The Week Ending April 29
Topping this week’s Came to Win list is Amazon Web Services for coming out on top in competition for a major government cloud contract.
Also making this week’s list are semiconductor and application security tech developer Synopsys for a strategic acquisition; cybersecurity tech developer Wiz for discovering a potentially serious vulnerability on a Microsoft Azure cloud database; Source Defense for a successful funding round; and Fortinet, Masergy and Ingram Micro for a unique three-way partnership to develop and deliver a secure SD-WAN service.
AWS Wins Out Over Microsoft For $ 10B NSA Cloud Contract
Amazon Web Services this week was awarded once again — a National Security Agency cloud computing contract worth up to $ 10 billion.
“Once again” because AWS was first awarded the contract, code-named WildandStormy, back in July 2021. But cloud rival Microsoft, whose Azure cloud business had competed for the contract, challenged the award by filing an administrative protest with the US Government Accountability Office.
This week the NSA upheld its decision to award the cloud contract to AWS, a significant win for the company.
The news comes amid years of wrangling between AWS and Microsoft over another Department of Defense cloud computing contract, the $ 10 billion Joint Enterprise Defense Infrastructure project. That contract was initially awarded to Microsoft in 2019 but became mired in litigation and challenges from AWS before being canceled. AWS and Microsoft are now expected to compete for a new mega-billion-dollar cloud contract called the Joint Warfighter Cloud Capability.
Synopsys Buying SaaS Security Provider WhiteHat For $ 330 Million
Synopsys made a move this week to bolster its application security capabilities with a deal to acquire Software-as-a-Service security standout WhiteHat Security for $ 330 million.
Synopsys provides semiconductor electronic design automation software and services, including application security testing technology. With the acquisition of WhiteHat Synopsys looks to leverage that company’s SaaS-based dynamic application security testing technology within its security technology portfolio.
Synopsys acquired Tinfoil Security, another developer of application security technology, in 2020 to better integrate dynamic application security testing into software development and DevOps workflows.
Fortinet, Masergy Launch Co-Developed Turnkey SD-WAN Solution
Security technology developer Fortinet and SD-WAN supplier Masergy caught everyone’s attention this week with the debut of a jointly developed managed SD-WAN offering that will be distributed by Ingram Micro.
The new packaged offering gives resellers and MSPs the opportunity to sell fully managed SD-WAN services and provide tier 1 and tier 2 customer support — even if they lack service operations and SD-WAN certifications and have limited technical resources.
Fortinet, Masergy and Ingram Micro each bring specific strengths to the collaborative effort, which combines networking, security and managed services. The effort is indicative of how the network and security spaces are converging.
The packaged offering incorporates Fortinet Secure SD-WAN solutions, including next-generation firewall, advanced routing, and Zero Trust Network Access proxy functions. Comcast-owned Masergy is contributing its Guardian Portfolio, including network and security management services, that puts Masergy in charge of managing or co-managing the SD-WAN services. Ingram Micro will be handling distribution of the new offering.
Wiz Catches Vulnerability In Microsoft Azure Database That Allowed Access To Sensitive Data
Cloud security provider Wiz wins kudos this week for its discovery earlier this year of potentially serious vulnerabilities it discovered in the popular Azure Database for PostgreSQL Flexible Server.
Wiz, based in Tel Aviv, Israel, said the security flaws permitted Wiz researchers to effectively bypass tenant isolation and allow unauthorized cross-account read access to other customers’ cloud databases.
Wiz disclosed the vulnerability Tuesday. At the same time, Microsoft said the vulnerability had been fixed and that no customer data was accessed using the vulnerability.
Shir Tamari, head of research at Wiz, told CRN the vulnerabilities violated “fundamental premises” of cloud databases.
Wiz researchers discovered that they could effectively “take control” of their own cloud database on Azure and its codes, something most cloud providers, including Microsoft, prohibit due to concerns over database stability. Once they had taken effective control of the coding for their own cloud database, Wiz researchers were able to use their account as a base to access other customers’ sensitive data, Tamari said.
Source Defense Raises $ 27M, Aims To Beef Up Channel Relationships
Source Defense raised $ 27 million in Series B funding this week, new financing the company plans to apply to expand its sales, marketing and channel efforts, as well as continuing to invest in product research and development.
Source Defense develops a cybersecurity system that provides threat visibility, control and prevention of client-side attacks, helping businesses address cybersecurity risks related to third-party supply chains. The company is based in Rosh Ha’ayin, Israel, with US headquarters in New Haven, Conn.
As part of its sales and marketing expansion plans, Source Defense is looking to expand its relationships with regional channel players and local resellers. CEO Dan Dinnar told CRN that “a very high percentage” of the company’s business is already driven by the channel and he intends to continue that momentum.