Arkose Labs’ CEO Kevin Gosschalk, aims to, ‘Bankrupt the business of online fraud’

Media 7 | November 11, 2021

Kevin Gosschalk, CEO, Arkose Labs introduces their innovative solutions and takes us inside their recent event ‘2021 Bankrupting Fraud Virtual Summit’. Read on to know what their marketing efforts are focused on.

Asking for help is foundational for leading a growing company.

MEDIA 7: Thanks for your time! Could you please tell us a little bit about your professional journey so far?
KEVIN GOSSCHALK:
I founded Arkose Labs in 2016, with the intent to create a suite of fraud and account security solutions that deliver a long-term way to increase trust on the internet. Our approach is to bankrupt the business of online fraud by diminishing fraudsters’ ROI. Fortunately, the market has responded positively - we’ve raised more than $114 million in venture funding from SoftBank, Wells Fargo, Microsoft’s venture capital fund, M12, and PayPal and are rapidly scaling our customer base and workforce, and transforming the world of digital commerce by working with some of the world’s leading businesses across multiple industries like gaming, travel, banking, and retail. I was born and raised in Brisbane, Australia, graduated from the Queensland University of Technology with a degree in Interactive Entertainment. Before founding Arkose Labs, I worked in biomedical research, where I used machine vision technology for the early detection of diabetes. I later developed technology that assisted adults with intellectual differences in social settings. My unique background enables me to take a disruptive approach that gamifies fraud prevention. 

Arkose Labs is recognized for the work we’re doing. We've won multiple industry awards including the Gartner Cool Vendor Award in 2020, the Cyber Defense Magazine Awards for Hot Company in Fraud Prevention; CEO of the Year; and Top Women in Cybersecurity. We were also shortlisted for Best Use of Security/Anti-Fraud Solution in Payments in Fintech Futures’ 2021 PayTech Awards and named an honoree for Fast Company’s World Changing Ideas. This past August, we made our debut appearance on the prestigious Inc 5000 list, coming in at number 195. Arkose Labs ranked 5th in the security industry and 11th in the Bay Area. It’s an exciting time to be sharing my experience with the fraud and risk management industry, and I’m delighted to have joined our sponsors Feedzai, PayPal, Outseer, and Socure to present the 2021 Bankrupting Fraud Virtual Summit earlier this month.


M7: Congratulations on Arkose Labs reaching greater heights! You have been instrumental in building a suite of fraud and abuse prevention solutions through Arkose Labs. Could you please share more about these solutions?
KG:
Businesses are dealing with more customers in the digital realm than ever before — and more fraudsters.
As customer expectations about their security online continue to evolve in the digital-first economy, so too does fraud. It’s a critical balance to fight against fraud while enhancing user experience and maintaining the sanctity of consumers’ digital accounts.

Our fraud prevention platform stops the bad actors by making it too costly to commit fraud, taking away their motivation--money. We’ve recently enhanced our suite of products to be even more vigilant: Arkose Detect, our risk engine with enhanced IP intelligence; Arkose Insights, which provides real-time visibility into each event in a session and easy-to-consume reason codes; and Arkose Enforce, our market-leading challenge-response solution.



Arkose Labs believes in creating true partnerships with our clients. We��re an important extension of their team. Our solutions work to protect businesses and their customers against bots and abuse, payment, micro deposit, new account, and IRS fraud, as well as API protection, website scraping, and account takeovers. We’re also the first vendor to offer a credential stuffing warranty and a 100% SLA guarantee through Arkose Detect and Arkose Enforce. These solutions work seamlessly together to provide unified risk decisioning and step-up authentication. In the last three years, Arkose Labs has experienced tremendous growth. We attribute this growth to our best-in-class online fraud prevention technology and critical solutions as cybercrime continues to threaten commerce.

Read More: BROADWai’s Co-Founder and CEO Micah Hollingworth says their solutions ‘allow businesses to focus on higher-value work’


When it costs more for the attacker to come after their target than the ROI they get from attacking, they give up.



M7: Sounds astounding! Could you please give us an insight into the recently held ‘2021 Bankrupting Fraud Virtual Summit’?
KG:
Following the success of our inaugural Bankrupting Fraud Virtual Summit last year, hosted another virtual opportunity to discuss real-world solutions to the major issues of online fraud prevention and account security from the industry’s best and brightest. Our Bankrupting Fraud Virtual Summit, which took place on November 9 and 10, featured a full agenda of experts, masterclasses, and live networking events. We created the summit to inform and facilitate connections and enable digital businesses to better understand and prepare themselves for the continued onslaught of fraud attempts.

The summit featured more than 25 virtual sessions covering various topics in online fraud and account security. Participants were able to learn best practices from the industry's top leaders and discover real-world solutions to the significant issue of online fraud prevention and account security. We were thrilled to be able to provide a collaborative event that fully explored securing the user experience across digital platforms. Guest speakers included Troy Hunt, founder of “Have I Been Pwned?” and Geoff White, cyber security author and host of “The Lazarus Heist'' podcast, as well as many other industry experts. I co-presented with Neil Walsh of the United Nations and hosted a fireside chat with Brian Krebs, renowned investigative journalist, and author of “Krebs of Security.”

The image below represents the top countries being cyberattacked around the world:



M7: Arkose Labs’ vision is “Bankrupting the Business of Fraud”, your approach is different from your competitors. What are your thoughts on this?
KG:
Fraudsters are motivated by money. The sheer growth of people on the internet means more ROI for criminals. Our solutions protect our clients by making automated fraud more costly. When it costs more for the attacker to come after their target than the ROI they get from attacking, they give up. The financial motivation isn’t there, and they move on. Additionally, we provide a level of protection that doesn’t negatively impact the user experience.

Read More: HeadSpin's Brien Colwell shows us how humans can work together with AI to create successful systems


As customer expectations about their security online continue to evolve in the digital-first economy, so too does fraud.



M7: What are the major advertising and marketing tools you use to hike up the brand awareness of your company?
KG:
Arkose Labs is a mission-led organization that is committed to helping make the digital economy a safer place because fraud is a lucrative career path that many people around the world choose. Career fraudsters are highly organized and run fraud rings like legitimate, well-funded businesses. Our goal is to empower our customers with an approach that is rooted in long-term deterrence, not just mitigation. Our marketing efforts are focused on creating a community of fraud fighters across the globe. Central to that is becoming a trusted partner to our customers and prospects. To accomplish that goal, we collaborate fearlessly with our customers and ecosystem partners by sharing insights and wisdom on fraud trends, fraudster tactics, and the shifting threat landscape. We host an annual industry event called the Bankrupting Fraud Summit, where the community gathers to hear the latest, discuss tactics with peers, and get the intelligence they need to adapt their fraud-fighting strategies.

Insights are also shared through educational materials, like our quarterly Fraud and Abuse report, webinars, and small-group roundtables. And we work closely with agenda-setting journalists so that they can help broadcast breaking news about fraud attacks broadly and quickly. We hold ourselves to a very high standard of accountability. Just a few months ago, we announced the industry’s only Credential Stuffing Warranty -- again, leading the industry by putting our money where our mouth is. We've long been committed to changing the economics of fraud by bankrupting the business model that fraudsters have put in place. We build upon that by keeping the most recognizable companies in the world armed with information and solutions.


M7: Lastly, you have been named 'CEO of the Year' by the Cyber Defense Magazine and are regarded as an expert in the fraud and risk management industry. Could you please impart some wisdom that you gained through your journey?
KG:
Thank you for asking this question. A one-word summary of my answer is simply people. I foster the notion that investing in people is a critical success factor because an active, diverse -- in experience and thought -- group of people can change the world. I’ve learned that asking for help is foundational for leading a growing company, and I’m very open that I may not have all of the answers. Having an ecosystem of advisors and mentors who can help me navigate the path and avoid the common pitfalls is crucial so much so that I constantly rely on my advisors for their depth of experience that I can lean on as we scale the business. My thinking is advanced every time I reach out and ask other people for their perspectives, ideas, and assistance. Finally, being nimble and open to change are imperatives. The landscape in which we operate is constantly evolving, which means we have to be aware of the quick pivots adversaries are making so that we can protect our customers.

ABOUT ARKOSE LABS

Arkose Labs bankrupts the business model of fraud. Recognized by Gartner as a “Cool Vendor in Fraud and Authentication,” the company offers an industry-first warranty on account protection. Its AI-powered platform combines powerful risk assessments with dynamic attack response that undermines the ROI behind attacks while improving good user throughput. Based in San Francisco, CA with offices in Brisbane, Australia, and London, UK, the company was honored as the 195th fastest growing company in the United States on the 2021 Inc. 5000 list.

More C-Suite on deck

Panzura's Glen Shok explains why file security and military-grade encryption should be applied to all data stored in the cloud

Media 7 | March 11, 2022

Glen Shok, CTO and VP Cloud Architects at Panzura, looks into his crystal ball and shares with us his predictions of the developments in the cybersecurity space. In this interview, we had the opportunity to explore novel malware tactics like ransomware and data wiper exploits, and the different solutions Panzura offers enterprises to improve their security measures. Read on to learn more about upticks in this cybersecurity landscape, and how Panzura can get businesses battle-ready against these attacks.

Read More

Arkose Labs's Vanita Pandey believes ‘Online account is going to be the currency that people will trade on’

Media 7 | December 13, 2021

Vanita Pandey, CMO - Arkose Labs, speaks about the role that Innovative Payment Models play in the changing dynamics of purchase and shopping. Read on to know her thoughts about how necessary is content for attracting consumers in this age and much more.

Read More

'TeleSign embeds trust at every touchpoint,' assures Joseph Burton

Media 7 | December 8, 2021

Joseph Burton, Chief Executive Officer at TeleSign elaborates on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. Read on to know about the biggest online financial threat for consumers and much more.

Read More

Panzura's Glen Shok explains why file security and military-grade encryption should be applied to all data stored in the cloud

Media 7 | March 11, 2022

Glen Shok, CTO and VP Cloud Architects at Panzura, looks into his crystal ball and shares with us his predictions of the developments in the cybersecurity space. In this interview, we had the opportunity to explore novel malware tactics like ransomware and data wiper exploits, and the different solutions Panzura offers enterprises to improve their security measures. Read on to learn more about upticks in this cybersecurity landscape, and how Panzura can get businesses battle-ready against these attacks.

Read More

Arkose Labs's Vanita Pandey believes ‘Online account is going to be the currency that people will trade on’

Media 7 | December 13, 2021

Vanita Pandey, CMO - Arkose Labs, speaks about the role that Innovative Payment Models play in the changing dynamics of purchase and shopping. Read on to know her thoughts about how necessary is content for attracting consumers in this age and much more.

Read More

'TeleSign embeds trust at every touchpoint,' assures Joseph Burton

Media 7 | December 8, 2021

Joseph Burton, Chief Executive Officer at TeleSign elaborates on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. Read on to know about the biggest online financial threat for consumers and much more.

Read More

Related News

SOFTWARE SECURITY

Bugcrowd Launches Reseller Partnership with SocialProof Security

Bugcrowd | June 27, 2022

Bugcrowd, the market leader in crowdsourced cybersecurity, announced today a strategic reseller collaboration with SocialProof Security, advancing the organization's objective to keep clients ahead of growing cyber threats. As part of the cooperation, Bugcrowd will resell SocialProof Security's services, including social engineering prevention training, protocol and practitioner seminars, and penetration testing. In addition to reselling social engineering services, Bugcrowd continues to innovate and invest in its award-winning Security Knowledge Platform, which provides the most comprehensive suite of security solutions such as bug bounty, vulnerability disclosure programs, attack surface management, and pen testing as a service. Bugcrowd, for example, allows consumers to buy pen tests from a single supplier for any sort of use case, from basic assurance of simple web apps and networks to continuous testing of cloud services and APIs, and now, social engineering. Due to their friendly hacker approach to boosting customer defenses against human-based assaults, SocialProof Security and CEO Rachel Tobac, the market leader in social engineering prevention services, have gained prominence. Twitter, PayPal, Uber, Prudential Insurance, Cisco Systems, WhatsApp, NATO, and the US Air Force are among the noteworthy clients of SocialProof Security. "We are excited to work with Bugcrowd on this reseller partnership as we move forward with our aligned mission to arm organizations with a proactive means to reduce social engineering risk through education, identity verification protocol improvements, technical tools, and measuring those updates with social engineering penetration testing. The majority of cyber attacks now start with some element of social engineering—manipulating people to take actions that could harm organizations. This partnership illustrates the priority Bugcrowd places on actionable and measurable social engineering risk mitigation in a well-rounded security program," said Tobac. "Even with current elevated threat levels, many organizations are surprisingly unprepared for the threats from social engineering attacks, as we repeatedly find low awareness across organizations, outdated or inconsistent identity verification, and limited practitioner skill sets. Fortunately, taking a multidimensional approach that combines prevention training and tools, human-based protocol updates, and pen testing can dramatically reduce the risk of social engineering attacks. We look forward to bringing this innovative solution to market as a part of our services." Ashish Gupta, CEO of Bugcrowd SocialProof specializes in defending against social engineering attacks, in which attackers deceive workers in order to get personally identifiable information (PII), passwords, and unauthorized access to accounts, money, or other sensitive information. Common attack vectors like phishing, impersonation, and pretexting can be used to carry out such manipulation. In fact, respondents to ISACA's 2021 State of Cybersecurity Survey rated social engineering as the #1 cyber threat.

Read More

DATA SECURITY

Veza, the Data Security Platform Built on the Power of Authorization, Announces Blackstone as a Customer and Strategic Series C Investor

Veza | June 27, 2022

Veza, the data security platform built on the power of authorization, announced an investment in their Series C funding round from Blackstone Innovations Investments, along with participation from previous investors. To date, Veza has raised a total of $110 million from top-tier investors including Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, True Ventures, and others. Blackstone has also selected Veza to help modernize its data security and access governance. Veza empowers organizations to address today’s greatest cybersecurity challenge: who can and should take what action on what data. As the world increasingly moves online, our changing behaviors are driving a transformational shift toward multi-cloud data systems, apps, computing, and infrastructure. This shift creates a complex, distributed web of human identities, accounts, apps, services, and access points that are constantly changing and susceptible to vulnerabilities. To address this, Veza takes a comprehensive approach that pulls together authorization data from disparate systems, giving customers a single source of truth to manage data access and controls. “Having a world-class cybersecurity program that protects our brand, reputation, investors and intellectual property is of paramount importance to our firm, and we are continuing to incorporate innovative technology solutions,” says Adam Fletcher, Chief Security Officer at Blackstone. “Our team is always looking for ways to develop a more comprehensive view of access across all of our applications and cloud infrastructure to allow us to modernize the firm’s access controls. We are excited to partner with Veza to help us accomplish this.” “Blackstone Innovations Investments is committed to investing in cutting-edge technology companies that we believe will have a meaningful impact on Blackstone, our portfolio companies, and the broader industry. We look forward to working with Veza and their impressive leadership team as they enter this next phase of growth,” comments Stevi Petrelli, Head of Blackstone Innovations Investments. “Institutions across multiple industries view Blackstone as an example of exceptional technology deployment and cybersecurity expertise. “Veza has greatly benefited from Blackstone’s product feedback and market insights. We are thrilled to work with Blackstone’s Security team to further modernize data security for their hybrid and multi-cloud environment.” Tarun Thakur, CEO and Co-Founder of Veza Additional investment in Veza comes from notable entrepreneurs including Dheeraj Pandey, Co-founder & CEO, DevRev and former CEO, Nutanix, and Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO, SuccessFactors. “Authorization is the source of truth when it comes to understanding who has access to what,” says Dheeraj Pandey, Co-Founder and CEO of DevRev. “Understanding authorization at scale is one of the hardest problems to address and I am excited to watch team Veza bring on a new era of identity, rooted in authorization. Veza is defining authorization as a standard for protecting data against ransomware and other forms of data breach.” “Entrepreneurs will tell you that company building is one of the hardest, yet rewarding experiences, with real potential to make an impact,” says Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO SuccessFactors. “When evaluating any company, I look for deep technical breakthrough for a massive market opportunity, deal composition and company traction, and passion amongst founders. And, I’m very excited to be partnering with Tarun and Veza on the mission to build an iconic company that will revolutionize the data security industry for decades to come.” About Veza Veza is the data security platform built on the power of authorization. Our platform is purpose-built for hybrid multi-cloud environments to help you use and share your data safely. Veza makes it easy to understand, manage, and control who can and should take what action on what data. We organize authorization metadata across identity providers, data systems, cloud service providers, and applications — all to address the toughest data security challenges of the modern era. Founded in 2020, the company is funded by top-tier investors including Accel, Bain Capital, Ballistic Ventures, Blackstone, GV, Norwest Venture Partners, and True Ventures. To learn more, please visit us at veza.com. Many Fortune 500, Fortune 1000 and smaller organizations use its data security platform for protection against ransomware, modernizing access governance for critical data and apps, and implementing data lake security for Snowflake and other solutions.

Read More

SOFTWARE SECURITY

Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS

Palo Alto Networks | June 24, 2022

Over the last two years, organizations have expanded their use of cloud environments by more than 25%. Many are now struggling to manage the technical complexity of cloud migration, including the ability to secure their applications across the entire application development lifecycle. Palo Alto Networks (NASDAQ: PANW), a leader in The Forrester Wave™: Cloud Workload Security, Q1 2022, today announced the addition of Out-of-Band Web Application and API Security (Out-of-Band WAAS) to Prisma® Cloud to help organizations secure web applications with maximum flexibility. Until now, a primary industry approach to securing web applications has been to deploy inline web application firewalls (WAFs). Some organizations are reluctant to introduce WAFs or API security solutions inline, however, due to performance and scalability concerns. With today's announcement, Prisma Cloud can provide organizations with deep web and API security both inline and out of band, allowing them to choose how to protect their applications in the cloud. "Companies no longer have to decide between application security and performance. By adding Out-of-Band WAAS to Prisma Cloud, we are empowering customers with flexible security options that fit their evolving application needs," said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. "As more organizations move workloads to the cloud, the capabilities that make up Prisma Cloud help provide the most complete protection, reducing complexity and increasing visibility across infrastructure, workloads, identities and applications." "As organizations increasingly build and deploy their applications in the cloud, protecting their business-critical applications without impacting performance has been a challenge. "Adding the option of Out-of-Band WAAS helps both developer and security teams secure their applications with the same level of security as traditional in-line WAFs and API security without impacting performance." Melinda Marks, senior analyst, ESG In addition to Out-of-Band WAAS, Prisma Cloud is getting new threat detection, alert prioritization and permissions management capabilities to help provide organizations with deeper, unified visibility across their entire cloud application portfolio: Multicloud Graph View for Cloud Infrastructure Entitlement Management (CIEM): Discover over-privileged accounts and understand access risk across multicloud environments. Prisma Cloud now provides a graph view of the net effective permissions across AWS, Microsoft Azure and Google Cloud. Multicloud Agentless Cloud Workload Protection: Extend visibility into cloud workloads and application risks across Azure and Google Cloud, in addition to AWS, to complement existing agent-based protection. DNS-Based Threat Detection: Surface malicious activity and anomalous behavior in cloud environments. Prisma Cloud Threat Detection now leverages machine learning (ML) and advanced threat intelligence to identify bad actors hiding in DNS traffic. MITRE ATT&CK® Alert Prioritization: Enable security teams to prioritize risks and incidents based on the industry's most widely adopted framework. About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

SOFTWARE SECURITY

Bugcrowd Launches Reseller Partnership with SocialProof Security

Bugcrowd | June 27, 2022

Bugcrowd, the market leader in crowdsourced cybersecurity, announced today a strategic reseller collaboration with SocialProof Security, advancing the organization's objective to keep clients ahead of growing cyber threats. As part of the cooperation, Bugcrowd will resell SocialProof Security's services, including social engineering prevention training, protocol and practitioner seminars, and penetration testing. In addition to reselling social engineering services, Bugcrowd continues to innovate and invest in its award-winning Security Knowledge Platform, which provides the most comprehensive suite of security solutions such as bug bounty, vulnerability disclosure programs, attack surface management, and pen testing as a service. Bugcrowd, for example, allows consumers to buy pen tests from a single supplier for any sort of use case, from basic assurance of simple web apps and networks to continuous testing of cloud services and APIs, and now, social engineering. Due to their friendly hacker approach to boosting customer defenses against human-based assaults, SocialProof Security and CEO Rachel Tobac, the market leader in social engineering prevention services, have gained prominence. Twitter, PayPal, Uber, Prudential Insurance, Cisco Systems, WhatsApp, NATO, and the US Air Force are among the noteworthy clients of SocialProof Security. "We are excited to work with Bugcrowd on this reseller partnership as we move forward with our aligned mission to arm organizations with a proactive means to reduce social engineering risk through education, identity verification protocol improvements, technical tools, and measuring those updates with social engineering penetration testing. The majority of cyber attacks now start with some element of social engineering—manipulating people to take actions that could harm organizations. This partnership illustrates the priority Bugcrowd places on actionable and measurable social engineering risk mitigation in a well-rounded security program," said Tobac. "Even with current elevated threat levels, many organizations are surprisingly unprepared for the threats from social engineering attacks, as we repeatedly find low awareness across organizations, outdated or inconsistent identity verification, and limited practitioner skill sets. Fortunately, taking a multidimensional approach that combines prevention training and tools, human-based protocol updates, and pen testing can dramatically reduce the risk of social engineering attacks. We look forward to bringing this innovative solution to market as a part of our services." Ashish Gupta, CEO of Bugcrowd SocialProof specializes in defending against social engineering attacks, in which attackers deceive workers in order to get personally identifiable information (PII), passwords, and unauthorized access to accounts, money, or other sensitive information. Common attack vectors like phishing, impersonation, and pretexting can be used to carry out such manipulation. In fact, respondents to ISACA's 2021 State of Cybersecurity Survey rated social engineering as the #1 cyber threat.

Read More

DATA SECURITY

Veza, the Data Security Platform Built on the Power of Authorization, Announces Blackstone as a Customer and Strategic Series C Investor

Veza | June 27, 2022

Veza, the data security platform built on the power of authorization, announced an investment in their Series C funding round from Blackstone Innovations Investments, along with participation from previous investors. To date, Veza has raised a total of $110 million from top-tier investors including Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, True Ventures, and others. Blackstone has also selected Veza to help modernize its data security and access governance. Veza empowers organizations to address today’s greatest cybersecurity challenge: who can and should take what action on what data. As the world increasingly moves online, our changing behaviors are driving a transformational shift toward multi-cloud data systems, apps, computing, and infrastructure. This shift creates a complex, distributed web of human identities, accounts, apps, services, and access points that are constantly changing and susceptible to vulnerabilities. To address this, Veza takes a comprehensive approach that pulls together authorization data from disparate systems, giving customers a single source of truth to manage data access and controls. “Having a world-class cybersecurity program that protects our brand, reputation, investors and intellectual property is of paramount importance to our firm, and we are continuing to incorporate innovative technology solutions,” says Adam Fletcher, Chief Security Officer at Blackstone. “Our team is always looking for ways to develop a more comprehensive view of access across all of our applications and cloud infrastructure to allow us to modernize the firm’s access controls. We are excited to partner with Veza to help us accomplish this.” “Blackstone Innovations Investments is committed to investing in cutting-edge technology companies that we believe will have a meaningful impact on Blackstone, our portfolio companies, and the broader industry. We look forward to working with Veza and their impressive leadership team as they enter this next phase of growth,” comments Stevi Petrelli, Head of Blackstone Innovations Investments. “Institutions across multiple industries view Blackstone as an example of exceptional technology deployment and cybersecurity expertise. “Veza has greatly benefited from Blackstone’s product feedback and market insights. We are thrilled to work with Blackstone’s Security team to further modernize data security for their hybrid and multi-cloud environment.” Tarun Thakur, CEO and Co-Founder of Veza Additional investment in Veza comes from notable entrepreneurs including Dheeraj Pandey, Co-founder & CEO, DevRev and former CEO, Nutanix, and Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO, SuccessFactors. “Authorization is the source of truth when it comes to understanding who has access to what,” says Dheeraj Pandey, Co-Founder and CEO of DevRev. “Understanding authorization at scale is one of the hardest problems to address and I am excited to watch team Veza bring on a new era of identity, rooted in authorization. Veza is defining authorization as a standard for protecting data against ransomware and other forms of data breach.” “Entrepreneurs will tell you that company building is one of the hardest, yet rewarding experiences, with real potential to make an impact,” says Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO SuccessFactors. “When evaluating any company, I look for deep technical breakthrough for a massive market opportunity, deal composition and company traction, and passion amongst founders. And, I’m very excited to be partnering with Tarun and Veza on the mission to build an iconic company that will revolutionize the data security industry for decades to come.” About Veza Veza is the data security platform built on the power of authorization. Our platform is purpose-built for hybrid multi-cloud environments to help you use and share your data safely. Veza makes it easy to understand, manage, and control who can and should take what action on what data. We organize authorization metadata across identity providers, data systems, cloud service providers, and applications — all to address the toughest data security challenges of the modern era. Founded in 2020, the company is funded by top-tier investors including Accel, Bain Capital, Ballistic Ventures, Blackstone, GV, Norwest Venture Partners, and True Ventures. To learn more, please visit us at veza.com. Many Fortune 500, Fortune 1000 and smaller organizations use its data security platform for protection against ransomware, modernizing access governance for critical data and apps, and implementing data lake security for Snowflake and other solutions.

Read More

SOFTWARE SECURITY

Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS

Palo Alto Networks | June 24, 2022

Over the last two years, organizations have expanded their use of cloud environments by more than 25%. Many are now struggling to manage the technical complexity of cloud migration, including the ability to secure their applications across the entire application development lifecycle. Palo Alto Networks (NASDAQ: PANW), a leader in The Forrester Wave™: Cloud Workload Security, Q1 2022, today announced the addition of Out-of-Band Web Application and API Security (Out-of-Band WAAS) to Prisma® Cloud to help organizations secure web applications with maximum flexibility. Until now, a primary industry approach to securing web applications has been to deploy inline web application firewalls (WAFs). Some organizations are reluctant to introduce WAFs or API security solutions inline, however, due to performance and scalability concerns. With today's announcement, Prisma Cloud can provide organizations with deep web and API security both inline and out of band, allowing them to choose how to protect their applications in the cloud. "Companies no longer have to decide between application security and performance. By adding Out-of-Band WAAS to Prisma Cloud, we are empowering customers with flexible security options that fit their evolving application needs," said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. "As more organizations move workloads to the cloud, the capabilities that make up Prisma Cloud help provide the most complete protection, reducing complexity and increasing visibility across infrastructure, workloads, identities and applications." "As organizations increasingly build and deploy their applications in the cloud, protecting their business-critical applications without impacting performance has been a challenge. "Adding the option of Out-of-Band WAAS helps both developer and security teams secure their applications with the same level of security as traditional in-line WAFs and API security without impacting performance." Melinda Marks, senior analyst, ESG In addition to Out-of-Band WAAS, Prisma Cloud is getting new threat detection, alert prioritization and permissions management capabilities to help provide organizations with deeper, unified visibility across their entire cloud application portfolio: Multicloud Graph View for Cloud Infrastructure Entitlement Management (CIEM): Discover over-privileged accounts and understand access risk across multicloud environments. Prisma Cloud now provides a graph view of the net effective permissions across AWS, Microsoft Azure and Google Cloud. Multicloud Agentless Cloud Workload Protection: Extend visibility into cloud workloads and application risks across Azure and Google Cloud, in addition to AWS, to complement existing agent-based protection. DNS-Based Threat Detection: Surface malicious activity and anomalous behavior in cloud environments. Prisma Cloud Threat Detection now leverages machine learning (ML) and advanced threat intelligence to identify bad actors hiding in DNS traffic. MITRE ATT&CK® Alert Prioritization: Enable security teams to prioritize risks and incidents based on the industry's most widely adopted framework. About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

Spotlight

Arkose Labs

Arkose Labs

Arkose Labs bankrupts the business model of fraud. Recognized by Gartner as a “Cool Vendor in Fraud and Authentication,” the company offers an industry-first warranty on account protection. Its AI-powered platform combines powerful risk assessments with dynamic attack response that undermines the RO...

Events

Resources