Black Hat is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

By Marco Rottigni

The growing complexity of the digital environments defined a new situation for many organizations: a wide, varied, diversified digital biodiversity.
Coping with dissolving perimeter, this revealed a daunting truth: you can't assess what you do not see; you can't defend what you do not see; you can't secure what you do not see.
And you can't secure what you do not know exists.

Shadow IT has been the specter for decades, but now the situation has worsened.
Digital certificates became universally adopted for protecting integrity and confidentiality of business applications, and their expirations pose a big threat to business continuity.
Cloud environments created a new way of using traditional IT implementations with IaaS, but they also paved the way for new concepts of computing, such as PaaS and SaaS.
Containers defined new standards and sometimes new meanings for words like agility, velocity and time-to-market.
What once was called BYOD evolved into complex, pervasive and a ubiquitous computing approach that now is called Enterprise Mobility.
Traditional waterfall development methodologies evolved into DevOps, bringing an acceleration hardly conceivable before in getting code in production through the continuous integration and continuous deployment (CI/CD) pipeline.
Even traditional datacenters and corporate networks got enriched with a new genie of devices: specialized tablets, smart vending machines, automated ways to control ambient lights or temperature… all grouped in the vast and varied universe called IoT.

Organization are struggling to strengthen their visibility.
A word for a three Vs challenge.
The first V is for Volume, because the digital transformation brought in several assets and resources unseen previously: the visibility should reflect this expansion.
The second V is for Velocity, the pace at which these resources are changing. Using Docker and Kubernetes to prototype a new application could lead to have hundreds of containers running and then they are teared down. How does the accepted residual risk and the vulnerable surface change along this interval? Visibility should provide an answer to difficult questions like these.
The third and most subtle V is for Variance. How many asset attributes change across the IT landscape? Hardware, software, resources in cloud, *aaS implementations… and all the relationship among them.
How to support processes like procurement, compliance, security without a dynamic visibility and richness of context?

The solution should have several distinctive traits.
The first is to ensure the visibility across the digital biodiversity.
You need to have specialized eyes to collect data about every part of your IT landscape.
You cannot observe with the same sensors a traditional network, a cloud account with PaaS resources and with virtual machines from the latest lift and shift project, the mobile devices, the IoT, the containers used by your DevOps department in the CI/CD pipeline…

Once you have properly distributed eyes, you need to have a brain able to collect data coming from the digital biodiversity. A single source of truth able with normalized, categorized, context-enriched data to achieve actionable information.
Information built with the accuracy you need to harmonize IT, Security, Compliance, Procurement, SecOps, Incident Response etc.

You need a solution that you can consume as a service without upfront investments; able to keep pace with the frantic expansion and contraction of your IT landscape without the need of another appliance or another terabyte of storage.

You need a solution that enables observability, while empowering operational efficiency: interrogation of monitored population, search details, track a specific information over time with dashboards, or with reports. And you need immediacy, a predictable response time that does not change if the monitored resources are 50, 5000 or 5000000.

You need a solution that flows information to other platforms and surrounding technologies, leveraging standard APIs to grant interoperability and automation.

You need a solution that allows you to support security built-in and not bolted on.

UpcomingEvents

ShowCoverage

 

StayConnected

Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.

 

Sustaining Partners