Archive for the Commentary Category

LogicGate Named A Leading GRC Provider In Forrester Wave Report

Posted in Commentary with tags on December 6, 2023 by itnerd

LogicGate, a leading provider of Governance, Risk, and Compliance (GRC) solutions through its Risk Cloud® platform, today announced it was named a Leader in The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q4 2023 report. Forrester conducted a comprehensive evaluation of the most significant GRC platform providers, utilizing a 25-criterion approach to thoroughly research, analyze, and score the leading providers. The assessment encompassed considerations of current and future offerings, strategic approaches, customer feedback, and market presence.

Notably, its Risk Cloud platform garnered the highest possible scores across eight criteria, including user experience, innovation, IT/cyber risk management, workflow and process automation, policy and procedure management, content delivery, mapping, and maintenance, and pricing flexibility and transparency.

The Forrester Wave™ states, “LogicGate has pursued an aggressive innovation strategy in recent years to deliver a flexible, user-friendly, no-code platform — and it’s paying off. LogicGate is on par in terms of vision and roadmap, with a healthy dose of planned AI and automation features. Its roadmap prioritizes enhancements to user experience, embedded AI services, and enhanced cybersecurity tools for control analysis, risk quantification, and evidence collection integrations.”

The report also notes, “LogicGate Risk Cloud’s user experience is second to none — reference customers consistently gave it their highest rating compared with other vendors. It’s also strong in IT risk management, with platform-native FAIR analysis as well as policy management, which leverages its OpenAI integration to generate policy content.”

Download The Forrester Wave™ Governance, Risk, and Compliance, Q4 2023 Report.

Risk Cloud is a no-code risk and compliance platform purpose-built to scale and streamline risk assessment, regulatory compliance, and strategic decision-making. The platform ensures proactive risk mitigation and strategic alignment with a user-friendly interface, automated processes, advanced analytics, and real-time insights.

OVHcloud Canada Achieves SAP Certification for Outsourcing Partners

Posted in Commentary with tags on December 6, 2023 by itnerd

OVHcloud announces the launch of OVHcloud for SAP solutions in Canada, offering customers secure and automated infrastructures to deploy their SAP environments with confidence. This announcement follows the “SAP® Certified in Cloud and Infrastructure Operations” certification in Canada, obtained in July 2023, which attests to the group’s excellence in terms of organization, operations capabilities, and maintenance for hosting SAP environments within OVHcloud data centers in Canada.

SAP offers a certification program for partners that manage customer environments. SAP certifications for outsourcing partners help customers identify best-in-class service providers to meet their requirements in terms of quality, scope and geography, while certified partners can increase market visibility and drive new revenue.

The OVHcloud for SAP solutions offering is based on dedicated servers from OVHcloud High Grade range. By using instances that follow the TDI (Tailored Datacenter Integration) approach, they meet the highest reliability and performance requirements to power SAP HANA databases. Highly customizable and optimized for mission-critical workloads, High Grade dedicated servers for SAP technologies feature Dual Intel Xeon Gold processors, a large choice of memory sizes up to 1.5 TB, and SAS Hardware RAID SSD storage. They are ideally suited to SAP deployments, through a variety of use cases such as re-platforming, migrating to SAP S/4HANA  (Brownfield), creating a new SAP environment (Greenfield), or implementing a disaster recovery plan (DRP).

OVHcloud for SAP solutions also offers a range of additional features for accelerating the deployment of the most critical SAP environments. These include “SUSE Linux Enterprise Server” (SLES) OS image for SAP applications in Bring Your Own License (BYOL) mode, access to the VMware ESXi hypervisor template, and the OVHcloud Backint Agent for SAP HANA databases.

Whether deploying SAP HANA databases or hosting OLAP or OLTP workloads, these certifications and features demonstrate OVHcloud expertise in supporting deployments of the most mission-critical SAP environments in complete security and simplicity.

Pricing transparency and data confidentiality

As with all OVHcloud cloud solutions, bandwidth is included and no additional fees are charged, ensuring transparent and predictive billing at the best performance/price ratio. Customers can also take advantage of a unique industrial model: OVHcloud builds its own servers in its Beauharnois (Quebec) production unit, which enables total control of the value chain and thus guarantee the highest standards of digital sovereignty and confidentiality. Data is hosted locally and is not subject to any extraterritorial laws. 

This new OVHcloud for SAP solutions offering, together with the recent SAP certification in cloud and infrastructure operations highlights OVHcloud’s operations capabilities in Canadia. This unlocks new opportunities to further empower partners to support their customers in Canada and assist them with the installation of SAP HANA databases or the deployment of SAP Business Warehouse, edition for SAP HANA, SAP BW/4HANA, SAP Business Suite powered by HANA and SAP S/4HANA landscapes. 

Benefiting from the newly SAP® Certification for Outsourcing Partners in cloud and infrastructure operations in Canada, OVHcloud Beauharnois (Quebec) site houses 8 data centers and a production plant. With 80,000 servers in operation and a rate of over 500 servers assembled every week, it is also renowned for its record energy efficiency (PUE of 1.1), based on patented water-cooling technology and powered by hydroelectricity, a very low-carbon energy source. 


The OVHcloud for SAP solutions offering  is available now for Canadian customers.


Learn more about OVHcloud for SAP solutions

23andMe Tries To Cover Themselves From Being Sued For Being Pwned By Altering Their Terms Of Service

Posted in Commentary with tags , on December 6, 2023 by itnerd

Hot on the heels of the disclosure of how bad the 23andMe hack was, and the rumblings of lawsuits related to that, it is now coming to light that 23andMe might be trying to blunt any attempts to sue them via a change to their terms of service. This came to my attention via this post on Mastodon. Here’s the relevant part:

So in short, if you don’t send them an email rejecting the change in their terms of service, which you can read here and specifically this part, you will give up the ability to be part of the class action lawsuits that are being filed or take action in court against them. What they’re counting on is that nobody is going to read this in detail and send them an email saying “no I don’t agree to these terms”. Thus limiting their exposure to the class action lawsuits that are likely to be filed. This is pretty sneaky by 23andMe and they need to be called out for this.

While I am not a lawyer, you should email 23andMe and reject this change. Then I would lawyer up for the class action lawsuit that we all know is coming.

Google Introduces Gemini

Posted in Commentary with tags on December 6, 2023 by itnerd

Today, Google made a series of announcements about a major AI breakthrough which is their largest and most capable AI model, called Gemini. 

The news spanned the world of enterprise, developers and consumers, so I thought it would be helpful to summarize the main announcements and provide links to the most useful blog posts. 

Today’s news 

Today, Google announced Gemini — the most capable general AI model they have ever built. It is the result of large-scale collaborative efforts by teams across Google, including Google DeepMind and Google Research, and is their largest science and engineering project ever. 

Google has optimized Gemini 1.0, our first version of the model, for three different sizes:

  • Gemini Ultra — their most capable and largest model for highly-complex tasks
  • Gemini Pro — their best model for scaling across a wide range of tasks
  • Gemini Nano — their most efficient model for on-device tasks

What is Gemini? 

Gemini is a multimodal AI model. This means that it can generalize and seamlessly understand, operate across and combine different types of information, including:

  • Text
  • Images 
  • Audio 
  • Video 
  • Coding languages

It’s also their most flexible model yet, able to efficiently run on everything from mobile devices to data centres. Gemini will significantly enhance the way developers and enterprise customers build and scale with AI. 

Built on next-generation capabilities

Until now, the standard approach to creating multimodal models involved training separate components for different modalities and then stitching them together to roughly mimic some of this functionality. These models can sometimes be good at performing certain tasks like describing images, but struggle with more conceptual and complex reasoning. 

So Google designed Gemini to be natively multimodal — pre-trained from the start on different modalities. Then they fine-tuned it with additional multimodal data to further refine its effectiveness. This helps Gemini seamlessly understand and reason about all kinds of inputs from the ground up, far better than existing multimodal models — and its capabilities are state-of-the-art in nearly every domain. 

Learn more about Gemini’s capabilities and see how it works.

Benchmarking tests

Google has been rigorously testing our Gemini models and evaluating their performance on a wide variety of tasks. From natural image, audio and video understanding to mathematical reasoning, Gemini Ultra’s performance exceeds current state-of-the-art results on 30 of the 32 academic benchmarks widely used in large language model research and development. 

You can see more details in this technical whitepaper

Making Gemini available to the world

Gemini 1.0 is now rolling out across a range of products and platforms:

For consumers

  • Starting today, Bard — using  a fine-tuned version of Gemini Pro — will be available in English in more than 170 countries and territories. It will be far more capable at things like understanding and summarizing, reasoning, brainstorming, writing and planning. Google is enthusiastic about bringing Bard’s generative AI potential to Canadians soon; 
  • Google is also bringing Gemini to Pixel. Pixel 8 Pro is the first smartphone engineered to run Gemini Nano, which is powering new features like Summarize in the Recorder app, and rolling out in Smart Reply in Gboard, starting with WhatsApp, with more messaging apps coming next year; 
  • And in the coming months, Gemini will be available in more of their core products and services like Search, Ads, Chrome, and Duet AI.

For developers

  • Starting on December 13, developers and enterprise customers can access Gemini Pro via the Gemini API in Google AI Studio and Vertex AI:
  • Google AI Studio is a free, web-based developer tool that helps developers and enterprise customers prototype and launch apps quickly with an API key; 
  • When it’s time for a fully-managed AI platform, Vertex AI allows customization of Gemini with full data control and benefits from additional Google Cloud features for enterprise security, safety, privacy, and data governance and compliance.  
  • Android developers will also be able to build with Gemini Nano, their most efficient model for on-device tasks, via AICore. AICore is a new system capability available in Android 14, starting on Pixel 8 Pro devices. Sign up for an early preview
  • And as part of their extensive trust and safety checks for Gemini Ultra, they will make it available to select customers, developers and partners for early experimentation and feedback before making it broadly available to developers and enterprise customers early next year 

Looking ahead 

This is a significant milestone in the development of AI, and the start of a new era for Google as they continue to rapidly innovate and responsibly advance the capabilities of our models. They’ve made great progress on Gemini so far and they’re working hard to further extend its capabilities for future versions. 

Panther Unveils Security Data Lake Search & Splunk Integration 

Posted in Commentary with tags on December 6, 2023 by itnerd

Panther Labs today announced the launch of its new Security Data Lake Search and Splunk Integration capabilities. These offerings mark a critical leap forward in managing security risks in today’s cloud-first landscape. 

As organizations race to implement machine learning capabilities, they’re increasingly reliant on decentralized, cloud-based data stores and workflows to power the development of new software, such as AI tools. These workflows magnify security challenges, with organizations continuing to report severe security incidents due to cloud misconfigurations, especially in public cloud environments.

The enhancements Panther is launching today will redefine security detection, analysis, and response for the cloud-first, AI-powered future. By combining the economic efficiency of modern security data lakes with the familiarity of traditional SIEM interfaces, Panther will enable security teams to more easily identify and respond to threats, hardening their security posture for decentralized, high-scale cloud workflows.

Panther’s Security Data Lake Search is the industry’s first search experience designed to capitalize on the efficiency and performance of modern data lakes. With traditional solutions, high-volume log sources are too costly and unwieldy to ingest and search at scale, forcing organizations to choose between cost and performance. With Panther’s Security Data Lake Search, security teams can harness the full potential of mission-critical cloud logs in their detection and investigation workflows, with deployment options that reduce total cost of ownership (TCO) and maximize ROI. These enhancements offer unparalleled search performance across vast data lakes, without relying on SQL, enabling fast, efficient investigations.

Panther’s Splunk Integration combines Panther’s industry-leading, cloud-native detection capabilities with Splunk’s extensive analytics platform, giving organizations enhanced visibility of critical cloud workflows. By using Panther’s real-time detections on streaming cloud logs and configuring Splunk as an alert destination, security teams are empowered to implement rapid, cloud-scale detection and response workflows.

Together, Panther’s Security Data Lake Search and Splunk Integration unlock the full potential of high-volume, high-value cloud log streaming data. With cloud-native search capabilities and high-performance detections built on existing Splunk infrastructure, security teams can now ingest all of their logs and operate with the agility necessary to drive better security outcomes.

Panther has demonstrated significant value for a wide range of enterprise customers, with an average reduction in TCO by over 50%. As security risks from cloud-based workflows continue to escalate, Panther’s platform is crucial for organizations aiming to bolster their compliance and reduce risk exposure efficiently.

To learn more about Panther’s new Security Data Lake Search and Splunk Integration, visit

Salesforce Appears To Be Having Issues This Morning

Posted in Commentary with tags on December 6, 2023 by itnerd

I’ve gotten a couple of phone calls from clients today who were and still are having issues getting to Salesforce. After a Quick Look at Down Detector, it seems that Salesforce has fallen down and can’t get up:

It appears that the issues started just before 8AM an are still ongoing. A trip to their status page seems to confirm that they have issues:

According to them, these issues have been ongoing for a couple of hours. And there is no ETA for resolution at this point. Seeing how pervasive Salesforce is within businesses big and small, let’s hope that this gets resolved quickly as any sort of Salesforce outage will result in a very bad day for many.

A SiriusXM #Scam Is Making The Rounds…. With A Twist

Posted in Commentary with tags on December 6, 2023 by itnerd

I woke up this morning to a new and different scam email sitting in my inbox:

Now anyone who has a car that was made in the last two decades or so likely has a SirusXM radio in it. And most of us buy the car, use it for the free trial period, and never use it again. So a free 90 day offer to use the SirusXM radio may entice some to click the “Extend for Free” button. Which by the besides looking weird because of the yellow bar above the button, doesn’t go to

Simply hovering my mouse over the button indicates that this is some sort of phishing website and not something that SirusXM controls. An example of that is Now this is the part of this article where I tell you to never click anything on the email. But because I want to find out what the scam is all about, I did click the button. Here’s what I got:

It took me to website that looked just like the email. And it wanted to send me notifications as well as evidenced by the prompt on the top left that appeared. Now what notifications could it possibly want to send me? How about these ones?

So we now have fake pop ups that are warning you that your McAfee has expired today. What happens when you click on this pop up. Which by the way, you should never do:

OMG! I am infected with 3 viruses. Well actually I am not because this is totally fake. The threat of your “personal and banking information” being at risk is meant to encourage you to click the proceed button along with the countdown clock. Neither of which any legitimate antivirus program would have. Clicking the proceed button takes you to an odd place:

It takes you to what appears to be the real Avira website. At first that seems odd. But looking at the URL, it shows that this is a referral link. Meaning that the scammer is trying to make money by using the pop ups to get a cut of any sales of Avira Antivirus Pro. It would be a shame if Avira found out about this. Which by the way, they are going to find out about this when I send them the referral link and explain what is going on.

But this scammer isn’t done yet. Let’s go back to the SirusXM part of this. Here’s what you get when you click on “Extend for Free”:

So it’s the usual “let’s get you to fill in your credit card details so that we can go on a shopping spree on your nickel” scam. And it has logic to check for the validity of credit card numbers.

The bottom line, is that this scammer is trying to make money in two ways. That’s pretty bad and I’ll be alerting both SiriusXM and Avira about this so that they can both deprive him of some cash. In the meantime, if you get this email you should delete it and go on with your day.

Living Security Expands Access to Human Risk Management Platform with Unify Go

Posted in Commentary with tags on December 6, 2023 by itnerd

Living Security announced today Unify Go, a free tool for Living Security training customers that surfaces security vulnerabilities across the workforce by aggregating and correlating employee behavior across security training, phishing, and email security tools. Unify Go is accessible to any company utilizing Living Security training. 

Unify Go builds upon and extends beyond security awareness, training, and phishing. Rather than focusing on compliance-based outcomes such as click and completion rates, Unify Go enables security teams to identify areas of the workforce that are most susceptible to social engineering, such as phishing, based on actual email behavior rather than phishing simulations alone. 

While security teams continue to improve visibility into security events across infrastructure and data, correlating disparate events to individual people or programs remains a significant challenge. Living Security Unify aggregates data and events across the cybersecurity technology stack, showing granular employee-level risk.

Unify Go works with the most popular identity, training, phishing, and email security tools with API integrations to dozens of tools, including Proofpoint, KnowBe4, Cofense, Microsoft, Mimecast, Abnormal Security, and more.

Unify Go shifts security training from a one-size-fits-all to a targeted and outcome-based approach. It delivers action plans to members of the workforce that need it most. This includes highly targeted individuals, new hires, contractors with poor phishing hygiene, repeat phishing offenders with elevated permissions, and more.

Living Security’s Unify platform makes it easy for security teams to implement risk-based management in their organizations by combining the following features:

  • Intelligence Engine: This engine ingests, aggregates, and correlates event, device, and identity data across existing IT and security tools that build a dynamic risk profile of every member of the workforce
  • Human Risk Operations Center (HROC): The HROC unites the Security Operations Center (SOC), Security Awareness and Training (SAT), and Governance, Risk, and Compliance (GRC) teams by providing them with granular dashboards and lenses into human risk and insider threats. 
  • Human Risk Index (HRI): This proprietary, patent-pending algorithm sorts individuals and groups into five distinct levels of risk. The model considers hundreds of criteria and behavior data points across existing IT and security tools.  
  • Action Plans: Security teams can generate tailored, risk-based action plans focused on specific behaviors across location, department, or segment

Unify Go is the entry point to Living Security’s Unify Platform, the leading Human Risk Management Platform. The complete Unify Platform extends human risk management from email and phishing, including correlated insights from a company’s existing account compromise (password), data loss, and malware solutions. 

Test drive Living Security Unify Go here. Or learn more about Unify Go by signing up for our January 10th webcast, How to Shift from Security Awareness to Human Risk Management.

Novel Process Injection Technique Using Windows Thread Pools Bypasses Leading EDR Solutions

Posted in Commentary with tags on December 6, 2023 by itnerd

During Black Hat Europe, SafeBreach Labs researcher Alon Leviev is speaking on his newest discovery of a brand new set of highly flexible process injection techniques that are able to completely bypass leading endpoint detection and response (EDR) solutions, using Windows thread pools.

If executed to completion, the impacts of process injection can be devastating. An attacker can use process injection to execute code on behalf of legitimate processes, allowing the attacker to perform actions they may not be able to typically do. The SafeBreach labs team explored the viability of using Windows thread pools—an under-analyzed area of the Microsoft Windows OS—as a novel attack vector for process injection and discovered 8 new process injection techniques—dubbed Pool Party variants—that were able to trigger malicious execution as a result of a completely legitimate action and were proven to be fully undetectable when tested against five leading EDR solutions.

You can read the discover here.

Critical Insight Announces Launch of MXDR With Cyber Risk Quantification

Posted in Commentary with tags on December 6, 2023 by itnerd

Critical Insight, the Cybersecurity-as-a-Service provider specializing in helping critical organizations Prepare, Detect, and Respond, announced the company’s move to Managed Extended Detection and Response (MXDR). 

Critical Insight’s evolved monitoring platform provides Critical Insight’s expert security analysts the industry’s most extensive level of customer visibility and detection capabilities. The enhancements include key features and capabilities for customers who wish to interact directly with the Open XDR platform. Integrated with the full toolset of Critical Insight’s Security Operations Center (SOC), the 24/7/365 MXDR service will help customers rapidly identify, respond to, and recover from cyber-attacks. MXDR customers can additionally map the progress of their overall security journey with a fully integrated overlay of cyber risk reporting metrics within a variety of standards and regulatory frameworks.

The evolution of Critical Insight’s platform comes at a crucial time when threat actors are altering and improving their tactics. Critical organizations need three things: best-of-breed tools, subject-matter experts who know how to get the most out of them, and a way to measure success. Critical Insight now provides all three within a single subscription program. 

The new Critical Insight cybersecurity-as-a-service platform is superior to EDR-centric MDR solutions because it provides wider, more comprehensive threat coverage and helps future-proof customers as attacker techniques and technology change. 

For one price, Critical Insight clients will get experienced and customer-centric SOC Analysts and InfoSec Consultants leveraging Stellar Cyber’s Open-XDR and CyberSaint’s CyberStrong Platform. The result is: 

  • Deeper Expertise: Skills and Knowledge of Critical Insight
    • Extensive experience in critical infrastructure environments
    • Exclusive talent pool, developed in collaboration with leading universities and public sector institutions
    • Proven onboarding process gets you operational in 30-days
  • Deeper Reach: Spot More Threats Sooner
    • Open XDR platform with a broad range of integrations
    • Unmatched support for IoT and OT systems 
    • Built-in user and entity behavioral analytics (UEBA) 
    • Native network detection and response including AI-powered correlation
  • Deeper Partnership: Shared Visibility and Security Control
    • Uses your existing tech-stack
    • Ability to search and analyze your data whenever you want
    • Comprehensive, proactive compliance and risk assessments displayed in the CyberStrong platform – over 60 standards to measure against
    • Real-time view into all SOC activity
    • On-demand access to your data
    • Tightly integrated Security-as-a-Service delivery model