Addressing the Threats of Cross-Site Scripting (XSS)

Aashish Yadav | August 12, 2022 | 1634 views | Read Time : 02:50 min

Addressing the Threats of Cross-Site Scripting (XSS)
Cross-site Scripting (XSS) is a kind of code injection attack that occurs on the client side. The attacker intends to run harmful scripts in the victim's web browser by embedding malicious code in a genuine web page or online application. The primary attack takes place when the victim views the malicious web page or web application. The malicious script is sent to the browser of the user through a web page or web application. Forums, message boards, and online sites that enable comments are vulnerable vehicles that are often utilized for cross-site scripting assaults.

A web page or web app is susceptible to XSS if the output it creates contains unsanitized user input. The victim's browser must then parse this user input. In VBScript, ActiveX, Flash, and even CSS, XSS attacks are conceivable. But they are most common in JavaScript because JavaScript is an important part of most browser experiences.


How to Find XSS Vulnerabilities?

XSS vulnerabilities in web applications can be difficult to detect and prevent. The easiest method to detect problems is to undertake a security assessment of the code and look for any places where HTTP request input could potentially find its way into the HTML output. It should be noted that numerous HTML elements can be used to send malicious JavaScript. Although Nessus, Nikto, and other such tools can assist in scanning a website for these issues, they only scratch the surface. If one component of a website is susceptible, there is a good chance that other parts are as well.

  • Content Security Policy
The content security policy (CSP) is a browser feature designed to reduce the effect of cross-site scripting and other risks. If a CSP-enabled application has XSS-like behavior, the CSP can hamper or prevent exploitation of the risk. Often, the CSP can be bypassed in order to attack the underlying vulnerability.
  • Dangling Markup Injection
Dangling markup injection is a method for capturing data across domains when a complete cross-site scripting vulnerability is not available owing to input filters or other protections. It is often used to record sensitive data that is accessible to other users, such as CSRF tokens, which can be used to undertake illegal practices on the user's behalf.


How to Prevent XSS Attacks?

It is difficult to prevent cross-site scripting (XSS). Specific preventive measures vary depending on the subtype of XSS vulnerability, the context of user input, and the programming framework. Yet, there are certain broad strategic concepts you should adhere to in order to make your online application secure.

1. Train and Maintain Awareness
To ensure the security of your online application, everyone engaged in its development must be aware of the dangers associated with XSS vulnerabilities. All of your developers, QA employees, DevOps, and SysAdmins should get appropriate security training. You might begin by directing them to this website.

2. Don’t Trust Any User Input
Consider all user input to be untrustworthy. Any user input utilized as a part of HTML output increases the danger of XSS. Treat input from authorized and/or internal users similarly to public input.

3. Use Escaping/Encoding
Based on where user input is to be utilized, employ the proper escaping/encoding technique: HTML escape, JavaScript escape, CSS escape, URL escape, and so on. For escape, use existing libraries rather than write your own unless strictly necessary.

4. Sanitize HTML
You can't escape/encode input from the user if it contains HTML since it will break valid tags. Utilize a reliable and validated library to parse and clean HTML in such situations. Select a library based on your development languages, such as HtmlSanitizer for.NET or SanitizeHelper for Ruby on Rails.

5. Set the HTTPOnly Flag
Enable the HttpOnly flag for cookies to prevent the effects of a potential XSS vulnerability. Once you do, client-side JavaScript will not be able to access such cookies.

6. Use a Content Security Policy
Implement a Content Security Policy to help limit the effects of a potential XSS issue (CSP). CSP is an HTTP response header that allows you to define the dynamic resources that can be loaded based on the request source.

7. Scan Regularly
XSS vulnerabilities can be created by your developers or by third-party libraries, modules, or software. You should check your online apps on a regular basis with the help of a web vulnerability scanner such as Acunetix.


Closing Lines

These preventive solutions cover the majority of XSS attack vectors, but not all. Deploy static and dynamic application scanning technologies in your workflow to discover and address security vulnerabilities.

Spotlight

Gigasec Services Limited

Gigasec services is an innovative information technology and consulting engineering company that provides Internet Protocol based solutions such as location-based solutions, IP security and internet of things solutions to a variety of industries. We know that one system does not fit all; and the system we propose is designed to fit exactly the requirements of the clients.

OTHER ARTICLES
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

The Great CISO Resignation

Article | August 20, 2022

CISOs Are Leaving in Droves The Great Resignation has been front-page news since Covid lockdowns, with many employees looking for the work-life balance they enjoyed at the time. Now, the phenomenon has spread to the role of Chief Information Security Officer (CISO) and shows no signs of letting up. In fact, industry experts predict that it is likely to worsen. A recent study from cybersecurity company BlackFog found that 32% of CISOs in the U.K. and U.S. have considered leaving and many planned to do so in just six months. The majority noted that the top reason for leaving was a lack of work-life balance. The CISO role is demanding, with firefighting and frequent changes in regulations and customer expectations taking up significant time both on and off the job. In another recent study in which 581 CISOs were surveyed, the IANS Research and Artico Search explored CISO compensation and job satisfaction. Three-fourths of CISOs are satisfied with their job, which is 7% higher than in the 2021 sample and more than double that of the 2020 sample. The main drivers of satisfaction are compensation, budget, executive visibility, and organizational support. However, despite high satisfaction numbers, the study found that as many as 44% of respondents are considering a job change. CISO Challenges LIABILITY AND EXPOSURE OF THE CISO There is a perception that CISOs face heightened liability for cyber intrusions and the response to cyber events. One extraordinary example is the recent conviction of Uber’s former security officer, which represents the first time a security executive has faced federal crime prosecution over a data security response. In this case the finding was that he obstructed justice by concealing information about a breach, destroying data, and covering up the incident. CISOs are often in the hot seat when it comes to cyber-intrusions and how they are handled. The Board of Directors (possibly including named corporate officers) in most cases are protected by being diligent about the Business Judgement Rule (BJR). Heavily adopted in Delaware case law and since adopted in various forms in many states, this “rule” stipulates that proper oversight includes demonstrating the duty of loyalty (no conflicting interests) and duty of care (make informed decisions) to be protected from liability. There are few cases (although Enron being one) where liability was found but it was for illegalities and poor business judgment. Since CISOs are not named corporate officers in most cases, BJR does not provide comfort. Similarly, liability insurance which covers legal defense fees and cash judgments often covers only directors and named corporate officers unless the CISO has been specifically included in the policy. DUTY TO REPORT Improving Board-CISO Transparency There is a mechanism found in corporate governance best-practices for ensuring that the most senior people in an organization get direct, unfiltered input from a key executive, regardless of reporting structure. It is called the executive session. This is in common use by Boards of Directors who meet individually with the Chief Financial Officer, Controller, and other key executives, notably without other management in the room. Questions are intended to be penetrating and the respondent is expected to respond openly. Now that cybersecurity has risen to a top risk for the enterprise, the CISO position should be among those who appear individually in an executive session with the highest governing body of an enterprise at least annually. This addition to governance best-practices would give Board members and State governors unfiltered information on cybersecurity matters, thereby helping to fulfil their oversight responsibility. Bob Zukis, founder and CEO of the Digital Directors Network, reports that a survey of its membership of more than 900 IT, cyber, and boardroom leaders shows nearly half of the respondents already have some form of this policy in practice. However, this is still a minority of the overall CISO population, signaling more transparency between the CISO and Board is needed. CISOs in State Governments Government organizations also face many of these issues. Evidence shows that CISOs in state governments are as vulnerable to other job offers as CISOs in the private sector. In the span of eight days in October 2022, there were several reports of state CISOs resigning, including Oklahoma, Georgia, Pennsylvania, and North Dakota. [1] Legal liability is not an issue the government CISO needs to be worried about since governments and their employees are immune from legal suits. However, government CISOs are highly concerned about shouldering blame, especially in the press, for security intrusions or their coverup. As with private industry, state governments should also institute this recommended practice. NCC recommends CISOs be called upon to appear in an executive session with agency heads and even the governor at least once a year. The State of Texas, for example, already has a version of this policy implemented in a statute and in practice. Texas Administrative Code includes provisions for: Reporting, at least annually, directly to the agency head the status and effectiveness of the security program and its controls. Informing any relevant parties in the event of noncompliance with the state agency’s information security policies Resolving the Great CISO Resignation For organizations across the public and private sectors, cybersecurity has risen to one of the top risks and has increased the importance of the role of the CISO. Most are looking to improve their work-life balance and reduce some of the stressors of the job. While many CISOs are also concerned about trends in liability and becoming headline news for decisions made on the job, requiring CISOs to appear in executive sessions with board members or state governors can help to alleviate these concerns and improve CISO job satisfaction while at the same time improving how the most senior levels of organizations fulfil their responsibilities for oversight of top risks.

Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Top 5 Application Security Trends Businesses Must Be Aware of in 2023

Article | March 29, 2023

Introduction Top 5 Trends for Businesses to Improve Their Existing Application Security 1.AppSec and Convergence 2.Adoption of Automated AI Security Capabilities 3.Emphasis on Securing the Software Supply Chain 4.Extreme 'Shift Left' 5.Upsurge in Demand for Vulnerability Prioritization Moving Forward with Application Security Introduction The proliferation of applications and their usage across the business landscape has made application security a strategic initiative that spans departments rather than an activity. Several factors are driving the rethinking of application security as a broader strategic program, including the evolving threat landscape, more incremental software development frameworks, and the adoption of nimbler. With the acceleration of software development and the greater-than-ever role of code in current business infrastructure, application security is shifting left in the process and infusing every step to ensure that the applications reaching customers' hands are secure and reliable. Top 5 Trends for Businesses to Improve Their Existing Application Security Applications serve as a doorway to servers and networks, making them an excellent target for malicious actors. Since cyber attackers constantly improve their techniques for breaking into software, it is becoming essential for businesses to gain insights into ever-evolving trends in the AppSec space. Here are some of the prominent trends that businesses should aware of to improve their existing application security. Trend 1: AppSec and CloudSec Convergence To accurately estimate attack surface and overall security posture, both application code vulnerabilities and cloud service hosting misconfigurations must be examined. The convergence of AppSec and CloudSec is becoming a critical component of modern security operations. It allows organizations to gain a comprehensive view of the attack surface and better understand the risks posed by application code and cloud service providers. By looking at these two areas cohesively, organizations can identify business-critical vulnerabilities and prioritize their remediation efforts. Trend 2: Adoption of Automated AI Security Capabilities The increasing volume and complexity of security threats pose significant challenges for organizations, causing strain on their threat detection and response capabilities. This leads to slower response times, higher costs, and a greater impact on security incidents. To address this issue, many companies are turning to security automation as a potential solution. One of such approaches involves the use of artificial intelligence (AI), which can automate data gathering, threat identification, and incident response processes. By adopting security automation, companies can optimize the use of limited security personnel and resources, enabling them to focus on high-value activities that provide maximum benefit to the organization. Trend 3: Emphasis on Securing the Software Supply Chain The software supply chain is emerging as a primary area of focus due to the heightened risks associated with software development. This urgency has been further compounded by the recent attack, such as Solarwind data breach and the Log4j attack on Apache, increasing the significance of software security measures. Companies are taking a more proactive approach for making enhancements in the software supply chain to protect their applications, including conducting Static Application Security Testing (SAST) to identify and address vulnerabilities before malicious actors can exploit them. Trend 4: Extreme 'Shift Left' The ‘shift left’ in software development has gained significant momentum in recent years. The idea behind this approach is to prioritize security and other critical aspects of software development at the earliest possible stage in the development process. By doing so, organizations can make more informed security decisions and identify and address security vulnerabilities before they cause any damage. As the pace of development continues to increase, organizations are increasingly adopting this approach in their software development processes to protect their systems and data from security risks. Trend 5: Upsurge in Demand for Vulnerability Prioritization Managing vulnerabilities in a software system requires analyzing vast amounts of data to determine issues that require immediate attention and prioritization. However, the growing presence of false positives is negatively impacting this process, resulting in decreased efficiency and wasted resources. Organizations are increasingly looking for vendors to provide vulnerability management tools that can reduce false positives, differentiate between low-priority issues and severe security threats, and offer actionable insights to mitigate them. Moving Forward with Application Security Applications security has become more critical than ever before for businesses in the current digital scape. With the attack surface constantly expanding and the frequency of threats on the rise, organizations must remain agile and employ the best effective strategies to protect their applications from potential cyberattacks. The significance of application security has not gone unnoticed. As organizations continue to invest in security measures, they are increasingly upgrading themselves as per emerging security trends to protect themselves against evolving cyber threats. This includes adopting the ‘shift left’ approach, tightening controls, and having a clear definition of remediation processes.

Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry

Article | March 29, 2023

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?A new study of credit management professionals has revealed that improving the quality of data and decision-making will be a top priority for the credit industry in the next three years. The research, from Equifax Ingnite in collaboration with Coleman Parkes, takes a deep dive into the views of credit management pros across retail, banking, finance and debt management/recovery sectors.

Read More

3 Trends in Data Privacy Breach Laws That Will Carry Over to 2020

Article | February 12, 2020

During 2019, new privacy laws were introduced, and many current laws evolved in the United States and across the global landscape. With the General Data Protection Regulation (GDPR) in full effect, we saw expensive fines levied upon companies that fell victim to data privacy breaches. As we move into a new year, probably the biggest takeaway from 2019 is that being proactive and having a data privacy strategy in place is important to help mitigate the risk of a data privacy breach. The regulatory landscape continues to evolve as states and countries actively pass new expanded requirements for privacy and cybersecurity regulations. While laws in the U.S., like the California Consumer Privacy Act (CCPA), are getting significant attention, many other states and countries are actively amending their breach notification laws to include tighter restrictions.

Read More

Spotlight

Gigasec Services Limited

Gigasec services is an innovative information technology and consulting engineering company that provides Internet Protocol based solutions such as location-based solutions, IP security and internet of things solutions to a variety of industries. We know that one system does not fit all; and the system we propose is designed to fit exactly the requirements of the clients.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

New KnowBe4 SecurityCoach Integrates With Bitdefender GravityZone

PRWeb | May 22, 2023

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that its new SecurityCoach product integrates with Bitdefender GravityZone, a leading next-generation endpoint protection platform for threat prevention, detection and response. The new partnership and product integration between the two cybersecurity leaders will help reduce risky behavior, support real-time security coaching and help organizations become more cyber resilient. SecurityCoach helps IT/security professionals develop a strong security culture by enabling real-time security coaching of their users in response to risky security behavior. Leveraging an organization’s existing security stack, IT/security professionals can configure their real-time coaching campaigns to immediately deliver a SecurityTip to their users related to a detected event. “Bitdefender joins our ecosystem of technology partners, which is growing rapidly, to enrich the support we provide to our customers and fortify their organization’s human firewall,” said Stu Sjouwerman, CEO, KnowBe4. “KnowBe4 is proud to partner with Bitdefender to provide a seamless integration with our new SecurityCoach product, which aims to deliver real-time security coaching and advice to help end users enhance their cybersecurity knowledge and strengthen their role in contributing to a strong security culture. KnowBe4 is actively working with Bitdefender to provide an API-based integration to connect our platform with systems that IT/security professionals already utilize, making rolling out new products to their teams an easy and unified process.” “We are pleased to partner with KnowBe4 to integrate Bitdefender GravityZone with SecurityCoach,” said Daniel Daraban, senior director of product management at Bitdefender Business Solutions Group. “Businesses and organizations are under constant assault from ransomware, trojans, and other malware infecting systems. This integration leverages GravityZone’s behavioral analytics, machine learning, and root cause analysis for contextualized alerts resulting in actionable SecurityTips that help minimize risky user behavior.” KnowBe4 will provide step-by-step instructions and recommendations to help IT/security professionals achieve quick and pain-free integration and data syncing during the implementation process. KnowBe4 now integrates or partners with over 20 of the world's top cybersecurity platforms across Endpoint, Network, Identity, Cloud and Data Security https://www.knowbe4.com/integrations. For more information on SecurityCoach, visit http://www.knowbe4.com/securitycoach. About Bitdefender Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world. For more information, visit https://www.bitdefender.com. About KnowBe4 KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 56,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, API SECURITY

Traceable AI Announces the Industry’s First API Security Reference Architecture for a Zero Trust World

Businesswire | June 06, 2023

Traceable AI, the industry's leading API security company, today announced the release of the industry's first API Security Reference Architecture for Zero Trust. This groundbreaking reference architecture serves as a guide for security leaders as the industry addresses the urgency of integrating API Security into Zero Trust Security initiatives. Zero Trust, a cybersecurity framework that emphasizes continuous verification and helps to minimize the attack surface, has proven effective in enhancing security for many organizations, from large enterprises, to the US Government. However, traditional Zero Trust approaches have primarily focused on network-level controls and identity access management, neglecting the critical API layer. Traceable’s API Security Reference Architecture is aligned with the NIST Zero Trust Architecture, a publicly available, vendor-neutral framework widely adopted by government entities such as CISA, DoD, DISA, NSA, GSA and NCCoE, as well as by many leading cybersecurity vendors. By leveraging the NIST framework, Traceable ensures compatibility, interoperability, and adherence to industry standards, making it a reliable and trusted guide for organizations implementing Zero Trust for their APIs. The extensive reference architecture provides organizations with a prescriptive methodology to operationalize Zero Trust for APIs: Advanced API Security: The reference architecture gives organizations a way to implement robust security measures specifically designed for APIs, including eliminating implied or persistent trust for APIs, thereby minimizing the risk of API-related vulnerabilities, attacks, and data breaches. Comprehensive Risk Management: The reference architecture recommends incorporating automatic user authentication and authorization, granular data access policies, and asset risk assessments, can organizations can effectively manage and mitigate risks associated with API access and usage. Increased Visibility and Control: The architecture explains why organizations should obtain granular visibility, which allows organizations to monitor and record all API transactions, enabling better analysis, threat detection, and incident response capabilities. Improved Compliance and Data Protection: The automatic identification and classification of sensitive data sets ensure compliance with data protection regulations such as HIPAA, GDPR, and PCI-DSS, reducing the risk of regulatory penalties and reputational damage. Seamless Automation and Orchestration: The reference architecture recommends integration with XDR, SIEM, and SOAR solutions, so organizations can enhance their overall security posture, automate response actions, and streamline security operations. Scalability and Flexibility: The architecture offers a flexible distribution model for PEPs and data collection points, allowing organizations to scale their API security infrastructure based on their unique requirements and architecture. Future-Proofing: By aligning with the NIST Zero Trust Architecture and industry standards, organizations adopting the API Security Reference Architecture can ensure compatibility, interoperability, and the ability to evolve alongside emerging technologies and security best practices. Traceable’s API Security Reference Architecture for Zero Trust introduces a new approach to secure APIs using Zero Trust concepts, acknowledging their unique security requirements. It provides organizations with a comprehensive framework to implement Zero Trust controls specifically tailored to APIs, ensuring the protection of digital assets and mitigating the risk of data breaches. Dr. Chase Cunningham weighs in on Traceable’s approach: "APIs provide a new means of applying controls across enterprise applications, " says Dr. Cunningham, “However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with Zero Trust principles. By combining Zero Trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively." Throughout the past year, Traceable has continued to reaffirm its commitment to extending Zero Trust methodologies to API Security. With the addition of Zero Trust creator John Kindervag and Dr. Zero Trust, Chase Cunningham as Traceable advisors, Traceable continues to strengthen its expertise in this space. To date, Traceable has become a valuable partner to a number of large enterprises as the industry turns its eyes toward the importance of API security. With the rollout of their Zero Trust API Access solution alongside this reference architecture, Traceable continues to lead the industry toward the advancement of API security. This reference architecture is now available for organizations to explore and implement, empowering them to achieve complete API security in a Zero Trust world. About Traceable Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Deepwatch and Lacework Partner to Deliver Unrivaled Cloud Security Solutions

Businesswire | June 09, 2023

Deepwatch, the leader in advanced managed detection and response (MDR) security, today announced a global strategic partnership with Lacework, the data-driven cloud security platform, to offer organizations comprehensive and proactive security solutions. This strategic partnership combines Deepwatch's MDR expertise with Lacework's advanced cloud security analytics, providing enterprises with an unmatched level of protection against modern cyber threats. With the increasing adoption of cloud technology, organizations face unique security challenges that require robust solutions. "This partnership allows us to deliver a best-in-class cloud security solution that addresses the unique challenges faced by organizations in today's cloud-centric landscape," said Wes Mullins, CTO at Deepwatch. "By combining our MDR capabilities with Lacework's advanced cloud security analytics, we empower organizations to confidently embrace the cloud while maintaining robust cybersecurity posture." Deepwatch and Lacework address these challenges head-on, offering: Complete Cloud Security: Deepwatch and Lacework deliver end-to-end cloud security solutions that cover the entire attack surface within cloud environments, including workloads, containers, Kubernetes, and serverless architectures. This partnership ensures that critical assets remain secure while organizations leverage the benefits of cloud technology. Proactive Cloud Threat Detection: By combining expert security analysts and advanced threat detection capabilities, the partnership empowers organizations with proactive identification and swift response to emerging threats targeting cloud workloads. This proactive approach mitigates potential risks, safeguarding sensitive data and critical infrastructure. Advanced Security Analytics: Deepwatch's MDR services are enhanced by Lacework's powerful cloud-native application protection platform. This integration allows for extensive cloud security telemetry collection and correlation, enabling organizations to gain deep insights into their cloud environments. With holistic visibility, organizations can enhance threat hunting, incident investigation, and overall security posture. Efficient Incident Response: In the event of a security incident, Deepwatch and Lacework streamline the incident response process. The seamless integration between the platforms facilitates quick and effective incident containment, eradication, and recovery of threats targeting cloud workloads. This minimizes disruption to business operations and mitigates potential financial and reputational damages. Industry Expertise: Deepwatch's team of experienced security analysts, supported by their SOC-as-a-Service model, provides round-the-clock monitoring and actionable insights. Lacework's cloud security expertise, complemented by their machine learning capabilities, delivers unparalleled cloud threat intelligence. Together, they offer organizations the combined strength of their specialized knowledge to combat evolving cyber threats effectively. “The new partnership of Lacework and Deepwatch empowers customers by taking the cloud security burdens off of organizations and allowing them to instead focus on innovating and achieving their business outcomes,” said Brian Lanigan, VP of World Wide Channels and Alliances from Lacework. “The combination of Lacework’s best-in-class cloud security offerings and Deepwatch’s skilled personnel and industry-leading expertise allows us to provide our customers with solutions that continue to provide greater fidelity to help manage risk and further drive our focus on simplifying security for our customers.” Deepwatch and Lacework's collaboration enables organizations to proactively detect and respond to cyber threats, ensuring the protection of critical assets within cloud environments. With this partnership, enterprises can confidently navigate their digital future while minimizing risk and safeguarding their valuable data. About Deepwatch Deepwatch is the leader in managed detection and response, protecting organizations from ever-increasing cyber threats. Powered by Deepwatch’s cloud security platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts 24/7/365 to reduce risk and improve security posture. The world’s leading companies, from the Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Visit www.deepwatch.com to learn more. About Lacework Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization’s cloud and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at www.lacework.com.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

New KnowBe4 SecurityCoach Integrates With Bitdefender GravityZone

PRWeb | May 22, 2023

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that its new SecurityCoach product integrates with Bitdefender GravityZone, a leading next-generation endpoint protection platform for threat prevention, detection and response. The new partnership and product integration between the two cybersecurity leaders will help reduce risky behavior, support real-time security coaching and help organizations become more cyber resilient. SecurityCoach helps IT/security professionals develop a strong security culture by enabling real-time security coaching of their users in response to risky security behavior. Leveraging an organization’s existing security stack, IT/security professionals can configure their real-time coaching campaigns to immediately deliver a SecurityTip to their users related to a detected event. “Bitdefender joins our ecosystem of technology partners, which is growing rapidly, to enrich the support we provide to our customers and fortify their organization’s human firewall,” said Stu Sjouwerman, CEO, KnowBe4. “KnowBe4 is proud to partner with Bitdefender to provide a seamless integration with our new SecurityCoach product, which aims to deliver real-time security coaching and advice to help end users enhance their cybersecurity knowledge and strengthen their role in contributing to a strong security culture. KnowBe4 is actively working with Bitdefender to provide an API-based integration to connect our platform with systems that IT/security professionals already utilize, making rolling out new products to their teams an easy and unified process.” “We are pleased to partner with KnowBe4 to integrate Bitdefender GravityZone with SecurityCoach,” said Daniel Daraban, senior director of product management at Bitdefender Business Solutions Group. “Businesses and organizations are under constant assault from ransomware, trojans, and other malware infecting systems. This integration leverages GravityZone’s behavioral analytics, machine learning, and root cause analysis for contextualized alerts resulting in actionable SecurityTips that help minimize risky user behavior.” KnowBe4 will provide step-by-step instructions and recommendations to help IT/security professionals achieve quick and pain-free integration and data syncing during the implementation process. KnowBe4 now integrates or partners with over 20 of the world's top cybersecurity platforms across Endpoint, Network, Identity, Cloud and Data Security https://www.knowbe4.com/integrations. For more information on SecurityCoach, visit http://www.knowbe4.com/securitycoach. About Bitdefender Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world. For more information, visit https://www.bitdefender.com. About KnowBe4 KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 56,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, API SECURITY

Traceable AI Announces the Industry’s First API Security Reference Architecture for a Zero Trust World

Businesswire | June 06, 2023

Traceable AI, the industry's leading API security company, today announced the release of the industry's first API Security Reference Architecture for Zero Trust. This groundbreaking reference architecture serves as a guide for security leaders as the industry addresses the urgency of integrating API Security into Zero Trust Security initiatives. Zero Trust, a cybersecurity framework that emphasizes continuous verification and helps to minimize the attack surface, has proven effective in enhancing security for many organizations, from large enterprises, to the US Government. However, traditional Zero Trust approaches have primarily focused on network-level controls and identity access management, neglecting the critical API layer. Traceable’s API Security Reference Architecture is aligned with the NIST Zero Trust Architecture, a publicly available, vendor-neutral framework widely adopted by government entities such as CISA, DoD, DISA, NSA, GSA and NCCoE, as well as by many leading cybersecurity vendors. By leveraging the NIST framework, Traceable ensures compatibility, interoperability, and adherence to industry standards, making it a reliable and trusted guide for organizations implementing Zero Trust for their APIs. The extensive reference architecture provides organizations with a prescriptive methodology to operationalize Zero Trust for APIs: Advanced API Security: The reference architecture gives organizations a way to implement robust security measures specifically designed for APIs, including eliminating implied or persistent trust for APIs, thereby minimizing the risk of API-related vulnerabilities, attacks, and data breaches. Comprehensive Risk Management: The reference architecture recommends incorporating automatic user authentication and authorization, granular data access policies, and asset risk assessments, can organizations can effectively manage and mitigate risks associated with API access and usage. Increased Visibility and Control: The architecture explains why organizations should obtain granular visibility, which allows organizations to monitor and record all API transactions, enabling better analysis, threat detection, and incident response capabilities. Improved Compliance and Data Protection: The automatic identification and classification of sensitive data sets ensure compliance with data protection regulations such as HIPAA, GDPR, and PCI-DSS, reducing the risk of regulatory penalties and reputational damage. Seamless Automation and Orchestration: The reference architecture recommends integration with XDR, SIEM, and SOAR solutions, so organizations can enhance their overall security posture, automate response actions, and streamline security operations. Scalability and Flexibility: The architecture offers a flexible distribution model for PEPs and data collection points, allowing organizations to scale their API security infrastructure based on their unique requirements and architecture. Future-Proofing: By aligning with the NIST Zero Trust Architecture and industry standards, organizations adopting the API Security Reference Architecture can ensure compatibility, interoperability, and the ability to evolve alongside emerging technologies and security best practices. Traceable’s API Security Reference Architecture for Zero Trust introduces a new approach to secure APIs using Zero Trust concepts, acknowledging their unique security requirements. It provides organizations with a comprehensive framework to implement Zero Trust controls specifically tailored to APIs, ensuring the protection of digital assets and mitigating the risk of data breaches. Dr. Chase Cunningham weighs in on Traceable’s approach: "APIs provide a new means of applying controls across enterprise applications, " says Dr. Cunningham, “However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with Zero Trust principles. By combining Zero Trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively." Throughout the past year, Traceable has continued to reaffirm its commitment to extending Zero Trust methodologies to API Security. With the addition of Zero Trust creator John Kindervag and Dr. Zero Trust, Chase Cunningham as Traceable advisors, Traceable continues to strengthen its expertise in this space. To date, Traceable has become a valuable partner to a number of large enterprises as the industry turns its eyes toward the importance of API security. With the rollout of their Zero Trust API Access solution alongside this reference architecture, Traceable continues to lead the industry toward the advancement of API security. This reference architecture is now available for organizations to explore and implement, empowering them to achieve complete API security in a Zero Trust world. About Traceable Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Deepwatch and Lacework Partner to Deliver Unrivaled Cloud Security Solutions

Businesswire | June 09, 2023

Deepwatch, the leader in advanced managed detection and response (MDR) security, today announced a global strategic partnership with Lacework, the data-driven cloud security platform, to offer organizations comprehensive and proactive security solutions. This strategic partnership combines Deepwatch's MDR expertise with Lacework's advanced cloud security analytics, providing enterprises with an unmatched level of protection against modern cyber threats. With the increasing adoption of cloud technology, organizations face unique security challenges that require robust solutions. "This partnership allows us to deliver a best-in-class cloud security solution that addresses the unique challenges faced by organizations in today's cloud-centric landscape," said Wes Mullins, CTO at Deepwatch. "By combining our MDR capabilities with Lacework's advanced cloud security analytics, we empower organizations to confidently embrace the cloud while maintaining robust cybersecurity posture." Deepwatch and Lacework address these challenges head-on, offering: Complete Cloud Security: Deepwatch and Lacework deliver end-to-end cloud security solutions that cover the entire attack surface within cloud environments, including workloads, containers, Kubernetes, and serverless architectures. This partnership ensures that critical assets remain secure while organizations leverage the benefits of cloud technology. Proactive Cloud Threat Detection: By combining expert security analysts and advanced threat detection capabilities, the partnership empowers organizations with proactive identification and swift response to emerging threats targeting cloud workloads. This proactive approach mitigates potential risks, safeguarding sensitive data and critical infrastructure. Advanced Security Analytics: Deepwatch's MDR services are enhanced by Lacework's powerful cloud-native application protection platform. This integration allows for extensive cloud security telemetry collection and correlation, enabling organizations to gain deep insights into their cloud environments. With holistic visibility, organizations can enhance threat hunting, incident investigation, and overall security posture. Efficient Incident Response: In the event of a security incident, Deepwatch and Lacework streamline the incident response process. The seamless integration between the platforms facilitates quick and effective incident containment, eradication, and recovery of threats targeting cloud workloads. This minimizes disruption to business operations and mitigates potential financial and reputational damages. Industry Expertise: Deepwatch's team of experienced security analysts, supported by their SOC-as-a-Service model, provides round-the-clock monitoring and actionable insights. Lacework's cloud security expertise, complemented by their machine learning capabilities, delivers unparalleled cloud threat intelligence. Together, they offer organizations the combined strength of their specialized knowledge to combat evolving cyber threats effectively. “The new partnership of Lacework and Deepwatch empowers customers by taking the cloud security burdens off of organizations and allowing them to instead focus on innovating and achieving their business outcomes,” said Brian Lanigan, VP of World Wide Channels and Alliances from Lacework. “The combination of Lacework’s best-in-class cloud security offerings and Deepwatch’s skilled personnel and industry-leading expertise allows us to provide our customers with solutions that continue to provide greater fidelity to help manage risk and further drive our focus on simplifying security for our customers.” Deepwatch and Lacework's collaboration enables organizations to proactively detect and respond to cyber threats, ensuring the protection of critical assets within cloud environments. With this partnership, enterprises can confidently navigate their digital future while minimizing risk and safeguarding their valuable data. About Deepwatch Deepwatch is the leader in managed detection and response, protecting organizations from ever-increasing cyber threats. Powered by Deepwatch’s cloud security platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts 24/7/365 to reduce risk and improve security posture. The world’s leading companies, from the Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Visit www.deepwatch.com to learn more. About Lacework Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization’s cloud and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at www.lacework.com.

Read More

Events