My takeaway from RSA 2018: Network has left the building

By Leonid Belkind, co-founder and CTO, Luminate
Published on April 23, 2018

After numerous logistic teams had taken apart the breathtaking booths of the various security vendors and the dust had settled on the exhibition floors and in the lecture halls of Moscone Center in San Francisco, it was time for me to sit back and contemplate what I had seen during this event.

Read More

Being at the heart of the Enterprise IT Security industry for over a decade and a half has given me a sense of perspective when I try to digest it all, I have also witnessed the evolution of the industry throughout this significant period.

Walking along the colorful (and, quite often, somewhat noisy) booths of security vendors, large and small alike, one couldn’t miss the significant change that has swept through the industry. The security appliances, in their large and colorful cases, featuring a wide variety of network sockets, led lights and power/storage configurations are nowhere to be found. Long gone are the days when beautiful booths featured appliances as their centerpiece, emphasizing how unique they were, based on the latest and greatest Intel (or AMD) architecture, featuring a certain (uniquely large) amount of network interfaces, or, if nothing else worked, offering an extremely fast storage module. This time, I could only find a handful of booths where appliances were presented at all (2 such booths to be exact) and even there they were pushed aside by the new software service offerings of the vendors.

In fact, the revolution is larger than just taking away appliances. RSA has proved beyond any reasonable doubt that the industry is in the process of removing the network, as a primary plane for corporate IT security governance, and using much higher-level principles, such as the identity, device and application-layer.

The above principles were very prominent both in the booths of the incumbents, as well as in those belonging to the new entrants.

On a device stage, the battle between the Next Generation Endpoint Security solutions stole a lot of attention. A field that was completely “out of fashion” only 3-4 years ago has regained prominence with new and ambitious players giving traditional antivirus vendors a “run for their money” with new and attractive offerings. While the security solutions for mobile devices are mostly converging into larger offerings, with some small exceptions, the security for Windows, Linux and Mac OS X devices seems to have grown into a larger market segment than ever before.

Identity and Access services market is also blossoming. Significant players in the field of Identity Management, Multi-Factor Authentication and even Privileged Access have drawn huge crowds to their booths, promising enterprise security professionals deliverance from the shackles of network-based trust models. What is even more noteworthy is that most of these solutions are being offered in Software-as-a-Service mode, rather than in self-installable software packages.

An additional field worthy of attention is that of events analytics and intelligence. Notions, such as SIEM and Events Processing, belong to the past, while notions of Behavioral Analytics and Machine Learning have matured, and, instead of offering their users “cutting edge technology”, they have evolved into useful solutions targeting actionable insights (and even automated responses to such insights) as their value-proposition.

How much does the cloud affect current IT Security solutions? Well, it was enough to see that more and more security vendors are now proudly displaying certificates showing their level of technological partnership with Amazon Web Services in order to understand that the impact is already vast and is growing even further.

The new IT security perimeter is defined in very clear and simple terms:
●     It’s all about identity, devices and applications, and no longer about
IP based rules and network topologies
●     All events must be on the application layer and need to understand the context of
the “operation” that is being performed
●     Everything needs to be cloud-ready, preferably cloud-native
●     Everything must be “smart”, i.e. containing advanced analytics and decision-making

Walking the exhibition floors of the security industry’s largest showcase I couldn’t help being excited about the number of possibilities that this new frontier defines. Working in this industry has always been exciting for me, but the pace with which the industry reinvents itself and provides larger and larger stage for innovation has been accelerating and has reached new heights this year.

Cannot wait to see what comes next…

Security for the Cloud: Can’t Miss Sessions at RSA 2018

By Adi Bar-Lev, VP Marketing, Luminate
Published on April 9, 2018

RSA Conference, which will be held from April 16-20 in the Moscone Center, San Francisco, is one of the biggest information security events on the calendar. And this year, Luminate Security will be there, as part of the Israel Cyber Alliance. We are
looking forward to meeting with security experts that are ready to divulge some
industry know-how, and to sharing some of our own experiences.

Read More

The Cloud security market - expected to be worth $12.7 billion by 2022 -  is now facing an opportunity to solve a once-in-a-generation security problem and unleash digital transformation. New solutions to security challenges posed by Cloud computing are flooding the market and this is where Luminate comes in, with our integrated, API-driven security platform. We have taken the BeyondCorp philosophy as a starting point - shifting from network based to application based security to minimize the network attack surface. This mode of operation allows only point-to-point, ad-hoc user access to specific corporate resources (wherever they are hosted), while the corporate network never gets exposed.

RSA 2018 will deliver solutions and ideas at the cutting edge of Cloud security. We’ve listed some of the sessions not to miss for best insights in various aspects of enterprise Cloud security:

Can’t Miss Sessions

The Impact of Multi and Hybrid Clouds to Cybersecurity Priorities, April 19, 3pm-3:45pm, Moscone South Esplanade 157
Doug Cahill, Senior Analyst, Enterprise Strategy Group

Doug tweets: “Very excited to be presenting at @RSAConference this year on how hybrid and multi-clouds are impacting #CyberSecurity priorities, processes, and technology decisions! #cloudsecurity”

Doug Cahill’s session focuses on automating security controls for hybrid cloud environments, a challenge faced by many organizations in 2018. And that is exactly what we are here to solve: Luminate’s unique approach operates on the application level, granting and securing access to applications hosted on-premises, or on the Cloud - both private and public.

(ISC)2 CCSP® Cloud Security Professional Two Day Crash Course, April 15, 9am-5pm and April 16, 9am-5pm,
Instructor: Kevin Jackson, CEO/Founder, GovCloud Network

This two-day course is designed to get you ready for the security certification exam, Certified Cloud Security Professional (CCSP). The course focuses on all security-related matters of Cloud computing and operations, including architecture and design of Cloud platforms. This is a great opportunity to learn about how to build cloud-native security approach in your organization. We at Luminate believe that new challenges require new approaches and completely agree that cloud security is a profession that should be studied.

CSA Summit: Cloud 2018: Enterprise Grade Security, April 16, 9am-4pm
Welcome address: Jim Reavis, CEO Cloud Security Alliance

The Cloud Security Alliance Summit runs seminars at RSA 2018. This seminar includes sessions on “Cloud Migration 2.0: Security for IaaS” and “Cloudy Weather Ahead for Digital Transformation”. Many of our colleagues will be discussing their approach to cloud security challenges and share their experience and best practices. We greatly value working with the Cloud Security Alliance, contributing to the most important IT revolution in decades.

DevOps Connect: DevSecOps, April 16, 9am-5pm
Welcome address: Mark Miller, Alan Shimel

This day-long session is dedicated to the crucial point where DevOps meets Security. The session looks at the journey of integrating modern software and infrastructure delivery pipelines with security controls. We believe that Software-Defined access should be an intrinsic part of any infrastructure/configuration of automation policy, and this session shows the way to achieve this. Mark Miller and Alan Shimel will be giving the welcome address. You won’t get much more experienced in DevOps than with this team!

The Future of Security for SecOps and NetOps (Gigamon), April 17, 11:40am-12pm
Simon Gibson, Former CISO Bloomberg now Fellow Security Architect, Gigamon

This session will cover the importance of simplifying security architectures to improve flexibility and overall management. At Luminate Security we know this is achievable without the need for an expensive network overhaul. We are excited to hear Simon Gibson’s suggestion for handling this challenge.

How Cloud, Mobility and Shifting App Architectures Will Transform Security, April 17, 1pm-1:45pm
Thomas Corn Senior Vice President and General Manager, Security Products, VMware

Thomas tweets: “Machine Learning has huge implications for #Cyber.”

Thomas drives VMWare’s security strategy, and we agree that mobility and Cloud are enabling robust security models. It is no longer a question of “if” the security will be transformed, but “how.” This session will look at the new tools and technologies available to support this transformation.

Confessions of a Cloud Security Convert, April 17, 3:30pm-4:15pm
Michael Farnum, Solution Architect Manager, Set Solutions

Michael is a well-rounded security professional currently working as a Solution Architect Manager. This session focuses on his personal journey from network security to the Cloud including Michael’s ‘Cloud conversion.’ Coming from the VPN world and now evangelizing the software-defined perimeter and Zero Trust architecture with our cloud-based security platform, we are always thrilled to hear about the experiences of our industry colleagues.

Can SOC Overcome the Complexity of Cloud? April 18, 1:45pm-2:30pm
Wayne Anderson, Enterprise Security Architect, McAfee

Wayne Anderson applies a multidisciplinary approach to security. He will facilitate this session looking at a classical approach to managing security events across the enterprise network with how it can be mapped to the Cloud. We expect this session to address burning questions like: Are we looking to build smarter systems to reduce the amounts of events that require handling? Can we democratize some of the events?; How will SOC operations enter the cloud age?

Google on BeyondCorp: Empowering Employees with Security for the Cloud Era, April 20, 10:15am-11am
Jennifer Lin, Director, Security, Google Cloud

With Google’s Jennifer Lin, this session is particularly exciting for us because of Lin’s expertise in Cloud automation and the security and privacy challenges of Cloud computing. Google’s work with the Zero Trust Networks concept and their BeyondCorp project has also been an inspiration for us, and we are eager to hear about the experience Google gained in converting their corporate network. At Luminate we provide Security-as-a-Service approach for organizations that would like to benefit from BeyondCorp-like values without revolutionizing their current network first.

If you make it over to RSA 2018, come on over and see Luminate Security at RSA Booth #735, South Hall, to see first-hand how we provide secure access to your corporate resources on any datacenter and from any device; or request a meeting.

Application level visibility vs. network level visibility

By Leonid Belkind, co-founder and CTO, Luminate
Published on March 8, 2018

Visibility is an essential ingredient in security. Whether it's examining "forensic" evidence and audit trails after the fact or limiting access in real-time, any security system needs visibility to understand what is going on within the applications and networks that it is trying to defend. Defending without visibility is like shooting in the dark. As we will see in this post, a few recent developments have made it possible to increase visibility, improving the system's ability to defend against unauthorized access.

Read More

Is this really Cloud Computing? (Lessons learned from a recent Cisco SSL VPN Vulnerability)

By Leonid Belkind, co-founder and CTO, Luminate
Published on February 1, 2018

As some of you have heard, on January 29th, Cisco has disclosed information about a Remote Code Execution and Denial of Service vulnerability that affects a number of their security product lines. The vulnerability is pretty bad. In fact, its CVSS (Common Vulnerability Scoring System) score is 10, the highest possible score.

Read More
Terms of usePrivacy policySupport