Skip to content

What’s New? Quarterly Release 24.5 Enceladus

Written by Callum Sinclair – Product Engineering Manager.

This article covers what’s new in our latest Quarterly release series from March 2024 to May 2024. Read the release notes here.

Comet 24.5.0 Enceladus

We’re very pleased to announce our latest Quarterly release series – Comet 24.5 Enceladus. This is the the latest entry in our quarterly rollup series, that branches off from our main rolling Voyager development into a fixed target for you to qualify and build your service offering upon.

Enceladus is a moon of Saturn and is named after the giant Enceladus of Greek mythology. There are a few worlds that are thought to have liquid water oceans beneath their frozen shell, but Enceladus sprays its ocean out into space where spacecraft can sample it. From these samples, scientists have determined that Enceladus has most of the chemical ingredients needed for life, and likely has hydrothermal vents releasing hot, mineral-rich water into its ocean. Enceladus is about as wide as Arizona, and it also has the most reflective surface in our solar system. Because it reflects so much sunlight, the surface temperature is extremely cold, about minus 330 degrees Fahrenheit (minus 201 degrees Celsius).

For users coming from the previous 24.2 Mimas quarterly release series, Enceladus adds 6 new features and 38 enhancements. Some of the new features we are excited about are:

  • Hyper-V Changed Block Tracking (CBT) support
  • Impossible Cloud Storage Templates
  • SMB Storage Vaults
  • Comet Backup desktop app Protected Item wizard refresh
  • Syncro integration
  • Server Self Backup enabled by default

The full set of changes can be found in the release notes.

Webinar announcement

If you’d prefer to watch rather than read, we’re hosting a webinar to discuss this new quarterly release and all the new changes. Please register before we go live on Tuesday 11 June (4pm EDT / 1pm PDT) to catch up on all the latest Comet news with Comet’s CTO, Mason – and as usual, there will be time for a live question-and-answer session at the end of the presentation.

As well as that, we have many more videos available on our YouTube channel, including guides on getting started with Comet, individual features, demonstrations with our technology partners, and webinars for previous quarterly software releases.

Microsoft Office 365 Protected Item Performance Improvements

Over this month, we have made significant improvements to the backup performance of our Microsoft Office 365 Protected Item. These performance improvements mean the backup job completes faster, as well as reduces the amount of data we need to upload. We expect partners to see Microsoft Office 365 Protected Items finish up to 30 times faster.

Disk Image Drive Letter Selection

When configuring a Disk Image Protected Item in the Comet Server web interface, it can be difficult to configure when the device is not currently connected to the Comet Server. To help partners configure a Disk Image Protected Item more easily, we have added a new option to select disks to protect by drive letter.

Bulk Upgrade CPU Limits

Our Bulk Upgrade feature is a great way to keep Comet Backup desktop app installs up to date with the latest version that the Comet Server is running. However, for Comet Servers with many tenants using custom branding, a Bulk Upgrade campaign to upgrade older clients consumed significant CPU time building new client installers quickly.

In Comet 24.3.8 we added a new configuration option to limit the maximum number of CPU cores Comet can use during a Bulk Upgrade campaign. This is a fantastic improvement as it reduces the burden on system resources during a Comet Server upgrade. It also provides a more robust Bulk Upgrade campaign, as Comet Backup desktop app installs can be upgraded without overwhelming the Comet Server’s resources. For more information, you can check out our documentation here.

Windows System Backup Protected Item – Deprecation Notice

Our Windows System Backup Protected Item is being deprecated. Before we added our Disk Image Protected Item, Windows System Backup Protected Item was a great way to backup and restore entire Windows disks. However, it required spool space (temporary storage) to be able to perform this backup. This means for a 500GB disk, Comet requires an additional 500GB of free space for this Protected Item to work.

Because of this limitation, and how difficult it is to setup, we have always recommended partners use our Disk Image Protected Item. To assist partners through this change, we have built a Windows System Backup to Disk Image conversion tool. For more information, you can see our documentation on the tool here.

We will be removing this Protected Item in November (Comet Release 24.11).

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.

ESET WORLD 2024: Building a proactive defense strategy featuring Forrester’s Madelein van der Hout

Threat actors are developing new tools, phishing is getting more sophisticated, and AI is finally here. Organizations need to adapt and be proactive. 

When you think about cybersecurity, it shares many similarities with strategic board games such as Risk, where players try to conquer enemies’ territories. To win, good players define their strategic assets, anticipate opponents’ moves, and create safe areas with limited access that allow further expansion.

The same can be said about companies and institutions trying to survive and thrive in the world of fast-evolving cyber threats, according to guest speaker Madelein van der Hout, a senior analyst from Forrester, a leading global market research company.

“Winning is everything. If you end up being second, you are actually being the first of the losers,” said Mrs. van der Hout during her presentation, hinting at potentially menacing outcomes of a data breach in a real-world scenario.

Using the popular game Risk as a metaphor for the cyber threat landscape, Mrs. van der Hout presented her insights into building a prevention-first approach in cybersecurity at the ESET WORLD 24 conference. After her session, she also kindly answered a few of ESET’s questions.

Strategic assets

Considering the current level of automation, cloudification, and remote working, there are numerous assets that institutions and companies need to protect, such as employees’ devices, customers’ data, or even IT Admin credentials, to name just a few.

But there are also other risk factors that are not directly caused by cyber-attacks. We are talking about pressure on both CISOs and security admins who bear responsibility for their organization’s cybersecurity and face a huge number of challenges including the financial consequences of cyberattacks.

For example, 97 percent of boards are expecting CISOs to deliver business value and 31 percent of boards will fire CISOs in case of a breach, according to Forrester’s research. This kind of pressure often results in high levels of stress and burnout.

Challenges faced by CISOs in 2024:

  • Changing/evolving nature of threats
  • Geopolitics
  • Regulations
  • Hybrid workforce
  • Economic pressure & cost savings
  • Integrating cybersecurity with business strategy
  • Complexity of IT environment
  • Lack of visibility
  • Talent shortage
  • Lack of comprehensive vulnerability and exposure management

Dealing with these challenges, 66 percent of employees working in cybersecurity stated that they are experiencing significant stress levels. Mrs. van der Hout took it a step further, surprising the audience with survey results revealing that among these highly stressed employees, 51 percent take prescription medicine and 19 percent drink three or more alcoholic beverages per day to cope with these challenges.

“We cannot meditate ourselves from (out of) cybersecurity burnout,” said Mrs. van der Hout, adding that there are some measures that companies can take immediately such as automated alert management or providing mental health support to employees.

But considering the current talent shortage, which exceeds 4 million unoccupied job positions worldwide, more measures will need to be taken.

Don’t dwell on the past

Be it a board game or real-world cybersecurity, adopting a prevention-first strategy relies on anticipating the opponents’ moves. But what Forrester analysts often see are companies making decisions based on what has happened before – i.e., using a rearview mirror. They set their priorities, create incident plans, and adjust their budgets, but when a data breach occurs, all this planning goes out the window.

“[Just like] how I flip the board [over] when I am about to lose a game, that’s how they flip their priorities for the upcoming year. Their investment profiles change,” said Mrs. van der Hout.

For example, in 2023, CISOs recognized the importance of the human factor in cybersecurity and increased budgets accordingly, but in 2024 their focus has shifted back to technological solutions.

And the situation has become serious. Within the last 12 months, 78 percent of surveyed organizations reported one or more incidents potentially compromising sensitive data. The estimated cumulative loss of those data breaches is on the rise in both the US and Europe and is now exceeding $1 million per company, according to Forrester.

How others play their cards

When moving to improve one’s game, it is often useful to see how others play their cards. To face current cybersecurity challenges, organizations need to follow current trends and learn from others.

For example, AI and machine learning help cybercriminals create more sophisticated threats, but legitimate security organizations can also harness this technology to build more effective cybersecurity tools and processes. Moreover, identity protection is no longer strictly about protecting the identity of employees, but also of partners, customers, and even non-human identities, thus the term: “everything identity.”

Current trends in cybersecurity:

  • AI and machine learning
  • Quantum computing and blockchain technology
  • Expansion of OT&IoT
  • Zero trust
  • Everything identity
  • Increasing regulations and geopolitics

New legislation has also been adopted around the world, but Mrs. van der Hout pointed out that following legislation is not only about checking compliance boxes but also about helping companies to build stronger defenses. Therefore, security solution providers should retain trusted advisors, and governments should educate companies and citizens to achieve the desired level of resilience.

“Governments need to be clearer about what organizations need to do to comply with new regulations instead of having really vague articles,” Mrs. van der Hout said.

When learning from others, organizations should look at the strategic and tactical priorities of other players on the market.

Strategic priorities:

  1. Boost cloud security strategy
  2. Improve the ability to detect and respond to threats
  3. Enhance identity and access management for employees, partners, and customers

Tactical priorities:

  1. Improve application security and/or product security
  2. Improve access management and policies for employees and partners
  3. Improve security operations’ effectiveness

Building a proactive defense strategy

Taking all this information into account, let’s build some proactive defense strategies.

First, determine business-relevant elements of your strategy and consider that board members will expect it to deliver some value. Business and cyber security need to work together to shape a strong security posture to persuade both partners and customers, who are increasingly taking a proactive interest in their own security.

With a business strategy set, look at possible risks and keep in mind that this should be an ongoing process. While doing this, make sure that you have proper data from cyber intelligence and advanced security technologies.

“And that’s not only about data collection. It’s also about action and response,” Mrs. van der Hout said.

Next step is to create a strong security culture within an organization as current Forrester predictions say that 90 percent of all data breaches will still include a human element.

“Looking at one cybersecurity awareness video while multitasking isn’t changing anyone’s behavior. So, when addressing awareness, please, move beyond videos. Make sure that your employees understand the importance of awareness and make security part of your organization’s culture,” Mrs. van der Hout said.

The final aspect of a proactive defense strategy is continuous improvement and adaptation. Instead of adopting one solution, and then setting and forgetting, organizations should review their defenses, close gaps, make adjustments, and ask for help if needed.

You are not alone

It is always nice to talk about the latest cybersecurity solutions and proactive defense but there are smaller companies or non-profit organizations that don’t have a budget for CISOs and high-end technologies.

When asked about this, Mrs. van der Hout remained in her winning mood, pointing out that even small companies can analyze their threat surface and set priorities. And what is more, the “good guys” in IT environments can help each other.

“We are operating in ecosystems where larger enterprises and SMBs are working together. We need to partner with each other to make sure that we are secure. Security should travel beyond just contractual agreements,” she said.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Containers Gone Rogue! New IT Superhero Arrives to Conquer Container Chaos

In “The Code Conundrum”, A New Software Hero Emerges To Take Aim at Defeating the Complexity of Container Management and Deliver Stability to Modern IT Edge Environments

INDIANAPOLIS – May 29, 2024 – Scale Computing, the market leader in edge computing, virtualization, and hyperconverged solutions, today announced the publication of the second issue of its EdgeSlayer comic book series. In “The Code Conundrum”, our hero is a software developer named Amy (a reference to AIME for Autonomous Infrastructure Management Engine) who must implement continuous integration and containerized deployment strategies to defeat a rogue AI that’s wreaking havoc on the fictional city of Technopolis. Can Amy conquer the unruly forces with container deployment and restore stability to the edge relying on little else than her smarts and DevOps prowess?

While the characters and the plot of the latest EdgeSlayer comic book might be fantastical, the story’s premise is squarely rooted in the realities of today’s complex edge environments where managing, customizing, and integrating software containers has become an essential yet increasingly challenging task. Employing the metaphor of a high-stakes battle to represent the ongoing struggle of IT professionals, the comic depicts our valiant heroes confronting a relentless enemy: a tangled web of application deployment complexities, ever-evolving cybersecurity threats, and the constant pressure to maintain application uptime.

This complexity largely stems from the need for additional tools such as Kubernetes, to manage sprawling container clusters. Kubernetes, while powerful, adds another layer of configuration and learning for already overburdened IT teams. The EdgeSlayer story highlights this struggle, but also offers a path forward. By running containers directly on VMs within SC//HyperCore, redundancy is automatically achieved at the infrastructure level, enabling the real-world heroes of IT to spend less time troubleshooting complex container orchestration and more time focused on strategic initiatives that drive business value.

“We’re seeing more and more customers struggling to deploy containers in a consistent and programmatic fashion at the network edge, which points to a growing need for automated solutions,” said Jeff Ready, CEO and co-founder of Scale Computing. “This burden often falls on the shoulders of IT administrators, the unsung heroes who work tirelessly behind the scenes to keep everything running smoothly, often without the recognition they deserve. Our EdgeSlayer comics are our creative way of celebrating these individuals by showcasing their challenges and triumphs through a superhero lens.”

This new edition of the EdgeSlayer comic can be downloaded here in PDF format for free.

About Scale Computing

Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Using patented HyperCore™ technology, Scale Computing Platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime, even when local IT resources and staff are scarce. Edge Computing is the fastest growing area of IT infrastructure, and industry analysts have named Scale Computing an outperformer and leader in the space, including being named the #1 edge computing vendor by CRN. Scale Computing’s products are sold by thousands of value-added resellers, integrators, and service providers worldwide. When ease-of-use, high availability, and TCO matter, Scale Computing Platform is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, G2 and TrustRadius.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Scale Computing 
Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.

runZero Research Explores Unexpected Exposures in Enterprise Infrastructure

As exploitation reaches light speed, rapid, comprehensive discovery and Cyber Asset Attack Surface Management (CAASM) are more critical than ever

SAN FRANCISCO, CA — May 7, 2024 — At the RSA Conference today, runZero announced the inaugural edition of the runZero Research Report, the first in a series of publications that explore the state of asset security across global enterprises. As a leading provider of Cyber Asset Attack Surface Management (CAASM), this report leverages runZero’s unique perspective across hundreds of enterprise networks, including internal infrastructure, internet-facing assets, and cloud environments.

“Our research reveals alarming gaps and unexpected trends in enterprise infrastructure, including the decay of network segmentation, persistent challenges in attack surface management, and the increasing volume of dark matter on modern networks,” said HD Moore, founder and CEO. “runZero was built on the principle that applied research makes for better asset discovery, and that better asset discovery is the foundation of the modern exposure management organizations need to successfully defend against these challenges.”

Key findings include: #

  • IT and OT are converging, increasing the attack surface of organizations and requiring new techniques to discover and manage assets. OT systems are high-value targets for attackers and are consistently exposed to untrusted networks. Over 7% of the ICS assets sampled are exposed to ‌the public internet. These assets include programmable logic controllers, power meters, and protocol gateways, all of which play an important role in critical infrastructure.
  • Outlier devices are often the most at-risk. The runZero outlier score, defined as how unique an asset is within the context of its neighbors, strongly correlates with the risk ranking reported by leading vulnerability scanners. This correlation works both ways, with low outlier scores consistently mapping to lower overall risk. Defenders can leverage outlier analysis to quickly identify the most vulnerable systems within their environments.
  • Security teams often have limited to no visibility into more than half of the physical devices on their networks. Network “dark matter”— devices that are often unmanaged by IT and rarely updated — comprises 19% of enterprise networks, while a further 45% of these devices offer limited management capabilities.
  • End-of-life hardware and operating systems continue to drag down security postures. Although Windows 2012 R2 and Ubuntu 14.04 are the most common EoL operating systems observed, obsolete versions of VMware ESXi and out-of-support network devices are serious concerns.
  • Printers and network-attached storage devices often allow traffic forwarding between networks, breaking network segmentation controls. runZero identified unexpected IP-forwarding behavior across dozens of device types, ranging from smart TVs to robotic vacuum cleaners.
  • Zero-day attacks at the network edge have surged and suppliers are struggling to provide timely patches. In the first four months of 2024, runZero published 23 Rapid Responses covering 60+ distinct vulnerabilities.
  • 92% of systems running the Secure Shell (SSH) service allow password-based authentication, exposing these systems to brute force and credential stuffing attacks. In addition to insecure authentication methods, thousands of systems rely on hardcoded cryptographic keys that are shared between unrelated environments, negating many of the security benefits of the protocol.
  • Nearly 16% of all Transport Layer Security (TLS) implementations rely on an end-of-life version of OpenSSL, placing these systems at risk of future compromise. This finding was uncovered through runZero’s unique fingerprinting method that reliably identifies services by behavior, not configuration, to determine versioning.
  • Remote Desktop Protocol (RDP) security has improved on Windows with the introduction of Network Layer Authentication (NLA) support, but this has not carried over to Linux-based RDP implementations like xrdp, and many Windows systems have kept older, more vulnerable configurations.
  • Server Message Block (SMB) v1 is still enabled on 13% of Windows systems. Although SMBv1 is disabled by default on newer versions of Windows, there are still millions of legacy systems using this outdated protocol.

runZero’s research is focused on identifying at-risk devices through precise fingerprinting and fast outlier analysis. This report also describes runZero’s research process, the fingerprinting techniques created, and the practical results of these efforts.

Additional Resources #

  • Check out additional research from the runZero team
  • Register for the live report launch event at RSA on May 8th
  • Register for the virtual launch, a special edition of runZero Hour, on May 15th

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

Portnox Cloud Honored at 2024 Network Computing Awards

Portnox, a leading provider of cloud-native, zero trust access control solutions, was a finalist in four categories.

DALLAS, TX – May 29, 2024 — Portnox, a leading provider of cloud-native, zero trust access control solutions, today announced that Portnox Cloud was named Runner Up for Cloud-Based Solution of the Year in the 2024 Network Computing Awards. Portnox was a finalist in three additional categories, including:

  • Network Security Product of the Year – Portnox Cloud
  • The One to Watch Company
  • Bench Tested Product of the Year – Portnox Cloud

Public voting to determine the winner in every category except Bench Tested Product of the Year took place from March 27 through May 13. Dave Mitchell of Binary Testing, an independent reviewer, chose the Bench Tested Product of the Year winner.

“We are honored to be recognized as a leading cloud-native solution and are especially proud to be highlighted as ‘One to Watch’ because it validates that the word of mouth from our happy customers is circulating among both our partners and industry peers,” said Denny LeCompte, CEO of Portnox.

About Portnox

Portnox offers cloud-native zero trust access control and cybersecurity essentials that enable agile, resource-constrained IT teams to proactively address today’s most pressing security challenges: the rapid expansion of enterprise networks, the proliferation of connected device types, the increased sophistication of cyberattacks, and the shift to zero trust. Hundreds of mid-market and enterprise companies have leveraged Portnox’s award-winning security products to enforce powerful access, endpoint risk monitoring and remediation policies to strengthen their organizational security posture. By eliminating the need for any on-premises footprint common among traditional information security systems, Portnox allows companies – no matter their size, geo-distribution, or architecture – to deploy, scale, enforce and maintain these critical zero trust security policies with unprecedented ease.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×