PacStar, a leading developer and supplier of advanced communications solutions for the U.S. Department of Defense (DoD), announced an NSA CSfC registered, integrated, commercial off the shelf (COTS), small form factor, tactical wireless gateway based on PacStar technologies.

PacStar and Oceus Networks teamed to provide the solution enabling wireless dissemination through both Wi-Fi and LTE of classified data, up to Top Secret – including operational data such as targeting information, full motion video, position/location information, and common tactical picture.

Today’s warfighters require new levels of mobility and access to information in order to ensure mission success in an increasing information-enabled battlespace. By enabling mobile technologies such as Wi-Fi and LTE, warfighters gain the benefits of modern mobile devices with command post set up and tear down times reduced by hours.

Tactical communications teams save the time and expense of transporting and installing thousands of feet of cabling for every move, and soldiers can operate untethered from their workstations for improved collaboration. Most importantly, by going wireless, this capability reduces network setup time, speeding tactical decision making.

PacStar SMART Gateway is based on PacStar Secure Wireless Command Post (SWCP), which comprises small form factor, modular, rugged networking equipment and servers running best-in-class network infrastructure technology configured to meet CSfC requirements.

The PacStar modules inside the solution save up to 10 times the size and weight, and up to 18 times the power of comparable datacenter class equipment – while meeting MIL-STD environmental requirements.

PacStar’s IQ-Core Crypto Manager manages the provisioning of the CSfC network nodes while Oceus Networks’ SMP VPN manager manages the end user experience by providing seamless roaming between security enclaves.

The combined solution provides the end user/warfighter access to the applications and data they need without the complexity of multiple end user device interactions to gain access.

In 2007, David Snowden and Mary Boone published an article in Harvard Business Review called “A Leader's Framework for Decision Making.” In it, they describe a way of looking at different classes of problems, and how the methods used to solve those problems will be different depending upon in which context you are operating. They called this framework “Cynefin,” which is a Welsh word that describes the often-unforeseen factors that influence our decisions.

When learning about this framework, I could not help but think of their descriptions in the context of many problems that I’ve had to solve over the course of my career in Production Operations and Engineering. The authors even describe Cynefin in a context that will look very familiar to those who have been in this same role:

“Leaders who understand that the world is often irrational and unpredictable will find the Cynefin framework particularly useful.”

–David Snowden and Mary Boone, "A Leader's Framework for Decision Making" (Harvard Business Review, 2007)

Irrational and unpredictable? How many production outages have I been involved with that appeared irrational and unpredictable? Most of them! I began to think about how Cynefin could be applied in a DevOps context.

What is Cynefin?

cynefin frameworkIDG

The Cynefin framework.

33cae3715b Security | News

Once upon a time, only big organizations worried about Advanced Persistent Threats. But it soon became obvious that every organization could find itself under fire, regardless of size or industry, and whether as direct targets or collateral damage. Most security decision makers in these organizations are aware of the importance of protecting against APTs. Yet they find it challenging to map potential APT attack vectors, which is integral in selecting the right security solutions for the organization.

In the effort to fill this knowledge gap, Cynet has released the definitive RFP templates for EDR/EPP and APT protection. These RFPs clearly lay out the requirements for securing potential APT vectors, allowing security decision makers to quickly and accurately evaluate the products they are considering.

33cae3715b Security | News

These templates will provide organizations with a widest-common-denominator approach to meeting the security needs and save on time and resources that would usually be spent in creating and assessing such a requirement list from scratch.

One of the big challenges in securing against APT attacks is, as the name implies, these attacks are persistent, attacking multiple vectors until successful compromise is achieved. In order to secure against these attacks, a certain level of knowledge is required regarding attack surfaces and vectors commonly used by hackers to achieve their goals.

“Think of a ninja warrior,” explains Eyal Gruner, co-founder of Cynet. “He uses every weapon at his disposal to get to the vulnerable point, well, it’s the same with a hacker – they use every tool at hand attacking endpoints, VPN credentials, networking misconfigurations, insecure DMZ architecture – anything and everything – until they get in. Together with this, there are common attack vectors, where attackers know it will be easier to get in, and using this common knowledge, we can create an attack vector map and plan for better security.

The U.S. has sued whistleblower Edward Snowden over his new memoir, alleging he published the book in violation of non-disclosure agreements signed with both the CIA and NSA.

Edward Snowden, a former employee of the Central Intelligence Agency and contractor for the National Security Agency (NSA), is best known for a 2013 incident where he leaked thousands of classified documents about top-secret surveillance programs to journalists that shed light on U.S. spying efforts. However, the lawsuit is separate from the criminal charges brought against Snowden for his alleged disclosures of classified information.

The lawsuit instead revolves around Snowden’s book entitled “Permanent Record,” published Tuesday, which outlines Snowden’s life and his story behind the 2013 leak. The U.S. alleges that Snowden published his book without submitting it to the CIA and NSA for pre-publication review, in violation of “express obligations under the agreements he had signed.”

“Edward Snowden has violated an obligation he undertook to the United States when he signed agreements as part of his employment by the CIA and as an NSA contractor,” said Assistant Attorney General Jody Hunt of the Department of Justice’s Civil Division, in a Tuesday statement. “The United States’ ability to protect sensitive national security information depends on employees’ and contractors’ compliance with their non-disclosure agreements, including their pre-publication review obligations.”

The lawsuit ultimately aims to seize any proceeds from Snowden’s memoir, naming the publishers of the book (MacMillan Publishers, Henry Holt and Co. and Holtzbrink Publishers) as defendants and ordering them to freeze any assets related to the book. Additionally, the lawsuit alleges that Snowden has given public speeches on intelligence-related matters, also in violation of his non-disclosure agreements.

“This lawsuit demonstrates that the Department of Justice does not tolerate these breaches of the public’s trust,” Hunt said. “We will not permit individuals to enrich themselves, at the expense of the United States, without complying with their pre-publication review obligations.

SAN FRANCISCO—If Oracle didn't have use of the terms “fastest ever,” “autonomous,” “acceleration” and “flexible,” co-founder and Chief Technical Officer Larry Ellison wouldn't be able to describe anything his company creates.

As each generation of databases, connective middleware, business-critical applications and new cloud services takes its turn at bat and then either gets a hit or strikes out and heads for the dugout, the venerable company nonetheless keeps populating its annual Oracle OpenWorld conference with plenty of news to discuss. This year is no exception.

Go here to see eWEEK’s listing of the Top Cloud Computing Companies.

Go here to see eWEEK’s listing for Top Linux Server Vendors.

The Redwood Shores, Calif.-based database and business software maker is still in the early stages of imploring its many institutional customers to move as much of their Oracle systems as they can to the cloud—even though many of them have invested multiple millions of dollars into Oracle database and server hardware over lots of years. There is still a lot of convincing to do in order for Oracle to reach its goals, but the word on the street is that progress is being made.

On Sept. 16, the company introduced something called Autonomous Linux, additions to its already impressive partner ecosystem and cloud region accessibility, more options for tighter security, improvements to virtual infrastructure and numerous ways to infuse intelligence into systems to make them easier to use and more reliable in processes.

Here are the key new-product offerings announced on Day 1 of OOW 2019.

Autonomous Linux

Oracle launched Autonomous Linux, which combines a cloud optimized virtual machine image, with a native cloud service called Oracle OS Management Service (OSMS) to help ensure higher reliability, security, and more operational efficiency at the lowest cost.