Augmented MISP Integration with NSX Advanced Threat Analyzer

Contributors: Jason Zhang (NSBU TAU), Stefano Ortolani (NSBU TAU)

Introduction

Formerly known as the Malware Information Sharing Platform, MISP is a leading open-source threat intelligence platform (TIP) that organizations of all sizes can leverage to store, share, and enrich threat indicators of compromise (IoCs).

The MISP ecosystem primarily comprises two parts: MISP core (or engine) and MISP modules. MISP core is responsible for the main functionality of the platform, while MISP modules were introduced to extend the capability of MISP without changing MISP core components.

Thanks to the simple API interface provided by MISP, many third-party MISP modules have been developed to greatly extend MISP’s capabilities. There are mainly three types of MISP modules: expansion modules, import modules, and export modules. More details on MISP modules can be found on MISP’s GitHub MISP module repository, which includes three modules developed by Lastline (now part of VMware) that integrate MISP with VMware NSX Advanced Threat Analyzer (ATA), as we reported earlier.

Recently VMware’s Threat Analysis Unit (TAU) developed a new expansion module, which replaces the three Lastline modules. The improvements from the new module are twofold: a simplified enrichment process and an augmented enrichment capability.

In this blog post, Continue reading

Evolving Security for a Protected Network Architecture

In today’s world, a strongly secured network architecture and end-to-end visibility are the building blocks to a resilient security posture.

A Status Check on Global Exascale Ambitions

As we head toward the annual Supercomputing Conference season we wanted to take a moment for a level-set on exascale. …

A Status Check on Global Exascale Ambitions was written by Nicole Hemsoth at The Next Platform.

Liquid-Cooled Systems Are Inevitable, But Not Necessarily Profitable

Air is an absolutely terrible medium with which to move or remove heat from a system, but it sure is a lot easier and cheaper (well, at least in terms of the cost of goods sold) than adding some sort of liquid cooling to a system. …

Liquid-Cooled Systems Are Inevitable, But Not Necessarily Profitable was written by Timothy Prickett Morgan at The Next Platform.

Nutanix offers virtual private cloud HCI, multicloud workload management

Nutanix is releasing enhancements to its AOS operating system and Era database-management service designed to make it easier for enterprises to manage data, workloads, and business-continuity security tools in hybrid cloud environments via software-defined networking capabilitiesAOS and Era are both components of the Nutanix Cloud Platform. AOS 6, the new version of Nutanix's hyperconverged infrastructure (HCI) software, is designed to simplify network management across multiple clouds and enable enterprises to build virtual private clouds. Nutanix announced the updates at its .NEXT event this week.To read this article in full, please click here

Nutanix offers virtual private cloud HCI, multicloud workload management

Briefings In Brief 101: Juniper Wants To Wire Your Campus Fabric With Mist Cloud

Juniper Networks has announced a new wired campus fabric solution that uses EVPN VXLAN to create a fabric and ties in to the Juniper Mist Cloud for automation and management. Ed Horley and Drew Conry-Murray describe how it works, how it integrates with Juniper Mist Cloud, and how Juniper positions this offering against other campus options.

Briefings In Brief 101: Juniper Wants To Wire Your Campus Fabric With Mist Cloud

The post Briefings In Brief 101: Juniper Wants To Wire Your Campus Fabric With Mist Cloud appeared first on Packet Pushers.

What you can expect: AnsibleFest 2021 for IT Leaders

This year, we are adapting our signature automation event, AnsibleFest, into a free virtual experience. Seasoned pros and new Ansible enthusiasts alike can find answers and learn more about Red Hat Ansible Automation Platform, the platform for building and operating automation at scale and creating an enterprise automation strategy. We are excited to offer a track designed specifically for IT leaders.

Let’s take a closer look at this track for AnsibleFest 2021.

IT Leaders at AnsibleFest

The role of automation for IT leaders has certainly evolved in recent years. Automation that used to be contained to domain-specific, task-bound practices has evolved to encompass full enterprises -- connecting teams and areas that were not connected before. The prospect of beginning an automation practice, or even unifying separate automation efforts, can often seem daunting. No matter where you are on your automation journey, we have a session for you.

Attendees will hear from like-minded companies about their targeted use cases and experiences with automation, sharing how they navigated their digital transformation journeys and lessons learned. We are also excited to be joined by several analysts who will share their insights and perspectives.

If you are experienced with the Ansible Automation Continue reading

Bringing OAuth 2.0 to Wrangler

Over the course of this summer, I had the incredible opportunity to join the Workers Developer Productivity team and help improve the developer experience of Workers. Today, I’ll talk about my project to implement the OAuth 2.0 login protocol for Wrangler, the Workers command line interface (CLI).

Wrangler needs to be authorized in order to carry out its job. API tokens are one way to authorize Wrangler, but they do not provide the best user experience as the user needs to manually copy and paste their tokens. This is where the OAuth 2.0 protocol comes into play.

Previously, the wrangler login command used API tokens to authenticate Wrangler. However, managing API tokens can sometimes be cumbersome, since you need to go to the Cloudflare dashboard to create or modify a token. By using OAuth 2.0, we can allow users to directly choose permissions or scopes from Wrangler. OAuth 2.0 helps simplify the login process while making it more secure.

OAuth 2.0 is an industry-standard protocol for allowing users to authorize applications without having to share a password. In order to understand this protocol, we need to define some Continue reading

What Are Mesh Routers For Wi-Fi

There may be many reasons as to why the Wi-Fi at your house does not work. Weakened Wi-Fi signals could be a result of any physical obstruction or it can also be caused by dead spots. This is the reason as to why the Wi-Fi at your home does not work well. But what can we do to fix this problem? Is this even a problem? Yes definitely it is a problem. Weakened Wi-Fi means nothing but slow internet connectivity which means that you might not be able to join your online class on time, might miss the meeting, might not be able to send in the email to your boss or simply just experience a pause at life. In the rowing times people almost across the globe are highly dependent on Wi-Fi and internet connectivity. Having a slow internet can defiantly become a headache for many of us. The solution can be simple: a mesh router for Wi-Fi or full home Wi-Fi is the most ideal solution

How Does It Work?

Think of a scenario where you want to play music in the entire house, now ideally if you lay music in front porch the backyard will only get Continue reading

Dictionary: Dumb Pipes

What does Dumb Pipe mean ?

Building a Small Data Center Fabric with Four Switches

One of my subscribers has to build a small data center fabric that’s just a tad too big for two switch design.

For my datacenter I would need two 48 ports 10GBASE-T switches and two 48 port 10/25G fibber switches. So I was watching the Small Fabrics and Lower-Speed Interfaces part of Physical Fabric Design to make up my mind. There you talk about the possibility to do a leaf and spine with 4 switches and connect servers to the spine.

A picture is worth a thousand words, so here’s the diagram of what I had in mind:

Building a Small Data Center Fabric with Four Switches

One of my subscribers has to build a small data center fabric that’s just a tad too big for two switch design.

For my datacenter I would need two 48 ports 10GBASE-T switches and two 48 port 10/25G fibber switches. So I was watching the Small Fabrics and Lower-Speed Interfaces part of Physical Fabric Design to make up my mind. There you talk about the possibility to do a leaf and spine with 4 switches and connect servers to the spine.

A picture is worth a thousand words, so here’s the diagram of what I had in mind:

Guide to NSX Security at VMworld 2021

The world is changing and as a result, the ability to operationalize network security at scale is more important than ever. Organizations need the ability to monitor and protect both East-West and North-South traffic at scale without adding operational complexity or impacting the user experience. How do organizations do all this in the face of reduced budgets, increasing network complexity, radical changes throughout IT architectures and an increase in volume and sophistication of cybersecurity threats?

We’ll show you at VMworld 2021 with sessions dedicated to helping you operationalize network security at scale in today’s modern world.

To register or learn more about VMworld, visit the portal. Without further ado, check out our quick guide to NSX Security sessions at this year’s event.

Keynote

Multi-Cloud

Firewall

Threat Prevention

Europe Inches Closer to Native RISC-V Reality

The European Processor Initiative (EPI) has pinned its hopes on RISC-V as the path to European semiconductor independence. …

Europe Inches Closer to Native RISC-V Reality was written by Nicole Hemsoth at The Next Platform.

14 things you need to know about data storage management

When it comes to storing data, there is no ‘one-size-fits-all’ solution, so before you decide where or how to store your data, first understand the amount and type you have and why you need to store it.How to make sure data that should be backed up gets backed up So how do you formulate a sound data-storage management strategy? IDG asked dozens of storage and data management experts, which resulted in these top 14 suggestions regarding what steps you need to take to choose the right data storage solution(s) for your organization—and how you can better ensure your data is properly protected and retrievable.To read this article in full, please click here

14 things you need to know about data storage management

Why securing internet-facing applications is challenging in a Kubernetes environment

Internet-facing applications are some of the most targeted workloads by threat actors. Securing this type of application is a must in order to protect your network, but this task is more complex in Kubernetes than in traditional environments, and it poses some challenges. Not only are threats magnified in a Kubernetes environment, but internet-facing applications in Kubernetes are also more vulnerable than their counterparts in traditional environments. Let’s take a look at the reasons behind these challenges, and the steps you should take to protect your Kubernetes workloads.

Threats are magnified in a Kubernetes environment

One of the fundamental challenges in a Kubernetes environment is that there is no finite set of methods that exist in terms of how workloads can be attacked. This means there are a multitude of ways an internet-facing application could be compromised, and a multitude of ways that such an attack could propagate within the environment.

Kubernetes is designed in such a way that allows anything inside a cluster to communicate with anything else inside the cluster by default, essentially giving an attacker who manages to gain a foothold unlimited access and a large attack surface. Because of this design, any time you have Continue reading

« Previous 1 … 659 660 661 662 663 … 3,841 Next »