Skip to content

ESET introduces Cloud Workload Protection for ESET PROTECT customers

 

ESET launches Cloud Workload Protection and AI enhancements for ESET PROTECT customers

Protect your cloud infrastructure across AWS, Azure, and GCP with AI-powered, multilayered security. ESET’s Cloud Workload Protection prevents malware, blocks threats early, and reduces downtime to keep workloads secure and available.

It feeds VM data into the ESET PROTECT XDR platform for improved visibility and control. Unlike many competitors, this capability is included at no extra cost for ESET PROTECT customers (excluding Entry), making advanced cloud security more accessible and cost-effective.

LEARN MORE

Explore ESET Cloud Workload Protection benefits

Block Targeted Attacks

ESET leverages global threat intelligence to prioritize and block new threats before widespread delivery.

Managed from a Unified Console

Managed from a Unified Console

Manage all ESET cloud VMs, endpoints, and mobile devices through the unified ESET PROTECT console.

Block Targeted Attacks

ESET leverages global threat intelligence to prioritize and block new threats before widespread delivery.

Ransomware Shield & Remediation

Adds ransomware protection with automated rollback and seamless file restoration from secure backups.

Advanced Multilayered Technology

Decades-built AI-powered ESET technology delivers award-winning detection engine and globally trusted protection core.

Seamless Integration

Activate security on cloud VMs in clicks via ESET PROTECT integrations with AWS, Azure, GCP.

Extended Visibility and XDR

Cloud telemetry feeds ESET PROTECT XDR, enabling admins to control, automate response, and hunt threats.

ESET Cloud Workload Protection

Protect your cloud virtual machines (VMs) from advanced cyber-threats

REQUEST A DEMO
MAKE AN ENQUIRY

Penta Security: 2026 Globee Award Triple Win

2025-12-09  Real-time log encryption is now essential because logs contain sensitive data and serve as blueprints for sophisticated attackers like APTs and ransomware groups. Following incidents like the Salesforce third-party breach, organizations must treat logs as critical assets requiring protection from the moment they’re created. This proactive approach, exemplified by solutions like Penta Security’s D.AMO, neutralizes damage if storage is compromised and enhances threat detection by preventing attackers from analyzing unencrypted system architecture and account patterns.

Continue reading

Security Bulletin: Citrix Hypervisor Vulnerabilities

URGENT: On April 24, 2026, researchers identified 89 vulnerabilities in XAPI. No patches are currently available. A full system rebuild is advised due to the foundational nature of these flaws.

Vulnerability Overview

The latest audit reveals 89 flaws across the XAPI codebase (dating back to 2006). These allow authenticated vm-admin users to execute cross-hypervisor lateral movement and storage protocol injection without triggering security alerts.

Severity Distribution:

  • 5 Critical
  • 28 High
  • 46 Medium
  • 10 Low

Network Discovery (runZero)

Use these queries to inventory your hypervisor environment:

Locate XAPI-affected assets:
os:="Citrix XenServer"

Locate legacy Citrix/XenServer assets:
(product:citrix and type:hypervisor) or product:xenserver

Legacy Vulnerability Reminders

Ensure your environment is also audited for previous disclosures, including CVE-2024-45817 (Deadlock risk) and CVE-2022-24805/9 (SNMP service crashes). Limit management interface access to reduce your attack surface until architectural rebuilds can be performed.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

HPE Aruba & GREYCORTEX Mendel Integration Demo

The Outcome: In a live-fire simulation, the integrated HPE CX10000 and GREYCORTEX Mendel solution detected and neutralized an Nmap port scan in under two minutes, requiring zero manual analyst intervention.
 
 

The Integration Workflow

1. Telemetry Ingestion: The CX10000 collects deep flow data and relays it to the Mendel intelligence engine.
2. Behavioral Detection: Mendel recognizes malicious scan patterns in real-time.
3. Automated Response: Mendel triggers a script to update switch security policies immediately.
4. Host Isolation: The attacker is blocked from the network, containing the threat.
 
 

Technical Significance

Featured on HPE Aruba’s Airheads Broadcasting, this demonstration highlights how deep network telemetry can be transformed into actionable, automated security policy. By bridging the gap between infrastructure hardware and security analytics, organizations can significantly reduce the “mean time to respond” (MTTR).

Watch the Full Technical Demo

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Shadow AI Strategy for MSPs

Strategic Insight: MSPs must stop viewing Shadow AI as a single category. It is a distributed condition spanning five control planes. A governance model that ignores any one of these surfaces is structurally incomplete.

 

The Five Surfaces of Risk

SurfaceDescription
Shadow EndpointLocal AI tools (Claude, Ollama) interacting with endpoint data.
Shadow IdentityHigh-frequency usage of AI tools by specific, high-risk user roles.
Shadow InfrastructureOutbound API calls & egress to external inference endpoints.
Shadow OAuthDurable tokens with broad access to M365/GWS resources.
Shadow AgentAutonomous agents/workflows operating as non-human entities.

 

Operational Recommendations

  • Consent Inventory: Implement fleet-wide, continuous inventory of all OAuth grants.
  • The 2-Minute Audit: If you cannot trace an AI alert to a raw log event within 120 seconds, your detection is noise.
  • Documentation as Defense: Enumerating the absence of AI tools is a defensible artifact for cyber insurance and audits.

Security Bulletin: LiteLLM RCE Chain


Critical Threat Alert: LiteLLM Proxy RCE Chain

Multiple vulnerabilities (SQLi, SSTI, and Command Injection) have been disclosed, allowing for full system compromise of LiteLLM instances.

Vulnerability Summary

Advisory IDTypeAccess LevelSeverity
GHSA-r75f-5x8p-qvmcSQL InjectionUnauthenticatedCritical (9.3)
GHSA-xqmj-j6mv-4862SSTIAuthenticatedHigh
GHSA-v4p8-mg3p-g94gCommand ExecutionAuthenticatedHigh

Remediation Guidance

Affected Versions: v1.81.16 – v1.83.6

Recommended Action: Immediately upgrade to v1.83.7-stable or later.

Network Hunting (runZero Query)

Identify exposed LiteLLM instances by searching for specific HTTP headers and HTML titles:

_asset.protocol:http AND protocol:http AND (html.title:=”LiteLLM%” OR last.html.title:=”LiteLLM%”)

Atera Positioned as a Visionary in Gartner® Magic Quadrant™

Atera in Gartner® Magic Quadrant™

We are proud to share that Atera has been named a Visionary in the Gartner® Magic Quadrant™ for Endpoint Management Tools! This recognition, reflects Atera’s commitment to redefining how IT teams manage endpoints through AI agents and a truly autonomous approach to IT. Being positioned as a Visionary reinforces Atera’s belief that endpoint management should be intelligent, pre-emptive, and built to scale without adding complexity or headcount.

Start Free Trial

Autonomous IT for the modern enterprise

What we know makes Atera

All-in-One

Atera combines remote monitoring and management, patch management, helpdesk and ticketing, and professional services automation, giving IT teams access to a full stack that scales with their needs.

Agentic AI

Atera’s AI agents, Copilot and Robin, enable technicians to run diagnostics, create scripts, summarize and resolve tickets, boosting productivity and autonomous endpoint management through workflows.

Per-Technician Pricing

Atera’s per-technician licensing model allows unlimited endpoint management, offering a predictable, cost-effective business model for growing enterprises and MSPs.

 

Endless IT possibilities

Boost your productivity with Atera’s intuitive, centralized all-in-one platform

START FREE TRIAL
MAKE AN ENQUIRY

Book a demo for sales enquiry and quotations or email to sales@version-2.com.sg

Google Workspace Domain Switch Migration Strategy

Executing a domain switch within Google Workspace is a structural operation. Unlike standard migrations, the domain identity must be released from one tenant and captured by another in real-time. This requires a zero-latency execution path.

The Architectural Pivot: Because a domain cannot exist in two Workspace instances at once, identities must be temporarily re-homed to allow the domain to be released and re-verified at the destination.

The 6-Phase Execution Roadmap

  • Bulk Ingestion: Migrate data from the source to a staging domain at the destination to minimize cutover volume.
  • Identity Stripping: Use GAM to rename all source users off the primary domain onto a temporary secondary domain.
  • The Domain Capture: Release the primary domain from the source and immediately verify it at the destination.
  • Final Alignment: Rename destination users from staging addresses to their permanent primary domain identities.
  • MX Cutover & Delta: Update mail routing and run a final delta sync to capture the last remaining messages.
  • Safety Buffer: Maintain the source tenant for 30 days as a read-only safety net before final decommissioning.
Warning: “Domain in Use” errors are usually caused by a single forgotten alias or group. Automated auditing of the source environment is critical.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CloudM
CloudM is an award-winning SaaS company whose humble beginnings in Manchester have grown into a global business in just a few short years.

Our team of tech-driven innovators have designed a SaaS data management platform for you to get the most from your digital workspace. Whether it’s Microsoft 365, Google Workspace or other SaaS applications, CloudM drives your business through a simple, easy-to-use interface, helping you to work smarter, not harder.

By automating time-consuming tasks like IT admin, onboarding & offboarding, archiving and migrations, the CloudM platform takes care of the day-to-day, allowing you to focus on the big picture.

With over 35,000 customers including the likes of Spotify, Netflix and Uber, our all-in-one platform is putting office life on auto-pilot, saving you time, stress and money.

The Glasswing Paradigm: AI Security Strategy

2025-12-22   A log correlation engine automates the process of linking fragmented event data across diverse systems, transforming raw logs into real-time, actionable insights. By normalizing data and applying correlation rules, it reduces alert fatigue, accelerates incident detection (MTTD), and enables faster root cause analysis for improved security and operational efficiency.

Continue reading

Quantum Key Distribution (QKD) Technical Overview

2025-12-09  Real-time log encryption is now essential because logs contain sensitive data and serve as blueprints for sophisticated attackers like APTs and ransomware groups. Following incidents like the Salesforce third-party breach, organizations must treat logs as critical assets requiring protection from the moment they’re created. This proactive approach, exemplified by solutions like Penta Security’s D.AMO, neutralizes damage if storage is compromised and enhances threat detection by preventing attackers from analyzing unencrypted system architecture and account patterns.

Continue reading