Welcome!

Microservices Expo Authors: Elizabeth White, Liz McMillan, Mehdi Daoudi, Astadia CloudGPS, Christoph Schell

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Cloud Security, @BigDataExpo

@CloudExpo: Article

So, Just What Is REACT? And How Does It Change Security Strategies?

Examining the advantages of cloud-based unified security

Last month, I published an article about a new unified security platform called REACT (Realtime Event & Access Correlation Technology).  All in all, it received some very positive notices, but also raised some questions as to what exactly the platform is, and why it should matter.

Simply put, REACT is an approach whereby an organization leverages the capabilities of several security solutions into one central correlated repository of security intelligence. For instance, key information from an Access Management tool (such as SaaS SSO logins or views of/modifications on/additions to protected data) can be shared, processed and analyzed through a SIEM correlation engine. When this is done in real time, not only do you expand the centralized visibility, but more importantly any suspicious activity is immediately identified and alerted.  When these systems are running in parallel, but not unified, it might be days or weeks before these anomalous instances are discovered and remedied.

REACT incorporates four elements: SIEM, Access Management, Identity Management and Log Management. Each, independently, addresses certain security and/or compliance functions. As a deployment of centralized and unified security, they enhance the enterprise’s ability to perform, improve the granular visibility across independent silos and provide a true field of play in which to… yes…react!  But the key is this monitoring must be done in real time to gain the advantages of proactive readiness and agile and accurate response.

Think of REACT like an apple pie. You might have apples, dough crust, butter and spices. Each can be used on their own. However, when using each of the ingredients together, you create a tasty result that is more than the sum of its parts. As a platform, REACT is similar. Your organization may already have Identity Management or SSO, but if it isn’t “baked” together with forensic analytics like SIEM and/or Log management, you only get a portion of the information and a slice of the capability.

Why does that matter? Let’s break it down into 3 key business advantages:

1. Creating 360o Visibility -In the current complex, multi-networked and interlaced  business environment, the ability to know who is doing what, when and where to any part of the monitored IT landscape has moved beyond the “nice-to-have” strategy. Anything less is short sighted, and honestly, dangerous. It seems every few weeks, we hear about a large organization suffering some kind of breach. It could be internal sabotage, user carelessness, or hackers, but either way, sensitive data has been put at risk. By employing the unique advantage of multi-silo correlation and information distillation, the ability to expand visibility manifests as a huge return on investment through prevented breaches, supported work practices and easier compliance.

This enhanced visibility goes a long way toward internal proactive defense planning: who is logging in (or failing), modifying records, accessing data from any affiliated app across the entire extended network. When you have the right level of visibility, you can make better decisions faster...especially when factoring Big Data and BYOD.

2. Improved compliance - One of the top concerns for enterprises are compliance requirements. Hundreds of man-hours and other resources must be deployed per month just to provide the reports auditors require. When approaching security from a non-unified approach, IT needs to look at machine data and logs from many different servers from many different sectors of the network. It’s a Herculean task given the best of circumstances. With multiple audits from multiple agencies, it takes an inordinate amount of time away from other core business needs. Yet when unifying and centralizing (and automating) the data required by audits, compliance becomes less of a burden. The automations across the enterprise now deliver the prescribed data in the right format, fully completed by the imposed deadlines

And also consider, requirements from agencies like HIPAA, PCI, FFIEC, CIP GLBA, SOX are not going to lessen. If history teaches us anything, the demands of such organizations are only going to increase as the usage cases of your online assets continue to diversify and evolve.

3. More capability for less cost - In many circumstances, asking an organization to make investments in all sorts of security solutions is cost prohibitive. Not to mention all the other time, personnel and computing resources needed to properly deploy the initiative. By leveraging the security functionality from the cloud, companies gain additional and immediate solution bandwidth along with expanded capabilities. As a unified security deployment from the cloud, the cost-to-function ratio dramatically drops. Colloquially speaking, you get more bang for the buck. But because the solutions are managed from the cloud it is not an apples-to-apples comparison. REACT can work as an on-premises platform, but through multi-tenancy, centralization and other economies of scale, cloud-based security users get best of breed solutions for pennies against the on premises dollar. In short the cloud provides a unique advantage in functionality, affordability and control for any sized company—not just the big boys.

So to recap… REACT is not a collection of individual solutions and functions, but an interpolation of all the data across the enterprise to gain a truly holistic security vantage point. AND REACT matters because you can see more, see it faster, manage it cheaper and protect a greater swath of your enterprise. It’s a simple calculation-especially from the cloud.

Kevin Nikkhoo
A Cloud REACTionary

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@MicroservicesExpo Stories
"I think DevOps is now a rambunctious teenager – it’s starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, provided a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services with...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - we've lost control, we've given up cost to a certain extent, and then security, flexibility," explained Steve Conner, VP of Sales at Cloudistics,in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
For over a decade, Application Programming Interface or APIs have been used to exchange data between multiple platforms. From social media to news and media sites, most websites depend on APIs to provide a dynamic and real-time digital experience. APIs have made its way into almost every device and service available today and it continues to spur innovations in every field of technology. There are multiple programming languages used to build and run applications in the online world. And just li...
If you are thinking about moving applications off a mainframe and over to open systems and the cloud, consider these guidelines to prioritize what to move and what to eliminate. On the surface, mainframe architecture seems relatively simple: A centrally located computer processes data through an input/output subsystem and stores its computations in memory. At the other end of the mainframe are printers and terminals that communicate with the mainframe through protocols. For all of its appare...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
From personal care products to groceries and movies on demand, cloud-based subscriptions are fulfilling the needs of consumers across an array of market sectors. Nowhere is this shift to subscription services more evident than in the technology sector. By adopting an Everything-as-a-Service (XaaS) delivery model, companies are able to tailor their computing environments to shape the experiences they want for customers as well as their workforce.
If you read a lot of business and technology publications, you might think public clouds are universally preferred over all other cloud options. To be sure, the numbers posted by Amazon Web Services (AWS) and Microsoft’s Azure platform are nothing short of impressive. Statistics reveal that public clouds are growing faster than private clouds and analysts at IDC predict that public cloud growth will be 3 times that of private clouds by 2019.
"Peak 10 is a hybrid infrastructure provider across the nation. We are in the thick of things when it comes to hybrid IT," explained Michael Fuhrman, Chief Technology Officer at Peak 10, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
Data reduction delivers compelling cost reduction that substantially improves the business case in every cloud deployment model. No matter which cloud approach you choose, the cost savings benefits from data reduction should not be ignored and must be a component of your cloud strategy. IT professionals are finding that the future of IT infrastructure lies in the cloud. Data reduction technologies enable clouds — public, private, and hybrid — to deliver business agility and elasticity at the lo...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"DivvyCloud as a company set out to help customers automate solutions to the most common cloud problems," noted Jeremy Snyder, VP of Business Development at DivvyCloud, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We focus on SAP workloads because they are among the most powerful but somewhat challenging workloads out there to take into public cloud," explained Swen Conrad, CEO of Ocean9, Inc., in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I will be talking about ChatOps and ChatOps as a way to solve some problems in the DevOps space," explained Himanshu Chhetri, CTO of Addteq, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"Outscale was founded in 2010, is based in France, is a strategic partner to Dassault Systémes and has done quite a bit of work with divisions of Dassault," explained Jackie Funk, Digital Marketing exec at Outscale, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In their Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, and Mark Lav...
"NetApp's vision is how we help organizations manage data - delivering the right data in the right place, in the right time, to the people who need it, and doing it agnostic to what the platform is," explained Josh Atwell, Developer Advocate for NetApp, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Five years ago development was seen as a dead-end career, now it’s anything but – with an explosion in mobile and IoT initiatives increasing the demand for skilled engineers. But apart from having a ready supply of great coders, what constitutes true ‘DevOps Royalty’? It’ll be the ability to craft resilient architectures, supportability, security everywhere across the software lifecycle. In his keynote at @DevOpsSummit at 20th Cloud Expo, Jeffrey Scheaffer, GM and SVP, Continuous Delivery Busine...
"We do one of the best file systems in the world. We learned how to deal with Big Data many years ago and we implemented this knowledge into our software," explained Jakub Ratajczak, Business Development Manager at MooseFS, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.