The Technology of the Year Awards is InfoWorld’s annual flagship article — a showcase for the best enterprise tech as determined by our expert contributors and staffers. I asked InfoWorld Executive Editor Doug Dineley, who has overseen the awards for many years, what was different about this year’s batch. He had a succinct response: a surge in new security solutions.
No wonder. As Fahmida Rashid reported last week in “Why 2017 will be the worst year ever for security,” successful attacks continue to increase at an alarming rate — more ominous, many breaches go unreported. The costs of those attacks, some due to stealthy advanced persistent threats (APTs) initiated years ago, may never fully be known.
The eight winning security solutions intended to help enterprises fight back fall into several categories. Let’s start with the two open source winners that target developers: HashiCorp Vault and SourceClear. As Dan Kaminsky of White Ops told Fahmida in an interview last year, devs need better tools and environments to be effective in implementing security. Vault and SourceClear attack this problem from different angles: Vault by enabling devs to access sensitive data securely, SourceClear by scanning libraries and frameworks for vulnerabilities.
Next up are two open source solutions for detecting badness: OSquery for endpoint inspection and Apache Spot, the latter a big data analytics project that uses machine learning to identify malicious network traffic. In real time, OSquery logs all endpoint processes and events in a database, which you query using a SQL-like language; like the commercial product Tanium, OSquery puts all that metadata within easy reach so you can determine what’s going on as soon as an attack breaks out. Spot gives admins a way to process the enormous quantities of data associated with network flow, with machine learning algorithms to sort the normal traffic from anomalies that might represent an attack.
The sole cloud-specific security winner was AWS Shield, which enables AWS customers to mitigate DDoS attacks quickly and easily. Last year saw a big increase in the size and frequency of such attacks, culminating in the DDoS attack against DNS provider Dyn that brought a portion of the internet to its knees. As Fahimida noted in her writeup, AWS may be the first to offer a DDoS solution like this, but we can expect the other major clouds to follow suit soon.
Another hot issue has been the shift from SHA-1 to SHA-2 digital certificates — the deadline for which was, oops, Jan. 1 of this year. Website encryption by default has become the new mantra, so in 2016 the Let’s Encrypt certificate authority arrived to issue SHA-2 certificates free to anyone who owns a domain name. According to InfoWorld Contributing Editor James Borck, one of the best features of Let’s Encrypt is its automated request and renewal facility, made possible by a client offered by the Electronic Frontier Foundation.
Searching for a more personal security resolution for the new year? Here’s one: Time to start using password manager. Contributing Editor Jonathan Freeman thinks Dashlane is the best — mainly because it delivers a great user experience.
My personal favorite of these eight products, however, is MazeRunner. It takes a sort of honeypot approach to security defense, strewing “breadcrumbs” (fake credentials, for example) to lead attackers to decoy systems that, once accessed, stamp bad guys with unique identifiers that prevent them from moving across the network and accessing other systems.
In a world where attacks only seem to get stealthier, more frequent, and more potent, innovative weapons like these are what we need.