Todas las entradas hechas por Danny Bradbury

Salesforce launches a new streaming TV service, Salesforce+


Danny Bradbury

11 Aug, 2021

Salesforce is launching a streaming business TV service called Salesforce+ that will roll out as part of its Dreamforce conference in September. 

The company is designing the service on the digital content models used by companies like Netflix and Peloton but aimed at a business audience. The content will initially be created entirely using its internal team, under the brand name Salesforce Studios. Over time, though, it hopes to encourage more community content.

«The people watching Disney+, the people watching ESPN+, are the same people watching Salesforce content in a business setting, so why wouldn’t we follow that sort of direction? That’s really the genesis of this idea,» explained the company’s senior VP of brand marketing Colin Fleming in an interview about the new service. 

The initial Salesforce+ content features new shows and content the company has already produced and distributes through its YouTube channel. One example is its 70-episode-strong Leading Through Change series, which launched in March 2020. 

Other content on the service will include Connections, which features innovations with marketing executives from different companies, and a career advice series called Boss Talks. Another show, Simply Put, will be a short form program featuring simple explainer videos for complex business topics. 

The initiative will be the conduit for the company’s Dreamforce event next month, which moved online last year due to the pandemic. The event will be mainly online this year, with in-person attendance by invitation only.

Salesforce+ Dreamforce coverage will feature four broadcast channels with a combined 100 hours of initial content: Prime Time, Trailblazer, Customer 360, and Industries. 

Prime Time will feature news announcements and customer case studies. Trailblazer will feature interviews with industry leaders and previews of Salesforce products. The Customer 360 and Industries channels will feature more case studies and innovation stories. 

The company added that viewers would be able to customize their content into collections focusing on different topics, such as artificial intelligence (AI) and financial services. They will also be able to ask questions via the platform and get live answers from presenters during the Dreamforce event.

Salesforce enhances cloud-based health care offering


Danny Bradbury

10 Aug, 2021

Salesforce has expanded Health Cloud, its cloud-based service for health care organisations, with several new features targeting remote patient management and data protection. 

The company has added four enhancements to Health Cloud. The first addition, remote patient exception monitoring, harvests data from connected health care devices and presents it in a single dashboard interface targeting care coordinators. 

Metrics displayable in the dashboard include heart rate and blood glucose levels. This will enable health care workers to better understand patient conditions without needing physical visits, Salesforce said. 

Salesforce’s new appointment management feature suggests remote and in-person appointment times for patients. Users can select available appointment types and times via any device, and the system can also offer pre-appointment questionnaires to help gather the necessary data ahead of the appointment. 

The cloud service provider says this will reduce no-shows and administrative costs incurred through manual back and forth with human schedulers. 

The third new feature, medication management, tackles the management of medication lists. Many clinics still use manual, paper-based systems to track patient medication, making it difficult to monitor medication adherence, Salesforce said. 

Targeting pharmacies, small clinics, and retail outlets, medication management will reduce the administrative overhead of tracking patient medication lists. The service will also integrate with RXNorm, a system that standardises naming conventions for generic and brand name drugs in the US. 

The final enhancement focuses on regulatory compliance and helps in-home patient care companies protect patients’ health information. Salesforce is certifying Salesforce Maps, B2C Commerce, and Order Management services as compliant with the US government’s HIPAA health care privacy regulations. 

This certification gives mobile health care workers access to sensitive patient data on the move via Salesforce Maps while staying compliant with regulations, the company said. It also enables companies, including retail health locations and pharmacies, to set up e-commerce stores dealing with sensitive patient orders via HIPAA support in Salesforce B2C Commerce and Salesforce Order Management. 

Microsoft suspends Windows 365 trials


Danny Bradbury

5 Aug, 2021

Microsoft has suspended its Windows 365 trial just a day after launch due to heavy demand. 

In a tweet, the company said it was experiencing «significant demand» for the service, which offers easy-access virtual desktops in the cloud accessible via a browser or Microsoft’s Remote Desktop application. It added it reached capacity for Windows 365 trials. 

This morning, Scott Manchester, director of program management for Windows 365, added that the company saw an «unbelievable response.» People should still sign up for the service to be notified when it resumes, he added. 

Microsoft announced Windows 365 on July 14 and took it live Monday, August 2, providing an easy way for smaller businesses to access virtual Windows desktops in the cloud. The service runs on a virtual machine Microsoft calls a Cloud PC, which is available in various configurations up to eight cores with 32GB of RAM. 

Windows 365’s Business Edition is configurable using a self-service portal, and the Enterprise Edition is configurable using Microsoft’s Endpoint Manager tool. The latter also features integrations with Azure Active Directory and Defender for Endpoint. 

Microsoft already offers a desktop as a service (DaaS) option in Azure Virtual Desktop, which the company used to call Windows Virtual Desktop. However, Microsoft sells this on a consumption-based pricing model, plus it’s more complex to administer. Windows 365 is available for a flat monthly fee.

Initial reactions to the service were mixed. «I’ve just had it for a day but it’s already been useful,» tweeted one user in response to Manchester. «Full coding on my iPad.» 

Another user was less impressed. «Is this why my Cloud PC refuses to reset? I’ve been waiting 30 hours for it to reset and no one from support has answered me,» they said. 

It’s still early days for Windows 365, which will receive more features over time. Microsoft promised support for offline working, along with potential GPU options for Cloud PC power users.

MuleSoft buys automation company Servicetrace


Danny Bradbury

3 Aug, 2021

Salesforce-owned MuleSoft has announced it will buy robotic process automation (RPA) company Servicetrace for an undisclosed amount.

The acquisition will complement MuleSoft’s application composition platform, explained executives.

MuleSoft sells Anypoint, an application programming interface (API) development platform for building reusable connections between applications and data so developers can compose applications more easily. Salesforce acquired MuleSoft in 2018.

Servicetrace offers the XceleratorOne RPA tool. RPA helps companies to automate manual processes by copying human activities, cutting down on manual labour and human error.

The Servicetrace tool enables companies to identify processes that would benefit from RPA and model them for automation. Servicetrace says that the tool can automate long, complex processes and connect artificial intelligence (AI) solutions for automated decisions. It also organises those automations across a company and enables managers to assess the return on investment from automated processes.

The RPA product will integrate with Salesforce’s Einstein Automate solution, which already handles automation tasks for the company’s clients.

«Our platform makes it easy to unlock and integrate data from anywhere — wherever it resides — and manage, monitor, secure, and govern that data at scale,» said MuleSoft CEO Brent Hayward in an announcement.

«MuleSoft will now also make it easy for line of business and knowledge workers to automate business processes and dramatically increase efficiency and speed.»

Servicetrace also offers automated software testing tools and application performance monitoring tools that use bots to monitor users’ experience across complex software architectures.

The acquisition will close by the third quarter of Salesforce’s fiscal year, ending October 31, 2021.

IBM snaps up DevOps services specialist BoxBoat


Danny Bradbury

9 Jul, 2021

IBM is acquiring DevOps consulting company BoxBoat Technologies as part of an ongoing effort to bolster its cloud software capabilities.

BoxBoat was founded in 2016 to help create strategies for container-based software development. It advises companies on how to build software development pipelines for cloud-native applications and on how to convert existing applications for container-based environments, and offers a range of training services to support this.

This is the latest acquisition in IBM’s push to establish dominance in the cloud software development space, which has seen it invest heavily in Kubernetes-based container infrastructure, on which many modern cloud applications depend.

IBM has said it will fold BoxBoat into its Global Business Services unit to bolster its hybrid cloud portfolio, focusing on container strategy and services. The deal’s value has not been disclosed.

One of BoxBoat’s focal areas is increasing the security of DevOps processes and has spent time recently addressing software supply chain security following the SolarWinds attack. Security experts are increasingly worried about adversaries compromising software development processes and inserting malicious code into software before it is deployed.

BoxBoat has been working closely with the Cloud Native Computing Foundation (CNCF) on its Secure Production Identity Framework for Everyone (SPIFFE) project. This is an open-source initiative that assigns secure identity certificates to cloud workloads, making it easier for microservices to authenticate with each other securely in the cloud.

The company also works with another Linux Foundation initiative called in-toto, to help secure DevOps pipelines from intruders who might try to compromise software in development.

BoxBoat has parlayed some of this work on third-party software security into a contract with the US Department of Defense under its Small Business Innovation Research (SBIR) initiative to help secure software supply chains.

This is the latest acquisition in a series for IBM, which acquired Red Hat in 2019 for $34bn. More recently, it acquired cloud implementation services company Nordcloud in a December deal that closed in Q1 2021. It also bought cloud managed services provider Taos a month later.

Microsoft announces Windows 11 with redesigned UI, third-party app payments, and more


Danny Bradbury

25 Jun, 2021

Microsoft officially rolled out Windows 11 today with a slew of features targeting users and developers alike — and a sideways jab at rival Apple

Openness was the key talking point for CEO Satya Nadella when unveiling the new operating system, which will ship later this year. «Windows recognises that there is no personal computing without personal agency,» he said. Nadella added, «We want to remove the barriers that too often exist today and provide real choice and connection.» 

The new operating system will feature support for Android apps purchased from Amazon’s app store. In a swipe at Apple, the company also revamped the Microsoft Store, allowing developers to use their own payment systems when charging for apps. This lets developers keep 100% of the revenue. 

«Windows has always stood for sovereignty for creators and agency for consumers,» said Nadella, who highlighted its multi-marketplace support as a key differentiator from Apple in an interview with the Wall Street Journal today. «Operating systems and devices should mould themselves to our needs and not the other way around.» 

Openness didn’t seem to be the central theme in at least one Windows 11 feature announcement, though. 

In a move sure to worry other collaboration and video conferencing application providers, Microsoft has integrated Teams more closely into the operating system. This integration creates an interface that places contacts into the start bar and makes it easier to enter Teams video calls.

One welcome feature the company revealed in preview versions of Windows 11 is a universal mute button. This allows you to mute all video calling systems, so you can rest assured your mic isn’t hot. 

Windows 11 will also feature some user interface (UI) changes. Users will arrange their application windows into pre-configured layouts. The operating system will retain these layouts when you switch between external monitors and laptop displays. This feature, called Snap Layouts, is one of several enhancements designed to make the keyboard-free experience more intuitive when using Windows in a tablet format. 

The new UI will also include new visual cues for resizing windows and a start menu that’s centred on the screen rather than off to the side. Windows 11 will also feature a redesigned on-screen keyboard with swipe-to-type features and emojis. 

Other new features integrated directly into the start menu will include Windows Widgets, which will be tabs of content, including news tailored to users’ content viewing habits. One intriguing feature will be the ability to tip content creators through the widget platform. 

Alongside other cosmetic changes, like rounded corners, the system will also feature some under-the-hood changes. Updates will be 40% smaller and will happen in the background, so people can keep working through them. 

On the gaming side, Microsoft will bring across a few features from the Xbox platform. Games that support HDR for better contrast and more vibrant colours will now benefit from that feature on Windows 11. The operating system will also offer Direct Storage, which will use the graphical processing unit (GPU) to load data without burdening the CPU. The company will also integrate the Xbox Game Pass system directly into the desktop operating system. 

There was a notable lack of talk about privacy during the launch, which is a theme Apple has continually promoted in its products. Instead, Microsoft seems to differentiate itself from Apple by emphasizing its platform’s openness and willingness to relinquish control. 

Microsoft’s support for Android apps might also give it some traction over Google’s Chromebook platform, which has enjoyed meteoric sales in recent months. 

«Throughout its history Windows has been a democratizing force for the world», Nadella said in the announcement wrap. Microsoft settled with the DoJ on monopoly charges in 2001 for giving preferential treatment to its Internet Explorer browser. In the same year, It also called open source software «a cancer,» though it apologized for the statement in 2020. 

Microsoft has since built support for Linux directly into the operating system. An analysis of leaked Windows 11 code suggests it might be able to run graphical Linux apps on the Windows desktop. 

Over two-thirds of companies still run software with WannaCry flaw


Danny Bradbury

13 May, 2021

Four years after the global WannaCry and NotPetya ransomware attacks, two-thirds of companies still haven’t patched the vulnerabilities that caused them, according to cloud network detection and response company ExtraHop.

The company investigated data from its Reveal(x) security platform in the first quarter of 2021 to determine which protocols its customers were running. It found that 88% of them were still running at least one device using SMBv1, which was a pivotal attack vector for the EternalBlue exploit used in the two ransomware attacks. 

Although a single device could mean a company is maintaining it just for use by an attack team, a more worrying statistic was that 67% of companies are running over 10 SMBv1-enabled devices. Over two-thirds (37%) were running more than 50, and 31% of companies checked had over 100 SMBv1 devices on their networks.

The report also highlighted heavy use of two other protocols in Windows servers. The first, called Local Loop Multicast Name Resolution (LLMNR), is an alternative to DNS for resolving basic names within a private network. It has a similar problem to Windows’ old NetBIOS naming service, in that it communicates with all clients on the network rather than a specific server. 

That enables an attacker to listen for and reply to access requests, creating a race condition to harvest the client’s hashed credentials if it establishes a conversation quickly enough. It can then decrypt those credentials, giving an attacker access to a client’s network account, or use them in a pass-the-hash attack.

The other protocol, New Technology LAN Manager (NTLM) v1, is a decades-old network authentication mechanism that has long been obsolete. Nevertheless, over a third (34%) of companies have over 10 devices using it, ExtraHop said. Almost one in five (19%) had over 100 devices using the protocol, despite Microsoft advising people to stop using it altogether in favor of the more secure Kerberos system.

The report also found that few companies had embraced using TLS encryption over HTTP (HTTPS), which browser vendors have aggressively enforced. It found that 81% of enterprise environments were still using HTTP to send access credentials in plain text.

ExtraHop said it analyzed over four petabytes of traffic each day in its investigation of online protocol usage.

Head of Homeland Security had his email hacked in SolarWinds attack


Danny Bradbury

30 Mar, 2021

According to a new report, suspected Russian hackers accessed email accounts belonging to the Trump administration’s head of the Department of Homeland Security (DHS).

The Associated Press reported that hackers also gained access to emails belonging to members of the department’s cyber security staff that had the job of hunting foreign cyber threats.

The emails belonged to then-acting secretary Chad Wolf, and hackers compromised them during the months-long SolarWinds attack. It’s unknown what information, if any, was stolen.

Senator Rob Portman of Ohio, top Republican on the Senate’s Homeland Security and Governmental Affairs Committee, said the SolarWinds hack “was a victory for our foreign adversaries and a failure for DHS. We are talking about DHS’s crown jewels,” AP reported.

In addition to Wolf’s email, hackers also obtained officials’ schedules at the Energy Department, including then-Secretary Dan Brouillette. But, in this instance, schedules were not confidential.

A DHS spokesperson said in a statement to the media that “a small number of employees’ accounts were targeted.»

«Upon learning about the campaign, the Department took immediate steps to respond to the incident, including leveraging response teams from CISA and private sector partners, to continue executing its mission,” said the spokesperson, reported The Hill.

«The Department no longer sees indicators of compromise on our networks and remains focused on further securing our networks against future attacks, integrating lessons learned from this incident. However, this widespread intrusion campaign has again shown that our strategic adversaries are sophisticated, persistent, and have increasing capabilities.»

In interviews with AP, anonymous officials said the response to the hacking campaign was hampered by its outdated technology and there were struggles to discover how many servers ran the SolarWinds software.

In one example, the Federal Aviation Administration (FAA) said the hack didn’t affect it, only to admit a few days later that it was conducting investigations a few days later.

Other victims of the SolarWinds hack include the Commerce and Treasury Departments, National Finance Centre, the State Department, the National Institutes of Health, the Energy Department, and the National Nuclear Security Administration.

The AP reported the Biden administration isn’t planning to step up government internet surveillance but will instead focus on better private sector partnerships and enhanced information sharing.

VMware buys Mesh7 in cloud security push


Danny Bradbury

19 Mar, 2021

VMware is expanding its security capabilities with the acquisition of cloud-native security company Mesh7.

The acquisition, the terms of which have not yet been disclosed, will better enable VMware to monitor cloud application traffic between virtual machines, the company said. 

Many products, such as intrusion prevention systems and firewalls, secure traffic travelling across a network, but increasingly, companies are using virtual machines or containers and sending requests between them using application programming interfaces (APIs).

Organisations need visibility into those APIs to see how the software that uses them is behaving. Mesh7 offers a product that monitors those APIs and calls, called the API Service Mesh, which includes functions including an API firewall and API gateway.

The API Service Mesh can tell when Kubernetes applications are being accessed externally and can monitor API security within applications that are distributed across lots of locations and machines. This makes it ideal for DevSecOps, which is a version of the cloud-focused DevOps development discipline that automates development and deployment.

VMware, with its heritage in virtual machines, was interested in Mesh7’s cloud-native API monitoring capabilities. Another thing that made the company an attractive acquisition target was API Service Mesh’s reliance on Envoy, which is an open source proxy system built for cloud-native applications originally created at ride-sharing company Lyft.

Envoy enables cloud-native application traffic to run over its communications bus, making it easier for DevOps pros to see what large distributed applications are doing and identify any performance issues or other operational problems. VMware uses Envoy in its own Tanzu Service Mesh that automates networking and security in distributed applications.

«VMware is seeing increased demand for a fully integrated API + service mesh product with Envoy as the foundation. The exact same Envoy architecture used in the initial service mesh use case can also control how one application can talk to another application via APIs,» said Tom Gillis, SVP and GM of VMware’s security business unit, in a blog post announcing the acquisition.

API security is becoming an increasing problem for developers and operations teams alike as companies move increasingly to API calls. Akamai has said that 83% of web traffic consists of API calls, and 40% of web applications’ attack surface is API-based. Salt Security recently revealed that 90% of businesses experienced API security vulnerabilities in 2020.

VMware buys Mesh7 in cloud security push


Danny Bradbury

19 Mar, 2021

VMware is expanding its security capabilities with the acquisition of cloud-native security company Mesh7.

The acquisition, the terms of which have not yet been disclosed, will better enable VMware to monitor cloud application traffic between virtual machines, the company said. 

Many products, such as intrusion prevention systems and firewalls, secure traffic travelling across a network, but increasingly, companies are using virtual machines or containers and sending requests between them using application programming interfaces (APIs).

Organisations need visibility into those APIs to see how the software that uses them is behaving. Mesh7 offers a product that monitors those APIs and calls, called the API Service Mesh, which includes functions including an API firewall and API gateway.

The API Service Mesh can tell when Kubernetes applications are being accessed externally and can monitor API security within applications that are distributed across lots of locations and machines. This makes it ideal for DevSecOps, which is a version of the cloud-focused DevOps development discipline that automates development and deployment.

VMware, with its heritage in virtual machines, was interested in Mesh7’s cloud-native API monitoring capabilities. Another thing that made the company an attractive acquisition target was API Service Mesh’s reliance on Envoy, which is an open source proxy system built for cloud-native applications originally created at ride-sharing company Lyft.

Envoy enables cloud-native application traffic to run over its communications bus, making it easier for DevOps pros to see what large distributed applications are doing and identify any performance issues or other operational problems. VMware uses Envoy in its own Tanzu Service Mesh that automates networking and security in distributed applications.

«VMware is seeing increased demand for a fully integrated API + service mesh product with Envoy as the foundation. The exact same Envoy architecture used in the initial service mesh use case can also control how one application can talk to another application via APIs,» said Tom Gillis, SVP and GM of VMware’s security business unit, in a blog post announcing the acquisition.

API security is becoming an increasing problem for developers and operations teams alike as companies move increasingly to API calls. Akamai has said that 83% of web traffic consists of API calls, and 40% of web applications’ attack surface is API-based. Salt Security recently revealed that 90% of businesses experienced API security vulnerabilities in 2020.