Tag Archives: Security

Building on experience: a framework for cybersecurity policy

Each year, more and more governments are developing policies to address security challenges presented by an increasingly digitized world. And to support those efforts, I’m excited today to announce the release of Microsoft’s new Cybersecurity Policy Framework, a resource for policymakers that provides an overview of the building blocks of effective cybersecurity policies and that is aligned with the best practices from around the globe. Nations coming online today, and building their cybersecurity infrastructures, should not—and need not—be burdened with the stumbling blocks that characterized previous generations of cybersecurity policies. Instead, such nations should be empowered to leapfrog outdated challenges and unnecessary hurdles.

For years, Microsoft has worked with policymakers in advanced and emerging economies, and across many social and political contexts, to support the development of policies to address a wide range of cybersecurity challenges. This new publication captures and distills the important lessons learned from those years of experience partnering with governments. And as increasing numbers of countries wrestle with how to best address cybersecurity challenges, the Cybersecurity Policy Framework is an indispensable resource for the policymakers joining this work.

According to the last analysis provided by the United Nations, half of the countries on earth today either have or are developing national cybersecurity strategies. I have little doubt that in the next decade every single outstanding country will add its name to that list. And this trend highlights the importance of this new resource. The policies established today will impact how technologies are used for years to come and how safe or dangerous the online world becomes for all of us. Truly, there is no going back, only forward.

The Cybersecurity Policy Framework is not one-stop shopping for cybersecurity policymakers, but it does serve as an important “umbrella document,” providing a high-level overview of concepts and priorities that must be top of mind when developing an effective and resilient cybersecurity policy environment.

Specifically, this new resource outlines:

  • National strategies for cybersecurity.
  • How to establish a national cyber agency.
  • How to develop and update cybercrime laws.
  • How to develop and update critical infrastructure protections.
  • International strategies for cybersecurity.

We at Microsoft have been at this work for a long time and have developed a wide variety of resources to help those who are working to position their industries and nations to capitalize on the benefits of new technologies—so many that they can often be difficult to find! And this highlights another strength of the Cybersecurity Policy Framework, while it is not one-stop shopping, each section does provide an overview of a critical policy topic as well as links to the associated and more in-depth resources my team has developed over the years to assist policymakers. In this way, this new resource serves not only as essential, high-level guidance, but also as a key to a broader catalogue of resources built on years of experience partnering with governments around the world.

Reading through this new resource, I am proud of the work we have done in pursuit of a safer online world. Important progress has been made and these foundational principles underscore much today’s cybersecurity discourse. However, we have—and will always have—more work to do as a result of the changes and innovations in technology always on the horizon, and their implications for cybersecurity. I’m glad to put this resource forward today to support a new generation of policymakers and also look forward to partnering with them to tackle the new challenges we will face together tomorrow.

Download your copy of the Cybersecurity Policy Framework today.

For Sale – AMD FX 8320, 990FX + 8GB + internet security

I’m open to offers on all items
PRICES NOW INC P&P

Bullguard Internet Security Activation Code £10

AMD FX 8320 with cooler
asus sabertooth 990fx r2.0
8gb Corsair Dominator RAM

£130 inc P&P open to offers

Watercooling parts
All parts are used, have taken out of a working loop.

Phobya Balancer 250 silver nickel
Now £17 inc P&P

[​IMG]

Price and currency: £10 £130
Delivery: Delivery cost is included within my country
Payment method: Bank or Paypal Gift
Location: Rotherham
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Juniper boosting performance of SRX5000 firewall for IoT, 5G

Juniper Networks has introduced a security acceleration card that boosts the performance of the company’s SRX5000 line of firewalls to future-proof the data centers of service providers, cloud providers and large enterprises.

Juniper designed the services processing card, SPC3, for organizations anticipating large data flows from upcoming multi-cloud, internet-of-things and 5G applications. Besides meeting future demand, the SPC3 can also accommodate current traffic increases due to video conferencing, media streaming and other data-intensive applications.

The SPC3 multiplies performance up to a factor of 11 across key metrics for the SRX5000 line, Juniper said. Organizations using the Juniper SPC2 can upgrade to the SPC3 without service interruptions.

What’s in the SRX5000 line?

The SRX5000 line’s security services include a stateful firewall, an intrusion prevention system, unified threat management and a virtual private network. Network operators manage security policies for SRX5000 hardware through Juniper’s Junos Space Security Director.

With the addition of an SPC, the SRX5000 line can support up to 2 Tbps of firewall throughput. The line’s I/O cards offer a range of connectivity options, including 1 Gigabit Ethernet, 10 GbE, 40 GbE and 100 GbE interfaces.

Security is one area Juniper has reported quarterly revenue growth while overall sales have declined. For the quarter ended June 30, Juniper reported last month revenue from its security business increased to $79.5 million from $68.7 million a year ago.

However, overall revenue fell 8% to $1.2 billion, and the company said sales in the current quarter would also be down. Nevertheless, the company expects to return to quarterly revenue growth in the fourth quarter.

Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition

This morning we are excited to unveil the security researcher leaderboard at the Black Hat Security Conference.  This list recognizes the top security researchers who have contributed research to the Microsoft products and services.  If you are curious on how we build the list, check out our blog from last week on The Making of the Top 100 Researcher List

We appreciate all the work and partnerships with the security community over the years.  This is a good annual reflection point on the past year’s contributions.  Keep up the great work and we look forward to hearing from you this year too.

Microsoft’s Top 100 Security Researcher List

Ranking Researcher Name
1 Ashar Javed
2 Junghoon Lee
3 Yuki Chen
4 Cameron Vincent
5 Richard Shupak
6 Suresh Chelladurai
7 MaoFeng Ran
8 Mateusz Jurczyk
9 Ivan Fratric
10 Gal De Leon
11 Jaanus Kääp
12 James Forshaw
13 Kai Song
13 Hui Gao
15 Andreas Sandblad
16 Ajay Kulal
17 Yeivin Nadav
18 Fan Xiaocao
19 Liu Long
20 Zhang Yunhai
21 Dmitri Kaslov
22 Marcin Towalski
23 Qixun Zhao
24 Wayne Low
25 Huang Anwen
26 Dhanesh Kizhakkinan
27 Peter Hlavaty
28 Simon Zuckerbraun
29 Xiao Wei
30 Yassine Nafiai
31 Alex Ionescu
32 WenQunWang
32 Debasish Mandal
34 Ismail Talib
35 Cem Karagun
36 Adrian Ivascu
36 Ahmed Jerbi
38 Kdot
39 Zhong Zhaochen
40 Hung Huynh
40 Rancho Han
42 Jens Muller
43 Linan Hao
43 Lucas Leong
43 Ying Xinlei
43 J00Sean
47 Hamza Bettache
48 Aradnok
48 Zhou Yu
50 Mohamed Hamed
51 Vikash Chaudhary
52 Alec Blance
53 Zhenhuan Li
54 Xiong Wenbin
54 Richard Zhu
56 Minh Tran
57 Frans Rosen
57 Steven Seeley
59 Mario Gomes
60 Matt Nelson
61 Zhang Sen
62 Scott Bell
62 Honggang Ren
62 Ke Liu
63 Nethaniel Gelernter
63 Vladislav Stolyarov
67 Ivan Vagunin
67 Mustafa Hasan
69 SaifAllah Massaoud
70 Adesh Nandkishor Kolte
70 Roman Blachman
70 Omair
73 Tao Yan
73 Giwan Go
73 Nick Freeman
76 Amal Mohandas
77 Lucas Moreira Giungi
78 Marcin Wiazowski
79 Adam Bauer
79 Oleksandr Mirosh
79 Yangkang
79 Wanglu
79 Yong Chuan Koh
79 Jin Chen
79 Rgod
79 Ding Maoyin
79 Song Shenlei
88 Jovon Itwaru
88 Hungtt28
90 Abdulrahman Alqabandi
90 Christian Holler
92 Arik Isik
92 Manish Kumar Gupta
92 Kévin Chalet
92 Linang Yin
96 Ahmed Radi
97 Guangmingliu
97 Amir Shaahin
97 Omair Ahmed
97 nyaacate

Phillip Misner,

Principal Security Group Manager

Microsoft Security Response Center

For Sale – AMD FX 8320, 990FX + 8GB + internet security

I’m open to offers on all items
PRICES NOW INC P&P

Bullguard Internet Security Activation Code £10

AMD FX 8320 with cooler
asus sabertooth 990fx r2.0
8gb Corsair Dominator RAM

£130 inc P&P open to offers

Watercooling parts
All parts are used, have taken out of a working loop.

Phobya Balancer 250 silver nickel
Now £17 inc P&P

[​IMG]

Price and currency: £10 £130
Delivery: Delivery cost is included within my country
Payment method: Bank or Paypal Gift
Location: Rotherham
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

SIEM benefits include efficient incident response, compliance

Security information and event management systems collect security log events from numerous hosts within an enterprise and store their relevant data centrally. By bringing this log data together, these SIEM products enable centralized analysis and reporting on an organization’s security events.

SIEM benefits include detecting attacks that other systems missed. Some SIEM tools also attempt to stop attacks — assuming the attacks are still in progress.

SIEM products have been available for many years, but initial security information and event management (SIEM) tools were targeted at large organizations with sophisticated security capabilities and ample security analyst staffing. It is only relatively recently that SIEM systems have emerged that are well-suited to meet the needs of small and medium-sized organizations.

SIEM architectures available today include SIEM software installed on a local server, a local hardware or virtual appliance dedicated to SIEM, and a public cloud-based SIEM service.

Different organizations use SIEM systems for different purposes, so SIEM benefits vary across organizations. This article looks at the three top SIEM benefits, which are:

  • streamlining compliance reporting;
  • detecting incidents that would otherwise not be detected; and
  • improving the efficiency of incident handling

1. Streamline compliance reporting

Many organizations deploy the tools for these SIEM benefits alone, including streamlining enterprise compliance reporting efforts through a centralized logging solution. Each host that needs to have its logged security events included in reporting regularly transfers its log data to a SIEM server. A single SIEM server receives log data from many hosts and can generate one report that addresses all of the relevant logged security events among these hosts.

An organization without a SIEM system is unlikely to have robust centralized logging capabilities that can create rich customized reports, such as those necessary for most compliance reporting efforts. In such an environment, it may be necessary to generate individual reports for each host or to manually retrieve data from each host periodically and reassemble it at a centralized point to generate a single report.

Many organizations deploy the tools for these SIEM benefits alone, including streamlining enterprise compliance reporting efforts through a centralized logging solution.

The latter can be incredibly difficult, in no small part because different operating systems, applications and other pieces of software are likely to log their security events in various proprietary ways, making correlation a challenge. Converting all of this information into a single format may require extensive code development and customization.

Another reason why SIEM tools are so useful is that they often have built-in support for most common compliance efforts. Their reporting capabilities are compliant with the requirements mandated by standards such as the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS) and the Sarbanes-Oxley Act.

By using SIEM logs, an organization can save considerable time and resources when meeting its security compliance reporting requirements, especially if it is subject to more than one such compliance initiative.

2. Detect the undetected

SIEM systems are able to detect otherwise undetected incidents.

Many hosts that log security breaches do not have built-in incident detection capabilities. Although these hosts can observe events and generate audit log entries for them, they lack the ability to analyze the log entries to identify signs of malicious activity. At best, these hosts, such as end-user laptops and desktops, might be able to alert someone when a particular type of event occurs.

SIEM tools offer increased detection capabilities by correlating events across hosts. By gathering events from hosts across the enterprise, a SIEM system can see attacks that have different parts on different hosts and then reconstruct the series of events to determine what the nature of the attack was and whether or not it succeeded.

In other words, while a network intrusion prevention system might see part of an attack and a laptop’s operating system might see another part of the attack, a SIEM system can correlate the log data for all of these events. A SIEM tool can determine if, for example, a laptop was infected with malware which then caused it to join a botnet and start attacking other hosts.

It is important to understand that while SIEM tools have many benefits, they should not replace enterprise security controls for attack detection, such as intrusion prevention systems, firewalls and antivirus technologies. A SIEM tool on its own is useless because it has no ability to monitor raw security events as they happen throughout the enterprise in real time. SIEM systems use log data as recorded by other software.

Many SIEM products also have the ability to stop attacks while they are still in progress. The SIEM tool itself doesn’t directly stop an attack; rather, it communicates with other enterprise security controls, such as firewalls, and directs them to block the malicious activity. This incident response capability enables the SIEM system to prevent security breaches that other systems might not have noticed elsewhere in the enterprise.

To take this a step further, an organization can choose to have its SIEM tool ingest threat intelligence data from trusted external sources. If the SIEM tool detects any activity involving known malicious hosts, it can then terminate those connections or otherwise disrupt the malicious hosts’ interactions with the organization’s hosts. This surpasses detection and enters the realm of prevention.

3. Improve the efficiency of incident handling activities

Another of the many SIEM benefits is that SIEM tools significantly increase the efficiency of incident handling, which in turn saves time and resources for incident handlers. More efficient incident handling ultimately speeds incident containment, thus reducing the amount of damage that many security breaches and incidents cause.

A SIEM tool can improve efficiency primarily by providing a single interface to view all the security log data from many hosts. Examples of how this can expedite incident handling include:

  • it enables an incident handler to quickly identify an attack’s route through the enterprise;
  • it enables rapid identification of all the hosts that were affected by a particular attack; and
  • it provides automated mechanisms to stop attacks that are still in progress and to contain compromised hosts.

The benefits of SIEM products make them a necessity

The benefits of SIEM tools enable an organization to get a big-picture view of its security events throughout the enterprise. By bringing together security log data from enterprise security controls, host operating systems, applications and other software components, a SIEM tool can analyze large volumes of security log data to identify attacks, security threats and compromises. This correlation enables the SIEM tool to identify malicious activity that no other single host could because the SIEM tool is the only security control with true enterprise-wide visibility.      

Businesses turn to SIEM tools, meanwhile, for a few different purposes. One of the most common SIEM benefits is streamlined reporting for security compliance initiatives — such as HIPAA, PCI DSS and Sarbanes-Oxley — by centralizing the log data and providing built-in support to meet the reporting requirements of each initiative.

Another common use for SIEM tools is detecting incidents that would otherwise be missed and, when possible, automatically stopping attacks that are in progress to limit the damage.

Finally, SIEM products can also be invaluable to improve the efficiency of incident handling activities, both by reducing resource utilization and allowing real-time incident response, which also helps to limit the damage.

Today’s SIEM tools are available for a variety of architectures, including public cloud-based services, which makes them suitable for use in organizations of all sizes. Considering their support for automating compliance reporting, incident detection and incident handling activities, SIEM tools have become a necessity for virtually every organization.

Bugcrowd CTO explains crowdsourced security benefits and challenges

Crowdsourced security can provide enormous value to enterprises today, according to Casey Ellis, but the model isn’t without its challenges.

In this Q&A, Ellis, chairman, founder and CTO of San Francisco-based crowdsourced security testing platform Bugcrowd Inc., talks about the growth of bug bounties, the importance of vulnerability research and the evolution of his company’s platform. According to the Bugcrowd “2018 State of Bug Bounty Report,” reported vulnerabilities have increased 21% to more than 37,000 submissions in the last year, while bug bounty payouts have risen 36%.

In part one of this interview, Ellis expressed his concerns that the good faith that exists between security researchers and enterprises is eroding and discussed the need for better vulnerability disclosure policies and frameworks. In part two, he discusses the benefits of crowdsourced security testing, as well as some of the challenges, including responsible disclosure deadlines and the accurate vetting of thousands of submissions.

Editor’s note: This interview has been edited for clarity and length.

When it comes to responsible vulnerability disclosure, do you think companies are at a point now where they generally accept the 90-day disclosure period?

Casey Ellis: No. No, I think technology companies are, but it’s very easy working in technology to see adoption by technology companies and assume that it’s normal now. I see a lot of people do that and I think it’s unwise, frankly.

I think that’s where we’ll end up eventually, and I think we’re moving toward that type of thing. But there are caveats in terms of, for example, complex supply chain products or vehicles or medical devices — the stuff that takes longer than 90 days to refresh and test, patch, and deploy out to the wild. The market is not used to that kind of pressure on public disclosure yet, but I think the pressure is a good thing.

The bigger problem is in terms of general vulnerability disclosure; that’s not accepted outside of the tech sector yet — at all, frankly.

There’s been a lot of talk about security automation and machine learning at RSA Conference again this year. Where do you see that going?

Ellis: It depends on your definition of automation at that point. Is it automation of decision-making or is it automation of leverage and reaching that decision?

For the customers, they just want to know what they need to go and fix. But we have to prioritize the submissions.
Casey EllisBugcrowd

Using Bugcrowd as an example, we’re heavy users of machine [learning] and automation within our platform, but we’re not doing it to replace the hackers. We’re doing it to understand which of the conversations we’re having as these submissions come in are most important. And we’re trying to get to the point where we can say, ‘Okay, this bug is less likely to be important than this other bug. We should focus on that first.’

For the customers, they just want to know what they need to go and fix. But we have to prioritize the submissions. We have to sit in front of that customer and have these conversations at scale with everyone who’s submitting, regardless of whether they’re very, very valuable in terms of the information or they’re getting points for enthusiasm but not for usefulness. It’s actually a fun and a valuable problem to solve, but it’s difficult.

How do you prioritize and rank all of the submissions you receive? What’s that process like?

Ellis: There’s a bunch of different things because the bug bounty economic model is this: The first person to find each unique issue is the one who gets rewarded for it. And then, the more critical it is, the more they get paid. And this is what we’ve been doing since day one because the premise was these are two groups of people that historically suck at talking to each other.

So we said we’re going to need to pull together a human team to help out, and then what we’ll do is we’ll learn from that team to build the product and make the product more effective as we go. It’s a learning loop that we’ve got internally, as well. And what they’re doing is, basically, understanding what’s a duplicate [submission], what’s out of scope and things like that. There are simple things that we can do from a filtering standpoint.

Duplicates get interesting because you have pattern matching and Bayesian analysis and different things like that to understand what the likelihood of a duplicate is. Those are the know things. Then there’s the heavy stuff — the critical importance, wake up the engineering team stuff.

There’s also a bunch of stuff we do in terms of analyzing the vulnerability against the corpus [of known vulnerabilities] to understand what that is, as well as who the submitter is. Because if they’re a notorious badass who comes in and destroys stuff and has a really high signal-to-noise ratio then, yes, that’s probably something that we should pay attention to.

There’s a bunch of really simple stuff or comparatively simple stuff that we can do, but then there’s a bunch of much more nuanced, complicated stuff that we have to work out. And then we’ve got the human at the end of [the process] because we can’t afford to get it wrong. We can’t say, no to something that’s actually a yes. The whole thing gets basically proofed, and then those learnings go back into the system and it improves over time.

Do you receive a lot of submissions that you look at and say, ‘Oh, this is nonsense, someone’s trying to mess with us and throw the process off’?

Ellis: Yes. There’s a lot of that. As this has grown, there are a bunch of people that are joining in for the first time, and some of them are actively trolling. But then, for every one of those, there are 10 that are just as noisy, but it’s because they think they’re doing the right thing even though they’re not.

If someone runs Nessus and then uploads a scan and says, ‘That’s a bug!’ then what we do at that point is we say, ‘No, it’s not. By the way, here are some different communities and education initiatives that we’ve got.’

We try to train them to see if they can get better because maybe they can. And if they’ve initiated that contact with us, then they’re clearly interested and enthusiastic, which is a great starting point because just because they don’t know how to be useful right now doesn’t mean they can’t be in the future. We give the benefit of the doubt there, but obviously, we have to protect the customer from having to deal with all of that noise.

When it comes to that noise in crowdsourced bug hunting, do you think those people are looking more at the reward money or the reputation boost?

Ellis: It’s usually both. Money is definitely a factor in bug bounties, but reputation is a huge factor, too. And it goes in two directions.

There’s reputation for the sake of ego, and they’re the ones that can get difficult pretty quickly, but then there’s also reputation for the sake of career development. And that’s something that we actually want to help them with. That’s been an initiative that we’ve had from day one, and a bunch of our customers actually have people in their security teams that they hired off the platform.

Jason Haddix [Bugcrowd vice president of trust and security] was number one on the platform before we hired him. We think this is actually a good thing in terms of helping address the labor shortage.

But, to your point, if someone comes in and says, ‘Oh, this is a quick way to get a high-paying career in cybersecurity,’ then we have to obviously temper that. And it does happen.

Last question: What activity on your platform has stood out to you lately?

Ellis: There’s a real shift toward people scaling up in IoT. We have more customers coming onboard to test IoT. I think the issue of IoT security and awareness around the fact that it’s something that should actually be addressed is in a far better state now than it was when IoT first kicked off years ago.

And the same thing that happened in web and mobile and automotive is happening in IoT. With IoT, it was ‘We don’t have the people [for security testing]. Okay, where are we going to get them?’ I think the crowd is reacting to that opportunity now and starting to dig into the testing for IoT.

And here’s the thing with IoT security: For starters, bugs that are silicon level or at a hardcoded level are probably out there, but the cost to find them and the value of having them [reported] hasn’t justified the effort being put in yet.

That’s usually not what people are talking about when they’re talking about IoT bugs. It’s usually either bugs that are CVEs [Common Vulnerabilities and Exposures] in the supply chain software that forms the operating system or bugs that are in the bespoke stuff that sits on top. And, usually, both of those things can be flushed and changed.

We’re not at the point where you’ve got a more common issue and you’re not able to change it ever. I assume that will happen at some point but, hopefully by the time we get there, people are going to be thinking about design with security more in mind for the first place, and all that older stuff will be at end-of-life anyway.

For Sale – AMD FX 8320, 990FX + 8GB + internet security

I’m open to offers on all items
PRICES NOW INC P&P

Bullguard Internet Security Activation Code £10

AMD FX 8320 with cooler
asus sabertooth 990fx r2.0
8gb Corsair Dominator RAM

£130 inc P&P open to offers

Watercooling parts
All parts are used, have taken out of a working loop.

Phobya Balancer 250 silver nickel
Now £17 inc P&P

[​IMG]

Price and currency: £10 £130
Delivery: Delivery cost is included within my country
Payment method: Bank or Paypal Gift
Location: Rotherham
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – AMD FX 8320, 990FX + 8GB + internet security

I’m open to offers on all items
PRICES NOW INC P&P

Bullguard Internet Security Activation Code £10

AMD FX 8320 with cooler
asus sabertooth 990fx r2.0
8gb Corsair Dominator RAM

£130 inc P&P open to offers

Watercooling parts
All parts are used, have taken out of a working loop.

Phobya Balancer 250 silver nickel
Now £17 inc P&P

[​IMG]

Price and currency: £10 £130
Delivery: Delivery cost is included within my country
Payment method: Bank or Paypal Gift
Location: Rotherham
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Cisco bolsters cloud security with Duo acquisition

Cisco has announced the $2.35 billion acquisition of Duo Security, adding two-step authentication services to the networking company’s cloud-based security portfolio.

Cisco said this week it expects to close the cash deal by the end of October. Following the Duo acquisition, Cisco will make Duo part of its security business under its general manager and executive vice president, David Goeckeler. Duo, which has 700 employees, will remain at its Ann Arbor, Mich., headquarters, and CEO Dug Song will continue to lead the company.

Under Cisco, Duo could grow much faster than it could on its own by gaining access to Cisco’s 800,000 customers. Duo, which was founded in 2009, has 12,000 customers.

Cisco wants to buy Duo to strengthen its cloud-based security services. Duo offers two-factor authentication that companies can integrate into websites, VPNs and cloud services. Duo services can also determine whether the user device trying to access the corporate asset poses a security risk.

The Duo acquistion adds another set of capabilities to those provided by Cisco’s other cloud-based security products, including OpenDNS and Stealthwatch Cloud. OpenDNS blocks malware, phishing attacks and botnets at the domain name system layer. Stealthwatch Cloud searches for threats by aggregating and analyzing telemetry drawn from public cloud infrastructures, such as AWS, Microsoft Azure and Google Cloud Platform.

Cisco’s plans following Duo acquisition

During a conference call with reporters and analysts, Goeckeler said Cisco will sell Duo as a stand-alone product, while also integrating its services into some of Cisco’s other cloud-based services. He did not provide details or a timeline, but noted other cloud-based products that Cisco has combined with each other include OpenDNS, the Viptela SD-WAN and the cloud-managed Meraki wireless LAN.

“We think we can drive [more] integrations here,” Goeckeler said of Duo. He later added Duo could bring more value to Cisco Umbrella, a cloud-based service that searches for threats in internet activity.

“Duo is another asset we can combine together with Umbrella to just increase the value of that solution to our customers,” Goeckeler said.

Cisco has been growing its security business through acquisition since at least 2013, when it bought firewall provider Sourcefire for $2.7 billion. In 2015, Cisco acquired OpenDNS for $635 million, and it bought CloudLock a year later for $293 million. CloudLock provides secure access to cloud applications, including those running on platform-as-a-service and infrastructure-as-a-service providers.

“All of these pieces are part of the larger strategy to build that integrated networking, security and identity cloud-delivered platform,” Goeckeler said.

Cisco’s acquisitions have fueled much of the growth in its security business. In the quarter ended in April, Cisco reported an 11% increase in security revenue to $583 million.