Author Archives: Trend Micro UK

Securing DevOps and Driving Growth Through End-to-End Container Security

by Bharat Mistry

DevOps is everywhere today. The automation of streamlined development processes with an emphasis on continuous delivery and deployment is helping organisations become faster, more innovative and more responsive to customers. A key enabler of this new vanguard is container-based architectures. But security remains a challenge. Too often it’s left out of DevOps discussions altogether for fear of impeding growth and time-to-market.

This must change, and Trend Micro is doing its best to effect that change with a new partnership which will bring together best-in-class container security offerings to protect DevOps container projects.

The key to unlock value
DevOps holds the key to digital transformation for organisations that aspire to be customer-centric leaders. But security is too often an afterthought. In a study commissioned by Trend Micro a few months back, over a third (34%) of global organisations admitted that security teams are not always consulted by the business on DevOps projects. This is despite 94% of respondents claiming they have encountered security risks when implementing projects. It’s no surprise that this lack of involvement in projects by security teams is putting their organisation at risk, according to 72% of them.

What’s more, this Trend Micro study was backed up by a new report from the Enterprise Strategy Group (ESG) which finds that only 30% of organisations include a member of their cybersecurity team from the beginning of their software development process. To deal with the challenge, that majority (68%) of respondents said they have or are planning a centralised team to handle DevOps security.

Yet that’s only part of the story. Open source is another major cause of cyber-related risk in DevOps projects. Software components of this type are often reused by developers as a short cut to success, with few taking the time out to think about whether they’re unwittingly exposing their organisation to cyber-threats in the process. In fact, security breaches linked to open source software components rose by 71% over the past five years, according to one recent study — affecting up to a quarter (24%) of global DevOps communities.

Partnering for success
Now, Trend Micro has had capabilities to secure containers for some time; via image scanning service Smart Check and runtime protection built into Deep Security. But we also understood that sometimes partnering up with external experts can add even more value for customers. That’s why we recently teamed up with Snyk, a developer-first open source security vendor. This deal, over two years in the making, is the result of a technology-focused mutual respect between the two firms, which will result in offering unrivalled end-to-end container security capabilities to the market.

Put simply, Trend Micro shields vulnerabilities in runtime via intrusion prevention (IPS) and a web application firewall (WAF), while Snyk fixes flaws at source through developer workflows,  engagement, and automated remediation.

The result will be DevOps projects enhanced rather than hindered by security. Teams working flat out at secure continuous delivery will provide a launchpad for digital success for their organisations, rather than a magnet for hackers and cyber risk.

Going for Gold: Trend Micro Brings Cloud Security Message to Microsoft Future Decoded

By Bharat Mistry

Cloud infrastructure services have done much to accelerate digital transformation across the globe. By outsourcing to providers like Microsoft, Google and AWS, organisations can take advantage of huge cost savings and IT efficiencies to become more agile, growth and innovation-centric businesses. Yet security remains a major barrier for many. That’s why Trend Micro continues to work closely with the biggest IaaS providers out there — offering highly integrated cloud protection to accelerate time-to-value for digital transformation.
We’re taking this message to Microsoft’s Future Decoded event in London next week as a Gold Sponsor, so drop by to Stand 27 and catch our presentations at the show if you can.

A barrier to growth
It’s no surprise that cloud security continues to be a concern for organisations. While IaaS offers fantastic benefits, it introduces a new computing model which traditional security tools are ill-equipped to protect. For one thing, there’s often confusion over which part of the cloud stack customers are responsible for protecting. The answer may be more than you think: all the guest operating systems, applications, and data you put in.
Then there are the security gaps that can appear as IT security teams struggle to gain unified control over their multi-cloud and hybrid environments. The dynamic nature of cloud workloads also introduces challenges, demanding that protection be applied as soon as instances are spun up. These issues are multiplied with new container and microservices architectures which typically feature even more moving parts.

It’s no surprise that security is the number one barrier to cloud adoption, cited by 43% of IT professionals surveyed earlier this year.

Automation and consolidation
Trend Micro has been working with providers like Microsoft for years to allay these fears. Our Deep Security platform is Azure certified and we are a Gold application development partner. Deep Security provides robust protection for cloud applications and data including container environments, through a comprehensive range of capabilities. These include anti-malware, IDS, integrity monitoring, behavioural analysis, and machine learning.

A single agent covers all physical, virtual and cloud environments, simplifying management and eliminating blind spots. Most importantly, protection is automated, with policies pushed out to each new Azure instance as soon as it is spun up — providing security that scales.

At Future Decoded, our cloud security architect, Ian Heritage will be taking to the stage to share his vision of cyber defence for the cloud-first enterprise. Too many organisations still view security as an afterthought, which leads to project delays down the line when problems inevitably occur. He’ll argue that by consolidating onto a single vendor and focusing on security automation from the very start, IT leaders can actually accelerate digital transformation.

If you’re going to the show, be sure to catch his presentation, or come down to Stand 27 to find out more about how Trend Micro can support your Azure projects.

What: Microsoft Future Decoded
Where: ExCel London, E16 1XL
When: 1-2 October, 2019
Cyber Defence for the Cloud-First Enterprise: 2 October: 13.15-13.40, Expo Theatre 2

Tackling CSAM One Wi-Fi Hotspot at a Time

by Ian Heritage

At Trend Micro our work to combat online threats and make the digital world a safer place stretches far beyond the obvious: malware and cyber-attacks on customers. In fact, since 2008 our Internet Safety for Kids and Families (ISKF) programme has been a leading light in the industry, spearheading Trend Micro’s efforts to be a more responsible corporate citizen. One of its core goals is to help combat the spread of child sex abuse material (CSAM) online.

We’re delighted to be driving these ambitious aims forward, most recently with newly minted recognition as a “Friendly WiFi Approved Provider” in the UK.

Continue reading

Helping to drive secure digital transformation with Amazon Web Services

by Bharat Mistry

To call cloud computing transformational is an understatement. All over the globe deployments are enabling firms to go further and faster than they’ve ever gone before, driving agility, cost efficiencies and innovation-fuelled growth. But security and compliance remain key challenges for organisations looking to drive maximum value from their cloud investments. That’s why Trend Micro has partnered closely with the leading public cloud platform providers over the years, to offer a comprehensive set of capabilities to our mutual customers.

On Tuesday September 17 we’ll be joining one of these partners, Amazon Web Services (AWS), at its AWS Transformation Day in London to share our expertise with attendees.

Continue reading