January 2023

Black Hats Matter

It is 2023 and we are a few years now since “black lives matter” movement started.

black lives matter

Databases in a cluster are not called “master” and “slave” anymore, and the “blacklist” word for the list of issues is also vaporizing from the lexicons of all reasonable people. The biggest corporations in the US and worldwide are working on fixing the misuse of improper terms in their technology and documentation.

Yet, this Dark Reading article by Jonathan Care decided to bring “Black” word back to mark the evil in their article’s title on December 30, 2022. Yep, it is just a few weeks ago, and that’s why it is triple weird my dear DarkReading editors!

Do not be confused: the word “Black” is used in this article in a very negative context representing the vulnerability of various APIs due to security issues.

DarkReading should be ashamed

The above screenshot represents the original Dark Reading article by Jonathan Care as of December 2022.

Dark Reading should do a much better job while selecting their authors and proofreading texts. This title smells bad! And IMHO this particular article should be removed from the public domain. Shame on you, Dark Reading and Mr. Jonathan Clare, the writer.

Jonathan Care

Please meet Jonathan Care, a Contributing Writer at Dark Reading whose article voted against basic modern community principles like diversity and inclusion. He should have thought twice about his article’s title, but he did not. Probably, he is not exactly a “thinker” type, is he?

Observability and Protection for Cloud Native Applications

Banks and other financial institutions are moving to the cloud. It is a slow process but the trend is here. Cloud computing business models give financial organizations flexibility to deploy pay-as-you-go cloud services. Furthermore, the cloud comes with built-in scalability so businesses react to market changes quickly. Pay-as-you-go infrastructure drastically reduces costs for banks and financial services institutions (BFSI), but then other questions raise. The first of these questions would be “is it secure to move my data and services to the cloud?”. Here network observability and AI-based network monitoring come to help, and particularly because financial institutions need to be compliant with regulations such as the PIPEDA.

MarketAndMarket report predicts that the market for cloud-native protection platforms will reach $19.3 billion by 2027. This is more than double from $7.8 billion in 2022 as estimated by the marketing firm. BFSI and other enterprises move to the cloud. This requires intelligent network observability and security solutions based on artificial intelligence and machine learning and thus such a rapid market growth at 19.9% CAGR in 2022-2027 seems to be a very reasonable assumption. Today AI-based observability and security solutions analyze hundreds of thousands of events a day. We should expect that the next generation of these software solutions will create and analyze a few orders of magnitudes of events daily, scaling up to tens to hundreds of millions of events a day for an average cloud-based BFSI organization. The report names a few market leaders, among them Check Point (Israel), Trend Micro (Japan), Palo Alto Networks (US), CrowdStrike (US), Fortinet (US), Forcepoint (US), Proofpoint (US), Radware (Israel), Zscaler (US).

Cloud Monitoring Market Size Estimations

According to a marketing study, the global IT infrastructure monitoring market is supposed to grow at 13.6% CAGR reaching USD $64.5 in 2031. Modern IT infrastructure becomes increasingly more complex and requires new skills from IT personnel, often blurring the borders between IT staff, DevOps, and development teams. With the continued move from on-prem deployments to the enterprise cloud, IT infrastructure goes to the cloud as well, and thus IT teams have to learn basic cloud-DevOps skills, such as scripting, cloud-based scaling, events creation, and monitoring. Furthermore, no company today offers a complete monitoring solution that can monitor any network device and software component.

Thus, IT teams have to build their monitoring solutions piece by piece, using various mostly not interconnected systems, developed by different, often competing vendors. For some organizations, it also comes to compliance, such as GDPR or ISO requirements, and to SLAs that obligate the IT department to timely detect, report, and fix any issue with their systems. In this challenging multi-system and multi-device environment, network observability becomes the key to enterprise success. IT organizations keep increasing their budgets seeking to reach the comprehensive cloud and on-prem monitoring for their systems and devices, and force the employees to run network and device monitoring software on their personal devices, such as mobile phones and laptops. This trend also increases the IT spend on cybersecurity solutions such as SDR and network security analysis with various SIEM tools.