Latest news with #SolarWinds'
TECHx
05-05-2025
- Business
- TECHx
Interview with Abdul Rehman Tariq Butt at SolarWinds
Home » Interview Of The Week » Everyone's Talking About AI. But Is Anyone Getting It Right? Abdul Rehman Tariq Butt, Regional Director – Middle East at SolarWinds, shares insights in this exclusive interview on the company's strategic direction in the region, innovations showcased at GISEC, and how SolarWinds is helping organizations tackle modern cybersecurity challenges with intelligence and agility. How does SolarWinds' participation at GISEC align with its broader strategic goals in the Middle East? As a leading cybersecurity focused exhibition, participating in GISEC enables us to showcase solutions that are helping redefine the digital landscape in UAE and beyond. It is also the ideal platform for us to engage with IT professionals from organizations of all industries and sizes that are looking for solutions to help manage their IT environments faster, address today's security challenges, and maximise the overall value IT provides to the business. Can you share any new product introductions, collaborations, or key announcements SolarWinds is unveiling at GISEC? Our portfolio is constantly evolving, and GISEC provides a great platform to highlight the latest innovations. Since our last appearance, we've made significant strides. We've expanded support to include a wider range of devices—especially SD-WAN nodes—to help customers accelerate their network modernisation efforts. We've also enhanced our multi-cloud capabilities with out-of-the-box support for Google Cloud Platform, alongside AWS and Azure. Most recently, in March, we strengthened our offering further with the acquisition of a solution focused on incident response and business continuity. What specific challenges do enterprise IT environments face today, and how is SolarWinds equipped to address them? AI is augmenting attacks that already plague organisanisations, making these more sophisticated and impactful. At SolarWinds, we're constantly horizon scanning, and enhancing our portfolio to address the greatest challenges and opportunities enterprises face. Most recently, we made a significant acquisition specifically in the incident response space by acquiring Squadcast and its incident response technology. This allows us to provide customers with intelligent incident response capabilities that significantly reduce mean time to resolution (MTTR). With Squadcast, organizations have achieved up to a 68% reduction in MTTR, saving thousands of work hours and nearly half a million dollars in costs. In what ways is SolarWinds partnering with GCC governments and enterprises to strengthen cyber resilience? The pace of digital transformation across the Middle East is accelerating—and we're proud to be right at the heart of it. What we're seeing on the ground is that hybrid cloud has firmly established itself as the model of choice. Organisations are increasingly seeking the flexibility to run workloads either on-premises or in the cloud, depending on their operational, regulatory, or performance needs. Security, control, and agility remain top priorities. With our SolarWinds Observability platform, we give customers the freedom to operate across hybrid and multi-cloud environments—without compromising visibility. That kind of end-to-end insight is critical. Without it, organisations risk overlooking issues that can lead to performance bottlenecks, user dissatisfaction, or even downtime. Another trend we're watching closely is the rush toward AI adoption. While there's immense potential, one of the biggest challenges we see is that many organisations are still grappling with how to apply AI meaningfully. Too often, AI is positioned as a checkbox feature—something added on, rather than integrated with purpose. A vendor might say, 'We offer AI,' but the real question is: how does that translate into business value? At SolarWinds, we take a different approach. Our observability platform is built with AI by design—meaning our AIOps capabilities are embedded from the ground up, not bolted on after the fact. Using machine learning and holistic data insights, we help customers detect anomalies, pre-empt issues, and optimise system health across hybrid and cloud-native environments. Ultimately, we're enabling organisations to realise the true value of AI—empowering IT teams to do more with less, respond faster, and drive transformation with confidence. How do you view the current evolution of the cybersecurity threat landscape across the MEA region? We're seeing an uptick in the use of deepfakes and increasingly complex, multi-pronged attacks. While these tactics aren't entirely new, what's changed is the level of sophistication. Today's attackers are better resourced, continuously evolving, and leveraging AI-powered tools to refine their methods and maximise impact. It's a dynamic threat landscape that demands equally intelligent defence strategies.
Forbes
29-04-2025
- Business
- Forbes
SBOMs (as well as HBOMs and CBOMs) as Cybersecurity Facilitators
Cyber security, information privacy and data protection concept on server room background. Software Bills of Materials (SBOMs) are crucial cybersecurity tools because they assist companies in locating, evaluating, and reducing software risks. They allow software updates and vulnerabilities to be tracked over the course of a product's lifecycle. Modern software is created using code fragments and methods from various sources, including open source and commercial solutions. The software components and dependencies of an application are detailed in a tool known as a Software Bill of Materials (SBOM) (NTIA, 2021). An SBOM is essential for managing and understanding the complexities of contemporary software supply chains and can be compared to an ingredient list on a food product label. A software package and its contents are uniquely identified by an SBOM, which is formal, machine-readable metadata that may also contain information on the software package's contents, such as copyrights and license information. The increasing complexity of modern software and its vulnerability to programming errors and hacks give rise to serious security dangers and compatibility issues. Additionally, cyberthreats are continually finding ways of evolving, becoming more complicated, and multiplying due to the use of artificial intelligence and the quick acceleration of development velocity. It becomes more difficult to identify and address security vulnerabilities when we are looking not only at our codebase but also at the 70–80% open-source software that we depend on, as well as third-party software components from other vendors. However, a few tools can assist in handling the data protection work. Recent high-profile events highlight the need for SBOMs in cybersecurity. A programming flaw in the CrowdStrike software, for instance, affected more than 8.5 million Windows computers globally, resulting in billions of dollars' worth of losses. The well-known Linux data compression program XZ Utils was found to contain a backdoor as part of a sophisticated state actor attack around the beginning of 2024. 93% of cloud settings were vulnerable to the zero-day Log4Shell vulnerability in 2021. In the SUNBURST assault, which FireEye discovered in December 2020, harmful code was embedded into SolarWinds' Orion software. According to Allan Friedman, CISA Senior Advisor and Strategist. 'A thriving ecosystem for SBOM tools and solutions will be key to shaping a more transparent software-driven world.' He notes that 'Vulnerabilities in software are a key risk in cybersecurity, with known exploits being a primary path for bad actors to inflict a range of harms. By leveraging SBOMs as key elements of software security, we can mitigate the risk to the software supply chain and respond to new risks faster, and more efficiently. The government-wide push to integrate cybersecurity into products supplied to the government and transfer responsibility for cybersecurity from agencies to vendors and integrators is reflected in this emphasis on SBOMs. By February 2025, almost all new software that the Army purchases or develops will need to have an SBOM. In order to obtain assurances regarding supply-chain security, the Army opted for an SBOM approach rather than self-attestations. This is because SBOMs offer essential information regarding the risks that systems may pose to a network and can assist in organizing an organization to minimize those risks as much as possible. 3D illustration of the text zero trust over black background with padlock shapes in relief. Concept ... More of network security. SBOMs play a significant role in cybersecurity and align with 'Zero-Trust' policies in both the private and public sectors. Dmitry Raidman. Chief Technology Officer and Co-founder of Cybeats, states, 'One significant advantage of a verified SBOM is its application in cybersecurity and risk mitigation for the downstream customers, for example, a power distribution plant, hospital, or water treatment facility. Industry studies indicate that the average codebase contains 70-80%, and in some cases over 90% open-source software components, many of which have at least one vulnerability, and some of them are highly exploitable, like Log4j. Therefore, understanding and continuously monitoring code components and their vulnerabilities is essential.' He points out that companies that collect from vendors SBOMs and invest in solutions to process and monitor the vulnerability lifecycle management of their assets will be better prepared to deal with cybersecurity challenges in the future and ensure the safety, security, and resilience of their critical systems and infrastructure. SBOMs can help businesses track vulnerabilities in real time and maintain an accurate software inventory. Continuous security requires ongoing Vulnerability Lifecycle Monitoring. In order to detect and address known vulnerabilities and not just rely on security advisories published by vendors, where it is to the vendor's discretion what vulnerability to disclose, an SBOM can offer transparency into the precise software versions being used and allow complete understanding of the threat landscape. Additionally, it facilitates the management and quantification of commercial software licenses. Organizations can compare SBOM data with databases like NIST NVD and CISA KEV to find and prioritize affected systems when new CVEs are found and also record their findings if the vulnerability doesn't pose a risk in their operations and environment. To help evaluate SBOM component information against different threat signatures and patterns, the National Security Agency (NSA) supports the use of AI/ML engines and related "data lakes." A crucial component of efficient SBOM management is vulnerability tracking and analysis, which entails delivering daily updates from the National Vulnerability Database (NVD) and additional vulnerability data sources. SBOMs are crucial for Incident Response and Threat Intelligence. They help security teams quickly identify compromised components in apps and determine available mitigation options and vendor updates during a cyber incident. A major cause of breaches is vulnerabilities based on the Verizon 2025 DBIR Report. There is a 34% increase in attackers exploiting vulnerabilities to gain initial access and cause security breaches, compared to 2024. The bling spot of awareness and a patching strategy is a significant factor affecting these numbers. Risk-Based Patch Management suggests that not every vulnerability needs immediate fixing. Teams can prioritize threats by combining SBOMs with Vulnerability Threat Intelligence (VTI), particularly if there's a known exploit for mitigating vulnerability. Compliance and regulation concept. Enforcement of laws, regulations, and standards, requirements, ... More internal policies and procedures. Minimize legal and financial risks, protect corporate reputation. GRC, SBOMs assist in ensuring compliance and regulatory readiness throughout the procurement lifecycle and can help to avoid buying non maintained and non-secure product. Organizations are required to demonstrate that they monitor and manage risk throughout their software supply chain lifecycle in accordance with new government regulations regarding safe software development. SBOMs provide documentation for compliance with FDA, NIST, PCI DSS, PCI SSF, EU CRA, RED, ETSI EN 303 645, BSI TR-03183, EO 14028, as well as the upcoming US DoD procurement requirements. A "software bill of materials" (SBOM) has become a crucial component of software security and software supply chain risk management, according to CISA. As businesses rely more on third-party components and complex systems, software supply chain security has become a top responsibility. Vulnerability management must be implemented throughout the software lifecycle, from design to deployment and operations, to handle the entire range of security threats. This all-encompassing strategy, sometimes referred to as "shifting left and even more important shifting right, guarantees that vulnerabilities are consistently recognized, evaluated, and reduced. In 2019, the medical technology sector launched a proof of concept to assess SBOMs' ability to manage operational and cyber risks in medical devices. Device makers (MDM) and healthcare (HDO) providers demonstrated the feasibility of SBOMs by producing, exchanging, and applying data to improve security procedures. In 2025, with a growing digital risk landscape, all industries must utilize SBOMs to help enable better cybersecurity and transparency into software based products they build and the ones they consume. It does not end with software. As teams embed AI models and language pipelines across their products, an Artificial Intelligence Software Bill of Materials (AI SBOM) becomes essential. An AI SBOM lists every model file, training dataset, agent, and external inference service, giving product security teams the same clear inventory they expect from a traditional SBOM, down to the last line of code. Dmitry Raidman explains that an AI SBOM provides 'an X ray view of the intelligent functionality,' allowing teams to know exactly what is running in production, how it was trained, and what they are receiving from vendors or delivering to customers. A Hardware Bill of Materials (HBOM) performs the same role for physical components. It maps every chip, board, sensor, and firmware version so security and procurement teams can detect counterfeit parts and unvetted substitutions before they reach production. A long-planned pager hardware supply chain attack reported in Lebanon underscored why HBOM transparency and validation matter; altered pagers were covertly introduced and later exploited, showing how a single tampered device can become a beachhead for wider compromise when hardware provenance is unclear. A Cryptography Bill of Materials, CBOM, catalogs every algorithm, protocol, library, and certificate in your products, giving security teams a clear map of where cryptography lives. With quantum safe standards such as CRYSTALS Dilithium on the horizon, you must know exactly where RSA 2048-bit or ECC P-256 still protect data so you can schedule timely upgrades to post quantum cryptography. Dmitry Raidman sums it up: 'A CBOM is your migration roadmap. When quantum capable attackers will be on the horizon you cannot replace vulnerable ciphers, you do not even know you have.' SBOMs, HBOMs, and CBOMs will be crucial for risk management in our digital environment in the future. Even though the 'BOM' adoption cycle is still in its early phases, more transparency and accountability about hardware security, software security, and optimization will benefit both the public and private sectors.
TECHx
03-04-2025
- Business
- TECHx
SolarWinds Unveils AI-Powered Upgrades for IT Resilience
SolarWinds (NYSE: SWI), an IT management firm, has introduced AI-driven enhancements to help businesses strengthen IT resilience. The latest updates improve observability, automate incident response, and accelerate issue resolution, making it easier for IT teams to manage complex hybrid environments. As companies embrace digital transformation and AI, IT teams face growing challenges like alert overload, data silos, and slow resolution times. Disruptions can impact revenue, customer trust, and brand reputation. SolarWinds' latest solutions address these issues by using AI to correlate alerts, speed up decision-making, and minimize downtime. Among the key upgrades, Squadcast Incident Response now integrates AI-powered alert isolation, on-call management, and multi-source alert correlation, reducing response times. SolarWinds Observability expands visibility across AWS, Azure, and GCP while adding AI-driven Log Insights and Root Cause Assist to detect and resolve issues faster. Meanwhile, SolarWinds Database Observability introduces AI Query Assist to optimize database performance, and SolarWinds Service Desk now automates runbook creation and enhances data compliance. 'Adapting to change is key to IT resilience,' said Sudhakar Ramakrishna, CEO of SolarWinds. 'We are committed to providing solutions that help businesses stay ahead in an evolving digital world.' With these AI-powered upgrades, SolarWinds is making IT operations more efficient, secure, and resilient in the face of growing complexity.
TECHx
18-02-2025
- Business
- TECHx
SolarWinds Enhances Partner Program to Drive Profitability and Growth
SolarWinds Enhances Partner Program to Drive Profitability and Growth News Desk - Share SolarWinds (NYSE:SWI), a provider of observability and IT management software, has unveiled a new phase of enhancements to its Partner Program, focusing on boosting partner profitability, enhancing capabilities, and providing the necessary tools to foster growth. These updates align with the company's commitment to empowering partners in adapting to emerging technologies and meeting evolving customer demands. Andre Cuenin, Chief Revenue Officer at SolarWinds, emphasized the company's vision for shared growth, stating, 'We are dedicated to creating lasting value for our partners through collaboration, shared growth, and a unified vision. This year's Partner Program theme, 'Elevating Together,' aims to empower partners to adapt to emerging technologies and evolving customer demands while focusing on channel success, growth, and exceptional customer satisfaction for a resilient, innovative future.' As part of this evolution, SolarWinds has introduced a new three-tier partner model, expanding purchase tiers and offering enhanced revenue segmentation and margin control. These changes are expected to increase partner profitability starting in 2025. The updated program also includes growth incentives to reward partners for expanding in SolarWinds Observability (Self-Hosted and SaaS), Database, and IT Service Management (ITSM) solutions. These incentives aim to drive growth and profitability for partners across various segments of SolarWinds' product offerings. In addition, SolarWinds is launching the SolarWinds Services Certification Program (SCCP), designed to certify services partners to sell and deliver SolarWinds Premium Support Add-On services. Partners' teams must include a SolarWinds Certified Professional (SCP) and a SolarWinds Certified Instructor (SCI) to become certified services partners. This program aims to enhance the expertise and capabilities of SolarWinds' partner network, further elevating their service offerings. To support partner success, SolarWinds has also enhanced its partner portal, providing new tools and a better user experience. Updates include advanced business planning tools, marketing automation features, integrated Google Ads activation, and enhanced lead-sharing capabilities. These improvements will help partners streamline operations, increase engagement, and expand their customer reach. Launched in 2022, SolarWinds' Partner Program has been updated annually based on feedback from employees and partners, reflecting the company's commitment to supporting digital transformation and innovation. The continued evolution of the program underscores SolarWinds' dedication to building stronger partnerships and driving success for both the company and its partner ecosystem.
TECHx
11-02-2025
- Business
- TECHx
SolarWinds to Be Acquired by Turn/River Capital for $4.4 Billion - TECHx Media SolarWinds to Be Acquired by Turn/River Capital for $4.4 Billion
SolarWinds to Be Acquired by Turn/River Capital for $4.4 Billion News Desk - Share SolarWinds Corporation (NYSE: SWI), a provider of observability and IT management software, has announced a definitive agreement to be acquired by Turn/River Capital in an all-cash transaction valued at approximately $4.4 billion. SolarWinds shareholders will receive $18.50 per share, representing a 35% premium to the company's 90-day volume-weighted average closing price as of February 6, 2025. SolarWinds President and CEO Sudhakar Ramakrishna stated that the company remains committed to delivering innovative IT management solutions, emphasizing that the partnership with Turn/River Capital will enhance operational resilience offerings on the SolarWinds Platform. He highlighted SolarWinds' leadership in observability, monitoring, and service desk solutions and expressed confidence that the acquisition will further drive customer success. Turn/River Capital Founder and Managing Partner Dominic Ang praised SolarWinds for its strong industry presence and history of innovation, stating that the firm is excited to support its next phase of growth. He emphasized that SolarWinds' commitment to solving customer challenges has driven its long-term success, and this partnership will help accelerate further advancements in IT management solutions. The acquisition has been unanimously approved by SolarWinds' Board of Directors and is expected to close in the second quarter of 2025, pending regulatory approvals and customary closing conditions. Majority shareholders Thoma Bravo and Silver Lake, holding approximately 65% of SolarWinds' outstanding voting securities, have approved the transaction through written consent, eliminating the need for additional shareholder approval. Upon completion, SolarWinds will become a privately held company and will no longer be listed on the New York Stock Exchange. The company will continue operating under the SolarWinds name and remain headquartered in Austin, Texas. Goldman Sachs & Co. LLC and Jefferies LLC acted as financial advisors to SolarWinds, with DLA Piper LLP (US) providing legal counsel. J.P. Morgan, Barclays, Santander, and RBC Capital Markets advised Turn/River Capital, with Kirkland & Ellis LLP serving as legal counsel. Due to the pending acquisition, SolarWinds has canceled its scheduled earnings call for Q4 and full-year 2024 results, originally set for February 11, 2025. However, the company will still report its financial results on or before February 14, 2025. The transaction positions SolarWinds for continued growth, strengthening its ability to deliver innovative, secure, and scalable IT management solutions.
