PLATFORM SECURITY,SOFTWARE SECURITY,END POINT PROTECTION
Wallarm | January 23, 2023
Wallarm, a leading end-to-end API security provider, has recently announced the early release of the Wallarm API leak management solution, an improved API security technology designed to assist organizations in identifying and remediating attacks exploiting leaked API keys and secrets while also providing ongoing protection against hacks in the event of a leak.
Given the recent increase in hacks involving leaked API keys and other API secrets, Wallarm developed the API leak management solution in order to give a comprehensive solution for this issue by automatically detecting leaked API keys and secrets, implementing controls to prevent their use, and protecting against any follow-on attacks. As a result, it prohibits unwanted access to sensitive data within enterprises while also protecting their internal operations and customers from unauthorized use of that data.
With the average cost of an API leak incident being $1.2 million per year, protecting API keys is a security and financial need. However, as locating and revoking API keys is both time-consuming and resource-intensive, Wallarm's proactive API leak management solution focuses on automated detection, remediation, and control using a three-pronged approach:
Detect - Wallarm automatically searches public sources for leaked API secrets, which hackers can discover and exploit in under a minute.
Remediate - Regardless of protocol, Wallarm immediately blocks requests that use compromised API secrets across the entire API portfolio.
Control - Wallarm also continuously monitors and prevents the use of leaked API secrets.
The Wallarm API leak management solution is the first of its kind in the API security space and is coupled with other Wallarm capabilities such as API threat prevention, API discovery and cloud-native WAAP. Wallarm’s API security platform provides customers with full-spectrum visibility, detection, and security for their entire web application and API portfolio, regardless of protocol or environment. This minimizes tool sprawl and costs while also increasing risk management and fostering innovation.
About Wallarm
Wallarm, founded in 2016, provides End-to-End API Security solutions to safeguard web applications, APIs, microservices, and serverless workloads in cloud-native environments. With its commitment to developing the cybersecurity industry, it has designed a new security platform to defend tech firms and Global 2000 enterprises throughout their journey from their legacy apps to APIs in cloud-native infrastructures. Hundreds of Security and DevOps teams use Wallarm to discover all of their web apps and API endpoints, traffic flows, and sensitive data consumption for total visibility, secure their whole API portfolio against emerging risks, and respond to incidents automatically for better risk management.
Read More
DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY
DoControl | February 03, 2023
On February 2, 2023, DoControl, a leading automated software-as-a-service (SaaS) security provider, announced the release of its no-code SaaS security platform on AWS Marketplace, an online catalog that simplifies the provisioning, procurement, and governance of third-party data, software and services. The platform enables joint customers to better protect their business-critical assets by setting up a foundational layer of preventative data access security controls directly through the AWS Marketplace.
Individual SaaS applications' native security features are usually poor and do not provide a consistent way to apply data access controls across all SaaS application types. DoControl provides a single security strategy that centralizes the enforcement of least privilege - beyond the network, identity, and device levels - across the entire estate of an enterprise's SaaS applications. Customers with AWS deployments may now use DoControl solutions to safeguard all shared data and files accessed by every identity or entity, including internal employees, third-party collaborators, and third-party OAuth applications.
On average, an enterprise has approximately 200 applications in use, with hundreds or thousands of internal and external collaborators. Therefore, data security is of utmost importance across these applications (file-sharing, file storage, messaging, and so on), as breaches can result in lost revenue, severe brand damage, regulatory fines and other financial consequences.
DoControl offers SaaS asset management, continuous monitoring, and automated security workflows to security and IT teams to prevent data breaches. In addition, DoControl lowers the physical toil and complexity that security and IT professionals face on a daily basis by replacing manual effort with automation.
About DoControl
Founded in 2020, DoControl is a No-Code SaaS Security Platform that provides organizations with automated, self-service tools needed for SaaS applications data access monitoring, orchestration, and remediation. It takes a distinctive, customer-focused approach to the labor-intensive challenge of security risk management and data exfiltration prevention in popular SaaS applications. DoControl helps lower the work overload and complexity that Security and IT teams face on a daily basis by replacing manual work with automation. The company is backed by investors, including StageOne Ventures, Insight Partners, RTP Global, Cardumen Capital, and CrowdStrike's CrowdStrike Falcon Fund.
Read More
DATA SECURITY, ENTERPRISE SECURITY, PLATFORM SECURITY
Contrast Security | February 02, 2023
On February 1, 2023, Contrast Security (Contrast), a leading code security platform, announced the launch of its new partner program, the Security Innovation Alliance (SIA), a worldwide ecosystem of system integrators (SIs), cloud, channel, and technology alliances.
SIA's mission is to provide customers with unrivaled, fully integrated application security solutions from Contrast and its strategic alliance partners, which include Amazon/Amazon Web Services (AWS), GitLab Inc., Microsoft, VMware, Armor Code, PagerDuty, Zimperium, Anchore, Wallarm, Neosec, Noname Security, Ermetic, Cloudwize, BLST Security, ProtectOnce, Scribe Security, Wiz, and Legit Security. Furthermore, the team will concentrate on expanding collaborations with SIs, technology providers, and independent software providers (ISVs).
SIA and Contrast's robust strategic partner integrations will not only enable partners to integrate with the Contrast Secure Code Platform seamlessly but will also enable clients to realize the following benefits:
To use Contrast's services confidently as part of a more extensive program for application security (AppSec).
Increase the predictability of security and decrease the risk of implementing new code and AppSec technologies.
Increased trust and confidence in already implemented technologies.
SIA is designed to boost its partners' business capabilities to satisfy AppSec clients' demands. Contrast collaborates with each partner to deliver a customized experience that meets their specific interests and business requirements, including a streamlined onboarding process, joint marketing campaigns, integration support and access to the company's impressive install base.
SIA is led by Goodman, a seasoned Alliance professional, and several other industry leaders, including Tracey Mead, Vice President, Strategic Alliances, System Integrators; Frank Gasparovic, Director, Ecosystem Engineering; Rachael Mott, Senior Director, Strategic Alliances, Technology Partners; Callie McCormick, Global Director of Channel Sales; and Ram Yonish, VP of EMEA Alliances.
About Contrast Security
Founded in 2014, Contrast Security is a leading code security platform firm purposely created for developers to get secure code flowing quickly and trusted by security teams to protect business applications. With Contrast, developers, security, and operations teams can swiftly secure code across the entire Software Development Life Cycle (SDLC) to defend against today's targeted Application Security (AppSec) threats. It also provides free security testing to all developers through CodeSec. Established by cybersecurity industry experts to replace old AppSec solutions that cannot secure modern organizations, the company defends its customers from major cybersecurity attacks, which include some of the world's top brands, such as BMW, AXA, DocuSign, Zurich, Sompo Japan, and American Red Cross, as well as several other prominent leading Fortune 500 companies.
Read More