Skip to content

Graylog 推出進階數據路由功能 協助企業重新平衡成本與數據價值

作為威脅檢測、調查與回應 (TDIR) 領域的領導者,Graylog 近日正式發佈了一系列重大安全功能 ,幫助公司企業實現更高效、更智能、更具成本效益的安全營運。全新功能包括進階數據路由、 基於資產的風險評分,以及人工智慧生成的調查報告等。

這些創新功能以及 2024 年秋季版本中的其他改進,讓公司企業能夠更有效地將資源與安全目標 重新平衡,協助安全團隊自信地降低風險。透過精確掌握用戶和系統層級的威脅情勢,Graylog 幫助公司企業作出更明智的安全決策,並快速應對潛在威脅。

Graylog 獨家的進階數據路由功能,允許用戶將價值較低的「待機」數據傳送至經濟型儲存空間 ,而無需即時索引處理。這些數據可在未來進行事件調查時隨時取回。此功能改變了傳統 SIEM 訂閱模式,讓其更準確地反映數據價值,幫助安全與 IT 團隊專注於數據的重要性,同時減少需要 管理的技術工具數量。

「過去,SIEM 需要從所有日誌來源匯入數據,假設每則日誌訊息的價值都相等。」Graylog 產品 副總裁 Seth Goldhammer 解釋道。「但一旦訊息被丟棄,就無法再取回。我們的進階數據路由 功能解決了這個問題,讓使用者可以匯入所有數據,但只需為真正有價值的數據支付費用。」

Graylog 的基於資產的風險建模功能,能夠跨攻擊面關聯相關安全事件,並依據漏洞狀態、異常 變化和 API 風險等因素,優先處理重要威脅。此功能將每日數以千計的警報整合成以用戶和系統 為單位的高風險事件,幫助安全分析師快速鎖定優先調查對象,並加速處理流程。

此外,Graylog 的 2024 年秋季版本還新增事件時間線視覺化功能,並運用生成式 AI (GenAI) 將 關鍵細節彙整為事故回應報告,包含影響分析,進一步簡化調查流程,節省分析師時間。

關於 Graylog
Graylog 通過完整的 SIEM、企業日誌管理和 API 安全解決方案,提升公司企業網絡安全能力。Graylog 集中監控攻擊面並進行深入調查,提供卓越的威脅檢測和事件回應。公司獨特結合 AI / ML 技術、先進的分析和直觀的設計,簡化了網絡安全操作。與競爭對手複雜且昂貴的設置不同,Graylog 提供強大且經濟實惠的解決方案,幫助公司企業輕鬆應對安全挑戰。Graylog 成立於德國漢堡,目前總部位於美國休斯頓,服務覆蓋超過 180 個國家。

關於 Version 2 Digital
Version 2 Digital 是立足亞洲的增值代理商及IT開發者。公司在網絡安全、雲端、數據保護、終端設備、基礎設施、系統監控、存儲、網絡管理、商業生產力和通信產品等各個領域代理發展各種 IT 產品。透過公司龐大的網絡、通路、銷售點、分銷商及合作夥伴,Version 2 提供廣被市場讚賞的產品及服務。Version 2 的銷售網絡包括台灣、香港、澳門、中國大陸、新加坡、馬來西亞等各亞太地區,客戶來自各行各業,包括全球 1000 大跨國企業、上市公司、公用事業、醫療、金融、教育機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。

JumpCloud 獲得 ISO 27001 認證 標誌性成就,彰顯保護客戶資料與安全卓越的承諾

JumpCloud Inc. 成功獲得由 Schellman & Company, Inc. 頒發的 ISO 27001 認證。ISO 27001 是國際公認的信息安全管理體系(ISMS)標準。此項成就展現了 JumpCloud 對保護客戶資料的承 諾,也表明其在信息安全領域的最高標準。

ISO 27001 列出了管理信息安全風險的最佳實踐,包括:

  • 風險評估:識別和評估影響信息機密性、完整性與可用性的風險
  • 安全控制:通過存取限制、加密和物理屏障等安全措施來管理風險
  • 管理體系:建立政策、角色與職責分工,以支援信息安全目標
  • 持續改進:定期審核並改進 ISMS,以應對新興威脅。

JumpCloud 資訊安全總監 Robert Phan 表示:「JumpCloud 的客戶依賴我們保障並管理其最重要資源的存取安全,這項認證與我們的 SOC 2 Type II 報告一樣,向客戶展示了我們持續致力於保障其環境安全的努力,同時進一步鞏固了 JumpCloud 作為身份、存取和裝置管理領域可信供應商的地位。」

關於 JumpCloud

JumpCloud® 提供一個統一的開放式目錄平台,使 IT 團隊和 MSP 能夠輕鬆、安全地管理公司企業中的身份、裝置和存取權限。通過 JumpCloud,用戶能夠從任何地方安全工作,並在單一平台上管理其 Windows、Apple、Linux 和 Android 裝置。

關於Version 2

Version 2 Digital 是立足亞洲的增值代理商及IT開發者。公司在網絡安全、雲端、數據保護、終端設備、基礎設施、系統監控、存儲、網絡管理、商業生產力和通信產品等各個領域代理發展各種 IT 產品。透過公司龐大的網絡、通路、銷售點、分銷商及合作夥伴,Version 2 提供廣被市場讚賞的產品及服務。Version 2 的銷售網絡包括台灣、香港、澳門、中國大陸、新加坡、馬來西亞等各亞太地區,客戶來自各行各業,包括全球 1000 大跨國企業、上市公司、公用事業、醫療、金融、教育機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。

What is Coffee Shop Networking?

Introduction

Quick Answer: Coffee shop networking is a flexible approach to enterprise networking that enables secure, lightweight access from any location, supporting remote and hybrid workforces without heavy infrastructure.

What is Coffee Shop Networking?

Hybrid work and lightweight network infrastructure with SD-WAN and ZTNA for coffee shop networking.

Coffee shop networking is a modern networking model designed to support today’s distributed workforce. This approach allows employees to connect to corporate resources from remote locations, such as coffee shops, home offices, or co-working spaces. Inspired by the simplicity of connecting to a coffee shop’s Wi-Fi, coffee shop networking provides seamless connectivity with the added security required for accessing sensitive business applications.

As hybrid work environments became more prevalent, the need for lightweight, flexible networking solutions grew. Traditional full-scale SD-WAN (Software-Defined Wide Area Network) infrastructures were designed for office locations with dedicated, on-premises equipment. Coffee shop networking, on the other hand, emphasizes minimal setup and relies on cloud-based resources, making it ideal for remote and mobile employees.

The Evolution of Coffee Shop Networking

Evolution of SD-WAN, remote work growth, lightweight SD-WAN, ZTNA introduction, and increased flexibility and security

The shift toward coffee shop networking accelerated during the COVID-19 pandemic, as businesses rapidly adapted to remote work at scale. With employees working from various locations, there was a need for simple, cost-effective ways to access company resources without complex setups. This shift led to the rise of “lightweight SD-WAN” — a scaled-down version of traditional SD-WAN designed to offer remote users the connectivity they need without the heavy infrastructure associated with full-scale, office-based networks.

In many cases, however, Zero Trust Network Access (ZTNA) can entirely replace lightweight SD-WAN for remote access, especially when using solutions that support multiple protocols over SSL. ZTNA provides a streamlined, security-focused approach that eliminates the need for extensive network infrastructure, allowing employees to connect securely to corporate resources directly, regardless of their location. By supporting access via various protocols over SSL, ZTNA ensures that employees can safely connect to corporate applications without the need for a complex SD-WAN setup, enhancing both security and cost-efficiency.

This model acknowledges that remote users don’t need the same extensive infrastructure as branch offices. Instead, they need fast, secure access to the internet and corporate resources from any location. Coffee shop networking, especially when enhanced with ZTNA, provides this flexibility—ensuring connectivity and security while eliminating unnecessary components, reducing costs, and offering an adaptable solution that meets the needs of today’s mobile workforce.

How to Enhance Coffee Shop Networking with ZTNA and Thinfinity®

How to Enhance Coffee Shop Networking with ZTNA and Thinfinity

While coffee shop networking provides convenience and flexibility, it also comes with security risks, especially when using public Wi-Fi. Zero Trust Network Access (ZTNA) is essential to mitigate these risks. ZTNA secures connections by enforcing strict access controls, requiring continuous verification of user identity and device health. Here’s how ZTNA and Thinfinity Workspace can enhance coffee shop networking:

  1. Granular Access Control with ZTNA 
    ZTNA applies a “least privilege” approach, limiting access to only the specific resources each user needs. Unlike traditional VPNs, which provide broad network access, ZTNA allows remote employees to connect only to authorized applications, reducing potential attack surfaces. This targeted access is especially useful for coffee shop networking, where public networks are often used.
  2. Continuous Verification for Security
    ZTNA constantly checks user identity and device health throughout the session, ensuring that unauthorized access attempts are blocked immediately. This continuous monitoring safeguards corporate resources even in environments where security threats are high, such as public Wi-Fi networks in coffee shops.
  3. Encryption for Public Networks
    Coffee shop networks are often open and vulnerable to eavesdropping. ZTNA encrypts all data traffic between the remote device and corporate servers, making the data unreadable to potential attackers. This advanced encryption provides an added layer of security for employees working from locations with untrusted networks.

Thinfinity® Workspace: A Comprehensive Solution for Secure Coffee Shop Networking

Thinfinity Workspace enhances coffee shop networking by integrating ZTNA and Remote Privileged Access Management (RPAM), delivering both flexibility and robust security for remote access. Here’s how Thinfinity takes coffee shop networking to the next level:

  • Built-In Zero Trust Network Access (ZTNA)
    Thinfinity Workspace includes ZTNA, enabling secure, restricted access based on user identity and device health. This setup ensures that only verified users can connect to corporate resources, providing businesses with confidence that remote work remains secure, regardless of where employees connect.
  • Remote Privileged Access Management (RPAM)
    For companies that need additional control over high-privilege users or third-party access, Thinfinity Workspace also offers RPAM. This feature allows IT teams to control, monitor, and secure privileged access, enhancing security for critical resources. RPAM is especially valuable for organizations handling sensitive data or needing regulatory compliance.

Why Coffee Shop Networking with ZTNA Matters in a Hybrid Work Environment

As hybrid work becomes standard, coffee shop networking supported by ZTNA offers an effective balance of accessibility and security. With Thinfinity Workspace, organizations can deliver secure, high-performance access to remote employees without relying on complex, location-dependent infrastructure. Thinfinity’s integration of ZTNA and RPAM provides a comprehensive solution, enabling companies to confidently support secure, flexible work-from-anywhere options for their teams.

Conclusion

Coffee shop networking makes remote access easy and flexible, but it needs ZTNA to be secure. Thinfinity Workspace brings ZTNA and RPAM to coffee shop networking, providing businesses with a reliable, high-performance solution for remote work that doesn’t compromise on security.

About Cybele Software Inc.
We help organizations extend the life and value of their software. Whether they are looking to improve and empower remote work or turn their business-critical legacy apps into modern SaaS, our software enables customers to focus on what’s most important: expanding and evolving their business.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Responsible AI Adoption & How the CISO Can Champion

Artificial Intelligence (AI) is reshaping industries at an unprecedented pace, promising groundbreaking advancements in productivity, innovation, and decision-making. However, alongside these opportunities come significant risks—ethical dilemmas, data privacy concerns, algorithmic biases, and potential security vulnerabilities. For organizations embracing AI, it’s not just about deploying technology but doing so responsibly. 

This is where Chief Information Security Officers (CISOs) step into a leadership role. CISOs, traditionally tasked with safeguarding enterprise networks and data, now have the opportunity to drive responsible AI adoption within their organizations. By understanding and mitigating AI-specific risk scenarios, CISOs can help ensure AI is both safe and aligned with broader business goals. 

Here’s how CISOs can lead the charge for responsible AI.

1. Assessing AI-Specific Risk Scenarios

AI introduces unique risks that CISOs are well-positioned to address. These include:

  • Data Integrity Risks: AI models rely heavily on data. If the data feeding these models is corrupted or manipulated, the AI can produce harmful or inaccurate outputs.
  • Algorithmic Bias: AI systems can unintentionally perpetuate or amplify biases present in training data, leading to discriminatory outcomes. For example, biased hiring algorithms may favor certain demographics over others.
  • Cybersecurity Threats: AI systems are vulnerable to adversarial attacks, where malicious actors manipulate inputs to deceive the AI. Additionally, models themselves can be stolen or reverse-engineered.
  • Ethical Challenges: From facial recognition systems to generative AI, ethical concerns abound regarding how AI is used and the societal impact of these technologies.

CISOs should work with data science teams to map out these risks and establish robust safeguards. A comprehensive risk assessment is the first step in embedding responsible AI practices into the organization.

2. Driving AI Governance and Policy Development

AI governance is essential for ensuring that AI initiatives align with ethical, legal, and organizational values. CISOs can play a pivotal role in establishing clear policies that guide AI development and usage. Key components include:

  • Data Governance: Ensuring that data used to train AI models complies with privacy regulations like GDPR or CCPA and is ethically sourced.
  • Model Auditing: Creating processes for regular audits of AI models to identify biases, vulnerabilities, or performance issues.
  • Usage Guidelines: Establishing boundaries for AI usage, particularly in sensitive areas like surveillance, hiring, or healthcare.

By collaborating with legal, compliance, and ethical review teams, CISOs can ensure that governance frameworks are comprehensive and enforceable.

3. Educating Stakeholders on AI Risks and Opportunities

For AI to be adopted responsibly, everyone from the C-suite to frontline employees needs to understand its risks and opportunities. CISOs can take the lead in providing education and training on:

  • Data Privacy: How AI interacts with sensitive data and the importance of maintaining compliance.
  • Bias and Fairness: The implications of biased algorithms and how to mitigate them.
  • Security Best Practices: Protecting AI systems from adversarial attacks or intellectual property theft.

These efforts not only build awareness but also foster a culture of responsibility around AI.

4. Building Security into the AI Lifecycle

AI security isn’t a one-and-done task. It must be integrated across the entire AI lifecycle:

  • Development: Work with data science teams to implement secure coding practices, protect training datasets, and avoid embedding vulnerabilities in AI models.
  • Deployment: Ensure that AI systems are regularly monitored for anomalies, patched against vulnerabilities, and configured with secure access controls.
  • Post-Deployment: Continuously evaluate AI performance and security, incorporating feedback loops to improve resilience over time.

CISOs should adopt a DevSecOps approach for AI, embedding security into every stage of development and deployment.

5. Advocating for Transparent and Explainable AI

One of the biggest challenges in responsible AI adoption is the “black box” problem—AI systems can be opaque, making it difficult to understand how decisions are made. This lack of transparency can lead to mistrust and potential regulatory scrutiny.

CISOs can advocate for the use of explainable AI (XAI), which prioritizes transparency and accountability. By working with AI engineers, CISOs can push for models that provide clear, interpretable insights into their decision-making processes. Transparency is not just an ethical imperative—it also reduces risks by enabling organizations to detect and correct errors more effectively.

6. Collaborating with External Ecosystems

Responsible AI adoption doesn’t happen in a vacuum. CISOs should actively engage with external stakeholders, including:

  • Regulatory Bodies: Staying ahead of emerging AI regulations to ensure compliance.
  • Industry Peers: Sharing insights and best practices for responsible AI deployment.
  • Third-Party Vendors: Assessing AI tools and solutions for security, privacy, and ethical considerations before integrating them into the enterprise.

Collaboration ensures that the organization remains informed and aligned with broader industry trends and standards.

7. Preparing for the Worst: Incident Response for AI

Despite the best safeguards, AI systems can still fail or be exploited. CISOs should extend their incident response plans to address AI-specific scenarios, such as:

  • Unauthorized access to AI systems or models.
  • Manipulation of training data leading to compromised outputs.
  • Ethical breaches or regulatory violations stemming from AI usage.

Having a robust response plan ensures the organization can act swiftly and decisively in the face of AI-related incidents.

Conclusion: CISOs as Champions of Responsible AI

In the rush to embrace AI’s promises, organizations cannot afford to overlook its risks. CISOs, with their expertise in risk management, security, and governance, are uniquely positioned to lead the charge for responsible AI adoption. By assessing risks, driving governance, fostering education, embedding security, and advocating for transparency, CISOs can ensure that AI serves as a force for good within their organizations.

The path to responsible AI is not without challenges, but with strong leadership, CISOs can guide their organizations toward a future where AI’s opportunities are fully realized—securely, ethically, and responsibly.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Why ZTNA? The Complete Guide to Zero Trust Network Access [2024-2025]

Why ZTNA Is Critical for Modern Enterprise Security

Why ZTNA? Imagine a fortress that changes its locks and layout every time someone steps through its doors—only those with the right key, in the right place, and at the right time, can enter. This is the essence of Zero Trust Network Access (ZTNA). In a world where cyber threats adapt faster than ever, ZTNA creates a dynamic barrier, tailoring security to each user and device. ZTNA can provide more levels of security with location- or device-specific access control policies, which can keep unwanted or compromised devices from accessing the organization’s resources. It’s not just access; it’s adaptive, intelligent, and resilient defense. Dive in to see how ZTNA can build an invisible fortress around your digital assets.
This fundamental capability transforms how organizations approach security in 2024. Here’s why ZTNA has become essential:

1. Enhanced Multi-Level Security Controls

  • Location-Based Security: Precise geographic access restrictions
  • Device-Specific Policies: Granular device trust verification
  • Continuous Monitoring: Real-time security posture assessment
  • Adaptive Controls: Dynamic policy enforcement based on risk

2. Why ZTNA Over Traditional VPNs?

  • Traditional VPNs: Grant broad network access
  • ZTNA: Provides precise, granular control
  • Security Impact: 67% reduction in breach exposure
  • Cost Benefit: 40% lower TCO compared to VPNs

Why ZTNA with Thinfinity® Workspace 8 Maximizes Security

Thinfinity Workspace 8 leverages ZTNA’s multi-level security capabilities through:

1. Advanced Access Control Implementation

Geographic Restrictions

  • Office location verification
  • Remote work zone validation
  • Country-specific access rules
  • IP-based filtering

Device Security Features

  • Hardware fingerprinting
  • Security posture checking
  • Compliance verification
  • Automated device assessment

2. Comprehensive Protection Layers

Identity Verification

  • Multi-factor authentication
  • Biometric validation
  • SSO integration
  • User behavior analysis

Resource Access Management

  • Application-level segmentation
  • Data access controls
  • Session monitoring
  • Activity logging

Why ZTNA’s Multi-Level Security Matters

Real-World Protection Scenarios

Remote Work Security

  • Blocks access from unauthorized locations
  • Prevents compromised device connections
  • Enforces security policy compliance
  • Maintains data protection standards

Compliance Requirements

  • Meets regulatory standards
  • Documents access attempts
  • Tracks policy enforcement
  • Provides audit trails

Threat Prevention Capabilities

Compromised Device Protection

  • Immediate access termination
  • Real-time threat response
  • Automated policy enforcement
  • Security incident prevention

Location-Based Threats

  • Geographical access control
  • Network security validation
  • Connection point verification
  • Risk-based authentication

Implementation Success with Thinfinity® Workspace 8

Key Security Features

Dynamic Access Control

  • Adaptive policy enforcement
  • Context-aware security
  • Real-time risk assessment
  • Automated response actions

Strengthened Networking

  • No inbound ports required
  • Enhanced firewall compatibility
  • Reduced attack surface
  • Secured network connections

Deployment Benefits

  • 90% faster security implementation
  • 75% reduction in security incidents
  • 95% improvement in access control
  • 80% better threat prevention

Practical Implementation Steps

Implementation Steps for Thinfinity Workspace Deployment: Planning, Setup, Policy Configuration, Testing, and Monitoring

1. Security Assessment

  • Evaluate current vulnerabilities
  • Identify critical assets
  • Map access patterns
  • Define security requirements

2. Policy Development

  • Create location-based rules
  • Avoid Inbound Ports
  • Establish access protocols (always over SSL and TLS 1.3 encryption)
  • Set up monitoring systems

3. Deployment Strategy

  • Phase-based implementation
  • User training programs
  • Performance monitoring
  • Security validation

Why Choose ZTNA Now?

  • Current Security Landscape
  • 300% increase in remote work security threats
  • 76% of breaches from unauthorized access
  • 89% of leaders prioritizing zero trust
  • 92% planning ZTNA implementation

Business Impact

  • Security Enhancement
  • Reduced breach risk
  • Better threat prevention
  • Improved compliance
  • Enhanced data protection

Operational Benefits

  • Streamlined access management
  • Reduced IT overhead
  • Better user experience
  • Increased productivity

Conclusion: The Power of Multi-Level ZTNA Security

multi-level Zero Trust Network Access (ZTNA) security, featuring a central lock symbol surrounded by icons representing secure remote access, role-based access control (RBAC), location-based security, continuous monitoring, and adaptive protection

ZTNA’s ability to provide multiple levels of security through location- and device-specific policies makes it the most effective approach to modern network security. Thinfinity Workspace 8 delivers this comprehensive protection while ensuring:

  • Secure remote access
  • RBAC
  • Location-based security
  • Continuous monitoring
  • Adaptive protection

Take Action Now 

Don’t compromise on security. Contact Cybele Software today to learn how Thinfinity Workspace 8’s ZTNA solution can secure access to applications, desktops and every other resource in a cloud or hybrid environment while protecting your organization with advanced location- and device-specific security controls.

About Cybele Software Inc.
We help organizations extend the life and value of their software. Whether they are looking to improve and empower remote work or turn their business-critical legacy apps into modern SaaS, our software enables customers to focus on what’s most important: expanding and evolving their business.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×