Pavilion Data | January 21, 2022
Pavilion Data Systems, the leading data analytics acceleration platform provider and a pioneer of NVMe-oF, announced major successes on multiple fronts in 2021, underscoring the strong demand for its dense high-performance data analytics platform and laying the groundwork for increased momentum in 2022. Pavilion Data Systems raised a $45 million round led by Kleiner Perkins and Artiman Ventures. This funding, combined with the rapid growth of its customer base, strong business momentum, and key executive hires, including Dario Zamarian as CEO, positions Pavilion to address the increasing need for a high-performance, dense, and scale-out flash storage platform for analytics and AI/ML applications.
"Pavilion is proving its market acceptance across a broad range of industry verticals as an analytics acceleration platform for legacy and next-generation applications," noted Zamarian. "2021 saw the company grow its employee base by 50% across all functions. This, combined with additional funding from our investors, our expanded leadership team, and the strong position of our flagship HyperParallel Data Platform will enable us to take data analytics acceleration to the next level."
Pavilion's total outside capital investment increased to $107 million after the $45 million round led by Kleiner Perkins and Artiman Ventures. All existing investors participated in the funding, including Korea Investment Partners, SK Telecom Ventures, Taiwania Capital, Tyche Partners, DAG Ventures, and RPS Ventures. This investment round also was joined by new investors Mirae Asset, Liberty Street Advisors, and Gaingels.
Many organizations in the federal and commercial space are already using Pavilion to make the most of their applications and accelerate their workloads. Pavilion's platform enables users to build a bridge between their existing and future needs. We see that its unique ability to accelerate legacy as well as next-generation applications is making it a prime choice for many users. My partners and I are excited to have co-led this round, as the funding will help Pavilion establish itself as a leader in the data analytics and AI/ML acceleration market."
Wen Hsieh, Partner at Kleiner Perkins
In 2021 Pavilion significantly increased deployments within federal agencies and increased penetration into analytics use cases in Fortune 500 companies, including a top-20 banking institution, a top credit agency, and one of the largest hedge funds in the country. Nearly 80% of all deployments were to accelerate analytics, legacy and next-generation, ML, and streaming applications. Pavilion doubled its new customers, and customer loyalty remains strong with 75% of its 2020 customers repurchasing in 2021. Pavilion also opened new sales offices in Atlanta, Boston, and London, and it directly addressed the public sector by opening a sales division focused on federal government customers to support its strong presence in the federal space. The company continued its expansion into the life sciences, financial, and media and entertainment industry verticals.
"We needed an external storage platform that matched the performance we get from internal NVMe SSDs to support a mission critical SQL analytics use case running on VMWare 7," said Ken Boyer, Director Global Storage MGMT at IQVIA. "The Pavilion platform enabled us to meet this challenging requirement that could not be met with other options. It's really exciting to see this recognition and endorsement of Pavilion by the investment community to build upon their momentum and accelerate their roadmap. We look forward to seeing continued momentum of their data analytics acceleration platform."
"We have been working with Pavilion for the last couple of years and have had great success with some of our large federal customers," said Herb Ahmuty, Senior Solutions Architect at Meadowgate. "The Pavilion platform has helped a couple of our customers address the challenging data-ingest and performance needs of their demanding analytics workloads. Given the rapidly changing nature of technology, Pavilion's agility has enabled our customers to be more responsive to their growing data sets and expanded application environments. It's great to see continued support of Pavilion from the investment community."
To build out the next phase of company development, Pavilion added to its executive suite with the hiring of a chief marketing/product officer, senior vice president of software development, vice president of operations, and vice president of marketing.
Awards Granted to Pavilion Data Systems:
In May 2021, Frost & Sullivan recognized Pavilion with its North American Technology Award, citing its innovative approach to NVME-oF (Non-Volatile Memory Express over Fabrics), the most advanced development in data storage.
In January 2022, DCIG named Pavilion as one of the Top 5 Storage Solutions for Life Sciences. Pavilion's data analytics acceleration platform, consisting of the Pavilion HyperParallel File System and Pavilion HyperOS, was singled out among 15 contending providers for having exceptional performance, deployment capability, data protection, and technical support, among other factors.
In January 2022, GigaOm named Pavilion as a "Fast Mover" in the "GigaOm Radar for High-Performance Scale-Out File Systems," claiming that Pavilion provides "a compelling, no-compromise architecture built around NVMe and maximum performance," "one of the greatest GPUDirect implementations available," "a superb security-oriented architecture," and "great scalability and performance. "
About Pavilion Data Systems
Pavilion provides the data analytics acceleration platform enabling enterprises to derive greater value from their data—faster, simpler, and at scale. We are the perfect complement for AI/ML, HPC, analytics, edge and other data-driven workloads and the ideal data IO platform for GPU-based computing platforms. The Pavilion HyperParallel Data Platform, powered by Pavilion HyperOS, delivers unmatched performance and density, ultra-low latency, unlimited scalability, and flexibility, providing customers unprecedented choice and control. Learn why Fortune 500 companies and federal government agencies choose Pavilion.
VIRTUAL DESKTOP STRATEGIES
Pentera | April 04, 2022
Pentera, the leader in Automated Security Validation (ASV), today announced its Pentera Labs team discovered two zero-day vulnerabilities. If exploited by threat actors, the critical attack path may result in the ability to disable, disrupt and destroy VMware vCenter managed environments in over 500,000 organizations globally.
The vulnerabilities were reported to VMware by Senior Security Researcher Yuval Lazar and released under CVE-2022-22948 and CVE-2021-22015 with a patch. Pentera Labs’ technical review of the vulnerabilities can be found here. Discovered vulnerabilities require immediate patching to prevent malicious actors from achieving remote access to vCenter and inflicting widespread damage on organizations.
Installed in thousands of organizations worldwide and managing some of their most critical asset and core systems, VMware vCenter Servers are a high-priority target for cybercriminals. Once compromised, the ease and convenience that vCenter offers for managing virtualized hosts in enterprise environments will play into the adversary’s hands, providing centralized access and widespread Impact.
“As part of our daily work, we research the entire enterprise IT attack surfaces, including the exploitability of virtual workload environments such as vCenter and ESXi and discovered zero-day vulnerabilities,” said Alex Spivakovsky, VP of Research at Pentera. “We’re glad to have discovered and immediately disclosed these vulnerabilities to strengthen the defender community and have not seen evidence that malicious actors exploited it at this time.”
Pentera’s interest in VMWare’s vCenter started because of previously reported vulnerabilities, increasing demand from customers and threats observed in the wild, most notably recent reports of a python ransomware strain targeting ESXi. The team will continue to identify potential vulnerabilities within the platform that could affect businesses globally.
Security readiness is not determined by a single vulnerability or the security team’s ability to discover and patch it. Our award-winning security validation platform autonomously emulates the entire cyberattack kill chain and provides peace of mind for security leaders facing a multitude of internal and external attacks.”
Pentera co-founder and CTO, Dr. Arik Liberzon
Pentera is the category leader for Automated Security Validation, allowing every organization to easily test the integrity of all cybersecurity layers, unfolding accurate, current security exposures at any moment, at any scale. Thousands of security professionals and service providers worldwide use Pentera to guide remediation and close security gaps before they are exploited.
VMware | February 09, 2022
As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker’s ticket into a multi-cloud environment. Current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks that target Linux-based workloads.
VMware, Inc. released a threat report titled “Exposing Malware in Linux-based Multi-Cloud Environments.” Key findings that detail how cybercriminals are using malware to target Linux-based operating systems include:
Ransomware is evolving to target Linux host images used to spin workloads in virtualized environments;
89 percent of cryptojacking attacks use XMRig-related libraries; and
More than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly.
Cybercriminals are dramatically expanding their scope and adding malware that targets Linux-based operating systems to their attack toolkit in order to maximize their impact with as little effort as possible. Rather than infecting an endpoint and then navigating to a higher value target, cybercriminals have discovered that compromising a single server can deliver the massive payoff and access they’re looking for. Attackers view both public and private clouds as high-value targets due to the access they provide to critical infrastructure services and confidential data. Unfortunately, current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks on Linux-based operating systems.”
Giovanni Vigna, senior director of threat intelligence at VMware
As malware targeting Linux-based operating systems increases in both volume and complexity amid a rapidly changing threat landscape, organizations must place a greater priority on threat detection. In this report, the VMware Threat Analysis Unit (TAU) analyzed the threats to Linux-based operating systems in multi-cloud environments: ransomware, cryptominers, and remote access tools.
Ransomware Targets the Cloud to Inflict Maximum Damage
As one of the leading breach causes for organizations, a successful ransomware attack on a cloud environment can have devastating consequences.(2) Ransomware attacks against cloud deployments are targeted, and are often combined with data exfiltration, implementing a double-extortion scheme that improves the odds of success. A new development shows that ransomware is evolving to target Linux host images used to spin workloads in virtualized environments. Attackers are now looking for the most valuable assets in cloud environments to inflict the maximum amount of damage to the target. Examples include the Defray777 ransomware family, which encrypted host images on ESXi servers, and the DarkSide ransomware family, which crippled Colonial Pipeline’s networks and caused a nationwide gasoline shortage in the U.S.
Cryptojacking Attacks Use XMRig to Mine Monero
Cybercriminals looking for an instant monetary reward often target cryptocurrencies using one of two approaches. Cybercriminals either include wallet-stealing functionality in malware or they monetize stolen CPU cycles to successfully mine cryptocurrencies in an attack called cryptojacking. Most cryptojacking attacks focus on mining the Monero currency (or XMR) and VMware TAU discovered that 89 percent of cryptominers used XMRig-related libraries. For this reason, when XMRig-specific libraries and modules in Linux binaries are identified, it is likely evidence of malicious cryptomining behavior. VMware TAU also observed that defense evasion is the most commonly used technique by cryptominers. Unfortunately, because cryptojacking attacks do not completely disrupt the operations of cloud environments like ransomware, they are much more difficult to detect.
Cobalt Strike Is Attackers’ Remote Access Tool of Choice
In order to gain control and persist within an environment, attackers look to install an implant on a compromised system that gives them partial control of the machine. Malware, webshells, and Remote Access Tools (RATs) can all be implants used by attackers in a compromised system to allow for remote access. One of the primary implants used by attackers is Cobalt Strike, a commercial penetration testing and red team tool, and its recent variant of Linux-based Vermilion Strike. Since Cobalt Strike is such a ubiquitous threat on Windows, the expansion out to the Linux-based operating system demonstrates the desire of threat actors to use readily available tools that target as many platforms as possible.
VMware TAU discovered more than 14,000 active Cobalt Strike Team Servers on the Internet between February 2020 and November 2021. The total percentage of cracked and leaked Cobalt Strike customer IDs is 56 percent, meaning that more than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly. The fact that RATs like Cobalt Strike and Vermilion Strike have become a commodity tool for cybercriminals poses a significant threat to enterprises.
“Since we conducted our analysis, even more ransomware families were observed gravitating to malware targeting Linux-based systems, with the potential for additional attacks that could leverage the Log4j vulnerabilities,” said Brian Baskin, manager of threat research at VMware. “The findings in this report can be used to better understand the nature of this malware and mitigate the growing threat that ransomware, cryptomining, and RATs have on multi-cloud environments. As attacks targeting the cloud continue to evolve, organizations should adopt a Zero Trust approach to embed security throughout their infrastructure and systematically address the threat vectors that make up their attack surface.”
The VMware Threat Analysis Unit (TAU) helps protect customers from cyberattacks through innovation and world-class research. TAU is composed of malware analysts, reverse engineers, threat hunters, data scientists, and intelligence analysts at VMware. To understand how to detect and prevent attacks that bypass traditional, file-centric, prevention strategies, TAU focuses on techniques that were once the domain of advanced hackers and are now moving downstream into the commodity attack market. The team leverages real-time big data, event streaming processing, static, dynamic and behavioral analytics, and machine learning.
TAU applied a composition of static and dynamic techniques to characterize various families of malware observed on Linux-based systems based on a curated dataset of metadata associated with Linux binaries. All the samples in this dataset are public and therefore they can be easily accessed using VirusTotal or various websites of major Linux distributions. TAU collected more than 11,000 benign samples from several Linux distributions, namely, Ubuntu, Debian, Mint, Fedora, CentOS, and Kali. TAU then collected a dataset of samples for two classes of threats, namely ransomware and cryptominers. Finally, TAU collected a dataset of malicious ELF binaries from VirusTotal that were used as a test malicious dataset. TAU started collecting the dataset in June 2021 and concluded in November 2021.
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.
VIRTUAL SERVER MANAGEMENT
Amazon Web Services | May 24, 2022
Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company today announced the general availability of Amazon Elastic Compute Cloud (Amazon EC2) C7g instances, the next generation of compute-optimized instances powered by AWS-designed Graviton3 processors. New C7g instances use AWS Graviton3 processors to provide up to 25% better compute performance for compute-intensive applications than current generation C6g instances powered by AWS Graviton2 processors. The higher performance of C7g instances makes it possible for customers to run more efficiently a wide range of compute-intensive workloads—from web servers, load balancers, and batch processing to electronic design automation (EDA), high performance computing (HPC), gaming, video encoding, scientific modeling, distributed analytics, machine learning inference, and ad serving. There are no minimum commitments or upfront fees to use C7g instances, and customers pay only for the amount of compute used.
Since launching in 2020, Amazon EC2 instances powered by AWS-designed Graviton2 processors have provided customers with significant performance improvements and cost savings for a broad range of applications. Today, 48 of the top 50 Amazon EC2 customers use AWS Graviton2-based instances to deliver superior price performance to their customers. Customers like DirecTV, Discovery, Epic Games, Formula 1, Honeycomb.io, Intuit, Lyft, Mercardo Libre, NextRoll, Nielsen, SmugMug, Snap, Splunk, and Sprinklr have seen significant performance gains, with reduced costs, running AWS Graviton2-based instances in production. The AWS Graviton-based instance portfolio offers 13 different instances that include general purpose, compute optimized, memory optimized, storage optimized, burstable, and accelerated computing instances, so customers have the deepest and broadest choice of high-performance, cost-effective, and power-efficient compute in the cloud for all sorts of applications. As customers bring more compute-intensive workloads to the cloud to transform their organizations and fuel new opportunities, they want even better price performance and greater energy efficiency when running these demanding workloads.
To provide even better price performance for a wide variety of customer applications, new C7g instances powered by next generation AWS Graviton3 processors provide up to 25% better performance for compute-intensive applications over current generation C6g instances. Compared to previous generation AWS Graviton2 processors, AWS Graviton3 processors deliver up to 2x faster performance for cryptographic workloads, up to 3x faster performance for machine learning inference, and nearly 2x higher floating point performance for scientific, machine learning, and media encoding workloads. AWS Graviton3 processors are also more energy efficient, using up to 60% less energy for the same performance than comparable EC2 instances. C7g instances are the first in the cloud to feature the latest DDR5 memory, which provides 50% higher memory bandwidth than AWS Graviton2-based instances to improve the performance of memory-intensive scientific applications like computational fluid dynamics, geoscientific simulations, and seismic processing. C7g instances also deliver 20% higher networking bandwidth than C6g instances for network intensive applications like network load balancing and data analytics.
“Customers of all sizes are seeing significant performance gains and cost savings using AWS Graviton-based instances. Since we own the end-to-end chip development process, we’re able to innovate and deliver new instances to customers faster. With up to 25% better performance than current generation Graviton instances, new C7g instances powered by AWS Graviton3 processors make it easy for organizations to get the most value from running their infrastructure on AWS.”
David Brown, Vice President of Amazon EC2 at AWS
New C7g instances are built on the AWS Nitro System, a collection of AWS-designed hardware and software innovations that streamline the delivery of isolated multi-tenancy, private networking, and fast local storage. The AWS Nitro System offloads the CPU virtualization, storage, and networking functions to dedicated hardware and software, delivering performance that is nearly indistinguishable from bare metal. For customers looking to enhance the performance of applications that require parallel processing like HPC and video encoding, C7g instances in the coming weeks will include support for Elastic Fabric Adapter (EFA), which allows applications to communicate directly with network interface cards, providing lower and more consistent latency. C7g instances are available for purchase as On-Demand Instances, with Savings Plans, as Reserved Instances, or as Spot Instances. C7g instances are available today in US East (N. Virginia) and US West (Oregon), with availability in additional AWS Regions coming later this year.
Snap Inc. is a camera company focused on empowering people to express themselves, live in the moment, learn about the world, and have fun together. “We trialed the new AWS Graviton3-based Amazon EC2 C7g instances and found that they provide significant performance improvements on real workloads compared to previous generation C6g instances,” said Aaron Sheldon, Software Engineer at Snap. “We are excited to migrate our Graviton2-based workloads to Graviton3, including the messaging, storage and the friend graph workloads.”
Sprinklr helps the world's biggest companies make their customers happier across 30+ digital channels—using the most advanced, sophisticated AI engine built for the enterprise to create insight-driven strategies and better customer experiences. “We run a wide variety of workloads on AWS Graviton-based instances for their significant price performance benefits,” said Jamal Mazhar, Vice President of Infrastructure and DevOps at Sprinklr. “After the announcement of AWS Graviton3, we benchmarked our workloads on the new Amazon EC2 C7g instances and observed 27% better performance compared to the previous generation instances. Based on these results, we are looking forward to adopting AWS Graviton3-based instances in production.”
NextRoll, Inc. is a marketing and data technology company with a mission to accelerate growth for companies, big and small. Powered by machine learning, NextRoll’s technology gathers data, delivers reliable insights, and provides business with approachable tools to target buyers in strategic ways – all on one platform. “We have found that AWS Graviton3-based C7g instances are ideal for bidders, ad servers, and ElastiCache clusters,” said Valentino Volonghi, CTO at NextRoll. “We are seeing about 15% more requests handled by C7g instances compared to AWS Graviton2-based C6g instances. With C7g instances, we also observed up to 40% better latency. Based on these findings, we are looking forward to adopting AWS Graviton3-based C7g instances in production.”
Ansys is a global leader in engineering simulation. “As engineers and designers face increasingly complex problems, cloud computing helps lower the barrier of access to high-performance computing, allowing users to solve problems faster,” said Prith Banerjee, Chief Technology Officer at Ansys. “Ansys has also been focusing on green computing initiatives with the goal of improving energy efficiency and reducing costs to customers. With the support of LS-DYNA on the AWS Graviton3 processor powered by AWS, Ansys customers will get the best of both worlds – access to a world-class multiphysics solver without compromising on speed, and lower energy and costs.”
Beamr is a leading provider of image and video optimization solutions that enable professional photographers to improve their workflows, photo sharing services to improve user experience (UX) and reduce churn, and video service providers to reduce storage and delivery costs. “Beamr's JPEGmini software, written in C/C++, optimizes JPEG image files by reducing their file size without compromising quality. The application is compute-intensive and includes functions for image decoding, image encoding, and a quality measure algorithm that analyzes various image attributes,” said Dan Julius, Vice President of R&D at Beamr. “Since the mobile version of this software runs on Arm processors, we decided to test its performance on AWS Graviton3-based Amazon EC2 C7g instances. Rebuilding our software to run on C7g instances took us one working day, and the results were promising. When running on C7g instances, we saw 30% improved performance over comparable x86-based instances. Based on these results, we plan to recommend to our customers to run the Beamr JPEGmini software on Graviton3-based instances once those become GA, and we plan to benchmark Beamr’s H.264 and HEVC video encoders on Graviton instances as well.”
About Amazon Web Services
For over 15 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud offering. AWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 200 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 84 Availability Zones within 26 geographic regions, with announced plans for 24 more Availability Zones and eight more AWS Regions in Australia, Canada, India, Israel, New Zealand, Spain, Switzerland, and the United Arab Emirates. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs.