Ben Kepes

Author Archives: Ben Kepes

IDG Contributor Network: Bugcrowd raises cash because of the power of the people

News today from security testing vendor Bugcrowd highlights an increasing trend towards leveraging an outside community to do good things for organizations.First, the news: Bugcrowd is investing a $15 million Series B led by Blackbird Ventures along with existing investors Costanoa Venture Capital, Industry Ventures, Paladin Capital Group and Rally Ventures. Not one to miss out on a funding opportunity, Salesforce Ventures also joined the round. The company has now raised $24 million since its founding at the Startmate accelerator in Sydney, Australia.What Bugcrowd does is pretty simple. Its flagship product, Crowdcontrol, is used by a bunch of high-profile brands, including CreditKarma, Fitbit, Motorola, Tesla, TripAdvisor and Western Union, to resolve security bugs in their products. But this isn't any magic bullet “apply our advanced platform and resolve your bugs automatically” kind of science fiction. Instead, Crowdcontrol leverages that most ancient of resources—the crowd. Bugcrowd has built a vetted community of over 27,000 security researchers, all of whom helps Bugcrowd's customers reveal the holes in their software.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Dome9 triple protects AWS infrastructure, but is it necessary?

A couple of years ago I wrote a story critiquing what I saw as some very emotive reporting. Essentially a technology vendor went bust as a direct result of their data being compromised while sited on Amazon Web Services (AWS) servers. The article in question essentially suggested that because of that particular incident, we should all be aware that the cloud isn't a safe place to store our data. As I said in my piece:“I’ve visited data centers that host cloud infrastructure. They have by far the highest level of physical and virtual security available. They are exemplars of due process. Compare this with the vast majority of organization’s IT resources. I’ve seen enough servers in cleaning cupboards or under desks to know what the norm is for organizations. To glibly suggest that penetrating a cloud platform is easier than a corporate data center is plain wrong.”To read this article in full or to leave a comment, please click here

IDG Contributor Network: DigitalOcean on a stratospheric growth path, scoops up cash

DigitalOcean is a confusing sort of a vendor. Every time the list of leading public cloud vendors comes out, Amazon Web Services (AWS) is #1, with Microsoft Azure, Google Compute Platform and IBM SoftLayer fighting for the bridesmaid slots. We never hear of DigitalOcean in those reviews. That is partly because some people argue about what constitutes cloud and whether DigitalOcean should really be there.While these semantic arguments about "true" and "false" clouds go on, however, DigitalOcean has quietly (and not so quietly) been building scale. The company is growing rapidly, indeed, two years ago there had been around 1.5 million Droplets (its term for cloud servers) launched. Today, that figure has grown some 800 percent to 13 million. The company has around 700,000 all-time users and is adding 20,000 customers per month.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Weaveworks moves beyond Docker with plug-in for Kubernetes

An announcement coming today from networking vendor Weaveworks is interesting in and of itself, but even more so when seen in the broader context. Weaveworks is the vendor behind Weave, a networking and monitoring tool for the Docker containerization platform. The company is today announcing the availability of a plug-in for the Kubernetes cloud-native operating system. Weave Net 1.5 works with the Kubernetes Container Networking Interface and allows multicast networking integrated with Kubernetes-based applications. Weaveworks is talking up the applicability of this offering to specific verticals, in particular, the financial services industry:To read this article in full or to leave a comment, please click here

IDG Contributor Network: Sisense wants to make every user a data scientist

Analytics seems to be like the pot of gold at the end of the rainbow—hugely valuable but generally difficult (or impossible) to reach. It was always too hard, too slow, too expensive and too technical to be used on a widespread basis.Then things started to change. The rise of APIs meant that getting data into and out of core solutions became easier. The advent of cloud computing meant that standing up infrastructure on a short-term basis was easier, and a bunch of new approaches helped to make things far easier. One of the biggest proponents of this new way of driving analytics out to the business users is SAP, who is pushing hard for its HANA in-memory analytics service.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Datera emerges from stealth to offer another take on cloud scale-out storage

Stealthy startup Datera is launching today with its promise to bring an Amazon Web Services (AWS) cloud-type of offering to large enterprises and service providers.If that sounds like an offering you might have heard before, it's probably because for the past six to eight years, a number of vendors, seeing the traction that AWS has gained, have jumped on the bandwagon and offered a value proposition in the same area. There have been broad cloud operating system offerings, including OpenStack, CloudStack and Eucalyptus, more specialist storage platforms such as Ceph, Gluster, SimpliVity and Nutanix and hyperconverged offerings form the likes of VMware, Dell and Hewlett Packard. It's a busy space and one that is hanging off incredible growth in awareness and adoption of cloud offerings.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Sysdig and Mesosphere partner to monitor all of those containers

A new partnership being announced today sees Sysdig and Mesosphere getting cozy to enable a more consistent way of developing and delivering applications.These are two interesting vendors in different spaces. Sysdig calls itself a "container visibility company." Essentially what that means is that it offers a container-specific monitoring solution. One can think of it like New Relic and Boundary but with containers as a primary focus. Mesosphere, on the other hand, is the company that commercializes the Mesos open-source project to help scale and automate applications. Mesosphere offers the data center operating system (DCOS), which delivers a simpler administration model for data center operators.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Ouch, Red Hat gets a slapping. Volkswagen chooses Mirantis for its OpenStack needs

To understand the context here readers need a bit of history. RedHat is, of course, a company that has been wildly successful commercializing open source software (in particular Linux). It is also a big part of the OpenStack open source cloud computing initiative. Mirantis is a company focused solely on helping companies move to OpenStack. These two parties were once upon a time best of friends with Red Hat making a significant investment early in Mirantis' life. And then things soured, to the point where Red Hat started telling customers that it didn't support its own Linux distribution, RHEL, on Mirantis' flavor of OpenStack. There was lots of back and forth, and lots of minutiae around the move, but essentially it indicated, very publicly, that Red Hat and Mirantis' bromance was finished forever.To read this article in full or to leave a comment, please click here

IDG Contributor Network: HexaTier secures all those databases in the cloud

Israeli-founded HexaTier, the nattily-named vendor that offers security and compliance solutions for cloud-hosted databases and Database as a Service (DBaaS) platforms, is launching the latest version of its products and focusing squarely at what it perceives are the key enterprises blockers for DBaaS adoption. The Israel connection is interesting, the number of IT security companies to originate from Israel is truly staggering. It is a reflection of the huge amount of investment that the Israeli military makes into cyber security - many of those hyper-smart graduates of the Israel Defence Force's 8200 cyber-security unit go on to form commercial companies.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Microsoft defends PCs, post network penetration

This week at the RSA security conference, Microsoft announced the succinctly named Windows Defender Advanced Threat Detection product. The solutions (which really needs a better or at least shorter name) is focused on helping an organization's IT department detect threats to Windows 10 machines after the perimeter network has been penetrated. This is an important and pragmatic recognition of the fact that despite most solutions focusing on perimeter security, sometimes the outside line gets broken and hackers find a way in.To read this article in full or to leave a comment, please click here

IDG Contributor Network: All the buzzwords: Behavioral biometric adaptive authentication with SecureAuth

SecureAuth is a vendor in the authentication and access space. It covers a range of related functions including authentication, single sign on, and user self-service. At its core, SecureAuth is juggling the conflicting aims of ensuring easy access to applications by legitimate users and high security for sensitive data.One of the ways in which companies reconcile these seemingly irreconcilable aims is through using deep analytics to automate some of the access functions. A case in point comes from SecureAuth's latest version, which includes behavioral analytics, risk analysis, and biometric tracking.What all that means is that SecureAuth is offering to analyze a user's keystrokes and mouse movements to build a profile of an individual user's behavior. Thereafter, this profile is compared to subsequent login attempts and, if they don't match, SecureAuth applies a higher level of access control.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How blocking bots created new business opportunities for Crunchbase

Founded in 2007, CrunchBase is a website offering massive amounts of data about startup activity. Want to know who founded a startup, who invested in it, or who they're competing with? CrunchBase has the answers. And in a marketplace that is somewhat frothy, CrunchBase is an increasingly heavily trafficked web property. The site contains over 650,000 profiles of individuals and companies and is a massive repository of data. As such, CrunchBase has a massive opportunity to monetize that data, and is accordingly concerned about people who seek to use that data for their own commercial aims.I spent time talking with Kurt Freytag, head of product at CrunchBase, to have a look at the engineering work that goes into the site. As the site grew in size and traffic, Freytag noticed oddly shaped traffic and random spikes that were putting significant strain on its infrastructure. Of course, it could have simply thrown more horsepower at the site, but Freytag was keen to identify real root causes for the issues. He quickly concluded that bot traffic was hitting the site hard and crawling through its data. While this is a primary concern in terms of performance, it also introduces real commercial Continue reading

IDG Contributor Network: Small, community banks using machine learning to reduce fraud

It will come as no surprise to hear that fraud is an increasing problem across all financial institutions, but it is not only plaguing larger banks but also smaller financial institutions. Statistics show that charges of debit card fraud have grown over 400% in only three years.A case in point is Orrstown Bank, a community bank located in Pennsylvania and Maryland. Orrstown wanted a way of tackling fraud in an ongoing way, but within the context of their budget and technology constraints. Fraudulent credit card scammers have developed more abilities to work around the majority of safeguards that banks have in place.For Orrstown, analyzing the patterns of activity from transactions where a card is present used to be much simpler. Historically, the bank could either search for charges made outside of their region or rely on customers to flag fraudulent activity on their statements. However, identifying fraud today has become much more complex. For example, there has been an increasing number of cases where criminals are selling cards back into the local area from which they were stolen—thus making tracking by locality more difficult. As a result, Orrstown explored more advanced forms of data analysis that could do Continue reading

IDG Contributor Network: Equinix extends AWS Direct Connect to London, Dallas

Equinix has, over the past several years, played the role of connector between a number of public cloud vendors and organizations' existing IT assets. It's a natural move for Equinix, which, as a global vendor of data center space, is an important utility provider, but obviously doesn't really play much up the value chain. Direct Connect helps them to change that, allowing companies to connect their privately owned and managed infrastructure to AWS. It also performs a similar role for other public cloud platforms, Microsoft Azure for example.The reasons for providing these connections are obvious - privacy, security, throughput, and application performance all benefit from these high-spec pipes. A recent study released by Equinix, titled Enterprise of the Future, found that by 2017, 84% of IT leaders will deploy IT infrastructure where interconnection – defined as direct, secure physical or virtual connections  – is at the core, compared to only 38% today. Don't let it be said that interconnection is not an important part of the modern enterprise IT organization.To read this article in full or to leave a comment, please click here

IDG Contributor Network: This company’s name isn’t a joke: Secret Double Octopus goes beyond encryption

The process of naming a startup is fraught with peril - founders need to find a name which is catchy, ideally short, and one for which the URL is still available. Seemingly throwing most of the rules (at least about brevity or sense) out the window, Secret Double Octopus, a new company just emerging from stealth, has at least ensured one thing - no one will forget its name.Beyond quirky names, however, this company is doing something interesting. Yet another cybersecurity company that originated in Israel, Secret Double Octopus (we'll call it SDO to avoid the risks of overuse injury from repeatedly typing the name) is all about securing networking traffic and authentication beyond the traditional approaches of PKI, SSL and VPN. SDO aims to help secure data in transit, whether it's between sites, between a website and the cloud, or within mobile or IoT use cases. SDO's approach employs secret sharing, thereby eliminating the need for cryptographic keys.To read this article in full or to leave a comment, please click here

IDG Contributor Network: This software engineering school uses blockchain technology to authenticate its graduates

Holberton School is a project-based alternative to college for the next generation of software engineers. Using project-based learning and peer learning, Holberton School's mission is to train the best software engineers of their generation. Unlike the normal models, at Holberton School, there are no formal teachers and no formal courses. Instead, everything is project-centered. The school gives students increasingly difficult programming challenges to solve, with minimal initial directions on how to solve them. As a consequence, students naturally look for the theory and tools they need, understand them, use them, work together, and help each other.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Fueling the need for speed, Fastly raises $75 million

Fastly has a plan. And that plan revolves around unseating traditional content distribution network (CDN) vendors. For those unaware, CDNs are a critically important, but largely invisible (at least to end users), part of the infrastructure of the web. Quite simply, CDNs introduce locations close to consumption where content can be cached. What that means is that if you're in Timbuktu and trying to reach a website hosted in Outer Mongolia, rather than having to pull down all those pages all the way between the two points, you can leverage a CDN located near you to reduce page load times.And in a word where empirical data has shown massive revenue gains from even tiny increments in page load speed, every microsecond counts. Enter Fastly, a CDN vendor founded in 2011 that has built a significant presence and already powers such web properties as Twitter, the Guardian, Gov.UK, GitHub and Pinterest. Funded by a bevy of top-tier investors, including Amplify Partners, August Capital, Battery Ventures, ICONIQ Capital, IDG Ventures, and O’Reilly AlphaTech Ventures, Fastly is today announcing another raise, this time $75 million by way of a Series D round.To read this article in full or to leave Continue reading

IDG Contributor Network: Druva aims to deliver complete data protection and compliance for the enterprise

With a product announcement this week, data protection company Druva aims to give enterprises assistance with managing the sometimes-conflicting aims of leveraging new technology for greater efficiency, while still remaining safe and secure in terms of data protection. So what has Druva got in the pipeline now?Utilized by more than 3,000 organizations around the world and protecting data on a reported 3 million devices, Druva is all about data protection for the mobile workforce. What that means is that Druva takes care of backup and availability of data, alongside broad governance. Druva's product aims to ensure that specific data remains within the confines of your organization, while other data can be shared externally. Druva then sits in two camps - both the data backup and recovery space and the endpoint security space. These two worlds are increasingly coming together, and Druva is an example of this trend.To read this article in full or to leave a comment, please click here

1 9 10 11