Click here to close now.




















Welcome!

Microservices Expo Authors: Pat Romanski, Elizabeth White, Liz McMillan, Samuel Scott, VictorOps Blog

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Cloud Security, @BigDataExpo

@CloudExpo: Article

So, Just What Is REACT? And How Does It Change Security Strategies?

Examining the advantages of cloud-based unified security

Last month, I published an article about a new unified security platform called REACT (Realtime Event & Access Correlation Technology).  All in all, it received some very positive notices, but also raised some questions as to what exactly the platform is, and why it should matter.

Simply put, REACT is an approach whereby an organization leverages the capabilities of several security solutions into one central correlated repository of security intelligence. For instance, key information from an Access Management tool (such as SaaS SSO logins or views of/modifications on/additions to protected data) can be shared, processed and analyzed through a SIEM correlation engine. When this is done in real time, not only do you expand the centralized visibility, but more importantly any suspicious activity is immediately identified and alerted.  When these systems are running in parallel, but not unified, it might be days or weeks before these anomalous instances are discovered and remedied.

REACT incorporates four elements: SIEM, Access Management, Identity Management and Log Management. Each, independently, addresses certain security and/or compliance functions. As a deployment of centralized and unified security, they enhance the enterprise’s ability to perform, improve the granular visibility across independent silos and provide a true field of play in which to… yes…react!  But the key is this monitoring must be done in real time to gain the advantages of proactive readiness and agile and accurate response.

Think of REACT like an apple pie. You might have apples, dough crust, butter and spices. Each can be used on their own. However, when using each of the ingredients together, you create a tasty result that is more than the sum of its parts. As a platform, REACT is similar. Your organization may already have Identity Management or SSO, but if it isn’t “baked” together with forensic analytics like SIEM and/or Log management, you only get a portion of the information and a slice of the capability.

Why does that matter? Let’s break it down into 3 key business advantages:

1. Creating 360o Visibility -In the current complex, multi-networked and interlaced  business environment, the ability to know who is doing what, when and where to any part of the monitored IT landscape has moved beyond the “nice-to-have” strategy. Anything less is short sighted, and honestly, dangerous. It seems every few weeks, we hear about a large organization suffering some kind of breach. It could be internal sabotage, user carelessness, or hackers, but either way, sensitive data has been put at risk. By employing the unique advantage of multi-silo correlation and information distillation, the ability to expand visibility manifests as a huge return on investment through prevented breaches, supported work practices and easier compliance.

This enhanced visibility goes a long way toward internal proactive defense planning: who is logging in (or failing), modifying records, accessing data from any affiliated app across the entire extended network. When you have the right level of visibility, you can make better decisions faster...especially when factoring Big Data and BYOD.

2. Improved compliance - One of the top concerns for enterprises are compliance requirements. Hundreds of man-hours and other resources must be deployed per month just to provide the reports auditors require. When approaching security from a non-unified approach, IT needs to look at machine data and logs from many different servers from many different sectors of the network. It’s a Herculean task given the best of circumstances. With multiple audits from multiple agencies, it takes an inordinate amount of time away from other core business needs. Yet when unifying and centralizing (and automating) the data required by audits, compliance becomes less of a burden. The automations across the enterprise now deliver the prescribed data in the right format, fully completed by the imposed deadlines

And also consider, requirements from agencies like HIPAA, PCI, FFIEC, CIP GLBA, SOX are not going to lessen. If history teaches us anything, the demands of such organizations are only going to increase as the usage cases of your online assets continue to diversify and evolve.

3. More capability for less cost - In many circumstances, asking an organization to make investments in all sorts of security solutions is cost prohibitive. Not to mention all the other time, personnel and computing resources needed to properly deploy the initiative. By leveraging the security functionality from the cloud, companies gain additional and immediate solution bandwidth along with expanded capabilities. As a unified security deployment from the cloud, the cost-to-function ratio dramatically drops. Colloquially speaking, you get more bang for the buck. But because the solutions are managed from the cloud it is not an apples-to-apples comparison. REACT can work as an on-premises platform, but through multi-tenancy, centralization and other economies of scale, cloud-based security users get best of breed solutions for pennies against the on premises dollar. In short the cloud provides a unique advantage in functionality, affordability and control for any sized company—not just the big boys.

So to recap… REACT is not a collection of individual solutions and functions, but an interpolation of all the data across the enterprise to gain a truly holistic security vantage point. AND REACT matters because you can see more, see it faster, manage it cheaper and protect a greater swath of your enterprise. It’s a simple calculation-especially from the cloud.

Kevin Nikkhoo
A Cloud REACTionary

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@MicroservicesExpo Stories
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedented scale. In his session at DevOps Summit, Frank Bunger, VP of Customer Success at ScriptRock, will discuss how this cathartic moment will propel the DevOps movement from such stuff as dreams are made on to a prac...
It’s been proven time and time again that in tech, diversity drives greater innovation, better team productivity and greater profits and market share. So what can we do in our DevOps teams to embrace diversity and help transform the culture of development and operations into a true “DevOps” team? In her session at DevOps Summit, Stefana Muller, Director, Product Management – Continuous Delivery at CA Technologies, answered that question citing examples, showing how to create opportunities for ...
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...
DevOps has traditionally played important roles in development and IT operations, but the practice is quickly becoming core to other business functions such as customer success, business intelligence, and marketing analytics. Modern marketers today are driven by data and rely on many different analytics tools. They need DevOps engineers in general and server log data specifically to do their jobs well. Here’s why: Server log files contain the only data that is completely full and accurate in th...
SYS-CON Events announced today that G2G3 will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based on a collective appreciation for user experience, design, and technology, G2G3 is uniquely qualified and motivated to redefine how organizations and people engage in an increasingly digital world.
Early in my DevOps Journey, I was introduced to a book of great significance circulating within the Web Operations industry titled The Phoenix Project. (You can read our review of Gene’s book, if interested.) Written as a novel and loosely based on many of the same principles explored in The Goal, this book has been read and referenced by many who have adopted DevOps into their continuous improvement and software delivery processes around the world. As I began planning my travel schedule last...
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
In his session at 17th Cloud Expo, Ernest Mueller, Product Manager at Idera, will explain the best practices and lessons learned for tracking and optimizing costs while delivering a cloud-hosted service. He will describe a DevOps approach where the applications and systems work together to track usage, model costs in a granular fashion, and make smart decisions at runtime to minimize costs. The trickier parts covered include triggering off the right metrics; balancing resilience and redundancy ...
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Several years ago, I was a developer in a travel reservation aggregator. Our mission was to pull flight and hotel data from a bunch of cryptic reservation platforms, and provide it to other companies via an API library - for a fee. That was before companies like Expedia standardized such things. We started with simple methods like getFlightLeg() or addPassengerName(), each performing a small, well-understood function. But our customers wanted bigger, more encompassing services that would "do ...
The pricing of tools or licenses for log aggregation can have a significant effect on organizational culture and the collaboration between Dev and Ops teams. Modern tools for log aggregation (of which Logentries is one example) can be hugely enabling for DevOps approaches to building and operating business-critical software systems. However, the pricing of an aggregated logging solution can affect the adoption of modern logging techniques, as well as organizational capabilities and cross-team ...
Docker containerization is increasingly being used in production environments. How can these environments best be monitored? Monitoring Docker containers as if they are lightweight virtual machines (i.e., monitoring the host from within the container), with all the common metrics that can be captured from an operating system, is an insufficient approach. Docker containers can’t be treated as lightweight virtual machines; they must be treated as what they are: isolated processes running on hosts....
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for visualizing infrastructure code, a new unified agent and broader infrastructure support.
What does “big enough” mean? It’s sometimes useful to argue by reductio ad absurdum. Hello, world doesn’t need to be broken down into smaller services. At the other extreme, building a monolithic enterprise resource planning (ERP) system is just asking for trouble: it’s too big, and it needs to be decomposed.
The Microservices architectural pattern promises increased DevOps agility and can help enable continuous delivery of software. This session is for developers who are transforming existing applications to cloud-native applications, or creating new microservices style applications. In his session at DevOps Summit, Jim Bugwadia, CEO of Nirmata, will introduce best practices, patterns, challenges, and solutions for the development and operations of microservices style applications. He will discuss ...