ONUG Cloud Native Security Working Group Blog Series Introduction Cloud Security Posture Management (CSPM) is currently one of the fastest growing areas within the field of cloud security; most security vendors are now offering or developing CSPM capabilities. However, enterprises are still trying to build the most effective CSPM program to fit their environment. In many cases, it’s unclear where to start and what the end goal is for the CSPM effort. To help simplify this process, this post will share guiding principles for implementing…
The first quarter of 2022 has been incredibly busy and exciting for the ONUG Collaborative. As ONUG rallies around the multi-cloud attributes of Connect, Secure, Observe and Automate, the Collaborative Working Groups have gained improved focus on how to deliver value to our members. There are several initiatives worth highlighting: The Cloud Security Notification Framework (CSNF) is the open source initiative being led by ONUG, bringing order to chaos in cloud security messaging. The ACG Working Group is getting ready to present the MVP iteration…
A More Secure Digital Future During my long career, there has been one constant requirement I often hear, “I want to see an end-to-end view of an application.” This is the holy grail to assure great user experience, assure security and observability. Developers, IT infrastructure and operational teams struggle every day with this lack of visibility of an application’s dependency map. Gaining end-to-end visibility is hard enough when you own every device or piece of software that supports an application as in a private data…
Introduction Years after the term was coined by Stephen Paul Marsh in 1994 and popularized by John Kindervag more than a decade ago, Zero Trust has become the “new” security solution that addresses the confluence of today’s three critical factors and the emergence of what amounts to a cyber-war on businesses and governments. Zero Trust switches the focus from outward-facing defense of a network perimeter to prevention of unauthorized exfiltration of data and other exploits. This short work looks at why it has become virtually…
On January 12, 2010 Google wrote a blog revealing to the world that it had been breached by attackers sponsored by a nation state. The attack is now known as ‘Operation Aurora’.[i] Subsequent investigations showed that many other enterprises and government organizations had also been breached by the same attackers. Among other things, these hackers were targeting source code repositories via software configuration management systems. Any entity that had already breached perimeter network security and had created a presence on an internal system could reach…
Members of The ONUG Collaborative Working Groups are delivering solutions to the challenges faced by today’s Enterprise Multi-Cloud Community. Composed of both vendors and cloud consumers from some of the largest companies in the world, these Working Groups focus on delivering best-in-class solutions, both on-premise and off. Here’s a quick update on the initiatives being worked on by ONUG’s Automated Cloud Governance, Network Cloud, Cloud Native Security and AIOps Working Groups. Interested in joining the team? Contact us to find out more. Automated Cloud Governance…
The Era of the Cloud has made many pie-in-the-sky promises about more consistent, efficient, and resilient IT infrastructures, and has done an admirable job of meeting much of that potential. But there’s still a gap in what businesses want and need from a hybrid/multi-cloud infrastructure, and the industry’s capabilities to meet those needs. ONUG’s own Nick Lippis sat down with Adam Raymer (Head of Public Cloud Platform Architecture, JP Morgan Chase & Co.) and Shane Stakem (Head of Public Cloud Center of Excellence, JPMorgan Chase…
Organizations have cybersecurity as a top-of-mind priority – but are they spending their limited time and resources on the right areas? Or are many companies’ approaches to cybersecurity often misguided and ineffective? And if they are, what can companies do to protect themselves properly and proactively? Cybersecurity experts Greg Ferro of Packet Pushers and Johna Till Johnson of Nemertes recently had an entertaining – and direct – debate on the right approach to enabling cybersecurity. They covered everything from how the wrong mindset leaves companies…
The year 2022 marks 10 years in which the ONUG Community of Global 2000 companies have been defining and building the next generation of enterprise computing by leveraging a software-based approach to create business value. As a member of the Community, I want to say thank you for being an integral part of the future of the Enterprise Cloud! Despite extreme challenges over the past two years, ONUG has excelled, and we are so proud of the Community’s accomplishments. The ONUG Collaborative was born in…
Enterprise cloud community offers sneak peek of in-person event, ONUG Spring 2022 BOSTON – November 16, 2021 – ONUG, an open enterprise cloud community of Global 2000 IT business leaders, recently completed its Fall 2021 event. ONUG Fall hosted over 75 speakers over 55 sessions. Thousands of IT executives and practitioners attended the event from some of the largest cloud consumers in the enterprise space, such as Delta Airlines, Exxon, Mastercard, Marriott, Disney, Bank of America, UPS, FedEx, Citibank and more. Attendees shared knowledge about…
