Latest news with #KristaCase
Business Wire
7 days ago
- Business
- Business Wire
Bedrock Data MCP Server Now Generally Available for Governing Agentic Workflows
MENLO PARK, Calif. & LAS VEGAS--(BUSINESS WIRE)-- Bedrock Data (formerly Bedrock Security), the platform provider for data-centric security, governance and management, today announced the general availability (GA) of its Model Context Protocol (MCP) Server. The MCP server is an essential component in protecting agentic AI systems and harnessing agentic AI for enhanced security operations. It provides two key capabilities for enterprises: it enables agentic AI systems to self-govern by drawing on Bedrock's Metadata Lake to provide data context for autonomous decision-making and governance; it also allows security teams to leverage AI-driven metadata intelligence for more precise, faster incident response through alert prioritization and context-aware threat detection. As part of Bedrock's growing strategic partnership ecosystem, the company also announced an integration with Panther, the security monitoring platform for the cloud, demonstrating how the MCP Server's capabilities can enrich real-time signals with data risk context to improve fidelity and prioritization of alerts, reduce false positives, and improve the security operations centers' (SOC) response to incidents. 'The MCP Server, built on Bedrock's Metadata Lake, gives enterprises a way to govern how AI agents and operators access data – enabling safe, controlled deployment of agents across their environments,' said Pranava Adduri, CTO and co-founder of Bedrock Data. The Enterprise Standard for AI Agent Governance The GA of the Bedrock Data MCP Server enables agentic workflows to incorporate data context from Bedrock's Metadata Lake, including classifications, lineage, entitlements, business taxonomy and more, providing agents with governance context needed to handle sensitive data correctly. It allows self-governing policy enforcement and governance controls throughout the agent lifecycle, from initial authorization through ongoing execution, to automatically adapt to evolving data classifications, location changes and policy updates. For example, if an organization prohibits agents from using customer data, by introducing context from the Metadata Lake on the data being handled, agents can now be aware of sensitive data and refuse to process it according to company policy. This approach delivers more efficient agentic infrastructure by eliminating the need for additional governance agents. 'MCP servers are rapidly gaining popularity for enabling communication between generative AI applications and the data they utilize. The integrity and availability of the models these MCP servers support rely on proper classification and governance of sensitive data,' said Krista Case, research director of cybersecurity at The Futurum Group. 'Additionally, the ability to harness metadata for context-aware alert prioritization and threat intelligence will be needed in order to thwart data breaches. Bedrock Data's new MCP Server offering represents an operational solution squarely addressing this emerging and increasingly critical requirement.' Bedrock Data and Panther Collaboration Transforms Security Response With Context-Aware AI With the Bedrock MCP Server, enterprises can integrate into other MCP clients to integrate data risk context into their workflows such as Splunk (SIEM), Vanta (compliance), Wiz (CNAPP) and Okta (identity), enhancing the security and governance of their entire AI ecosystem. The integration with Panther is the newest addition to Bedrock's growing security and data partner ecosystem. 'Through our partnership with Panther, we're demonstrating how AI-powered security tools can dramatically improve response times and alert prioritization while maintaining proper governance controls and data context,' continued Adduri. 'It puts data, the crown-jewel of digital enterprise, at the center of the security process.' Powered by their respective MCP Servers, the Bedrock and Panther integration improves SOC team effectiveness by enabling AI tools used in triage to leverage contextual alert prioritization and reduce false positives. Each Panther alert is enriched with Bedrock's data context, including sensitivity classifications, storage locations, identity risk profiles and regulatory mappings, helping security teams respond with greater precision and speed. The partnership delivers key capabilities beyond traditional webhook integrations, including: AI-driven investigation agents: Security teams can leverage Claude, Rewind and other AI assistants to enable enriched security context without leaving their interface, dramatically reducing mean time to investigate (MTTI). They can ask questions like 'Does this alert involve regulated PII?' or 'Does this identity have access to production customer data?' directly within their AI interface. Data-aware alert correlation: Bedrock enriches Panther alerts with real-time sensitivity, access and usage context, allowing correlation rules to factor in actual data risk, not just event volume or signature matches. Improved signal-to-noise: Alerts are prioritized based on what matters most: whether sensitive or regulated data was involved, and whether high-risk identities accessed it. This reduces false positives and surfaces the alerts that deserve immediate attention. Faster root cause analysis: Analysts can quickly determine what data was at risk, how it moved and who accessed it, without pivoting between systems. This accelerates investigations and shortens containment time. AI-enabled investigation workflows: Through Bedrock's Copilot and metadata API, analysts and AI assistants can ask structured questions like 'Did this identity access PHI this week?' directly within their workflow, improving investigation quality and speed. 'The collaboration with Bedrock represents a fundamental shift in detection and response,' said Jack Naglieri, founder and CTO of Panther. 'By utilizing AI agents to reach into Panther's analysis capabilities and Bedrock's data context, security teams can make informed decisions in half the time. A natural language interface also opens these strong capabilities to everyone in the security team. When every alert comes with built-in understanding of data sensitivity, regulatory impact and blast radius, analysts can make confident decisions in seconds rather than hours.' Examples of how customers can implement the Bedrock-Panther integration to improve their security operations include: RDS without KMS: Panther flags an unencrypted RDS instance and Bedrock identifies it as holding production customer PII. This prioritizes a sensitive RDS instance for remediation over others, such as test/QA instances that don't hold sensitive data. IAM user without MFA: Panther detects privilege escalation and Bedrock shows the user has broad privileges to access regulated HR data. It's not just a misconfiguration; it's a data exposure risk. Suspicious privilege escalation: Panther flags an unexpected change in access rights. Bedrock adds visibility into what data the account accessed after the change, including whether any of it was sensitive. What used to be a vague alert becomes a focused, actionable response based on real data exposure. Availability The MCP Server is available on GitHub or as a self-hosted offering. Learn how your team can get started with the MCP Server and the Bedrock-Panther integration today. Additional Resources About Bedrock Data Bedrock Data equips enterprises to secure and manage all of their data with confidence. Powered by patented Metadata Lake technology and AI-driven classification, the Bedrock platform provides continuous visibility into data location, sensitivity, business context, access and usage across SaaS, PaaS, IaaS and agentic AI workflows. By autonomously discovering, classifying and contextualizing all enterprise data, Bedrock Data empowers security, governance and data teams to tackle security, roll out AI technologies with confidence and manage their data at multi-petabyte scale and minimal infrastructure cost. Bedrock Data's open, API-first architecture, built on its Metadata Lake, powers its built-in MCP Server to deliver real-time metadata context to agentic AI workflows, driving accurate, governed AI decisions. This metadata context also enriches tools like SIEM, DLP, CNAPP and cloud platforms to amplify visibility, risk insights and response precision across the enterprise. Trusted by leading enterprises worldwide in financial services, healthcare, biotech and other industries, Bedrock Data is headquartered in Silicon Valley, backed by Greylock Partners, and led by experts in cloud infrastructure, generative AI, cybersecurity and large-scale data management. Learn more at About Panther Panther is the security monitoring platform for the cloud. Unlike 'next-gen' SIEMs that rely on historical detections, rigid query languages, and closed ecosystems, Panther enables flexible monitoring in production environments with streaming data analysis, programmable workflows, and seamless cloud integration – empowering teams to optimize costs and control, accelerate incident response, and achieve cross-system visibility at scale.
TECHx
14-05-2025
- Business
- TECHx
NetApp Enhances Data Security with New Features
Home » Emerging technologies » Cyber Security » NetApp Enhances Data Security with New Features NetApp® (NASDAQ: NTAP), the intelligent data infrastructure company, has announced new data security capabilities designed to help organizations improve their cyber resiliency. The company stated that these updates allow security teams to take a proactive approach to data protection at the storage layer. According to NetApp, the latest security enhancements make its storage platform one of the most secure options available today. The announcement comes at a time when businesses are facing advanced cyber threats driven by the rapid growth of AI and the approaching era of quantum computing. The company emphasized that malicious actors are now using AI to automate cyberattacks. In response, enterprises must adopt machine learning and other intelligent solutions for automated threat detection. NetApp warned that with quantum computing becoming more viable, businesses must prepare for future risks by securing data that could be exposed to quantum-powered decryption. NetApp has long been recognized for its secure-by-design infrastructure. It claims to offer 99.9999% availability, giving customers uninterrupted access to their data. Building on this reputation, the company introduced several new capabilities to reinforce cyber resilience: Post-Quantum Cryptography : Now integrated into NetApp's storage portfolio, offering quantum-safe protection for file and block workloads using NIST-standard encryption algorithms. : Now integrated into NetApp's storage portfolio, offering quantum-safe protection for file and block workloads using NIST-standard encryption algorithms. BlueXP Ransomware Protection Update : Includes role-based access controls specific to ransomware defense and expanded support for cloud workloads. : Includes role-based access controls specific to ransomware defense and expanded support for cloud workloads. Backup and Recovery Enhancements: A redesigned interface enables easier adoption of 3-2-1 data protection strategies for workloads including Microsoft SQL Server, VMware, and Kubernetes. NetApp also announced expanded professional services to support security assessments and system hardening. These services aim to help customers fully utilize the built-in security features of their NetApp solutions. Suhail Hasanain, Regional Senior Director for Middle East and Africa at NetApp, said that in today's evolving threat environment, data security is a business priority. He noted that NetApp's architecture includes ransomware defense, intelligent threat detection, and encryption ready for the quantum age. Krista Case, Research Director at The Futurum Group, reported that around 80% of cybersecurity decision-makers had experienced a major security incident in the past year. She said that NetApp's new cyber resiliency tools address such challenges by offering advanced features like granular access controls and quantum-safe encryption. These updates are part of the company's BlueXP platform, which includes data classification, backup, ransomware protection, disaster recovery, and integration with SIEM tools. The Autonomous Ransomware Protection (ARP/AI) feature, which uses AI to detect ransomware at the storage layer, will be expanded later this year to include block workloads. NetApp will showcase these capabilities at RSA Conference 2025 from April 28 to May 1 at the Moscone Center in San Francisco, at booth #259. The company noted that all forward-looking statements are subject to change. It also added that no ransomware defense is entirely foolproof, but NetApp technologies provide an important additional layer of protection.
Techday NZ
24-04-2025
- Business
- Techday NZ
Veeam launches SaaS backup for Microsoft Entra ID in Data Cloud
Veeam Software has introduced a Software-as-a-Service (SaaS) backup solution for Microsoft Entra ID designed to strengthen data protection for organisations using the identity management platform. Microsoft Entra ID, previously known as Azure AD, is currently subject to more than 600 million attacks daily, highlighting the importance of digital identity security. The new Veeam Data Cloud for Microsoft Entra ID aims to simplify data resilience measures for Entra ID tenants and ensure continued access to critical identity and access management assets. This update represents the latest expansion of Veeam Data Cloud, combining cloud-native technologies and artificial intelligence acceleration to manage and secure data both on-premises and in cloud environments. Veeam states this approach is aimed at improving business continuity and operational efficiency while addressing the complexities of identity management backup. Niraj Tolia, Chief Technology Officer at Veeam, commented: "Security starts with managing your users and ensuring the right people have access to the right systems. That's why protecting Entra ID is so important, and why it's the latest addition to our Veeam Data Cloud platform. We are giving customers greater simplicity with an enterprise-ready, pre-hardened, and self-configured SaaS solution that removes the burden of managing and maintaining complex backup infrastructure." The SaaS offering is designed not only as a defence against cybercrime but also to support compliance requirements, overcome recycle bin limitations, reduce the impact of accidental deletions and address policy misconfigurations. The backup and restoration capabilities extend to Entra ID users, groups, application registrations, logs and related metadata, bringing together these functions in an all-in-one cloud-based service with unlimited storage and a consolidated user interface. Among the primary features detailed by Veeam are enhanced visibility and control over changes within Entra ID to reinforce business continuity, security and regulatory compliance; quick recovery of users, groups, attributes and other objects; and a managed backup service that includes maintenance, updates and security patches overseen by expert teams. Krista Case, Research Director at The Futurum Group, said: "Protecting Microsoft Entra ID has never been more important. In fact, one in five respondents in Futurum's Cybersecurity Decision Maker IQ research indicated credential compromise/account takeover as a security incident most impacting their organisation. Veeam is making resiliency for these environments, including visibility into potentially malicious behaviour and automated backup jobs, accessible to a broader range of customers by delivering it in a managed and hosted model with the addition of Entra ID protection to Veeam Data Cloud." Current Veeam Data Cloud customers already using Microsoft 365 protection can now bundle Entra ID coverage with their existing Microsoft 365 Flex and Premium packages, continuing Veeam's pay-per-user approach. This enables businesses to consolidate identity management backup alongside productivity workload protection under a single subscription structure. The unified interface of the Veeam Data Cloud platform allows customers to manage all of their protected workloads together, extending platform features such as advanced security controls, role-based access, streamlined reporting, and operational simplicity to Entra ID users. Maintenance and updates are managed by Veeam, further reducing the overhead for internal IT teams.
Techday NZ
23-04-2025
- Business
- Techday NZ
Veeam unveils cloud solution to protect Microsoft Entra ID
Veeam has launched Veeam Data Cloud for Microsoft Entra ID as a new Software-as-a-Service (SaaS) solution to support organisations' identity management needs. According to Veeam, Microsoft Entra ID, previously known as Azure AD, encounters over 600 million attacks daily, making identity protection a key area for enterprises. The new offering is intended to simplify data resilience for Entra ID tenants, enabling organisations to protect assets tied to user identity and access. Veeam Data Cloud for Microsoft Entra ID follows the recent expansion of the broader Veeam Data Cloud platform, which delivers backup, security, and management for data in both on-premises and cloud environments through a unified system. The solution integrates cloud-native technologies and AI acceleration, aiming to enhance business continuity and operational efficiency while simplifying administrative tasks. Niraj Tolia, Chief Technology Officer at Veeam, commented, "Security starts with managing your users and ensuring the right people have access to the right systems. That's why protecting Entra ID is so important, and why it's the latest addition to our Veeam Data Cloud platform. We are giving customers greater simplicity with an enterprise-ready, pre-hardened, and self-configured SaaS solution that removes the burden of managing and maintaining complex backup infrastructure." The service aims to address a range of threats and administrative issues, including cybersecurity attacks, compliance requirements, accidental deletions, limitations on the recycle bin, and policy misconfigurations. Veeam Data Cloud for Microsoft Entra ID offers backup and restore capabilities for users, groups, application registrations, and other Entra ID objects. The company highlights the use of unlimited storage and a centralised user interface to streamline protection and recovery processes. The main features of Veeam Data Cloud for Microsoft Entra ID include Proactive Protection, which increases visibility and control over changes to Entra ID, supporting business continuity, security, and compliance. Effortless Recovery facilitates the restoration of users, groups, attributes, application registrations, logs, and related metadata. Comprehensive Inclusion offers a managed backup service handled by experts, taking care of updates, maintenance, and security patches. Research indicates the critical importance of securing identity services. Krista Case, Research Director at The Futurum Group, said, "Protecting Microsoft Entra ID has never been more important. In fact, one in five respondents in Futurum's Cybersecurity Decision Maker IQ research indicated credential compromise/account takeover as a security incident most impacting their organisation. Veeam is making resiliency for these environments, including visibility into potentially malicious behaviour and automated backup jobs, accessible to a broader range of customers by delivering it in a managed and hosted model with the addition of Entra ID protection to Veeam Data Cloud." Veeam Data Cloud already covers protection for Microsoft 365 workloads. With the inclusion of Entra ID, customers can now bundle the new service with existing Veeam Data Cloud options for Microsoft 365 Flex and Premium, enabling ongoing user-based pricing models. This integration is designed to support consistency and flexibility for customers managing multiple Microsoft cloud workloads. Customers are able to manage all their workloads, including those tied to Entra ID, across a single user interface. According to Veeam, features such as advanced security controls, role-based access management, and simplified reporting are also extended to encompass the new service. The SaaS nature of Veeam Data Cloud for Microsoft Entra ID relieves customers of the need to conduct updates or security fixes themselves, as these responsibilities are handled by Veeam's managed service. Veeam Data Cloud for Microsoft Entra ID is now available for organisations seeking additional measures to safeguard identity management within their cloud operations.
