Click here to close now.



Welcome!

SDN Journal Authors: Cloud Best Practices Network, Elizabeth White, Sarah Patrick, Ramesh Ganapathy, Liz McMillan

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Cloud Security, @BigDataExpo

@CloudExpo: Article

So, Just What Is REACT? And How Does It Change Security Strategies?

Examining the advantages of cloud-based unified security

Last month, I published an article about a new unified security platform called REACT (Realtime Event & Access Correlation Technology).  All in all, it received some very positive notices, but also raised some questions as to what exactly the platform is, and why it should matter.

Simply put, REACT is an approach whereby an organization leverages the capabilities of several security solutions into one central correlated repository of security intelligence. For instance, key information from an Access Management tool (such as SaaS SSO logins or views of/modifications on/additions to protected data) can be shared, processed and analyzed through a SIEM correlation engine. When this is done in real time, not only do you expand the centralized visibility, but more importantly any suspicious activity is immediately identified and alerted.  When these systems are running in parallel, but not unified, it might be days or weeks before these anomalous instances are discovered and remedied.

REACT incorporates four elements: SIEM, Access Management, Identity Management and Log Management. Each, independently, addresses certain security and/or compliance functions. As a deployment of centralized and unified security, they enhance the enterprise’s ability to perform, improve the granular visibility across independent silos and provide a true field of play in which to… yes…react!  But the key is this monitoring must be done in real time to gain the advantages of proactive readiness and agile and accurate response.

Think of REACT like an apple pie. You might have apples, dough crust, butter and spices. Each can be used on their own. However, when using each of the ingredients together, you create a tasty result that is more than the sum of its parts. As a platform, REACT is similar. Your organization may already have Identity Management or SSO, but if it isn’t “baked” together with forensic analytics like SIEM and/or Log management, you only get a portion of the information and a slice of the capability.

Why does that matter? Let’s break it down into 3 key business advantages:

1. Creating 360o Visibility -In the current complex, multi-networked and interlaced  business environment, the ability to know who is doing what, when and where to any part of the monitored IT landscape has moved beyond the “nice-to-have” strategy. Anything less is short sighted, and honestly, dangerous. It seems every few weeks, we hear about a large organization suffering some kind of breach. It could be internal sabotage, user carelessness, or hackers, but either way, sensitive data has been put at risk. By employing the unique advantage of multi-silo correlation and information distillation, the ability to expand visibility manifests as a huge return on investment through prevented breaches, supported work practices and easier compliance.

This enhanced visibility goes a long way toward internal proactive defense planning: who is logging in (or failing), modifying records, accessing data from any affiliated app across the entire extended network. When you have the right level of visibility, you can make better decisions faster...especially when factoring Big Data and BYOD.

2. Improved compliance - One of the top concerns for enterprises are compliance requirements. Hundreds of man-hours and other resources must be deployed per month just to provide the reports auditors require. When approaching security from a non-unified approach, IT needs to look at machine data and logs from many different servers from many different sectors of the network. It’s a Herculean task given the best of circumstances. With multiple audits from multiple agencies, it takes an inordinate amount of time away from other core business needs. Yet when unifying and centralizing (and automating) the data required by audits, compliance becomes less of a burden. The automations across the enterprise now deliver the prescribed data in the right format, fully completed by the imposed deadlines

And also consider, requirements from agencies like HIPAA, PCI, FFIEC, CIP GLBA, SOX are not going to lessen. If history teaches us anything, the demands of such organizations are only going to increase as the usage cases of your online assets continue to diversify and evolve.

3. More capability for less cost - In many circumstances, asking an organization to make investments in all sorts of security solutions is cost prohibitive. Not to mention all the other time, personnel and computing resources needed to properly deploy the initiative. By leveraging the security functionality from the cloud, companies gain additional and immediate solution bandwidth along with expanded capabilities. As a unified security deployment from the cloud, the cost-to-function ratio dramatically drops. Colloquially speaking, you get more bang for the buck. But because the solutions are managed from the cloud it is not an apples-to-apples comparison. REACT can work as an on-premises platform, but through multi-tenancy, centralization and other economies of scale, cloud-based security users get best of breed solutions for pennies against the on premises dollar. In short the cloud provides a unique advantage in functionality, affordability and control for any sized company—not just the big boys.

So to recap… REACT is not a collection of individual solutions and functions, but an interpolation of all the data across the enterprise to gain a truly holistic security vantage point. AND REACT matters because you can see more, see it faster, manage it cheaper and protect a greater swath of your enterprise. It’s a simple calculation-especially from the cloud.

Kevin Nikkhoo
A Cloud REACTionary

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@CloudExpo Stories
SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry's single source for the cloud. Fusion's advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including clou...
As someone who has been dedicated to automation and Application Release Automation (ARA) technology for almost six years now, one of the most common questions I get asked regards Platform-as-a-Service (PaaS). Specifically, people want to know whether release automation is still needed when a PaaS is in place, and why. Isn't that what a PaaS provides? A solution to the deployment and runtime challenges of an application? Why would anyone using a PaaS then need an automation engine with workflow ...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
Your business relies on your applications and your employees to stay in business. Whether you develop apps or manage business critical apps that help fuel your business, what happens when users experience sluggish performance? You and all technical teams across the organization – application, network, operations, among others, as well as, those outside the organization, like ISPs and third-party providers – are called in to solve the problem.
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
@DevOpsSummit taking place June 7-9, 2016 at Javits Center, New York City, and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
SYS-CON Events announced today that VAI, a leading ERP software provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. VAI (Vormittag Associates, Inc.) is a leading independent mid-market ERP software developer renowned for its flexible solutions and ability to automate critical business functions for the distribution, manufacturing, specialty retail and service sectors. An IBM Premier Business Part...
Let’s face it, embracing new storage technologies, capabilities and upgrading to new hardware often adds complexity and increases costs. In his session at 18th Cloud Expo, Seth Oxenhorn, Vice President of Business Development & Alliances at FalconStor, will discuss how a truly heterogeneous software-defined storage approach can add value to legacy platforms and heterogeneous environments. The result reduces complexity, significantly lowers cost, and provides IT organizations with improved effi...
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed...
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies adopt disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advanced analytics, and DevO...
SYS-CON Events announced today that Men & Mice, the leading global provider of DNS, DHCP and IP address management overlay solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The Men & Mice Suite overlay solution is already known for its powerful application in heterogeneous operating environments, enabling enterprises to scale without fuss. Building on a solid range of diverse platform support,...
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...
The cloud promises new levels of agility and cost-savings for Big Data, data warehousing and analytics. But it’s challenging to understand all the options – from IaaS and PaaS to newer services like HaaS (Hadoop as a Service) and BDaaS (Big Data as a Service). In her session at @BigDataExpo at @ThingsExpo, Hannah Smalltree, a director at Cazena, will provide an educational overview of emerging “as-a-service” options for Big Data in the cloud. This is critical background for IT and data profes...
With an estimated 50 billion devices connected to the Internet by 2020, several industries will begin to expand their capabilities for retaining end point data at the edge to better utilize the range of data types and sheer volume of M2M data generated by the Internet of Things. In his session at @ThingsExpo, Don DeLoach, CEO and President of Infobright, will discuss the infrastructures businesses will need to implement to handle this explosion of data by providing specific use cases for filte...
SYS-CON Events announced today that AppNeta, the leader in performance insight for business-critical web applications, will exhibit and present at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. AppNeta is the only application performance monitoring (APM) company to provide solutions for all applications – applications you develop internally, business-critical SaaS applications you use and the networks that deli...
Advances in technology and ubiquitous connectivity have made the utilization of a dispersed workforce more common. Whether that remote team is located across the street or country, management styles/ approaches will have to be adjusted to accommodate this new dynamic. In his session at 17th Cloud Expo, Sagi Brody, Chief Technology Officer at Webair Internet Development Inc., focused on the challenges of managing remote teams, providing real-world examples that demonstrate what works and what do...
It's easy to assume that your app will run on a fast and reliable network. The reality for your app's users, though, is often a slow, unreliable network with spotty coverage. What happens when the network doesn't work, or when the device is in airplane mode? You get unhappy, frustrated users. An offline-first app is an app that works, without error, when there is no network connection.
Father business cycles and digital consumers are forcing enterprises to respond faster to customer needs and competitive demands. Successful integration of DevOps and Agile development will be key for business success in today’s digital economy. In his session at DevOps Summit, Pradeep Prabhu, Co-Founder & CEO of Cloudmunch, covered the critical practices that enterprises should consider to seamlessly integrate Agile and DevOps processes, barriers to implementing this in the enterprise, and pr...
In most cases, it is convenient to have some human interaction with a web (micro-)service, no matter how small it is. A traditional approach would be to create an HTTP interface, where user requests will be dispatched and HTML/CSS pages must be served. This approach is indeed very traditional for a web site, but not really convenient for a web service, which is not intended to be good looking, 24x7 up and running and UX-optimized. Instead, talking to a web service in a chat-bot mode would be muc...
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes ho...