Secure64 Introduces the Next-Generation Reporting Platform- Vizion

/in /by

Secure64 is pleased to announce the release of its next generation reporting platform. The ability to see graphically security events in real time is now available as part of the Secure64 eco system.

Real time analysis and drill down capabilities set this platform aside from legacy solutions. Different teams int he CSP can use the platform to gain intelligence as to the threats a network and its customers face every second of the day. Security events are analyzed in real time to allow a CSP to take decisive action based on events and security functions.

Secure64 is present in the largest networks across the globe and therefore Vizion needs to scale and accommodate massive data lakes of data without impacting performance. Vizion is one of the 3 elements of the Secure64 security proposal. Enforcement, Intelligence and Visibility. Vizion allows the CSP to visualize what is happening in real time with the other 2 elements of the security suite. Simply put, we allow the CSP to see Malware, Phishing and Attacks as they populate in a network with no impact in performance to the fast path for the customer.

This web based GUI provides a method to drill down into the actions that have taken place, analyse the information, report and export the data in real time. The CSP can take action based on this information. The heavy lifting of turning millions of transactions from raw data into actionable real intelligence is what sets Vizion apart from other platforms.

Vizion is a part of our ever-expanding eco system and has been designed for the largest or smallest networks without impacting users. Secure64 is a provider of Hyper scale DNS software, Security feeds and intelligence as well as visualization of these events.  

Secure64 is head quartered in Colorado but present across the globe in the largest networks to deliver critical services.

For more information please contact Ian.sampson@secure64.com

Container Security

/in /by

Containers are a great idea. A small discrete element that allows a function to operate. They allow software developers to build and run these functions quickly. They contain all the elements needed to run the function within a pre-built package. They run knowing that the underlying architecture doesn’t need all the elements to run the code so that changes can quickly be made. According to recent research, the life of a container is often as small as 5 minutes. They are built at speed, deployed at speed and used at speed.

This is, however, one of the challenges of containers. They often reuse the core systems of the previously built container. That is to say, developers build upon and iterate the previous incarnation instead of building a new container. Any security vulnerabilities in the container and reused libraries/code are taken forward into the new container. It is not the developer’s fault, and this is just the way things happen.

We already saw attacks against containers with the Kiss-a-Dog attack last year.

DNS security is, therefore, a great place to prevent some of the resulting issues. Hackers use Command and Control infrastructures. As we all know, DNS is often used for an infected machine to get back to a control server. Hackers use techniques like fast flux and double fast flux to change where the C&C server is located quickly. This allows the hackers a more extraordinary ability to hide from detection.

Using a DNS blocking solution can help. Let’s be clear, it cannot stop inbound attacks, and it can’t protect the container from these attacks. It can, however, help stop an infected container from going to the C&C infrastructure. This is important. Often containers do not have limits on CPU and other core functions. By blocking the look-up at the DNS level for the infected machine, you prevent the infected container from using all its CPU and allowing it to carry out its core intended mission, not the mission the hacker wants it to do.

DNS security should be installed to help protect containers without the burden of applying local security elements to the container. This doesn’t limit the performance of the container and is a simple matter of using the DNS service that’s required anyway in the network.

So what are the benefits of a Secure64 Guard platform specifically for Container security?

1. Speed. You know the container will have security irrespective of the elements in the container
2. Performance. You are not hampering the performance of the container with unnecessary code
3. Reusability. The same DNS architecture is reused for every container deployed.
4. Visibility. Using the Vizion platform, you can see the calls to a Command and Control infrastructure that an infect container is making. You can then take proactive action to stop this from happening again.

If you would like to learn more about the Guard platforms, Vizion and our other services, please don’t hesitate to contact Secure64.