Well, good morning. Good afternoon. Good evening, ladies and gentlemen, depending on where in the world you are currently based. Welcome to another company, call webinar. My name is Alexei a Balaganski I'm the lead Analyst Analyst Analyst Analyst at call and joining me today is Jeffrey star chief marketing office at AlgoSec. The topic for today is improving agility and reducing cyber risks with business driven security, policy management and automation. This webinar is supported by AlgoSec. Okay. Sorry for that delay.
Anyway, before we begin just a few words about keeping a call. We are an independent Analyst organization founded about 13 years ago. We are based in VIBA in Germany, but have a presence across globe from the us to UK Germany, of course, all the way down to Singapore in Australia, our, our chief topics are, are information, security, identity, and access management in governance and risk management in compliance.
And we do our services and three basic three major business areas, which include research that is publishing various types of written research about the market specific windows products and, you know, all types of independent advice. We do lots of events ranging from free webinars like this one, all the way up to international congresses, like our leading event, the European cloud conference, which is always held in may in Munich, but a little bit more about that later.
And the third area is advisory that is working directly with customers, including both Enders and vendors, helping them to improve their productivity and just make sure that they develop the right strategies for their business. In all the areas we are covering on this slide, you can see some of our major upcoming events, the EIC, as I already mentioned, the European identity cloud conference, next main Munich, it'll be our 12th time. And it is probably the biggest European event in this three main areas.
So yeah, I am cybersecurity and cloud technology. Our you series of events this year is the consumer identity world, which have already had in, in the us slightly over month ago. And the next one they'll come to Europe in Paris and then into the Asian region in Singapore. And finally, I should mention the use of finance world will be held for the third time already. That's a specialized conference for everything about FinTech and innovative financial technologies.
If you housekeeping rules, you are all muted centrally. You don't have to worry about it.
We are recording this webinar and we will publish the recording as a web customer, our website. And we will let all, you know, you'll receive an email with the direct link. We will have a Q a session at the end, but please submit your questions time. As soon as you have them, you can use that question box on the go of control panel. You probably have on the right side of your screen. And this is our agenda for today. I will start in kind of outline, outlining the problem area.
And I'll talk about what actually digital transformation is and what challenges it brings to modern organizations and how our security and it industry in general have to evolve to address those challenges. Then I will give the stage to star who will talk or about security policy management automation, the new way, the right way I would say.
And of course he will explain a little bit how his company address all those requirements. And as I mentioned at the end, we will have the Q and a part, right?
Let's just start with what exactly I just talking about digital transformation, what it, what it is. There is a lot of talk about this concept, but basically it all boil boils down to the overall impact of digitalizing information on businesses, consumers, public sector. Now the whole society, it's not just about digitalizing your data.
It's actually digitalizing your business processes, your business models, and for quite a few extremely successful companies, or they have digitalized their products think about Google, Facebook, Uber, or any other comparable companies who, for whom information is a key product, digital information, of course. Well, the question is why, why are we doing this? There are two answers to that.
The first is because we can, although the digitalization of information has begun probably in the beginning, in the middle of the 20th century, when first computers came into use, but only recently the technology has evolved or to make this possible to any company in any area business.
This is of course the cloud, the mobile devices and applications and the social networks or, and customer identities in general, that's computing, Troy, which call used to call it.
But of course, now this Troy car has expanded to include such a major it drivers, internet of things, big data and business intelligence APIs. And of course, machine learning the hottest buzzword nowadays. And the second answer of course is because we must the people or the companies who fail to embrace digital transformation. They lose because they are constantly pressured to, to do it or the digital way and on the right side.
And by the way, I already have a complaint in our question that someone has, cannot hear me. I hope that's just a local problem.
So anyway, continuing the key drivers for business transformation include, or the absolute necessity to become as agile and as adaptive as possible because the market requirements are now changing at the speed of light. Also digitalization unlocks new business models, new processes. It enables totally new communication channels to partners, contractors, suppliers, even leads and customers. And of course, without big data, without processing huge amount of digital information, you collect from your customers.
You cannot understand their requirements and their needs and address those needs as efficient as possible. And of course, without supporting your increasingly mobile workforce, you cannot, you cannot let them do their daily business efficiently. So business productivity is a huge driver and protecting again, the sophisticated cyber threats, always, you know, security. We are talking about security today. So that's a huge challenge to address and last but not least efficiency, it's, it's, it's all about money.
As usual, we have to stay competitive. We have to reduce the costs. And as you can see, are all, this are technologies and this are requirements. They are tightly interconnected, or
You just have to embrace them all to actually address all your challenges efficiently
And or after quite a few years of digital transformation.
This is where we have ended up, this is our current corporate it infrastructure, or I would say any sufficiently large company, there is no longer a mode or a castle wall surrounding Euro silo with your precious or digital information, somewhere on premises with a single firewall, protecting the gate who know actually your infrastructure spends or on premises and the cloud and geographically, remote offices and indu industrial networks. And just to out there, because your workers and your partners and your customers can be anywhere in the world.
So yeah, how to be little bit, all this mess, because as you see, our corporate infrastructure is hugely complicated. It's heterogeneous distributed, and there is no longer a single point of control because you know, the cloud is no longer under your management anymore. It's completely unpredictable because every day brings new challenges, new technologies, and you have to stay up to date. You have to constantly adopt those technology. You have to evolve. And of course it's unprotected because there are just way too many open joints to, for any hacker to get into.
No, these are the major challenges for the it in general, not just for security. So, yes, as I mentioned, we have a huge number of it assets across different environments and even more communication channels between them and us or not just protecting those channels. And assets is difficult. It's just understanding that you have them at all is a challenge. Not many companies can sufficiently address management is still hugely complicated in time consuming.
And for many areas it's still manual mostly because our, the control between various areas of your infrastructure is still split between different teams with development or operations or network or security, or just any business unit, which really have very conflicting requirements and not very eager to communicate. And this all leads to major lack of skilled workforce, not just in security, of course. And so we cannot actually fix those security incident fast enough, but in any department.
And of course, because of those disconnected teams, we have a lot of overlapping tools.
We have a lot of rather say, we have way not enough budgets to purchase and implement those necessary tools, which hinders productivity. And again, introduces massive security problems.
However, I believe the most important problem, which many it, people still could have failed to even recognize is that the, it, people are still not fluent in the business, talks how to see for many it departments. They still cannot even explain to the board, for example, why they need a particular additional budget for particular security or operational tool. This is because they have like a clear key performance indicator to actually say that they perform efficiently. And of course our business decisions are the decision are not getting properly translated into the actual it requirements.
And this all leads to our daily life, frustrated and overworked.
It people who are mostly seen as nuisance rather than actually helping the business front mostly so on this screen, I try to summarize what actually the business people expect from us. It people and this kind of roughly supported in three areas. First of all, they expect to know all the time what's going on. They expect complete and unified visibility across all the infrastructures, be it on premises in the cloud or anywhere else. And of course this picture has to be continuously updated still.
Then on that picture, they want to see business assets. You do not care about your firewalls. They do not care about your shadow it problem, or any, anything like that. They want to work with applications. They want to work with business processes and they want to deal with information flows and not ports and whatever DCP P protocol they expect clear and efficient reporting.
They expect you to be able to explain at any time how well I, we addressing the problem and what exactly needs to be done in which area to meet all the requirements, compliance requirements, all the requirements, but most importantly, the risk requirements.
So basically businesses think in risks and they expect it to think in business risks as well.
Of course, it doesn't mean that we have to forget everything we were doing before and forget about dealing with viruses and ran somewhere and data leaks or, and start thinking about sales and software. Not at all. We just have to understand that. For example, data leak prevention is a business risk. And without getting the business contact into consideration, we are simply unable to, to address risk efficiently.
Again, this all brings the question of agility, meaning that our security is not something which we, as it, people have to deal alone. They expect us to collaborate with all the it teams, be it again, developers, operations, security, networking cloud. And of course with business units or without collaboration, without proper workflows and without proper control. And every stage of those workflows or agility is impossible to achieve. They expect scalability and expandability.
Again, it's all, all the matter of addressing new business challenges, new market segments, new identities, new technologies, new types of devices. It has, those have to be incorporated as quickly as possible. And of course they expect or cost optimization. So everything has to be as efficient as possible.
And again, to summarize it or nowadays, or it's business that decides what to do and it has to follow. There's absolutely no way that it would say, no, we cannot do that.
Or no, we will not do that. If you try anything like that, they will fire you and find someone else who will.
So again, security is no longer an it discipline. It's crucial for business continuity and compliance as well, because, you know, next may GDPR and our, it has to do all the things possible to avoid paying massive fines for those compliance violations.
So yes, risk compliance and costs are the key factors from the business side and efficiency is expected from us and efficiency can only be achieved through intelligent automation.
So let's kind of summarize what is expected from the modern it security.
Again, security is driven entirely by businesses. Security has to be the part of any business process and it's business policies that define security policies and not the other way around the way your firewall is programmed to function is no but's concerned. The question is, does your business application get necessary? Connectivity? For example, security policies has obviously be managed centrally across all the heterogeneous environments.
Again, that involves cloud industrial networks, corporate networks on premises, you name it. It has to be visible from one management point and it has to be manageable from that point. And everything has to be controlled by workflows. And those workflows not only include and involve it teams, but business teams as well.
And the only way to achieve any reasonable reaction time to any it or security problem is to through automation, every step of those workflows.
No, this is approximately the evolution of it. Security last decades with all started with a traditional it where the person operating the firewall could decide what, what businesses can do and whatnot, or sooner or later, we have found out that actually kind of making the development and operations work together, improve the efficiency tremendously. So nowadays your business applications and your network security are much easier managed together.
Then the, of course, games, AEC ops or whatever you call development, doing security impressions, the new paradigm where security is directly integrated into all it daily life. So to say, and this is approximately where we are now. Now the question, of course, what does the future bring? I have included this silly way too long acronym ops. Does it mean that the business comes on top and the business now has to say how the deaf and sec and ops are run together?
Well, let's hope so. And this is exactly where I am going to give control to Jeffrey star, and he will be going to talk about this in much more detail. So Jeffrey, it's your turn now.
Okay. Thank you very much Alexei. And that really is a, a perfect background and, and segue into the topic. And what we'll go forward with here is to very much compliment a lot of Alexa's observations, specifically around digital transformation and the associated drivers towards a more business driven approach, especially as it relates to automation.
And basically as a business driver, I think Alexei did a great job of summarizing where the trends are from both the technology and business point of view. And now we'll kind of show the implications of that more from a solutions perspective. So I will move forward with that. Let's see. Perfect. Okay. Before that, just a big step back and a little bit of background on us.
I'm Jeffrey star, I'm the CMO of AlgoSec and AlgoSec actually same by same birth year as KuppingerCole, we're also 13 years old and very well established company, a leader in our space, in the field of network security policy management.
We have well over a thousand customer enterprise users. You can see on the right, some of the logos who are active in a wide range of industries, such as finance, manufacturing, energy, retail technology, get a good sense.
There that's just scratching the surface of our installed base, but all of these enterprises are using us for their enterprise network security policy management, and kind of exhibiting the business different approach that you've heard about from Alexei a we're in 40% of the, of the fortune 50, we have round the clock support 24 7 through global centers, across three continents and above all from a values perspective, we're truly passionate about total customer satisfaction. In fact, our CEO carries a second title, which is chief customer satisfaction officer, and we've grown organically.
And one of the benefits of that, of being sort of, you know, self invested is the fact that we can afford to totally focus on customer satisfaction.
We're not just trying to take one customer and move on to the next, but we really want to make sure the deployment and installations are up and running and successful on a go forward basis.
So that's, that's a very integral part of our company value. Now kind of reintroducing the theme. What we ha, what we say here is basically network security in this age of digital transformation. When security automation meets the dev digital revolution and they come together. So basically you've heard a lot from Alexei about this massive shift, this really tectonic shift that's happening in the business world, which is all about the digital transformation technology is changing the traditional business model of many different types of companies and many different industries.
And that in turn, as you heard, makes the business, people demand more request more in terms of change, the desire for change and the speed of change to address and make it not a blocker, but rather an enabler to drive new business to the market and to operate at the speed of digital business and to enable new business models.
So really it's about it in the context of this digital transformation, enabling the digital transformation for new business models. Now applications are, are changing the world every, every segment and every which way.
And there are winners and losers clearly in entertainment, you see applications like Netflix and Hulu have already completely transformed video. They've become standards in payment, industry, smartphone, apps, square, Google wallet, totally challenging.
The, the domination of, of traditional big finance transportation. You have software driven services, Uber Lyft completely rewriting the world of taxi and limousines. And then even in hospitality, Airbnb HomeAway, completely upending traditional hotel, accommodation businesses. So how does it help enable and respond to these radical transformations? What is really the problem here? What is the essence to address? So it's all really about the move, the move into this new architecture, the move to the private cloud or the public cloud.
The hybrid environment is a key element in gaining the increased agility and speed. Responding to these business changes while minimizing the cost is driving applications, applications to move to the public cloud, or use some kind of consolidation of existing applications to a data center powered by a software defined network in order to achieve these benefits of agility, velocity, and cost reduction. There's undergoing this radical change in the environment, in the architecture and in the platforms.
Now, what are the implications of that on, on network security? Well, many challenges arise from here. You would think the way it's hyped that these kind of movements are a simple solution to a big problem, but unfortunately, anyone who's been involved in these migrations know that the solution is much more complex than it initially appears. Let's look on just some of the many network security challenges that arise from such a move from the planning stage, through the migration that you need to be aware of, cuz they're going to be real barriers during this process.
So in the planning stage of the migration, what do you need to know? Well, first of all, you need to know what apps are there and which applications are dependent on which servers and what connectivity is allowed to this server or that server or to this server or from this server. And what are the rules, the firewall rules that enable this connectivity, these activities are very complex to understand, to map, to know when you think of the legacy business that has flourished over the years and, and given, given rise to a situation, a technology environment in a given enterprise.
So in the execution phase, how do we migrate these firewall rules and policies to enable the same connectivity in the new data center, without any disruption to the business and without opening up any vulnerabilities, can I commission, can I decommission any of the old rules without causing a disruption?
All of this is very labor, intensive knowledge, intensive, tedious, and very time consuming and very challenging work. All of this needs to be addressed during a migration process. So just again, a word on algo.
Second, our role on this, we are basically the automation partner. We're bringing the automation to this equation, to this situation.
So we kind of like to view ourselves as a security optimization and opt automation partner in the planning stage, our technologies are brought to bear to automatically discover and to map all the business connectivity, not just the technology, not just the technical maps, not just the understanding, the servers of the identities or the routers, but the actual business drivers, the business connectivity, the business impact related to the applications and their associated servers.
And then on the execution side, we take from that analysis and actually create a project plan to help you migrate the application.
So again, in summary, we automatically discover the applications and their associated connectivity requirements. We translate that connectivity into the underlying network security policy changes that are required. We then start the process of automatically migrating the connectivity of the servers. We check the compliance, we decommission those rules, which can be safely just decommissioned.
And then all of this in a very intelligent, automated project management framework. So that's basically our core identity in adding value during this process. So what are the concepts or the philosophies underlying this?
Well, first of all, we strongly believe in tying the vulnerabilities to the business. Okay. As Alexei was talking about earlier, it's not enough for it to be in their silo and business to be there in their silo and for it to reportable vulnerabilities in very technological terms, the business wants to understand from it, what is the potential business impact of the vulnerabilities and where are they associated to specific business applications and business processes?
So what does that mean?
Well, it means that the, the vulnerabilities must be presented and must be scanned and must be discovered. You need to, first of all, scan and discover the vulnerabilities. But from that, you'll get a lot of data.
You'll get a lot of results, which is a good starting point, but you really now have to make those results intelligent, the security engineers, the security experts, really their expertise and what, what they should focus on is prioritizing and remediating these vulnerabilities with prioritization based on an intelligent logical scheme, basically according to the severity based on inputs from the vulnerability scanners, but the end of the day, the business owner needs to own the security picture.
So this again is another example of the phenomenon Alexa was describing earlier of it, security professionals and business professionals, finding common ground to understand the risks and to understand the vulnerabilities.
Now, why, how, how are they able to talk to each other and find this common language rather than speaking, purely in technology terms or purely in business terms?
Well, the common ground here is presenting these risks and vulnerabilities in the context of a specific business process or business application and giving the business people visibility to the most biggest risks and the most vulnerable applications, including ability to really drill down and understand what are the particular nuances and risks within each application. You can even schedule C-level reports. We're finding this is very common feedback from the field.
The board, the board level actually wants reporting on the risks and vulnerabilities throughout the business environment from an it perspective, but presented in business terms. And this allows the business owner to actually own the security aspects as well. So that kind of is the convergence or the, or the touchpoint, if you will, between the it risk management and the business side, but then what is the business impact?
How do you express that and how do you look at that?
Well, eh, that's a good point because here you need visibility and, and this is just some brief examples, but basically you need to understand how these vulnerabilities operate in the business context, how they change over time, how they relate to connectivity and having the applications up and running and blocked or, or connected and above all, you need to prioritize. You need to understand what are the most vulnerable applications and they need to be rated. They need to be scored. They need to be explained. They need to be put in the context.
And that's really what you need in order to properly communicate the business aspect of this. So now kind of shifting onto the automation side, the automation of the security control management across hybrid it infrastructures with end to end change management, cuz that's really where you need to bring the automation to bear is managing the change in these heterogeneous emerging hybrid it infrastructure environments.
So what does that mean end to end change management?
Well, we know that, you know, with the, the environment, with the migrations, with SDM cloud, multiple firewall vendors, you may have hundreds, thousands of firewalls in a heterogeneous environment, managing change is a major, major pain. It is not easy. And with them, you have all these new technologies and you have constant new deployments of all the different kinds of security devices. It is very, very hard to keep up with all the change requests piling up while the environment is also changing.
So the ideal here that you would hope to achieve is, you know, getting to a single location, to submit the requests and automate that entire change management process for you. That's what our users were looking for. And that's the, the value of the solutions that, that AlgoSec is focused on. And we can look at that in a number of dimensions.
Again, we, we think in terms of a life cycle of a policy and the life cycle of an application. So first process find those blocking devices, use the tool to understand the network, combine it with the algorithms that we bring to bear in a way that's not tied to a particular hardware vendor or firewall vendor.
In fact, you wanna be able to do it across a heterogeneous environment, across multiple vendors, multiple platforms, and focus really on the devices that require the change management. And of course, if nothing changes, then if nothing requires a change, then, then close that change request. You don't want these irrelevant or unnecessary change requests piling up or distracting. If it doesn't require a change because the logic transferred over perfectly well, that's kind of on the blocking side. Then on the risk check side, you really need to perform thorough deep.
What if lyses, if you want to have really proactive security checks and these, what if analyses have to check all the aspects of compliance and fulfillment of the policies, you have to verify the compliance within your policies and whatever associated rules and regulations are mission critical to your business. Everything the security Analyst needs really should be waiting, ready, and waiting for him to use him or her to use as a tool. And all of this should be vendor agnostic.
Again, it should not be specific to a particular vendor of a particular device or firewall. You really need to look at this network wide across the heterogeneous multi-vendor environment, then execution implementation. Every device should get an implementation reg recommendation as you're executing these changes. And as you're executing firewall changes throughout a migration or digital transformation process. This means if you need to add a rule or remove a rule or edit a rule, you need to be able to do that quickly, effectively and automatically in the language.
And according to the limitations and constraints and, and capabilities and features of each particular device, you need to implement to that device with a click of a button. We call that active change. You really need to be able to implement that effectively and quickly. Then next thing you need to think about is validation. You need to validate these change requests and make sure they're implemented properly. We think about it in terms of a two step process, make sure that traffic is now allowed and make sure the implementation was, was accurate. And that's basically it.
I mean, end to end change management in MI in minutes, doesn't really matter whether it's premise or public or whether we're talking about the cloud or, or on routers or firewalls. That doesn't matter. You take a holistic network view. You need that visibility across these heterogeneous environments to automatically and effectively and productively implement your change management automatically.
So now think about this in terms of a, the, the metaphor that we like to think about or show is a security policy management life cycle, and you can see AlgoSec in the middle.
There, that's basically our, our claim to fame. Our, our reason for existence, if you will, is to escort the security professional and the business users, every stage of the way, every stage in this life cycle, from birth to death, cradle to grave, however you wanna define it. And with every single function that is required every step of the way, and we will do a deep dive here.
So first of all, discovery phase, or, or some people call it definition phase, this is where AlgoSec helps you automatically discover and map and visually diagram, the application connectivity and the security infrastructure across your enterprise. So all the servers, all the devices, the users, and above all the connectivity, the application connectivity that exists per device, really understanding the application connectivity story in a visual detailed way.
This in turn enables the developers to define for next generation applications or new new applications being implemented the connectivity in a very programmatic way. So again, discover or define, and that means this auto discovery process of your business applications and their associated connectivity within the security infrastructure, and then enabling your, your developers to define the connectivity requirements they need. Programmatically. Next is what we call plan and assess.
This is where you actually translate where you actually convert that application connectivity into tangible rules, tangible firewall rules, firewall rules are the essence and heart. And you know, the management of that is the core essence of, of, of AlgoSec.
And that's really a, a big part of the value of having such a tool is to now translate all these business rules translate these a application connectivity requirements into the actual firewall rules for multiple firewalls, for large volume of firewalls, for many vendor, different firewalls, assess the risk in compliance, understand those vulnerabilities as we talked about earlier, but not just understand them, but actually tie them, tie those cyber threats to specific business rules and business processes and business applications, not just state, they exist, not just make generalizations about them, but actually point to the specific risk as it relates to specific business processes, next migration, actual deployment.
This is where you take those firewall rules and you actually migrate them. You actually move them. You actually implement them in the, in the new target environment. And this is also what we mentioned earlier. This co this notion of zero touch change management. This is where you can now manage those changes on an ongoing basis with what we call zero touch. You also have this notion of the policy, push these policies, these network security policies, these firewall rules.
You can push them out and deploy them in a highly automated way, but with validation, but not just, you know, any validation, but smart, automated, intelligent algorithm driven, true smart validation. So we've gone through the discovery and definition, process planning and assessment migration, and deployment. Then we talk about ongoing maintenance, of course. So it's not enough to just get it up and running, but this has to be watched all the time.
It needs to be monitored.
Eh, the policies constantly have to be monitored. They, they need to hold up in the context of rapid business change. You also have the security posture, which needs to be enforced. You have the reporting you need reporting right outta the tool, right outta the box, auditing and compliance to meet your regulatory requirements or your internal or external auditor requirements.
Again, this notion of linking you need to link the firewall rules to the specific application, and then ultimately clean up the policies, optimize them on an ongoing basis. And then there's, re-certification the firewall rules are not static. They're dynamic and they require constant monitoring. And re-certification finally the end of the away for a rule for a, a restraint or constraint is the decommissioning of the process often neglected, but very important.
This aspect of the cleanup, you definitely want to decommission those redundant firewall rules and, and enable your application connectivity by not keeping them in place, if they're irrelevant and actually a distraction and a potential potential problem.
So again, in summary, there's this application discovery definition plan and assessment migration, deployment maintenance, and then ultimate decommission.
I want to emphasize the environment, the ecosystem, if you will, within which this solution operates, you can see at the top, the core mission of AlgoSec is managing, managing the network and security devices, the firewalls, and managing the cloud and SDN platforms as it relates to application security. So you see many logos here relating to the many different vendor products with which we manage. We actually manage those rules and manage those application connectivity processes, the whole life cycle.
So the whole sort of upper half of this circle relates to the core mission of AlgoSec of managing these kind of security devices and platforms. That's the essence of what we do. Having said that we need to interoperate in the environment of our users. So we need to manage the applications.
We need to tie those devices in the upper half of the circle.
And two specific business applications, you know, applications like trading systems like CRM, like E R P, and make sure that they help you drive and keep that business up and running and keep the visibility going towards named specific business applications. Then at the next level, we need to interoperate with many different partners, if you will, partners and players in the security device environment.
So whether it be identity management, cm, DBS orchestration, ITSM, Sims, vulnerability scanners, you can see AlgoSec is integrating with touching inter-operating and supporting all the leading players in each of these categories. So taking a big step back, this is basically the ecosystem, the AlgoSec ecosystem of which we're at the heart of it.
Basically making sure that all of this is carried out in a business driven manner, but again, the core of what we do managing the network and security devices and the cloud and SDM platforms, giving visibility and enabling and driving the business applications, security concerns, and then interfacing with inter-operating with all the other elements of the security ecosystem, including the scanners SIM ITSM orchestration system, CMDB is in identity management.
And that's basically at, at a high level, what AlgoSec is all about.
So I hope you understood the, the flow, the concept here, which Alexa presented in terms of the need to tie the business with the risk management, with the it security management and how to make your network security policies really be business driven at the speed of digital business. So with that, I would be happy to turn it back to Alexa and the Kuppinger call team for, for the next steps.
Okay, great. Thanks a lot. Just let me switch back to my own screen. Right.
Well, thanks a lot, Jeffrey, what was really impressive presentation? So if you could have go back to my diagram for a second, do you believe, or that you have already reached that next stage of the BI ops with your solution?
Well, sure. And I Alexei, I appreciate your comment about the, the new word being a bit long and clunky, but actually think it's accurate because that's DevOps is, is, is one of our major use cases that we're addressing. And in fact, that's driving a lot of our current business and then, you know, our injection of it really is both the biz and the sec, if you will. And the fact that they're alternating like that is, is really symbolic of what we're trying to do, which is trying to make the dev sec ops, truly business driven and how the policies are defined and analyzed and driven.
So, yes, I think that that's actually a useful metaphor is, is AlgoSec trying to move us along from the dev sec ops to the BI biz dev sec ops part of that evolution.
Okay. But we should really think about more appropriate equity, least more pronouncing.
Okay, great. Well, we just have reached the Q a stage. So please urge you to submit your questions directly into that question box in the go to webinar control panel. And the first one is actually already on there.
And it's, I think it's kind of more existential one than a technical, but still, so how exactly does this security part, does it work together with DevOp DevOp and before Jeffrey answers that in detail? I would say that it's indeed an existential question because it is actually the only way which will be available to it and security people in the future because security is no longer and of standalone part like a bouncer with your door, protecting you from all the threats, it's actually an integral member of your development and operation team.
And on the other way around every member of development or operational team has to start thinking about security daily or because, well, because now in the traditional way, just cannot keep up with all the threats and with all the problems that challenges out out there. But Jeffrey, please, could you add a little bit more technical stuff on top of that?
Sure, absolutely. And again, I, I appreciate the question, but it, it comes up a lot and, and again, DevOps is, is probably one of the most important drivers in our business right now.
So, so pulling that together, how does the network security policy management integrate with DevOps DevOps as, as a methodology and DevOps as a business, as a use case and, and as a framework? Well, you know, most people view DevOps as, as kind of a method as not just a function, but as a methodology consisting of many different stages, many different pillars, if you will.
So when you think about the main sub-functions or the main pillars, the main stages of DevOps, you think of things like planning, coding, building, testing, releasing deployment, then of course, operations, and then ongoing monitoring monitoring. And our approach has we've, we've very closely kind of tied our solution to every, every aspect of DevOps.
So our solution actually winds through all of these concepts, all of these stages from the planning, you know, as we mentioned at the beginning, which is predicated on the discovery where all the way through where you can actually create a change request coming out of the required network connectivity, even all the way through using, for example, now you have this concept within DevOps of chat ops, where, where these requests are communicated.
You can actually use a functionality that we have called algo bot and to, to implement this concept of chat ops where this change request is communicated and, and responded to it's integrated in the coding and operational phases to allow automatic implementation of the network change ultimately in the deployment phase. So we're, we're very sensitive and aware of the whole, you know, DevOps multi-stage concept as we deploy deploy solution.
Okay, great. So you've got that covered as well. Great. Okay. Next question is actually kind of following up on that a little bit. So how does security policy management help in incident response?
And again, let me just say the couple of words before sure. That incident response, or should not be understood as a it process or a technical process or security process, even that our incident response nowadays, and even more so the next year with the GP and all the other stuff is much more a legal process, public relations process, or compliance. If you will process, it involves a lot of communications between various business and it departments, and again, incident response platform as a solution for automating those actions and processes. It has to be, I already talked about it earlier.
It has to be workflow based and it has to be collaboration based. So to say, and I believe that this is something which you have within your solution as well, right?
Yes, certainly. And, and just referring back to the ecosystem that I presented earlier, one of the very important slices in an area where AlgoSec has been very busy in recent years is the integration capability specifically with the leading SIM tools, you know, such as say Splunk, for example, and enriching the suspected attack data with business and network information. So in kind of building on that AlgoSec enables as a key enabler in helping to quarantine the attack, literally with a click of the button. So reducing the attack surface and time it takes to respond.
So we've been very focused on integration with incident response in general and, and SIM tools in particular,
But I guess not just same tools, but again, some kind of workflows which could involve say sending a notification to the appropriate authority in case of a data breach, right? It's not just about managing the firewall. It's about taking all the necessary measures, organizational legal, and again, even publications like you have to go out and tell the public that their accounts have been stolen. How do you do it?
Well, the, the, the approach there kind of relates to the larger philosophy of, of the business driven notion. So when we're providing the key decision makers, the board members, if you will, or the business application owners who then trans convey the information to the board, we're, we're giving them the story.
We're giving them a story of what were the vulnerabilities, what are the vulnerabilities and how they are priorities and how they're, how they're tied to specific business applications and business processes that in turn helps inform the business decision makers, everyone who's involved in, like you said, the corporate communications, crisis management business continuity, all those important business elements that come out of the security concerns with the information that they need to, to, to communicate.
Okay. Right.
So please keep those questions Karin, and let me just read the next one quickly. Okay. Okay. Okay. That's actually a funny one. So how do you even start with your, with any kind of set solution? Many enterprises just don't even know what they actually have, what kind of business assets? Cause there are probably some applications which are just, you know, forgotten for years. How do you even start accounting for all of them
Before?
Good, good. Very good question.
Yeah, we could, you know, some it departments call them rogue applications or you're right. We, we often find the situation where they understand there's a need, but they have no idea where to even start. They know that lots of applications have accumulated over time with a lot of vulnerabilities possible associated with those applications. So they say to us, what's a good starting point. How do we assess the situation? Even before we get into the policy management, we don't understand what we have and what the vulnerabilities are.
And, and that that's really that's, you know, frankly, where we shine, we, we provide a tool. First of all, for application discovery, we automatically discover the applications you have in your organization and the associated network on activity paths.
And, and we not only discover it, but we take it a step further, as I said, and, and map them visually map each firewall rule to the application or applications that it serves. So giving all the needed visibility at this early stage to understand how the current network is serving up those applications. And really that's, that's a good starting point, you know, but from there, you can, you can have a, be a better educated if you will be better informed and be better prepared to, to build, build the, the relevant rules.
And by the way, does it cover only the on premises application cause of the own applications, if you will, or can you also discover cloud apps as well?
Right. So network security, policy management, when, when you're migrating your applications to the cloud, you know, you, you also need of course, to migrate the, the related connectivity and firewall rules. And we assist that in a number of ways. And by the way, we, we just con we just conducted a cloud survey, which we will be a cloud security survey, which we will be publishing very soon.
So there'll be some very interesting content that is, is available. Actually, we announced it a few days ago. You can find it, you can find it on the internet.
There's been a lot of articles about the survey that we just released, but so there's a lot of, of information there that I won't attempt to replicate now, but basically when migrating applications to cloud, as I said, you need to migrate the related firewall rules and we can assist by establishing the baseline of the application and mapping the needed network connectivity through migrating that connectivity to the cloud, including the ability of course, to decommission the application connectivity. That's no longer relevant in the cloud environment.
But again, I would encourage the listeners to go to our website or send an email, and we'll be happy to send you this recent cloud study that we conduct cloud security survey that we conducted.
Okay, great. Then let me just also kind of make a small one, but shameless block, because as you can see on the screen, we now have our own report about AlgoSec security management suite. It's not yet online now, but it'll be published very soon or, and so you are very welcome to visit our website, maybe even tomorrow and have a look yourself.
So we have, we have this solution reviewed and again, I was pretty impressed. Great. Next question probably is the last one because we are short on time. So what's a good way to avoid network misconfiguration and thus, or connectivity outages caused by those
Situations. And that's, that's a, again, a very common scenario.
Companies have often come to us after suffering these sorts of things, but of course, ideally you want to always avoid very costly application outages caused by simple, you know, well intentioned, but ultimately what were network misconfigurations people trying to safeguard a network, but actually misconfiguring it in which in turn drove an outage. So basically with our solution, you can set up a baseline of what network connectivity is required for each application and a consolidated network map of, of this basic situation.
And then you have an engine that sort of recommends to you when coming to perform a change, what is the best course of action that you should have the best, you know, to give you the best in class capabilities to confront this difficult situation. So I'm glad you asked that.
That's a, I'm glad we got that question because that's, that's a, a key driver for why a lot of people have come to us and it's a key driver for what people wanna avoid. Great. Thank you.
Okay. Right.
Well, we have just reached the top of the hour. So please, if you have any questions still open and unanswered, contact us directly, either myself at copy, a call or Jeffrey AlgoSec or email, and we will definitely come back to you or at least connect you directly to the, the best qualified person to answer your specific questions. Thanks a lot for being with us today. I hope to see you again at one of our future webinars or events, maybe, and have a nice day.
Thank you.
Bye.
