The Zeus trojan is traditionally known to target steal online banking credentials. Known as the “king of bots” by Symantec, the Zeus trojan horse computer malware operates by stealing online credentials and perfoming unauthorized transactions such as money transfers or bank fraud on Windows machines. According to a recent blog post, Adallom Labs has discovered a variant of the Zeus trojan that targets not only Salesforce.com accounts, but any SaaS application more generally. Instead of performing malicious, keystroke-logging based transactions, this new variant of the Zeus trojan made a replica of the victim’s Salesforce-based CRM and similarly stands to crawl entire SaaS-based applications for the purpose of obtaining access to proprietary data or code. While complete details of the mechanism of the transmission of this new variant of the Zeus bot remain undetermined, Adallom was able to specify that the weak link in the security chain typically originates from end user machines that have been “landmined” by Zeus, as opposed to the SaaS application itself, which typically boasts enterprise-grade security. All this suggests that the cybersecurity space will increasingly need to turn its attention to protecting end user machines outside of the corporate network, particularly in the case of SaaS applications that can be accessed from any web-enabled device. Expect details of the transmission of this new form of the Zeus bot to emerge from Adallom pending further investigation of the customer that experienced the Salesforce.com-related breach of security.
Today, cybersecurity startup Aorato comes out of stealth to launch internationally with a machine learning-based Directory Services Application Firewall (DAF) designed to ensure the security of Microsoft’s Active Directory protocol. Aorato’s proprietary graph database technology alerts security personnel to eccentricities specific to exchanges between Active Directory entities that may signal or prefigure a security violation. Aorato’s Directory Services Application Firewall iteratively learns from the results of previous analyses and subsequently builds entity profiles that not only identify security breaches retrospectively, but also predicts them based on probabilistic analysis of historical data.
Aorato observes the traffic between Microsoft’s Active Directory servers and network entities such as users and devices in order to create an Organizational Security Graph (OSG) that models relationships between the different entities. The Organizational Security Graph depicts anomalous behavior that can be used to identify potential or actual security breaches. The OSG constructs an attack timeline and profiles of entities that enable speedy categorizations of potential security breaches such that security professionals can take action against the incident in question with the appropriate degree of speed and urgency. Aorato constructed its OSG graph database using a NoSQL database platform and proprietary code used to map relationships between different entities in the Active Directory ecosystem. In an interview with Cloud Computing Today, CEO Idan Plotnik noted that the company began coding OSG using Neo4j but chose to transition to a proprietary, custom developed platform in order to more effectively accommodate the specificities of the relationships between and amongst Active Directory entities.
Prior to Aorato, Idan was CEO of a security consulting firm that specialized in security solutions for Microsoft products and technologies. Aorato recently finalized a second round of funding of over $8M that brings the total capital raised by the company to $10M. Investors include Accel Partners, Google Executive Chairman Eric Schmidt’s Innovation Endeavors, Glilot Capital Partners and entrepreneurs Mickey Boodaei and Rakesh Loonkar. The Aorato team has significant experience working for the Cybersecurity department within the Israeli Defense Forces and plans to maintain R&D in Israel while locating sales and marketing and other company functions in the U.S., in NYC. The cybersecurity space should expect to hear more about Aorato in the upcoming months, particularly as it signs up more enterprise customers and reveals further details about the analytics enabled by its proprietary, Big Data graph database platform.
According to The Wall Street Journal, Dropbox has raised $250M in a recent funding round that brings the company’s valuation to $10 billion. The capital raise is led by BlackRock Fund, and brings the total funding raised by Dropbox to over $500M. Dropbox’s valuation at $10 billion means that the company’s value has more than doubled since its $4 billion valuation in late 2011.The recent funding raise is intended to accelerate product development and business development activities targeted to enterprise customers interested in features related to enhanced security, role based access, audit controls and related features. This is not the first time Dropbox has raised a quarter of a million dollars in capital: Dropbox raised $250M in 2011 in a round financed by Goldman Sachs, Sequoia, Index Ventures and Accel Partners. Dropbox’s recent funding raise is set to pit it squarely with competitor Box, which raised $100M at a $2 billion valuation in December 2013. As IPO rumors proliferate about both Dropbox and Box, consumers stand to benefit from ever increasing free storage allotments for both platforms designed to boost usage of and familiarity with the cloud-based file sharing and storage vendor in question.
Egenera, a Boxborough, MA-based company specializing in cloud infrastructure management, recently announced a new release of its Egenera Cloud Suite platform for provisioning “physical, virtual, and public cloud resources” from within the purview of a single management interface. The new release serves the needs of both enterprises and cloud service providers that face the challenge of managing workloads within public cloud infrastructures and on premise environments. Enhancements to the Egenera Cloud Suite platform, which combines the PAN Cloud Director, PAN Manager and PAN Domain Manager, include support for Microsoft Hyper-V and Active Directory, more granular role-based access controls and improvements to billing and templating that streamline and automate workflows.
Given that enterprises increasingly leverage combinations of on premise and public cloud environments to differentially accommodate the needs of test, development and production environments, the ability of the Egenera PAN Manager and PAN Cloud Director to comprehensively manage varied hosting infrastructures positions it strongly to manage hybrid clouds, the most common use case for cloud deployments since comparatively few organizations pursue a “cloud only” solution. Egenera’s recent release builds on this summer’s integration with Amazon Web Services (AWS), whereby AWS is now part of the standard service catalog within its Pan Cloud Director service catalog. Meanwhile, this week’s release marks a significant breakthrough for Egenera, which now expands its purview to virtualized environments supported by the Microsoft Hyper-V hypervisor due to requests from many of its customers, as noted in an interview with Cloud Computing Today.
Autonomic Resources has become the first cloud vendor with FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO) to facilitate achievement of FedRAMP P-ATO status for another vendor’s application, namely, Concurrent Technologies Corporation’s (CTC) Unclassified Remote Hosted Desktop (URHD) SaaS application. By building its UHRD on top of Autonomic’s ARC-P IaaS platform, CTC was able to leverage Autonomic’s pre-existing FedRAMP P-ATO status to streamline its application process. Matthew Goodrich, program manager for FedRAMP at the General Services Administration, surmised the significance of CTC’s recently minted P-ATO status as follows:
CTC’s SaaS virtual desktop environment proves that the FedRAMP authorization process works for all types of clouds, from infrastructure to software. Additionally, CTC’s use of Autonomic Resources ARC-P Infrastructure as a Service (IaaS) for a portion of their offering demonstrates the ability of CSPs to partner and enhance service offerings to the federal government, while also saving time and money by leveraging a previously authorized provider’s environment.
Goodrich points out that the achievement of P-ATO status on by “CTC’s SaaS virtual desktop environment” represents two firsts: a first for a SaaS application to obtain FedRAMP P-ATO status, and a first in the way of a partnership between a vendor seeking FedRAMP certification, and a vendor that had already achieved certification. In a press release, Autonomic Resources noted that it is similarly collaborating with several other SaaS vendors to help them obtain FedRAMP certification. The precedent established by the collaboration between Autonomic Resources and CTC suggests that, in the case of SaaS applications seeking FedRAMP certification, partnerships with existing IaaS vendors that have already obtained P-ATO status may well be the simplest, most expeditious path toward obtaining the authority to do business with the Federal government and its constituent agencies. To date, FedRAMP P-ATO certification has been achieved by an elite group of vendors currently spanned by Akamai, AT&T, Autonomic Resources, CGI Federal, Concurrent Technologies Corporation, HP, Lockheed Martin, Microsoft, IBM whereas Amazon Web Services has achieved full FedRAMP ATO status.
Qubole recently partnered with Google to make its Hadoop as a Service platform available on the Google Compute Engine. As a result of the partnership, GCE customers can directly take advantage of Qubole’s autoscaling and automated cluster provisioning functionality, in addition to its auto-healing ability to provide replacements for failed GCE instances. Qubole represents the first fully elastic engine based on Hadoop to run on the Google Compute Engine platform. Shrikanth Shankar, VP Engineering at Qubole, remarked on the significance of Qubole’s partnership with Google Compute Engine as follows:
Google File System and Google MapReduce inspired the development of Hadoop. Now, we’re coming full circle with Hadoop available on GCE. We believe that this delivers one of the most solid foundations for cloud-based Big Data processing and are pleased that we can contribute to its performance, ease of use and low cost.
Qubole’s partnership with GCE stands to diversify its customer base further by extending its reach to users of GCE IaaS platform that additionally have Big Data requirements. As a cloud based Big Data service whose customers include Pinterest, Quora and MediaMath, Qubole independently delivers the autoscaling and cloud-based hosting of Hadoop clusters by means of its next generation Big Data platform. Qubole is currently available on Google Compute Engine in Beta as well as on Amazon Web Services via the AWS Marketplace.
Amazon Web Services Continues To Increase IaaS/PaaS Market Share According To Synergy Research Group
A recent article by the Synergy Research Group (Synergy) claims that Amazon Web Services continues to dominate the IaaS and PaaS space in terms of revenue. According to Synergy, Amazon Web Services increased its quarterly revenue by 55% to over $700M in Q3 of 2013, whereas the aggregate of revenue for Salesforce, IBM, Windows Azure and Google was less than $400M for the same time period. Worldwide, total IaaS and PaaS revenues exceeded $2.5 billion for the quarter, with IaaS accounting for 64% of cloud revenues, a surprisingly small proportion given the limited penetration of platform as a service within the enterprise. Synergy Research’s John Dinsdale remarked on the company’s findings as follows:
We’ve been analyzing the IaaS/PaaS markets for quite a few quarters now and creating these leadership metrics, and the relative positioning of the leaders really hasn’t changed much. While Amazon dwarfs all competition, the race is on to see if any of the big four followers can distance themselves from their peers. The good news for these companies and for the long tail of operators with relatively small cloud infrastructure service operations, is that IaaS/PaaS will be growing strongly long into the future, providing plenty of opportunity for robust revenue growth.
Here, Dinsdale remarks that the “race is on to see if” Salesforce, IBM, Microsoft and Google can decisively secure second place in the battle for IaaS/PaaS market share. Strikingly, Microsoft, Google and IBM have revenues that are very close to one another, even though one might reasonably expect Microsoft’s Azure platform to edge out its competition given its earlier entry into the market than IBM and Google’s Compute Engine (GCE). That said, IBM’s sizeable IaaS revenue derives largely from its acquisition of SoftLayer, which itself had a rich and venerable history that predated IBM.
Synergy’s chart illustrating Q3 IaaS and PaaS revenues is given below:
Notable omissions from the findings include Rackspace, HP, Oracle, Pivotal One and Red Hat, the middle three of which (HP, Oracle and Pivotal One) are still relatively nascent, and hence justifiably excluded from the present calculation. As Dinsdale notes above, however, “the good news for these companies” and for remainder of the space is that revenues are set to increase significantly in the near term. Going forward, one of the key questions for subsequent IaaS market share analyses will be whether OpenStack’s momentum and gradual maturation propels disproportionate growth amongst OpenStack-based cloud platforms for vendors such as HP, IBM, Oracle, Rackspace and Red Hat.
Today, Kaseya announces the general availability of Kaseya Traverse, its SaaS cloud monitoring solution for on premise, private cloud and public cloud environments. The uniqueness of Kaseya Traverse consists of its ability to “traverse” a multitude of cloud infrastructures while delivering centralized, integrated reporting for the entire ecosystem in question. Whereas proprietary cloud monitoring solutions such as CloudWatch by Amazon Web Services deliver performance reporting and monitoring solutions specific to their own, native cloud infrastructure, Kaseya Traverse can be configured to monitor a heterogeneous cloud environment marked by the coexistence of several hosting technologies and platforms. The Kaseya solution provides a diverse range of performance monitoring and analytics on hardware, networks, applications and usage patterns as illustrated by the dashboard below:
Kaseya leverages an architecture designed for distributed analytics, data processing and data gathering that fittingly corresponds to the task of monitoring the infrastructures of dispersed, heterogeneous IT environments. The platform features SLA monitoring, issue identification and resolution with respect to application performance and machine learning-based analytics that identify true anomalies in traffic or usage related patterns as opposed to organic variations and cycles. Given that the current state of enterprise cloud computing almost invariably features some combination of on premise, private cloud and public cloud deployments, Kaseya Traverse is likely to be well received by customers that are seeking a centralized monitoring, reporting and analytics solution in contrast to an amalgamation of discrete reporting applications. Moreover, its ease of deployment as a SaaS application and distributed computing capabilities render it a particularly attractive cloud monitoring tool insofar as its architecture is designed with the specific needs of heterogeneous cloud computing environments in mind.