What's Up with Tech?
Tech Transformation with Evan Kirstel: A podcast exploring the latest trends and innovations in the tech industry, and how businesses can leverage them for growth, diving into the world of B2B, discussing strategies, trends, and sharing insights from industry leaders!
With over three decades in telecom and IT, I've mastered the art of transforming social media into a dynamic platform for audience engagement, community building, and establishing thought leadership. My approach isn't about personal brand promotion but about delivering educational and informative content to cultivate a sustainable, long-term business presence. I am the leading content creator in areas like Enterprise AI, UCaaS, CPaaS, CCaaS, Cloud, Telecom, 5G and more!
What's Up with Tech?
Revolutionizing Cybersecurity with AI: G-Core's Advanced Solutions for Protecting Digital Assets and Enhancing Business Continuity
Interested in being a guest? Email us at admin@evankirstel.com
Discover the cutting-edge world of cybersecurity with our special guests, Michal and Itamar from Gcore, as they reveal the secrets behind their innovative security solutions. Ever wondered how to protect digital assets without sacrificing performance? Michael and Itamar take us through their experiences with tools like Web Application Firewall (WAF), bot protection, DDoS mitigation, and API security. They emphasize the importance of integrating security solutions near end-users for optimal performance and low latency, making IT work seamless. Get ready to explore how user-friendly, integrated solutions can safeguard business continuity while easing the IT workload.
Join us as we navigate the challenges of distinguishing legitimate from malicious traffic during high-stakes events like Black Friday, guided by the power of AI and machine learning. Discover how Gcore's platform leverages IP reputation mechanisms and client identification to outsmart attackers and protect against zero-day vulnerabilities. Michael dives into the world of shadow APIs and discusses the need for comprehensive API discovery, while Itamar highlights G-Core Cloud's unique independence from major cloud giants, appealing to those mindful of privacy regulations. With a focus on AI-driven advancements, this episode paints a vivid picture of the future of cybersecurity and Gcore's expanding influence beyond Europe.
More at https://linktr.ee/EvanKirstel
Hey everybody, I'm really excited for this conversation today with a true innovator in the infrastructure space at G-Corps, a company that's really fascinating and multidimensional, and we're going to dive into a topic that I'm intrigued around cybersecurity and protecting your digital assets without compromising performance assets without compromising performance. For those of you who haven't heard of G-Core, maybe we'll start with some personal introductions first and then dive into who is G-Core and the topic of the day. Michael, welcome to the broadcast. Maybe introduce yourself and your mission and team within G-Core.
Speaker 2:Thank you, ivan. Thank you very much for this invitation. I am a pre-sales engineer within the G-Core. I'm responsible for all the technical aspects for the security products, especially web application and API security. So I'm the guy in between all of our architecture and engineering teams and our potential on our current customers and our business partners, resellers and security service providers.
Speaker 1:Welcome and you're in Poland, a beautiful country. Get ready for winter, as we are here in North America. Winter's coming Itamar. On the product side, maybe introduce yourself and your background as well.
Speaker 3:Yes, my name is Itamar. I joined G-Core almost one year ago and I was leading the WAP solution from StackPass the WAP solution from StackPass and I'm managing the product on all of its aspects, both technical, commercial, marketing, everything and responsibility for the product and we're going to dive into the product, maybe for the viewers and listeners.
Speaker 1:Introduce G-Core at a high level, because you do much more than security infrastructure. You have a whole range of offerings. How would you describe your mission these days at a high level?
Speaker 3:Yes, well, basically, Jikor is one of the unique companies in the market that has a very broad portfolio of product and solutions, starting from cloud solutions, AI, actually, and edge network and part of the edge network. We have, again, some very comprehensive portfolio as well. We have our CDN solution I think we have over 180 pubs over the world and we are growing we have machine learning based layer 3 and layer 4, DDoS protection and we have, of course, WAF. That completes this portfolio.
Speaker 1:Yeah, that's an amazing offering, and we're going to focus like a laser on security these days and how to secure all of that infrastructure and your customers' infrastructure. So, inamar, how would you describe WAP, and how does it protect websites from various threats without being a burden and slowing them down? What's the big idea behind WAF?
Speaker 3:So, basically, you know, traditionally we have WAF solution, which was a web application firewall. You know protecting a website from traditional what we call OSP10 threats or you know vulnerabilities, threats or vulnerabilities, but nowadays the threats are much bigger than that. We have a lot of automation, we have a lot of AI and the attackers become much more sophisticated and the industry basically decided to go with another term. I think it's another suite of product that includes that. It called WAP, and WAP includes basically four different solutions on the same under the same roof. So the first one is a traditional under the same roof.
Speaker 3:So the first one is a traditional web application firewall. It has also a bot protection, which I think most of the nowadays attacks are because they are being used by automation tools. We have layer 7, ddos and we have API security, since 83% of the traffic nowadays is machine to machine, it is driven by API. So the challenge the real challenge of protecting applications is applications is providing robust security and mitigation for attacks while keeping high performance, availability and latency as low as possible. And this is basically a can be done only if you put the security solution as close as possible to the end user. This is why, you know Makes a lot of sense, yeah.
Speaker 1:And Michael, you're on the front lines of helping clients deploy this technology and you know there are so many features within WAP, youap, bot management, ddos, api security. I mean, how do they all work together to keep things secure and how do you sort of manage and provision all of that?
Speaker 2:Yeah, it's a very good question. So, basically, the biggest challenge that organizations are facing with implementing the security solutions is maintenance required to keep this solution up to date, correctly implemented and have the security policy right security policies in place. Right, it's a process, it's not a one-time activity, and that makes challenges. From my experience, what I was seeing for the past more than 10 years, when acting on the field with the customer during the implementation, configuration and supporting them after the deployment process, was that sooner or later, they were turning off some features. They were turning off some features. They were having these solutions in so-called passive mode or monitor mode, which doesn't make sense for the security solution. Right, they are sophisticated, they need to be correctly maintained and they also need to be implemented in the way that they will not affect the business.
Speaker 2:And this is the biggest challenge that I was facing for the past years. And this is something very unique to G-Core's approach and those components that you have mentioned. Thanks to that, we are also the company which is experienced in the field of the artificial intelligence and creating this type of mechanism. We are empowering our solution with this type of automation with a way of seamless integration, which means we are near zero false positive rates, we are able to implement on the production environments without affecting the end user's experience. It's crucial nowadays to keep the business running as well. Keep this business secure.
Speaker 1:That's a great point. I mean, ease of use and ease of integration into a company's existing setup is so important. I mean, how do you think about reducing the workload of IT teams, and maybe we're not going to do a demo today, I'm, how do you think about reducing the workload of IT teams, and maybe we're not going to do a demo today? I'm sure you do that every day, but talk about the user experience and the IT experience that you try to deliver.
Speaker 2:You're right, and this is also another, let's say, great issue. Right, the application development it's possible and it's happening faster than ever. And the companies, especially after this massive shift to remote home working right, caused mainly by COVID as well they need those applications to be up and running, sometimes literally in hours and minutes, but unfortunately, the security it's not keeping pace of that. As we know, it was loudly announced a few million of skilled cyber professionals are missing on the market. Right, there are positions in the companies for them, but those people are not on the market.
Speaker 2:You have a lot of years of learning, of getting the experience, and this is how the SaaS offerings come into the place. The vendor, with a very experienced team, with our great engineering and with our experience within the AI and security areas, is taking the teams to manage the solution, to develop the solution, to maintain and to provide to the end customer as a ready product. Right, the customer, the potential organization. They don't need to have this overhead for finding the right people to hiring them and to maintain more and more security solutions in place, because the threat landscape is still evolving. Right.
Speaker 1:Yeah, evolving, and I know, Itamar, you've seen many decades of this evolution. Sorry, I'm not calling you old, but you've seen it all as the product owner. Maybe talk about what you're seeing when it comes to things like DDoS getting more and more aggressive. You know massive attacks. Api security is becoming just critical for those developers. I mean, talk about some of the threats that you're on the front lines of.
Speaker 3:Yeah, this is. You know, this is a constant race between us as security solution providers and the attackers, where they become more and more sophisticated and they use the same basic capabilities that we are using as developing solution developers. They're using a lot of automation, which is abundantly available on the internet. They're using AI, they're using bots and I think one of the biggest challenges is and they're basically getting very good in hiding and this is one of the biggest challenges in these kind of DDoS attacks, especially Layer 7 DDoS attack it is to identify the attacker and to mitigate the attack and distinguish the attacker from good traffic. You know good users that are, let's say, go to e-commerce site and try to buy something and you can take it as example the Chinese Betra Days or Black Friday. We have peak of traffic and with traditional solutions it is very hard to distinguish if it's a peak of real traffic of customers that want to buy something, to make a transaction or an attack.
Speaker 3:And one of our unique strengths point of our solution is that we use to begin with, it's not something that we add to the product, it is a base, it is a core capability of our product.
Speaker 3:We use AI and machine learning to analyze the behavior of the traffic. And we analyze, we go very deep of the traffic, wow and we analyze, we go very deep into the traffic and distinguish between good traffic and bad traffic and we keep history of, basically, of IPs and of IP addresses and we give them a rating, okay, we give them reputation. So there might be that there was an attacker that used this IP and he did a different attack, but it has already had some you know bad rank in our system and now he's doing something. So we increase his rating and we increase his rating something. So we increase his rating and we increase his rating. So in this way, basically, we are being able to deal with all of these attacks to distinguish the attackers from the big crowd of good users and mitigate them, block them, without affecting the availability of the site itself. The business keeps on running and all of these attackers go to some black hole and they stay there for a long time.
Speaker 1:That is amazing, wow, differentiating between the good bots and the malicious ones, and I also see here you guard against Euroday vulnerabilities. That's increasingly. I also see here you guard against zero-day vulnerabilities. That's increasingly a challenge. How do you stop these? Threats before they get into the headlines.
Speaker 3:Yeah, we're doing it in the same way, basically Using our machine learning and behavioral engines, and we detect anomalies in traffic and we detect if it is, since we collect a lot of data. We know if it is, since we collect a lot of data, we know if it is good transactions and and or attacks, and we have what we call security insights okay. And we trigger an alert to the user and say okay, you have some suspicious behavior here. It's better if you turn on these and these policies and normally it solves the problem. Some of, by the way, of these attacks are mitigated automatically using this IP reputation mechanism, ip reputation and client identification mechanism, where we already have the footprint of these attackers, because most of the time these are the same users and the same using, from coming from the same regions, and we have already the footprint in the system. So we shut them down for every attack attempt or every anomaly and we blocked these attacks, even without the user being aware that we mitigated it.
Speaker 1:That's phenomenal. And, michael, you're on the front lines of helping customers and partners address these challenges. What do you see with a typical deployment? I mean, what challenges do customers typically face with these kinds of solutions, and how long did it take to implement and get into production?
Speaker 2:So with G-Core's platform, with web application and firewall protection I would say API protection I would say it's possible literally in a few minutes.
Speaker 1:Wow, okay, I wasn't expecting that.
Speaker 2:Yeah, it's like during my daily activities and during the presentation with the customer, I'm starting asking them okay, I can show you something on my lab environment or we can just go and deploy some new protection layer for some just new, let's say, vulnerable web application. There are some web applications that you can use for playing, for testing or verifying the value of the security solution, but what is also very important to know and remember about the practical aspects of implementation, about the practical aspects of implementation, it's that not everything is well known to the end user of the application, of the system, of this part of infrastructure that we need to help them to secure. There is, for example, the term very, very interesting term of shadow APIs. Right, api is application programmable interface, which means they are often used to. They are not exposed to humans, they are used on the layer. Application talks to application. Right, you have a website which needs to be fully integrated with your mobile application. You have your mobile version of the application and they need to talk together.
Speaker 2:And this is an API. And sometimes for this type of functionality, you need a third company, you need to have a third party to ask them to deliver you this type of solution and you don't know everything about it. Sometimes it's how-to, their own knowledge, their proprietary protocols, but they implement this in your infrastructure, in your environment, and you are not fully aware of that. You don't know how exactly that works, because it's like confidential stuff, but you need still to be protected. And the great feature, the response for that to make this type of feature, so-called virtual patching it's also the API discovery. This mechanism within our web product is able to reveal, to show to the end customer hey, you have something unprotected and most probably you are not aware of it.
Speaker 1:Yeah, great, great insight. And you know Itamar, when it comes, you know the product, you're the product owner. It sounds like this solution is ideal for really any industry or size company. But where are you seeing your sweet spot? Where are you getting the most traction these days with customers and partners these days?
Speaker 3:with customers and partners. Well, I think it's mainly concerning, you know, enterprises, governments, you know e-commerce, and you know one of our unique and key selling points is that our entire solution runs on G-Core Cloud, as we are a cloud provider, runs on G-core cloud, as we are a cloud provider. And you know versus. You know most of the competition is running either on Azure, gcp or AWS and we are not subjected to, if you know what is the Cloud Act, and for every customer and as you know, today, privacy is a big thing and in Europe we have GPDR and the Cloud Act basically forces all of these public cloud providers to disclose customer information pending, you know, a court decision or something like this or weren't, and we are not subjected to that.
Speaker 3:So every company that you know they are concerned on the privacy of their data and the customers they are a good candidate for us. It's government, it's health organizations, commercial banks. You know this is our sweet spot. You know, for example, that CAPTCHA solution. You know if you're using third-party CAPTCHA solution, it transmits some of your data to the third-party vendor. So we don't have that. So everything is homegrown, everything is on our private cloud and we are responsible and one of our keys you know advantages is that we are a very agile company and if it is required, we can deploy a data center wherever the customer asks us and we are kind of free from all of these kind of limitations.
Speaker 1:Yeah, that's great. Private cloud and hybrid cloud is hugely of interest to these organizations. Very exciting, and you must have a ton of features and roadmap that you're focused on. What is exciting, I guess, as the product owner, most over the next month, year or two, as far as the direction.
Speaker 3:I think that you know, when I evaluated the G-Core, I think one of the things that were very appealing is the architecture, and it was using machine learning and AI to begin with. Okay, we have a very unique architecture, what we call a single brain, where basically we have a single brain but kind of a split brain, that we have one part which is on the edge. This is the part that is enforcing. You know, it is on the edge. This is the part that is enforcing. It is doing the enforcement. This one part basically blocks the attack. It reacts in milliseconds and it's very close to the user, it's very fast and we have what we call a security cloud. This is where all of our analytic and machine learning engines are running okay, and we send some of the traffic to these engines and they are getting all of these doing all this kind of behavioral magic that I talked before.
Speaker 3:So my investment for the next year will be to expand on that. This is not just that. Everybody is talking about AI. I think that our goal is to save the user as much as possible. The burden of configuration, because configuration or misconfiguration is where you find all of these kinds of security holes. Okay, and today, even today, I think it's more than 80%, I think 90% of the threats are mitigated by ourF, without any single line of configuration from the user. Wow, okay, and this is the direction to use more AI and more machine learning to deal with more attacks and sophisticated attacks, and that, basically, should be plug and play. You know the same experience that you have on your phone you put your SIM and you talk. This is it, and it just works. That's fantastic.
Speaker 1:Well, we need more work like this and solutions like this, given the threats that are out there, and the investments you're making are so important for customers and the industry, onwards and upwards. Keep up the great work and thanks for joining guys. Thank you very much and thanks everyone for listening and watching and reach out to G-Corps. They're a company that's making a lot of waves, not just in Europe but in North America as well. Take care, thank you, take care Bye-bye.