KuppingerCole Blog

Even before COVID-19 entered our lexicon, privileged access management (PAM) was widely recognized as a foundational cybersecurity technology . In recent years, almost every cyberattack has involved compromised or misused privileges/privileged credentials. Most malware needs privileges to execute and install payload. Once a threat actor has infiltrated an IT network, privileges are typically needed to access resources or compromise additional identities. With privileged credentials and access obtained, a threat actor or piece of malware essentially becomes a malicious...

Informatica has just announced that they have made another acquisition this summer: GreenBay Technologies, a startup focused on AI and machine learning. Read about their July 2020 acquisition here . GreenBay Technologies brings CloudMatcher to Informatica’s Intelligent Data Platform (IDP). CloudMatcher uses machine learning to automate entity matching and schema matching tasks with high accuracy. This impacts several key data management capabilities such as master data management, data cataloging, data quality, governance, and data integration. This acquisition adds to the...

NIST, the US National Institute for Standards and Technology, recently released SP 800-207 Zero Trust Architecture . The NIST special publication examines the principles of and motivations for ZTA, as well as implementation considerations, security concerns, and suggestions for improvements to architecture. NIST SPs are authored primarily for consumption by other US government agencies. In practice, however, their documents often become de facto standards and guidelines used more broadly in industry. In this post I’ll review the strengths of the SP and identify areas for...

Privileged Access Management (PAM) software comes in many forms. Some are heavy with software components (the thick client model) while others are leaner (the thin client model). Since we at SSH.COM are firm believers in the thin client model, I wanted to present five solid reasons why this is the case. 1. No constant cycle of installing, patching and configuring agents Thick clients require that you have to install agents on the client - and usually on the server as well. Moreover, you need to ensure that those agents are always up-to-date, patched and compatible with the...

In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. They allow new applications to be rapidly developed, existing applications to be modernized and deployed without additional capital spend. This provides important business benefits but also increases the challenges for the cloud customer to ensure cyber-security and regulatory compliance. It is in this light that the recent announcements from GCP (Google Cloud Platform) need to be understood. Trust but Verify Initially, cloud...

MITRE recently published the detailed results of their second round of tests. This test pitted APT29 malware and methods against 21 cybersecurity vendors . The MITRE testing is an excellent benchmark for comprehensively exercising Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) tools in real-world scenarios where organizations find themselves under attack by Advanced Persistent Threats (APTs). MITRE describes the environments, methodology, and operation flow of their testing regime in great detail here . The raw results are available for review, and they have...

Decentralized Identity is a concept that may not be mainstream yet, but it is a term that embodies the sentiment that many individuals feel regarding the control they wish they had over their personal data. The public has become increasingly more vocal about the misuse of their data, and global regulation has responded to this outcry with the GDPR, CCPA, ePrivacy Directive, and more. While this grants some control over some aspects of user data, there is an assumption that underpins these privacy regulations: that personal data can be held and used by an entity other than the owner....

On July 22 nd , 2020 IBM announced their IBM Cloud for Financial Services – what is this, why have IBM taken this step, and what does this announcement mean? Financial Services Compliance Challenges One recurring challenge for all organizations is complying with the ever-increasing number of laws and regulations. When IT services are delivered on-premises organizations often believe that this ensures the oversight, control and visibility needed to ensure and prove compliance. This is not the case with cloud-delivered services where there is a shared responsibility model and...

Back in February (oh, how time flies! Just to think that it was right before the  beginning of the  COVID-19 pandemic…) I wrote a blog post looking at Oracle’s ambitious plans for developing  its  cloud strategy and expanding  its  worldwide infrastructure footprint. The post was titled “ Will 2020 Be the Year of Oracle Cloud? ” and just five months later the company has already demonstrated that it  does not just  finally  have   a  promising  vision for Oracle Cloud, but also a...

It looks like the whole world is currently talking (at least, tweeting) about the latest large-scale Twitter hack. High profile accounts of the likes of Barack Obama, Joe Biden, Bill Gates, and Jeff Bezos, as well as companies like Apple or Uber, were suddenly promoting a cryptocurrency scam. At first, they referred to a specific crypto-related website, but as it was quickly taken down, the hackers switched to spreading multiple Bitcoin addresses, asking people to send money to them to get a double amount of their investment back. Even though this type of scam is nothing new and...