The Latest Red Piranha News
|
March has been a month of strong engagement and collaboration as we take Crystal Eye 6.0 on the road, hosting Partner Events across Melbourne, Sydney, and Perth. With successful sessions already delivered in Melbourne and Sydney, we’ve had the opportunity to connect with our partner community and share an exclusive preview of what’s coming next as we move toward the broader rollout of the platform.
Attendees have gained a closer look at the advancements introduced in Crystal Eye 6.0, including guided deployment modes, high-availability upgrades, advanced behavioural analytics, quantum-proof SD-WAN, and AI-driven operational visibility. Beyond the technical updates, the events have sparked valuable discussions around market shifts, emerging threat patterns, and how partners can position these capabilities to support customers navigating increasingly complex security requirements.
We extend our thanks to everyone who joined us in Melbourne and Sydney, and we look forward to continuing the conversation in Perth. Your feedback and continued collaboration are instrumental as we bring Crystal Eye 6.0 to market and prepare for the next phase of growth.
Read on for event highlights and the latest updates from the Red Piranha team this month. |
Red Piranha Releases 2026 Threat Intelligence Report Highlighting Shift in Global Cyber Threat Landscape
|
 |
|
Red Piranha‘s 2026 Annual Threat Intelligence Report reveals a significant shift in the global cyber threat landscape as attackers increasingly prioritise cyber espionage, persistent access, and long-term intelligence gathering over immediate disruptive attacks.
The report analyses more than 80 million security events, tracking 110 advanced persistent threat (APT) campaigns and thousands of intrusions attempts across enterprise and critical infrastructure environments.
The findings show that modern attackers are adopting espionage-led intrusion strategies, focusing on gaining access to identity systems, establishing persistence within networks, and maintaining covert access to sensitive environments.
|
| Get your copy here |
Crystal Eye Platform Updates
|
Crystal Eye March Update This month in Orchestrate, we’ve launched our new Configuration Management Database (CMDB). Our new Training Platform is also nearly complete and will be released later this month. In addition, we’ve delivered major improvements across the Crystal Eye Operating System and several enhancements within Orchestrate to improve your overall experience.
If you haven’t upgraded to 5.5 yet, here’s what you’re missing:
- RAID Support
- Defender for Endpoint Updates
- Link Aggregation (LACP) support
- Entra ID Management and Policy Configuration
- Entra ID SSO Authentication for WireGuard VPN
- SD-WAN monitoring improvements
- Updated Risk Auditing and CEASR policy management
- DAS (Declarative Authorisation Service) for granular SaaS policy enforcement
- Bridge Interface deployment
- A range of UI and reliability enhancements across the platform
Upgrading is free and available to all Crystal Eye systems running version 5.0. A reminder to all users that Crystal Eye 5.0 is nearing the end of life with the 6.0 release. This is scheduled for release by the end of quarter one of 2026. If you have not yet updated to version 5.5, please do so as soon as possible.
For support or more information, reach out to support@redpiranha.net or visit our Forum at forum.redpiranha.net. |
Red Piranha Events
|
Calling all our Perth partners!
Join Red Piranha for an exclusive preview of Crystal Eye 6.0. Get early access to the latest hardware innovations, enhanced TDIR capabilities, expanded threat intelligence and asset management features, strengthened security controls, and upcoming networking solutions planned for 2026.
Discover how Crystal Eye 6.0 can help you strengthen customer cyber resilience while unlocking new growth opportunities. |
Sign up here
|
Service Spotlight:
Identity-Driven SD-WAN for the Modern Enterprise
|
 |
Enterprise connectivity is changing fast. Workloads are distributed across cloud platforms, branch offices, and remote users, yet many SD-WAN deployments still rely on legacy authentication models and fragmented identity enforcement.
The result is a familiar security gap. Identity platforms govern application access, but network connectivity often operates outside that control plane.
With Crystal Eye 5.5, Red Piranha introduces an identity-driven SD-WAN architecture built on WireGuard and integrated with Microsoft Entra ID.
This approach allows organisations to extend identity governance directly into SD-WAN connectivity. The encrypted tunnel, branch connectivity, and remote access are all controlled through a single identity framework.
Traditional WAN and VPN architectures were designed for static environments where users and applications lived inside the corporate network. Today’s infrastructure looks very different. Branch locations connect directly to cloud services, remote users access internal systems from anywhere, and application traffic flows across multiple networks.
Without identity-driven controls, SD-WAN connectivity can still rely on static credentials or device-based trust models. This increases operational complexity and weakens policy enforcement across distributed networks.
Crystal Eye addresses this by combining WireGuard’s modern encryption model with Entra ID federation. Identity verification becomes a prerequisite for establishing encrypted network connectivity across SD-WAN environments.
In practical terms, identity becomes the policy engine for network access.
WireGuard as the Secure SD-WAN Transport Layer
At the core of this architecture is WireGuard, a modern VPN protocol designed for simplicity, performance, and strong cryptography.
Unlike traditional VPN technologies with large codebases and complex configuration layers, WireGuard uses a streamlined architecture built around modern encryption primitives. The result is faster tunnel establishment, lower overhead, and a significantly smaller attack surface.
Inside Crystal Eye SD-WAN deployments, WireGuard provides the encrypted transport layer between branch offices, remote users, and core infrastructure.
When integrated with Microsoft Entra ID, these tunnels are established only after identity validation has been completed through the organisation’s identity provider.
This ensures that encrypted connectivity is tied directly to identity policy rather than static credentials or isolated authentication mechanisms.
The integration between Crystal Eye and Entra ID is implemented through SAML federation. Entra ID acts as the Identity Provider while Crystal Eye functions as the Service Provider responsible for network access enforcement.
Administrators begin by creating an enterprise application within the Entra ID tenant and assigning appropriate user or group permissions. A corresponding SAML profile is configured within Crystal Eye’s single sign-on framework, and federation metadata is exchanged between both platforms to establish a trusted authentication pathway.
Once deployed, authentication occurs through Entra ID before any SD-WAN connection is established. Conditional access policies, multifactor authentication requirements, and identity governance controls are evaluated before the WireGuard tunnel is created. This means that remote connectivity, branch-to-branch communication, and user access all operate under the same identity policies that govern cloud applications.
For CISOs and CIOs managing distributed environments, identity-driven SD-WAN introduces a significant operational advantage.
Access governance becomes centralised. Identity lifecycle management automatically extends to network connectivity. When a user account is disabled in Entra ID, their ability to establish encrypted SD-WAN tunnels is immediately revoked.
Multifactor authentication enforcement becomes consistent across cloud services and network infrastructure. Conditional access policies apply uniformly to both applications and connectivity. Security teams gain improved visibility into identity events associated with network access.
This architecture simplifies access governance while strengthening the organisation’s overall Zero Trust posture.
For managed service providers delivering SD-WAN and security services, scalability and repeatability are critical.
The federation model used by Crystal Eye allows the WireGuard and Entra ID integration pattern to be replicated across multiple customer environments. Each client maintains its own identity governance through Entra ID while Crystal Eye enforces secure connectivity across the network layer.
This enables MSPs to standardise identity-driven SD-WAN deployments while maintaining strong policy governance for each tenant.
Modern security architecture is steadily moving toward identity-first networking. Connectivity decisions are no longer based solely on network location or device trust. They are determined by identity verification and policy enforcement.
By combining WireGuard-based SD-WAN connectivity with Entra ID identity governance, Crystal Eye brings identity directly into the network fabric.
The encrypted tunnel is no longer just a transport mechanism. It becomes an identity-controlled access pathway.
|
| Get the experts in today |
YouTube Replay: APT Attacks on Critical Infrastructure: Detection, Threat Hunting & Defence Strategies
|
APTs don’t break in, they blend in.
Campaigns like Salt Typhoon are targeting critical infrastructure with increasing sophistication, often operating silently within network infrastructure.
Missed our recent Knowledge Sprint? Watch the full session on YouTube to learn:
- How APT groups operate and evade traditional controls
- How threat hunters uncover hidden activity across networks
- How Crystal Eye supports proactive threat hunting and detection
|
| Watch the video on YouTube |
Questions?
|
|
Get in touch. If you have any questions, comments or feedback regarding our ongoing programs, products or services, please submit them to support@redpiranha.net or head to our forum at https://forum.redpiranha.net
|
**Terms and conditions apply!
Contact your business development manager to receive a copy of the terms and conditions. |
|
|
|
|
