The week ending April 29
Topping this week’s Came to Win list, Amazon Web Services came out on top in the competition for a major government cloud contract.
Also on this week’s list are semiconductor and application security technology developer Synopsys for strategic acquisition; cybersecurity technology developer Wiz for discovering a potentially serious vulnerability in a Microsoft Azure cloud database; Source Defense for a successful funding round; and Fortinet, Masergy and Ingram Micro for a unique three-party partnership to develop and deliver secure SD-WAN service.
AWS trumps Microsoft for $10 billion NSA cloud deal
Amazon Web Services this week once again won a National Security Agency cloud computing contract worth up to $10 billion.
“Again” because AWS won the contract, named WildandStormy, in July 2021. But cloud rival Microsoft, whose cloud business Azure had competed for the contract, challenged the award by filing an administrative protest with US Government Accountability. Office.
This week, the NSA confirmed its decision to award the cloud contract to AWS, a significant win for the company.
The news comes amid years of wrangling between AWS and Microsoft over another Department of Defense cloud computing contract, the $10 billion Joint Venture Defense Infrastructure Project. This contract was originally awarded to Microsoft in 2019, but became mired in litigation and challenges from AWS before being rescinded. AWS and Microsoft are now expected to spar over a new mega-billion dollar cloud contract called Joint Warfighter Cloud Capability.
Synopsys buys SaaS security provider WhiteHat for $330 million
Synopsys decided this week to bolster its application security capabilities with an agreement to acquire WhiteHat Security, the benchmark in software-as-a-service security, for $330 million.
Synopsys provides semiconductor electronic design automation software and services, including application security test technology. With the acquisition of WhiteHat, Synopsys seeks to leverage that company’s SaaS-based dynamic application security testing technology within its security technology portfolio.
Synopsys acquired Tinfoil Security, another application security technology developer, in 2020 to better integrate dynamic application security testing into software development and DevOps workflows.
Fortinet and Masergy Launch Co-Developed Turnkey SD-WAN Solution
Security technology developer Fortinet and SD-WAN vendor Masergy grabbed everyone’s attention this week with the launch of a jointly managed SD-WAN offering to be distributed by Ingram Micro.
The new packaged offering gives resellers and MSPs the ability to sell fully managed SD-WAN services and provide Tier 1 and Tier 2 customer support, even if they lack service operations and SD-certifications. WAN and have limited technical resources.
Fortinet, Masergy and Ingram Micro each bring specific strengths to the collaborative effort, which combines networking, security and managed services. The effort is indicative of how the network and security spaces are converging.
The packaged offering integrates Fortinet Secure SD-WAN solutions, including next-generation firewall, advanced routing, and Zero Trust Network Access proxy features. Comcast-owned Masergy brings its Guardian portfolio, including network management and security services, which entrusts Masergy with managing or co-managing SD-WAN services. Ingram Micro will handle distribution of the new offering.
Wiz detects a vulnerability in the Microsoft Azure database that allowed access to sensitive data
Cloud security provider Wiz is winning accolades this week for its discovery earlier this year of potentially serious vulnerabilities it discovered in the popular Azure Database for PostgreSQL Flexible Server.
Wiz, based in Tel Aviv, Israel, said the security flaws allowed Wiz researchers to effectively bypass tenant isolation and allow unauthorized cross-account read access to others’ cloud databases. clients.
Wiz disclosed the vulnerability on Tuesday. At the same time, Microsoft said the vulnerability has been patched and no customer data has been accessed using the vulnerability.
Shir Tamari, head of research at Wiz, told CRN that the vulnerabilities violate the “fundamental premises” of cloud databases.
Wiz researchers found they could effectively “take control” of their own cloud database on Azure and its codes, which most cloud providers, including Microsoft, prohibit due to stability concerns. from the database. Once they took effective control of coding their own cloud database, Wiz researchers were able to use their account as a base to access other customers’ sensitive data, Tamari said.
Source Defense Raises $27M, Aims to Strengthen Channel Relationships
Source Defense raised $27 million in Series B funding this week, new funding the company plans to apply to expand its sales, marketing and distribution efforts, as well as continue to invest in research and development. product development.
Source Defense develops a cybersecurity system that provides threat visibility, control, and client-side attack prevention, helping organizations address cybersecurity risks from third-party supply chains. The company is based in Rosh Ha’ayin, Israel, with US headquarters in New Haven, Connecticut.
As part of its sales and marketing expansion plans, Source Defense is looking to expand its relationships with regional channel players and local resellers. CEO Dan Dinnar told CRN that “a very high percentage” of the company’s business is already driven by the channel and that he intends to continue that momentum.