Systems

Exam cost: Free

Recertification

The ACE certification doesn't have recertification needs. However, the ACE certification changes with major revisions towards the software that runs the Palo Alto Systems platform. Although the ACE is, effectively, a existence-time certification, it might be outdated by more current versions from the credential.

The Next Phase

The ACE certification may be the to begin just two certifications provided by Palo Alto Systems. Individuals who complete the ACE are qualified to carry on to the Palo Alto Systems Certified Network Security Engineer (PCNSE).

Cloudy with a Chance of Entropy

The word “cloud” continues to be popular in the industry lexicon since 2006 when Amazon . com Web Services (AWS) launched its Elastic Compute Cloud (EC2). The most recent Cloud Threat Report from Unit 42, that was released today, implies that organizations still have a problem with securing public cloud platforms some 13 years following the launch of EC2. The report highlights key insights on cloud threats according to intelligence collected from multiple data sources between The month of january 2018 and late June 2019.

Among other findings, the report shows:

• Shortcomings in on-premises patching routine is transporting to the cloud. Unit 42 found greater than 34 million vulnerabilities across various cloud providers (CSPs). These vulnerabilities result from the applications customers deploy to CSP infrastructure, for example outdated Apache servers and vulnerable jQuery packages. Researchers identified:

1. 29,128,902 vulnerabilities in Amazon . com EC2
2. 1,715,855 in Azure Virtual Machine
3. 3,971,632 in GCP Compute Engine

Patching is really a struggle, as numerous standalone vulnerability management tools lack cloud context and turn into scattered across multiple consoles. Organizations have to consolidate tools to create a cloud-centric view.

• Default and unsecured container configurations are rampant. Unit 42 research reveals greater than 40,000 container systems operate under default configurations. This represents nearly 51% of openly uncovered Docker containers. Most of the systems identified permitted for unauthenticated accessibility data they contained. We advise a minimum of placing every container with sensitive data behind a correctly configured security policy or perhaps an exterior-facing firewall that stops access from the web.
• Cloud complexity is yielding low-hanging fruit for attackers. Regarding openly disclosed cloud security occurrences, 65% were caused by misconfigurations. Organizations which had a minumum of one Remote Desktop Protocol (RDP) service uncovered towards the entire internet amounted to 56%, even though all major cloud providers natively give consumers the opportunity to restrict inbound traffic. This represents an chance to consolidate cloud-based network controls with well-established on-premises management systems.
• Adware and spyware has extended its achieve towards the cloud. Unit 42 found 28% of organizations contacting malicious cryptomining C2 domains run by the threat group Rocke. We've been carefully tracking the audience and noted the group’s unique tactics, techniques and operations (TTPs), providing them with the opportunity to disable and uninstall agent-based cloud security tools. Timely and consistent patching schedules for cloud-based systems are an expedient method to slow similar adware and spyware threats.