HashiCorp | October 10, 2022
HashiCorp, Inc. a leading provider of multi-cloud infrastructure automation software, today announced the general availability of HashiCorp Cloud Platform (HCP) Boundary, a secure remote access product. With this release, Boundary joins HCP Vault and HCP Consul to provide the industry’s first zero trust security solution to secure applications, networks, and people built for the cloud.
As organizations move to the cloud and adopt cloud operating models, they require a different approach to security — commonly referred to as zero trust security — where the default security posture is to trust nothing, authenticate and authorize everything. But the gap between legacy security postures and the accelerated move to the cloud is contributing to a significant increase in security breaches. According to the HashiCorp State of Cloud Strategy Survey, 89% of respondents believe security is the number one determining factor for cloud success, which is driving organizations to adopt zero trust security postures.
HashiCorp’s approach to zero trust security focuses on using identity to secure applications, networks, and people across multiple clouds, on-premises, and hybrid environments, which reduces the attack surface and automates complex security workflows. This ensures people, machines, and services are authenticated, every action is authorized, and data is protected.
“As organizations continue to expand their cloud estates, they must shift their security strategies to keep up with the growth and complexity of applications, network components, and cloud-based systems, At HashiCorp, we have always believed that identity is the foundation for zero trust security for applications, networks, and users. With HCP Boundary, companies now have a modern solution for privileged access management, securing access in dynamic, ephemeral environments for their workforce. We think we’ve reached an important milestone for our customers by delivering a security solution built for today’s threat and infrastructure landscape.”
Armon Dadgar, co-founder and CTO, HashiCorp
As organizations move out of traditional datacenters and into multiple clouds, hybrid, and edge environments, securing their infrastructure becomes more complex at scale. The HashiCorp zero trust solution covers all three of these aspects:
Applications: HashiCorp Vault provides a consistent way to manage application identity by integrating many platforms and identity providers. Vault enables fine-grained access control and authorization between applications and databases, including dynamically rotating credentials, PKI certificates, and API tokens, while also ensuring application data is always secure in transit and at rest.
Networks: HashiCorp Consul secures network traffic between applications and services, enabling fine-grained access control policies, observability, and traffic shaping. Consul integrates with Vault’s identity platform to leverage application identity for the policies and to allow dynamic PKI.
People: HashiCorp Boundary ensures the right people have access to the right systems and cloud services while removing the need to distribute and issue credentials, expose private networks, or manage static credentials. Boundary integrates with Vault to issue just-in-time credentials and ensure ephemeral access to critical systems.
General Availability of HCP Boundary
HCP Boundary provides a secure remote access solution for a cloud operating model, offering improvements over existing software-defined perimeter (SDP) solutions, like VPNs, and privileged access management (PAM) solutions that are IP-driven and highly manual. With HCP Boundary, teams gain fine-grained authentication and authorization controls, rapid user onboarding, and automated workflows for target discovery and credential management for ephemeral resources. As a cloud-based service, HCP Boundary benefits organizations struggling with security as they transition to the cloud, driven by people and skills shortages.
HCP Boundary allows teams and users to access the critical systems they need while abstracting the session connection, establishment, credential issuance, and revocation. Boundary provides operations and security teams the ability to dynamically pull in cloud service catalogs and on-premises resources and map out policies to which systems, users, and groups should have access. To do this Boundary leverages Vault to provide passwordless connections, and after each use revokes the credentials. This helps ensure critical information like credentials, networks, and resources are never exposed to the user or outside actors.
In addition to core secure remote access capabilities, Boundary also offers:
Identity platform integration with Microsoft Azure Active Directory and Okta, along with many other identity platforms that support OpenID Connect to onboard trusted identities and delegate authentication
Role-based access control (RBAC) to provide broad or fine-grained access to people throughout your organization
Passwordless authentication for seamless integration with dynamic secrets and Vault
Automated service discovery for streamlined discovery and configuration of targets. Dynamic host catalogs are currently available with Microsoft Azure and AWS, as well as direct HashiCorp Terraform integration to pull in resources under management
Session visibility and logging to get insights into session metrics, events, logs, and traces with the ability to export data to business intelligence and event monitoring tools
HashiCorp is a leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows and create a system of record for automating the cloud: infrastructure provisioning, security, networking, and application deployment. HashiCorp’s portfolio of products includes Vagrant™, Packer™, Terraform®, Vault™, Consul®, Nomad™, Boundary™, and Waypoint™. HashiCorp offers products as open source, enterprise, and as managed cloud services. The company is headquartered in San Francisco, though most of HashiCorp employees work remotely, strategically distributed around the globe.
Agio | September 16, 2022
Agio, a leading cybersecurity and managed IT provider for financial services firms, published its inaugural 2022 Hedge Fund Managed IT Trends Report today. The survey, conducted earlier this year, captures the opinions and perceptions of recent, current, and future technology management and information security programs, initiatives, and readiness from 100 hedge fund practitioners across the technology, operations, cybersecurity, and compliance fields.
Survey respondents revealed that, coming out of the pandemic, firms are reevaluating their options with respect to in-sourcing versus outsourcing IT management. Looking ahead to the next two years, 89 percent of firms that currently in-source IT management said they are likely to allocate more spend to outsourced services. The driver behind this shift is a need for heightened security (54%), increased access to public cloud management and support expertise (46%), and more responsive end-user support (44%).
89% of firms that in-source IT management today said they plan to allocate more spend to outsourced services.
Of those firms already outsourcing IT management, 91 percent said they are likely to switch providers. Among the largest hedge funds that currently outsource (funds with +$5 billion AUM), nearly two-thirds (64%) reported they were likely to change service providers in the next 24 months because their current vendor is unable to support a public cloud environment.
In discussing how the managed service provider (MSP) model will change in the coming years, respondents predicted providers will employ artificial intelligence to remove service friction and increase service uptime (47%), as well as to enable support agents to be more responsive when issues do arise (47%). Most firms (51%) also predicted that MSPs will soon be measured and compensated by how well they limit break-fix issues versus how many issues they resolve.
"Viewing IT management and security operations through a single lens is essential to our vision of delivering secure, reliable, and resilient information systems, We also agree with survey respondents that MSPs must evolve now or perish. We've made meaningful investments in AI-driven tools that empower our support agents to deliver better client service and improved system availability. That combination of human brilliance and predictive analytics is the future of managed services."
Bart McDonough, CEO and Founder of Agio
Other topics explored in this year's report include how firms are adjusting to the impact of new regulations; what steps firms are taking to ensure system uptime and information security while supporting a distributed workforce; and how the industry is shifting with respect to managing systems on-prem, in the cloud, and across multiple cloud environments.
Agio is a hybrid cybersecurity and managed IT organization equipping the financial services and healthcare industries with next-generation cyber protection and technology support. Agio has extensive experience building, maintaining, optimizing, and securing IT infrastructure for the world's most prestigious client organizations. With more than 300 employees, our culture prioritizes frequent and timely communication to provide unrivaled, highly personalized service across all our solutions, including managed detection and response, 360° cybersecurity programs, virtual CISO (vCISO) support, technology hosting, monitoring, management, global service desk, desktop as a service, disaster prevention, and recovery. Agio is headquartered in New York, NY, with additional offices around the world.
Digital Element | October 03, 2022
Digital Element, the global IP geolocation and audience insights leader, has announced a suite of updates to Nodify™, the industry’s first and most advanced threat intelligence solution designed to help security professionals respond to the recent surge in the VPN market. While other solutions on the market claim to offer VPN usage insights, Nodify is the only offering that provides a granular look into which VPNs are being used across all devices to weed out bad actors and allow legitimate services to continue.
As tech providers expand their offerings and provide new safety features to users, Nodify gives organisations an unmatched level of detail around VPN traffic, usage, and intent, enabling cybersecurity teams to understand the level of threat such traffic poses and set policies around that traffic.
“With the growing interest in personal privacy on the web, we’ve seen many consumers utilising VPNs for legitimate reasons, but now more and more people are leveraging the anonymity around VPNs to cloak their location and bypass geographic boundaries set by today’s leading service providers, Security professionals need to understand the nuances around VPN usage on their platforms. For example, users who have opted to hide their personal information may not necessarily be trying to torrent illegal data from a remote location. Determining who is granted and denied access depends entirely on the granular data available in Nodify.”
Jerrod Stoller, President of Digital Envoy, parent company of Digital Element
Following the launch of Nodify in April 2022, Digital Element has introduced a new suite of updates, keeping the product at the forefront of VPN data reporting with the most extensive VPN detection system available. Notable updates include:
Higher Frequency: With proxy IPS and VPNs changing rapidly, Nodify data is collected on an hourly basis and provides customers with a daily update on usage.
Deeper Insights: Going beyond the generic VPN collection, Nodify provides users with critical insights into the VPN user, including services provided by the VPN provider such as "no logging," "multihop," and "corporate," these fields help clients determine the good vs the bad based on their use case.
Ease of Use: Nodify has a User interface that allows clients to quickly get a complete understanding of any VPN provider through a simple web dashboard.
“GPS spoofing has become a major pain point for industries ranging from streaming to gaming services. With everything from third-party apps to full-service providers now offering VPN services, it has become harder for providers to delineate what devices should be granted access. Still, accurate identification remains critical to their success,” said Jonathan Tomek, VP of Research and Development at Digital Element. “Because Nodify is API based, we’re able to provide that granular data in the moments that matter the most. Users aren’t limited to just relying on GPS data from a phone that can easily be spoofed.”
About Digital Element
Digital Element is the global IP geolocation and intelligence leader. In business for more than two decades, the company has unrivalled expertise in leveraging IP address insights to deliver new value to companies in a privacy-sensitive, transparent manner. Leveraged by the world’s most recognised brands, Digital Element provides clients with innovative solutions designed to optimise engagement across industries and applications, creating unique value at every consumer touchpoint. Many of the world’s largest websites, brands, security companies, ad networks, social media platforms and mobile publishers have trusted Digital Element’s technology to target advertising, localise content, enhance analytics, and manage content rights as well as detect and prevent online fraud.