Category Archives: Automation

BENGALURU: IT companies are reworking every part of their business from how to win deals to how to cut costs with the help of outside consultants as they look to weather the perfect storm created by automation, protectionism in their major markets, and investors seeking bigger payouts.

Top executives say that the next financial year is likely going to see changes in business models across all companies, with those unable to adapt being left behind. I think, to say the model of 2005 or the model of 2015 will be the model of 2020, would not only be foolish, it would be dangerous, Malcolm Frank, chief strategy officer at Cognizant told ET.

IT companies also have to determine whether to continue to invest in certain parts of their business, or even retain them, as they focus on building capabilities to compete for new digital deals.

We expect more IT companies to start spinning-off non-core parts of the business. We think there will be more demand for consulting to help IT players relook at their models, an executive in-charge of the IT sector at the top-tier consulting firm, told ET.

The move is likely to get spurred by investors who are demanding bigger payouts at a time when the sector faces slowing growth, falling margins, and a greater need to invest in new capabilities. Cognizant has already said it hired a consulting firm to help it create a new strategy. IT companies had been using consulting firms. It is always good to have an external eye. But I think that may increase, Srinivas Kandula, Country Head for Capgemini in India, said.

In addition to re-examining their core business, changes in the market are also forcing IT firms to retool their sales engines. One of the key ways that things have changed from five years ago is that there are virtually no traditional large deals being signed and the digital deals, though growing in size, have yet to pick up the slack. And clients say that not all IT companies have made that transition to winning in the new deal structure yet.

How do you sit down with your provider and say I want you to help me build something totally new? How do you contract for that? Its a very different exchange and I know it is something we are doing because you cannot lock yourself in and be bound by how you did things 15 years ago, Amy Brady, Chief Information Officer at US financial firm KeyCorp, said. And I am not sure that every provider has caught on to that yet.

Indian IT firms have started using technology better to help them win deals. Infosys has said it is using analytics to help its sales executives pitch relevant services to mine customers and even to determine what deals it is likely to lose in a renewal. IT companies have typically either billed on the number of employees, called time-andmaterial, or charged a fixed price to take over the process. But for some the very nature of what they are selling has changed.

Read the original:

IT firms rework business models in wake of automation, changing investor mood - Economic Times

For manufacturers, operating with fewer but more highly skilled and engaged employees is the only path to a sustainable business.

- Neil McDonough

Title: Chairman and CEO

Organization: FLEXcon, Spencer, Mass.

The IndustryWeek Manufacturing Leader of the Week highlights the manufacturing leaders, executives and stars who are driving growth in today's industry and helping to shape the future of manufacturing.

FLEXcon was founded in 1956 when Myles McDonough saw an unmet need. My father was an adhesive salesperson with a chemistry background, helping customers throughout New England learn how to run and where to use newly developed acrylic based adhesives, , notes his son, Neil. He noticed that his customers frequently turned down small orders. If the order was for less than 3,000 yards, then it was not worth setting up the adhesive coating machine. He believed, and subsequently proved, that there was a good business in small custom orders, if you organized yourself effectively and priced the order appropriately.

Today, Neil McDonough runs the company his father founded founded, which has grown to become a flexible converter with four production facilities and over 1,000 employees. The company continues to specialize in meeting its customers needs for custom, often short-run, adhesive coated and laminated plastic film materials, which are used to label and decorate durable goods and advertise brands.

The complexity of our business has increased over the years as our customers have asked for materials to survive harsher environments, to act as barriers to UV, oxygen, or moisture, McDonough explains, which has led the company to develop a large variety of plastic films and adhesives.

IndustryWeek talked to McDonough about FLEXcons continuing evolution as the needs of its customers and the marketplace change.

IW: What impact has automation had at your company in recent years?

McDonough: Quality expectations have increased through the years. This has led to more digitization and automation, collecting data about the process and making sure the results are repeatable, even when the runs are small batches that run infrequently. Cost pressures have also pushed FLEXcon to adopt automation for routine jobs, such as packaging.

The single minute die exchange (SMED) philosophy of the Toyota Production System has led to the automation of digital knife setting systems on slitting equipment, reducing set-up time and enhancing accuracy. We have been careful to not sacrifice flexibility for increased automation. Ultimately, automation has improved efficiencies and throughput for our operations and has made it easier and safer for our employees to perform their jobs.

IW: How would you describe the extent of FLEXcons continuous improvement journey? When did it begin, and what impact has it had on your operations and workforce?

McDonough: When the quality revolution started in America in the 1980s, we saw that the model of continuous improvement fit perfectly with our customer-focused approach to keeping customers happy. FLEXcon has a stable workforce with a promote-from-within orientation. Crosby Quality Process, ISO and Lean excellence became the goals of much of the personal development actions throughout the company, building a continuous improvement team and culture.

The key to our success over the years has been our willingness to try new things, including ideas that come from people in all parts of our organization. We also continually strive to improve in the area of conservation and energy savings.

IW: How has your management style evolved over the years?

McDonough: My management style has evolved as the days of central command and control have gone away. I used to push my solutions to issues and problems. Now I listen moreadmittedly, still not enoughbut more. I have learned that there is tremendous knowledge and caring at all levels and corners of the organization, and even outside the company, that can and should be used to build a better company for the future.

Today, it is not enough to have great professionals and experts in functional areas. It is the seams between functions that trip us up. Cross-functional goals, objectives, plans and metrics build a stronger, smarter organization.

IW: What do you anticipate 2017 looking like for your company, and your industry?

McDonough: In 2017, the digital revolution will continue to rock our industry. Global consolidation throughout the supply chain continues to be one response to the cost and complexity of different skill sets needed to succeed as the various effects and opportunities of digitization unfold. Collaboration within the value chain, particularly with co-suppliers, making total solutions easier for customers to adopt and adapt to these changes, is our recipe for success. Competition for business and talent may cause creative destruction to some organizations.

FLEXcon is focused on growing our sales through new applications for pressure sensitive materials and developing our people to make our customers successful so that, ultimately, we may be successful.

IW: From your perspective, what is the single biggest challenge facing U.S. manufacturers?

McDonough: The non-wage costs of employees continue to rise, putting a considerable strain on U.S. manufacturing companies, with healthcare costs being a clear example. Manufacturing has become more capital-intensive, reducing the total workforce and increasing the skill level of operators, planners and mechanics needed on todays factory floor.

For manufacturing companies that want to invest in their employees and reward and develop their people, operating with fewer but more highly skilled and engaged employees is the only path to a sustainable business.

Link:

Willingness to Try New Things Guides FLEXcon through Digital Revolution - IndustryWeek

Cisco Blog > SP360: Service Provider

Cisco WAN Automation Engine (WAE) is enabling real-time network planning. WAE 7.0 is a game-changer release, and we are thrilled to announce its general availability.

Youre likely familiar with WAE Design application, which has been the market leader innetwork modeling and capacity planning for years. Now the WAE Design can address new demands from Service Providers and Enterprise customers that have a tremendous need to drive not only CapEx reduction through planning, but also OpEx reduction with real-time automation.

For this new release, we took an innovative approach to the challenge of evolving an offline planning tool to an online platform that can help operators automate network management.

First, we moved to a YANG-based infrastructure that can automatically generate APIs and CLIs to simplify the customer experience. To feed the YANG-based infrastructure in real-time, our collection framework is leveraging streaming protocols such as BGP-LS, PCEP, and streaming telemetry. This not only improves scalability and visibility, but also provides the reactivity important for an online tool. It was also very important for us to offer a solution that could support legacy and multi-vendor networks. In that respect, we have built modular collectors that can be configured to augment models with data obtained by traditional sources such SNMP, CLI, and NETCONF.

Second, we put substantial effort into simplifying installation and configuration. What does it really mean for you? The installer now downloads and installs in minutes. Configuration of network collection is equally simple. You only need to provide device credentials, enable the desired data streams, describe how the data sources should be combined, and WAE will dynamically build a network model that reacts to change. This is a major improvement you have been looking forward to for quite some time.

WAE has always provided a rich set of optimization algorithms, and we keep adding features. In release 6.4, WAE added segment routing algorithms to support latency, disjointedness, avoidance, and bandwidth optimization. In release 7.0, WAE adds simplified Python APIs for running these algorithms and for applying the results of these algorithms back into the network.

And there is more! By combining a reactive network model with a powerful set of algorithms and easy-to-use Python APIs, WAE is now an application development platform.

As part of WAE 7.0, you automatically get access to a sample application for tactical traffic engineering.

What are the benefits to you?

This application enables you to significantly increase the utilization of your network infrastructure in an automated manner resulting in both CapEx and OpEx savings.

How does it work in simple terms?

WAE monitors the network for topology changes. If a network event such as a link failure causes congestion in the network, WAE will compute a set of Label Service Paths (LSPs) to mitigate the congestion and then deploy the LSPs into the network. When the link recovers, WAE will re-run the optimization, see that the LSPs are no longer required, and remove them from the network.

Why should you give this application a try?

This application clearly exemplifies the combined use of several software innovations Cisco brought to market over the past 12 months: model-driven telemetry, segment routing traffic matrix, segment routing capacity optimization algorithm, and LSP deployment in a closed-loop solution.

By innovating with a focus on the customer experience, we have evolved WAE 7.0 to an easy-to-install platform for network application development that is based on an easy-to-understand YANG networking model, a powerful set of algorithms, and well-designed Python APIs, helping you drive OpEx reduction through ruthless automation.

Find more information on Network Intelligence

View post:

WAN AutomationNot Just Another New Release, but a Game Changer - Cisco Blogs (blog)

When leaders at the Defense Information Systems Agency asked Dave Mihelcic to become the agencys chief technology officer more than a decade ago, he initially was hesitant.

But over the last dozen years, Mihelcic, who retired from DISA on Feb. 3, transformed the role of the CTO from one that was a part time role giving the DISA director limited advice to a position that is bringing DoD to the leading IT edge.

Mihelcic said he is not only leaving the DISA CTO position in a good place, but is enthusiastic about how the CTOs office is leading major IT advancements for DISA and DoD at large. Mihelcic said Riki Barbour will be the acting CTO until DISA names a permanent one.

Hiring freeze result of Trump team's review of federal agencies

He said the biggest change in the CTOs office came from bringing in the right people to promote innovative approaches to IT.

We had a notion we wanted to drastically enhance the capabilities of the DISA CTO. We got approval very early on to bring in senior technologists and we brought in some of the best technologists from across the agency in everything from communications networking to computing to software development, Mihelcic said on Ask the CIO. Some of the innovation came in later. We recognized that as a gap. We were providing architectures, insight and oversight to DISA programs, but we had no inherent hands on capability, if you will. That was a gap we recognized several years into it and had to bring resources to bear to close that gap.

As DISA closed those innovation gaps, Mihelcic brought in leading edge technologies to help the military services and agencies.

One such initiative is around cloud. Not only did DISA lead the development of the DoDs cloud computing strategy and the MilCloud 2.0 acquisition, but it also is testing out software-defined networking capabilitieswhich many say is the next evolution in cloud.

The software defined environment looks to integrate and automate all of the technologies in a data center to have one-touch provisioning of entire systems supporting DoD needs, Mihelcic said.

This software-defined network effort also is the key for DISA to move more heavily toward an agile or dev/ops methodology. Mihelcic said DISA first started using an agile approach in 2010, but without the automation tools to test and verify software, moving to dev/ops wasnt easy.

What we tend to do is use techniques like agile but we accumulate updates to the network and then we send through a manual testing and certification cycle, and then manually push them out periodically, he said. What we really need to do is focus on the automation piece, both automate the test as well as the security certification, and then automate the deployment of software capabilities so we can match where industry is now.

DISA is testing these technologies to collect, compile, test and deploy the changes in real time.

We are about six months into the pilot and we have demonstrated these abilities, Mihelcic said. We are starting to spin out the results of that into DISA projects and programs to include our DCSDefense Collaboration Services. We also are looking at how the global command and control system can adopt some of these techniques, and likewise we are working with our computing ecosystem at DISA to use some of these automation techniques in the operational data centers today.

He added another goal of the software environment is to help DISA employees create, manage and oversee systems at a great rate. Through automation, he said, system administrators and cyber analysts can understand the health or vulnerabilities of a network more quickly and take action to fix problems.

Along similar lines, Mihelcic said several cyber-related projects are moving forward.

We in the CTO believe the cloud can be a security force multiplier, using technologies that will allow us to redeploy software instantaneously when a cybersecurity fault is detected. Essentially, the systems can patch themselves and make themselves immune to cybersecurity attacks in real time, he said. As part of our software defined environment lab demonstration that we are currently conducting, we have a scenario where a system is somehow attacked and infected with malware. We can detect that automatically and we can essentially reprovision a known good copy of the system without the malware, without the adversary owning the system, and then we can shut the adversary off to a virtualized version of that system and have our cyber defenders watch them in real time.

Mihelcic said he expects these advanced cyber capabilities to roll out more broadly across DISA over the next 12-to-18 months, especially as the agency modernizes its infrastructure to handle these upgrades.

All of these efforts around software defined environments and cybersecurity helps DoD become more comfortable with moving to the cloud.

Mihelcic said without the automation tools to rapidly provision, deploy and manage these cloud capabilities, then all the Pentagon is doing is paving the cow paths because they will continue to use their lengthy, legacy processes.

See the original post:

DISA must rely on automation to avoid paving the cyber, IT cow paths - FederalNewsRadio.com

Forbes

How The Coming Wave Of Job Automation Will Affect You And The US Forbes The 227,000 jobs added to the payroll in January marked the 76th straight month of expansion. The headline number is impressive. But if you dig a little deeper, you'll find these jobs aren't what they used to be. Since 2000, the creation of full-time ...

Read the original:

How The Coming Wave Of Job Automation Will Affect You And The US - Forbes

John Solari 12:34 p.m. PT Feb. 24, 2017

John Solari(Photo: RGJ file)

In an era many business leaders are calling the age of automation, the power of teamwork still remains a key to unlocking business results.

These two seemingly opposing forces are actually tightly interlinked. While automation, robotics and technology will continue to absorb rote, repetitive work, companies that unlock the skills that automation cannot bring to the table collaboration, creativity, and team-driven problem-solving will rise to the top.

Companies today must harness the power of their teams to deliver products, services and experiences that automation cannot provide. The power of an intelligent, collaborative and creative team can unlock ideas, relationships and new service lines that automation simply cannot deliver.

Marlin Steel in Baltimore, Maryland, was able to stay in business by automating its processes to stay competitive when many other manufacturing jobs went overseas. Video by Jasper Colt, USA TODAY

Peter Drucker, one of the foremost thought leaders in management culture, coined the term knowledge worker and said the most valuable asset of a 21st-century institution, whether business or nonbusiness, will be its knowledge workers and their productivity.

The challenge for companies today is how to attract, retain and inspire knowledge workers. And that can be done most effectively through the power of the team and through the strength of a companys culture.

As Drucker famously said, Culture eats strategy for breakfast.

Culture and team are the prime drivers of recruitment, innovation, productivity and growth. But they are often ignored or downplayed by executives focused on measuring, monitoring and analyzing every aspect of business operations, mostly because culture and teamwork often defies measurement.

Some business experts even call culture the invisible ingredient that propels a company forward. But that invisible ingredient is vital to the execution of strategy. If strategy runs counter to a companys culture, it is almost impossible to implement. But when strategy and culture align, execution becomes almost effortless.

To create a winning culture, it is more important than ever to hire and cultivate team players who understand how to build culture and use it to drive performance.

Renowned business author Patrick Lencioni advises company leaders to look for three qualities when hiring and promoting team players: humility, hunger and people smarts.

Humility allows team players to put the team above their individual egos, and cultivate all members of the team. To truly grow a team you need to focus on the entire group, not individual egos or results.

Hunger is the ambition that fuels great work, but also makes team members self-motivated. If you have hungry team members who push for the best result without having to be coaxed along by a manager, you have the ingredients of a great inspired team.

And people smarts is the sensitivity to the team dynamics in the workplace that are critical to high-functioning teams. This is the emotional or relational intelligence that is so important in building trust and collaboration across an organization.

Automation and technology will continue to advance and change the workplace, but these changes will never alter the foundation of great companies the team dynamics and culture that fuels innovation, creativity and productivity that are the true hallmarks of great companies.

John Solari is the managing partner of J.A. Solari & Partners. He has 25 years of accounting experience and is also a member of the American Institute of Certified Public Accountants and the Nevada Society of Certified Public Accountants.

Read or Share this story: http://on.rgj.com/2lEcwFZ

Read more here:

Solari: Teamwork still holds power in the age of automation - Reno Gazette Journal

Weigh the needs of your packaging operation as it relates to workforce interaction and skill, quality, safety, productivity and profitability when deciding to use semi-automated or fully automated packaging machines on your production line.

With the growing implementation of robotics and automation into production lines, various manufacturing sectors are able to reduce costs, provide even more consistent quality products and improve profit margins. But just how much automation do you really need on your packaging line?

Simply eliminating workers and oversight on the line does not always bring about greater efficiency. Manufacturers should understand the requirements of their lines to select the right level of automation. Will semi- or fully automated packaging equipment meet their needs?

Differences between semi- and fully automated lines

Depending on its use, full or partial automation can greatly assist manufacturers in achieving their business goals. The differences between the two hinge on one major factor: employee interaction. Fully automated lines operate with little to no workforce involvement, while semi-automated lines rely on some employee interface to maintain operations.

There are advantages and disadvantages depending on the circumstances. Both semi-automated and fully automated operations have a proven track record of reducing production costs, increasing profits and improving product quality.

Lets look at the pros and cons of each one separately.

Considerations of semi-automation

Semi-automated manufacturing lines give way to a collaborative model that allows automated robots and equipment to operate alongside employees on the manufacturing floor. While employee interaction along a packaging line requires consideration for human error and safety concerns, it can also help manufacturers increase line flexibility.

Not all applications require the high speeds or positioning accuracy of fully automated packaging systems. Sometimes a semi-automatic solution provides the right level of flexibility and affordability. Photo courtesy of Piab.

Employees can think critically about problems that can occur on the manufacturing floor that are beyond what any machine is equipped to handle. Instead of awaiting feedback from machines themselves, a skilled workforce has the ability to work with equipment to ensure any machine stoppages are addressed in real time, rather than relying on machinery to properly correct errors on their own.

This model provides the opportunity for continuous improvements along the line for smooth production and an increase in efficiency. However, a major challenge among manufacturers across various industries in the Unites States today is acquiring, developing and retaining skilled employees, which can necessitate greater steps toward a fully automated line.

Considerations of full automation

By implementing a fully automated system, manufacturers eliminate significant levels of workforce on the production line. These processes are especially suitable for the pharmaceutical and meat and poultry industries. According to a report from FDAnews, human error accounts for nearly 80% of deviations in the pharmaceutical and related manufacturing industries. By fully automating product lines and reducing workforce interaction, pharmaceutical manufacturers can continue to improve such deviations and ensure customer satisfaction.

In the meat and poultry industry, manufacturers focus mainly on quality and sanitation. By removing the human element, food processors can help decrease the risk of product contamination. Fully automated lines can help ensure that manufacturers are complying with the latest Food Safety Modernization Act (FSMA) regulations and help improve product quality and safety.

Additionally, fully automated lines can help to guarantee safety of the workforce on the manufacturing floor. As automation equipment design improves to allow for safer employee interfaces, the workforce can increasingly interact with equipment without compromising safety and skilled workers are able to interact with automation equipment remotely. Fully automated equipment can help increase employee safety on the line without compromising product quality.

Scope out solutions

As automation advances revolutionize manufacturing, its imperative for packaging engineers to keep up with the latest technologies. Manufacturers looking to automate their packaging lines with semi- and fully automated equipment can find many solutions on the show floor at Pack Expo East (Feb. 27-Mar. 1; Philadelphia).

Exhibitors at Pack Expo East are taking major steps in automation along product lines with the intention of helping end users comply with the latest regulatory and safety standards while increasing efficiency and product quality. Event attendees can also learn tips and gain more insight at the Innovation Stage, a series of 30-minute sessions in which a range of solutions and case histories will be shared by subject matter experts addressing automation, regulatory compliance, workforce development and best practices. The Innovation Stage is located on the show floor and is free to all attendees.

Sean Riley is the senior director, Media & Industry Communications, for PMMI, The Association for Packaging and Processing Technologies. PMMI owns and organizes the Pack Expo portfolio of trade shows. He began his work with PMMI in 2006 as editor of its Packaging Machinery Technology magazine. He is a member of various industry organizations including the International Packaging Press Organization (IPPO) and the American Society of Business Press Editors.

Read more here:

How much automation do you really need on your packaging line? - Packaging Digest

Linux Foundation Creates New Platform for Network Automation Wall Street Journal (subscription) (blog) The Linux Foundation said Thursday that it had created a new platform for automating the management of communications networks, a labor-intensive process that is widely viewed as a bottleneck in the the world of corporate information technology. The ...

Go here to see the original:

Linux Foundation Creates New Platform for Network Automation - Wall Street Journal (subscription) (blog)

Linda Musthaler is a Principal Analyst with Essential Solutions Corp., which offers consulting services to computer industry and corporate clients to help define and fulfill the potential of IT.

This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe.

During my recent trip to Tel Aviv to attend CyberTech 2017, I had a one-on-one conversation with Barak Klinghofer, co-founder and chief product officer of Hexadite. He gave me a preview of an educational presentation he was to give two weeks later at the RSA Conference. His insight is worth repeating for anyone looking to add automation tools to their security toolset.

As I saw at CyberTech, and Im sure was the case at RSA, the hottest topics were security automation, automated incident response and security orchestration. These can be confusing terms, as every vendor describes them a little bit differently.

In this article, Klinghofer gives his definition of security automation and an overview of several hot market trends today. Klinghofer and the other Hexadite co-founders all worked as security analysts before they started their company, so they have walked in the shoes of the people who are most likely to use security automation tools.

Klinghofer defines security automation as an active process of the following:

1. Mimicking the ideal steps a human would take to investigate a cyber threat. The tool should not just assist or provide more insight or more data about a threat, but really mimic the same steps and the logic an analyst should take when doing a cyber investigation. If you can train people to do an investigation, you can probably codify the logic in a system.

2. Determining whether the threat requires action. This goes beyond running something in a sandbox or comparing it to a threat intelligence list, to include using the results of those kinds of tests and really questioning the evidence. A SOC analyst would do this, so its reasonable to expect a security automation tool to do this as well.

3. Performing the necessary remediation actions. This isnt as easy as it sounds because there are so many configuration permutations and ramifications for possible actions taken. You want to know that your automation solution is aware of as many use cases as possible because you are expecting the same result as you would get from a human analyst.

4. Deciding what additional investigations should be next. Many security automation tools stop after the first three steps, but a SOC analyst would go a step further and try to verify or validate that the threat was removed and is no longer a risk to the organization. For example, if there is an alert about a phishing instance, who else in the organization might have that same phish sitting in his inbox?

The big trend in the cybersecurity market is security orchestration. Most of these types of tools are API-driven as opposed to logic-driven, and the basic premise is to get different types of security tools to work together to drive a process. To get value from orchestration, you really need to define the outcome you are expecting.

Orchestration is the means to an end; its not the goal itself. If you can find use cases where connecting two devices or solutions gives you extra value that you couldnt get from either of the devices or solutions alone, then orchestration is worthwhile. That said, there are several types of tools that say they are doing orchestration or automation.

One example is workflow tools. Vendors say these tools will enhance alert data and automate the information sent to your SOC analyst to streamline your incident response (IR) communications. What they actually mean is they will provide you with a framework to better organize your teams IR flow with built-in ticketing, playbooks and user rules. What you get is something that will tell your IR staff what they should do and in what order, if they have the time to do it. Plus, everything will be documented.

Suppose one of your end-users received a phish. The workflow tool receives the phishing alert from the detection system and starts the process. First the tool will collect the data on the different entities within the email to get more context.The tool will scan and analyze the URLs within the email, and if there is an attachment, it will run it in a sandbox and try to find all of the threat intel. Next the tool will open and assign a ticket which includes the enriched data to assist in the manual investigation. The analyst will take over with a manual process to deep dive into the alert, but there might be additional steps the workflow tool can help facilitate. The main objective of the tool is to speed up the process and keep it moving along, especially if multiple people are involved.

Another type of security automation tool does threat prioritization. Vendors say they will enhance the alert data and prioritize the information sent to your security analysts to streamline your incident response process. This way you wont need to analyze everything. What they actually mean is they will ignore everything that is under a specified threshold.

Prioritization is essentially a conscious decision about what you are willing to let go without investigationbut you are never 100% sure that you can ignore something. Its hard to determine if something is a legitimate risk or not without investigating it. Many breaches have occurred when alerts were not investigated. The advantage of prioritization is that your SOC analysts arent overwhelmed with too much to do.

Scripting tools are another type of security automation tool. Vendors say they will provide a way to enhance your IR by integrating your SecOps solutions in order to get a good result. What you really get is an open development framework with some of the APIs already pre-built, but eventually you need to build the playbooks you want. It will take you longer to do this and you need to have experts who know exactly what they are doing. Defining, building and testing the use cases can be very complicated. While the scenarios might sound easy, the fact is that there are many complications and the scripts wont work in all situations. Basically you end up trading security analysts for programmers.

Klinghofer says Hexadites security orchestration and automation tool, Automated Incident Response Solution (AIRS), investigates every alert. AIRS receives alerts from multiple detection and endpoint security systems, adds contextual intelligence and then automatically launches an investigation.

He says the system analyzes data from the network and endpoint devices using algorithms and tools to determine whether the alert is a false alarm, low-level threat, or security breach. Based on pre-defined policies and best practices codified in the logic of the solution, AIRS applies targeted mitigation efforts to stop the full extent of the breach. It follows the same processes and logic that SOC analysts would follow, but without human intervention. (See Hexadite's Automated Incident Response Solution narrows the gap between detection and response.)

With an increasing number of security threats being detected, and the growing shortage of security analysts, most enterprises will be looking for some sort of security automation tool to improve their IR capabilities. If your company is in the market for such a tool, be sure you understand just what it will do for you.

More here:

How to assess security automation tools - Network World

Scott Davisis EVP of Engineering & Chief Technology Officer for Embotics.

With the explosive growth of cloud and SaaS-based business applications and services, the underlying software architectures used to construct these applications are changing dramatically. Microservices architecture is not a brand new trend but has been picking up momentum as the preferred architecture for constructing cloud native applications. Microservices provide ways tobreak apart large monolithic applications into sets of small, discrete components that facilitate independent development and operational scaling. Key to this architecture is making sure that each microservice handles one and only one function with a well defined API. Microservices must also have no dependencies on each other except for their APIs.

When mixed with automation as a dynamic management solution for the individual application components, applications become less limited by the infrastructure they run on. Through automation and infrastructure as code technologies, applications now have the ability to control their underlying infrastructure technologies, turning them into services to be harnessed on demand and programmatically during application execution. While weve seen cloud native pioneers such as Uber, Netflix, Ebay, and Twitter publicly embrace this method of building and delivering their services, many organizations arent sure where to begin when it comes to achieving effective and efficient operations through this app architecture revolution.

Before microservices, it would take engineers months or years to build and maintain large monolithic applications, but today microservices design methodology makes it easier to develop systems with reusable components that can be utilized by multiple applications and services throughout the organization, saving developers valuable time. This enables better continuous delivery, as small units are easier for developers to manage, test and deploy.

In order to successfully deliver microservices and container solutions cost-effectively and at scale, its important to have a proper design framework in mind. Microservices must have a well formed, backward and forward compatible API and only communicate with its peers through their API. Each Microservice should perform one and only one dedicated function. Each microservice is ideally stateless and if needed typically has its own dedicated persistent state that is not exposed to others. When all of these principles are rigorously followed, each microservice can be deployed and scaled independently because they do not require information about the internal implementation of any other services all that is required is that they have well-defined APIs.

At the same time, microservices are well matched to and driving the adoption of container technologies as the two often work in conjunction. Each microservice has to run somewhere, and containers are often the preferred choice because they are self-contained, rapidly provisioned or cloned, and usually stateless. Developers can easily construct a container with all the required code to execute the microservice, allowing them to break a problem into smaller pieces, which was not previously possible at this scale. Containers offer developers a way to package their function into this self-contained block of code, creating efficient, isolated and decoupled execution engines for each app and service.

The problem? This creates more component parts that need to be dynamically managed to achieve their promise of scalable, cost-effective cloud services. Automation can provide the dynamic management needed to deliver microservices and container solutions cost effectively and at scale. With microservices-based designs, developers and operations staff are left with many more component parts that need to grow and shrink independently. Automation can be harnessed to reduce this complexity and deliver the desired results.

Microservices-based designs fundamentally enable faster development and deployment of highly scalable applications, whether for the cloud or on-premise. Flexible automation via both portals and APIs is the key ingredient for effectively deploying and managing these next generation, distributed applications, across todays multi-cloud environments.

Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Penton.

View post:

The App Architecture Revolution: Microservices, Containers and Automation - Data Center Knowledge