Q&A with Amy Barzdukas, Executive Vice President & Chief Marketing Officer at Poly

MEDIA 7 | November 21, 2019

Amy Barzdukas, EVP and Chief Marketing Officer at Poly is a marketing and communications leader with extensive experience in setting strategy, shifting perceptions, advising customers, digital marketing, revenue marketing, integrated marketing communications, and public relations in highly competitive product arenas.

Amy is known for her ability to create and execute winning turnarounds on a global scale.

MEDIA 7: What inspired you to get into marketing?
AMY BARZDUKAS:
I was always destined for marketing, even if I didn’t know it. As a child, I collected promotional brochures. I was fascinated by how the words and pictures were used to drive action. My first job was as an advertising copywriter, and I’ve never looked back.

M7: How is Poly redefining the video conferencing experience for modern businesses?
AB:
 We’re in an unprecedented time of change in our industry. Voice and video services are moving to the cloud, and companies are changing how they approach their communications needs. Poly is the largest provider of the devices – video conferencing, audio conferencing, headphones and desk phones – you use to connect to these services so you can collaborate with your colleagues. That uniquely positions us to shape the video conferencing experience, and we’re doing so in four ways.

First, Poly has made both the Zoom Rooms and the Microsoft Teams video conferencing experience better than ever with our radically simple Poly Studio X video bars that deliver these experiences with no PC or Mac required. We’ve got decades of experience in understanding what makes meetings more human – for everyone in the room and those dialing in from other locations – and we’ve packed all of that into easy-to-install, easy-to-manage, and easy-to-use all-in-one powerhouses.

Second, we are bringing the world of AV and video conferencing into the modern app economy. Our Studio X series and Poly G7500 video conferencing devices run a common platform that can be updated and enhanced through a series of regular software updates. This Poly platform, built on Android, can run applications like a smartphone does today.

Third, Poly has introduced innovation that makes any video conference better. Our new Poly MeetingAI features use AI and machine learning to address the distractions that hit your senses in a meeting. We make it easier to hear what’s being said by blocking out the annoying noises that people make while talking, and we make it easier to see what’s going on in the room with the most advanced speaker tracking and framing, and our built-in production rules.

Finally, we are pricing our solutions in a way that completely resets the calculations on what it costs to outfit a room. The Studio X30, for huddle room and smaller spaces, costs just about $2,100, including the Poly TC8 touch controller. All you add is the cloud service and a monitor, and you have a room up and running for under $2,500. That’s easily under the cost of other solutions and with better audio and video quality.


"Baby Boomers and more than half of Gen Z say they are most productive when they were working around noise."

M7: As the CMO of Poly, what were the major challenges in rebranding and transforming two separate organizations (Plantronics and Polycom) under a single brand Poly?
AB:
One of the greatest challenges of bringing together Plantronics and Polycom was doing so in a way that honored their brand equity, history, and positive associations while establishing a new story for the new company. Plantronics was already an audio pioneer– the first headset that transmitted Neil Armstrong’s famous words during the first moon landing. Polycom was the leader in audio and video conferencing – the conference phone used by business leaders and industry captains.
We had to figure out how to build a stand-out narrative in a crowded space for the general market. For customers and partners, we found a way to carry through the legacies and histories of both companies into the new brand. And for our employees, we had to inspire them to believe in the new brand and the new combined mission. These different challenges with different stakeholders took different approaches to confront, but in the end, we brought everyone to the same conclusion that Poly was moving forward, unified and stronger.

And like any acquisition, integration takes time. We’re proud of our accomplishments since rebranding to Poly in March 2019. Since then, we’ve refreshed our video conferencing line of products, broken new ground with a mobile phone station called Elara 60 Series and showcased our continued commitment to expanding the ecosystem with partners such as Zoom, Microsoft, Google, Amazon and more. As Poly, we bring a new level of quality, simplicity, and flexibility so that every communication can easily become a place for collaboration and innovation for the enterprise.


"Gen Z and Millennials came up in an era of digitization, so they are more accustomed to the tools and technology to deal with distractions in the workplace."

M7: A recent study by Poly reveals that employees prefer noisier open offices to closed, quiet spaces. What do you think is responsible for driving these unique demands in the workplace today?
AB:
Our research shows that Gen Z and Millennials tend to prefer open offices compared to Gen X and Baby Boomers and that more than half of Gen Z say they are most productive when they were working around noise. What we’re seeing is that Gen Z and Millennials came up in an era of digitization, so they are more accustomed to the tools and technology to deal with distractions in the workplace. For example, they’re used to wearing noise-canceling headphones to block out the background noise, and similarly at home with video. They’ve been doing it all their lives!

Now that we can work from anywhere – coffee shops, airports, waiting rooms – we are more accustomed to dealing with distractions and working through them. We take that mindset into the office along with the tools we may use to address distraction, from a pair of comfortable headphones with ANC to deciding to do different types of work in different settings.

M7: What features have made Poly Studio win the 'Best of Enterprise Connect' award in the '2019 Communication/Collaboration Device'?
AB: 
Poly Studio is our answer to the need for easy-to-use video conferencing devices for smaller spaces called huddle rooms. Poly Studio is a video USB bar with premium audio and video capabilities. Its standout features include NoiseBlock, which mutes distracting background noises, Automatic Group Framing and Speaker Tracking, which zooms in to focus on the speaking participant. This board-room like audio and video transforms small meeting rooms into a center for collaboration. We’re also pleased that it was recently certified for Zoom Rooms and Microsoft Teams. The device also works with Skype for Business, Google Meet, Cisco WebEx and Amazon Chime, and virtually any cloud-based video collaboration service.


"Poly combines legendary audio expertise with powerful video and conferencing capabilities to help our users overcome the distractions, complexity, and distance, making communication in and out of the workplace challenging."

M7: What traits make Poly a global leader in communications and a leading choice for every kind of workspace?
AB:
Our in-depth expertise, tireless innovation, and emphasis on partnership make Poly a global leader in communications and a leading choice for every kind of workspace.

Poly combines legendary audio expertise with powerful video and conferencing capabilities to help our users overcome the distractions, complexity, and distance, making communication in and out of the workplace challenging. When the world was on a race to space in the ’60s, NASA approached us—Plantronics back then—with a seemingly impossible task: create a headset that would equip astronauts to communicate with Mission Control from the earth to the moon, and back again.

Fifty years later, we share the same mission today: to create powerful connections that unify people the world over. We’re designing technology for the different ways people work – open offices, remote locations, mobile-first workers. We are the largest provider of headsets, video and audio-conferencing devices that you use to communicate and collaborate for your work, whatever that may be. And we continue to innovate with products like Poly Studio X that change how people collaborate.
Through partnerships with industry leaders like Microsoft, Amazon, Google, and Zoom, Poly takes an open-architecture approach that allows users to seamlessly connect across all the best technologies. Whenever and wherever people connect with these services, we will be there to provide the best-in-class audio, video and voice technology to make the experience that much better.

M7: What’s your superpower or spirit animal?
AB: 
My superpower is the ability to read amazingly quickly, thanks to the experimental elementary school I attended. I don’t know how anyone gets through their workload without it, honestly. My spirit animal? I told my husband the other day that I think it is Tom Petty. I’m a huge fan. If you have a problem, there is a Tom Petty song that can solve it, or at least make it more fun.

ABOUT POLY

Plantronics, Inc. (“Poly” – formerly Plantronics and Polycom) (NYSE: PLT) is a global communications company that powers meaningful human connection and collaboration. Poly combines legendary audio expertise and powerful video and conferencing capabilities to overcome the distractions, complexity, and distance that make communication in and out of the workplace challenging. Poly believes in solutions that make life easier when they work together and with our partner’s services. Our headsets, software, desk phones, audio and video conferencing, analytics and services are used worldwide and are a leading choice for every kind of workspace.

More C-Suite on deck

Panzura's Glen Shok explains why file security and military-grade encryption should be applied to all data stored in the cloud

Media 7 | March 11, 2022

Glen Shok, CTO and VP Cloud Architects at Panzura, looks into his crystal ball and shares with us his predictions of the developments in the cybersecurity space. In this interview, we had the opportunity to explore novel malware tactics like ransomware and data wiper exploits, and the different solutions Panzura offers enterprises to improve their security measures. Read on to learn more about upticks in this cybersecurity landscape, and how Panzura can get businesses battle-ready against these attacks.

Read More

Arkose Labs's Vanita Pandey believes ‘Online account is going to be the currency that people will trade on’

Media 7 | December 13, 2021

Vanita Pandey, CMO - Arkose Labs, speaks about the role that Innovative Payment Models play in the changing dynamics of purchase and shopping. Read on to know her thoughts about how necessary is content for attracting consumers in this age and much more.

Read More

'TeleSign embeds trust at every touchpoint,' assures Joseph Burton

Media 7 | December 8, 2021

Joseph Burton, Chief Executive Officer at TeleSign elaborates on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. Read on to know about the biggest online financial threat for consumers and much more.

Read More

Panzura's Glen Shok explains why file security and military-grade encryption should be applied to all data stored in the cloud

Media 7 | March 11, 2022

Glen Shok, CTO and VP Cloud Architects at Panzura, looks into his crystal ball and shares with us his predictions of the developments in the cybersecurity space. In this interview, we had the opportunity to explore novel malware tactics like ransomware and data wiper exploits, and the different solutions Panzura offers enterprises to improve their security measures. Read on to learn more about upticks in this cybersecurity landscape, and how Panzura can get businesses battle-ready against these attacks.

Read More

Arkose Labs's Vanita Pandey believes ‘Online account is going to be the currency that people will trade on’

Media 7 | December 13, 2021

Vanita Pandey, CMO - Arkose Labs, speaks about the role that Innovative Payment Models play in the changing dynamics of purchase and shopping. Read on to know her thoughts about how necessary is content for attracting consumers in this age and much more.

Read More

'TeleSign embeds trust at every touchpoint,' assures Joseph Burton

Media 7 | December 8, 2021

Joseph Burton, Chief Executive Officer at TeleSign elaborates on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. Read on to know about the biggest online financial threat for consumers and much more.

Read More

Related News

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Netskope Intelligent SSE Integrates with Amazon Security Lake to Enable Faster Threat Detection and Response in Hybrid Work Environments

Prnewswire | May 31, 2023

Netskope, a leader in Secure Access Service Edge (SASE), today announced an integration between Netskope's Intelligent Security Service Edge (SSE) platform and Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake is a service that automatically centralizes an organization's security data from across their AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake, so customers can act on security data faster and simplify security data management across hybrid and multi cloud environments. Organizations want more visibility across all their security data sources, including on-premises and cloud, to quickly identify and respond to potential threats. To do this, they must enable logging across their security infrastructure, but often face challenges with incompatible data formats and no centralized place to store the logs for useful analysis. To help solve these challenges, Netskope customers can now export logs from the Netskope Intelligent SSE platform to Amazon Security Lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF), an open community schema. This makes it easier to automatically normalize security data from AWS and combine it with dozens of pre-integrated third-party security data sources. Netskope and AWS can help customers detect and investigate threats faster, by providing: Centralized Visibility: Organizations can now export logs, events and alerts collected by Netskope Cloud Exchange to Amazon Security Lake to get a holistic view of threats and vulnerabilities in their overall environment. Centralize years of cloud and on-premises security data at petabyte scale for detailed analysis. Stronger Security Posture: Organizations can use Netskope logs and Amazon Security Lake analysis tools to quickly discover and remediate threats and vulnerabilities across their environment to strengthen their security posture. Centralized Threat Remediation: Organizations can use Netskope and AWS services to respond to alerts and remediate threats from the centralized Amazon Security Lake console. "As security threats increase along with the ongoing shift to hybrid work, organizations want to be confident that their data, employees, and resources are safe from potential attacks and other nefarious activities," said Andy Horwitz, Vice President of Business Development, Netskope. "Netskope has helped thousands of customers improve their security posture through the use of our Netskope Intelligent SSE platform. By meeting the rigorous standards in support of Amazon Security Lake, organizations can have greater confidence in Netskope's deep technical expertise on AWS and our proven track record in securing even the most complex cloud environments." To learn more about how Netskope helps organizations further strengthen their security posture by sharing security-related logs and threat information with Amazon Security Lake, visit here. About Netskope Netskope, a global SASE leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements. Learn how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, API SECURITY

Traceable AI Announces the Industry’s First API Security Reference Architecture for a Zero Trust World

Businesswire | June 06, 2023

Traceable AI, the industry's leading API security company, today announced the release of the industry's first API Security Reference Architecture for Zero Trust. This groundbreaking reference architecture serves as a guide for security leaders as the industry addresses the urgency of integrating API Security into Zero Trust Security initiatives. Zero Trust, a cybersecurity framework that emphasizes continuous verification and helps to minimize the attack surface, has proven effective in enhancing security for many organizations, from large enterprises, to the US Government. However, traditional Zero Trust approaches have primarily focused on network-level controls and identity access management, neglecting the critical API layer. Traceable’s API Security Reference Architecture is aligned with the NIST Zero Trust Architecture, a publicly available, vendor-neutral framework widely adopted by government entities such as CISA, DoD, DISA, NSA, GSA and NCCoE, as well as by many leading cybersecurity vendors. By leveraging the NIST framework, Traceable ensures compatibility, interoperability, and adherence to industry standards, making it a reliable and trusted guide for organizations implementing Zero Trust for their APIs. The extensive reference architecture provides organizations with a prescriptive methodology to operationalize Zero Trust for APIs: Advanced API Security: The reference architecture gives organizations a way to implement robust security measures specifically designed for APIs, including eliminating implied or persistent trust for APIs, thereby minimizing the risk of API-related vulnerabilities, attacks, and data breaches. Comprehensive Risk Management: The reference architecture recommends incorporating automatic user authentication and authorization, granular data access policies, and asset risk assessments, can organizations can effectively manage and mitigate risks associated with API access and usage. Increased Visibility and Control: The architecture explains why organizations should obtain granular visibility, which allows organizations to monitor and record all API transactions, enabling better analysis, threat detection, and incident response capabilities. Improved Compliance and Data Protection: The automatic identification and classification of sensitive data sets ensure compliance with data protection regulations such as HIPAA, GDPR, and PCI-DSS, reducing the risk of regulatory penalties and reputational damage. Seamless Automation and Orchestration: The reference architecture recommends integration with XDR, SIEM, and SOAR solutions, so organizations can enhance their overall security posture, automate response actions, and streamline security operations. Scalability and Flexibility: The architecture offers a flexible distribution model for PEPs and data collection points, allowing organizations to scale their API security infrastructure based on their unique requirements and architecture. Future-Proofing: By aligning with the NIST Zero Trust Architecture and industry standards, organizations adopting the API Security Reference Architecture can ensure compatibility, interoperability, and the ability to evolve alongside emerging technologies and security best practices. Traceable’s API Security Reference Architecture for Zero Trust introduces a new approach to secure APIs using Zero Trust concepts, acknowledging their unique security requirements. It provides organizations with a comprehensive framework to implement Zero Trust controls specifically tailored to APIs, ensuring the protection of digital assets and mitigating the risk of data breaches. Dr. Chase Cunningham weighs in on Traceable’s approach: "APIs provide a new means of applying controls across enterprise applications, " says Dr. Cunningham, “However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with Zero Trust principles. By combining Zero Trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively." Throughout the past year, Traceable has continued to reaffirm its commitment to extending Zero Trust methodologies to API Security. With the addition of Zero Trust creator John Kindervag and Dr. Zero Trust, Chase Cunningham as Traceable advisors, Traceable continues to strengthen its expertise in this space. To date, Traceable has become a valuable partner to a number of large enterprises as the industry turns its eyes toward the importance of API security. With the rollout of their Zero Trust API Access solution alongside this reference architecture, Traceable continues to lead the industry toward the advancement of API security. This reference architecture is now available for organizations to explore and implement, empowering them to achieve complete API security in a Zero Trust world. About Traceable Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Uptycs Integrates with Amazon Security Lake to Enable the Correlation of its CNAPP and XDR Security Telemetry with a Vast Ecosystem of Security Tools

Prnewswire | June 01, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced an integration with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes security data from across AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers. The integration with Uptycs helps organizations speed up threat detection and incident response by correlating Uptycs telemetry and events with data from a vast number of other security tools. With the proliferation of technologies and environments, security teams need to spend time setting up one-to-one integrations between their tools to correlate threat activity. This is expensive and delays response to security threats. In contrast, a shift up approach to cybersecurity does not need complex integrations and intermediary systems to connect the dots. The premise involves getting the data in a standardized format right out of the gate, and streaming it up into a data lake so security teams can do cross-correlations that speed up threat detection and response. The OCSF project offers a consistent approach towards cybersecurity telemetry by providing a standard schema for common security events, defining versioning criteria to facilitate schema evolution, and including a self-governance process for security log producers and consumers. This enables organizations to easily bring together data from multiple security tools. "We are excited to bring the security telemetry from Uptycs into Amazon Security Lake," says Ganesh Pai, CEO and co-founder of Uptycs. "A key tenet of the shift up approach to cybersecurity is to stream normalized security telemetry into a data lake, moving security analytics processing power to the cloud. Uptycs and AWS customers can now enjoy enhanced protection and faster reaction time as they benefit from standardized OCSF-based telemetry across their on-prem and cloud workloads." Using the OCSF format, Uptycs and Amazon Security Lake allow organizations to have a consistent telemetry, enabling them to easily correlate data from a variety of security, SIEM, and SOAR tools. Uptycs, an AWS Security Competency Partner, will send a wealth of OCSF-formatted data from on-premises and cloud assets to Amazon Security Lake, including behavioral threat detections from endpoints and cloud workloads, anomaly detections, policy violations, risky policies, misconfigurations, and vulnerabilities. Uptycs prospects and customers can get started with the Amazon Security Lake integration by contacting Uptycs. About Uptycs Your developer's laptop is just a hop away from cloud infrastructure. Attackers don't think in silos, so why would you have siloed solutions protecting public cloud, private cloud, containers, laptops, and servers? Uptycs reduces risk by prioritizing your responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across your modern attack surface—all from a single platform, UI, and data model. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Netskope Intelligent SSE Integrates with Amazon Security Lake to Enable Faster Threat Detection and Response in Hybrid Work Environments

Prnewswire | May 31, 2023

Netskope, a leader in Secure Access Service Edge (SASE), today announced an integration between Netskope's Intelligent Security Service Edge (SSE) platform and Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake is a service that automatically centralizes an organization's security data from across their AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake, so customers can act on security data faster and simplify security data management across hybrid and multi cloud environments. Organizations want more visibility across all their security data sources, including on-premises and cloud, to quickly identify and respond to potential threats. To do this, they must enable logging across their security infrastructure, but often face challenges with incompatible data formats and no centralized place to store the logs for useful analysis. To help solve these challenges, Netskope customers can now export logs from the Netskope Intelligent SSE platform to Amazon Security Lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF), an open community schema. This makes it easier to automatically normalize security data from AWS and combine it with dozens of pre-integrated third-party security data sources. Netskope and AWS can help customers detect and investigate threats faster, by providing: Centralized Visibility: Organizations can now export logs, events and alerts collected by Netskope Cloud Exchange to Amazon Security Lake to get a holistic view of threats and vulnerabilities in their overall environment. Centralize years of cloud and on-premises security data at petabyte scale for detailed analysis. Stronger Security Posture: Organizations can use Netskope logs and Amazon Security Lake analysis tools to quickly discover and remediate threats and vulnerabilities across their environment to strengthen their security posture. Centralized Threat Remediation: Organizations can use Netskope and AWS services to respond to alerts and remediate threats from the centralized Amazon Security Lake console. "As security threats increase along with the ongoing shift to hybrid work, organizations want to be confident that their data, employees, and resources are safe from potential attacks and other nefarious activities," said Andy Horwitz, Vice President of Business Development, Netskope. "Netskope has helped thousands of customers improve their security posture through the use of our Netskope Intelligent SSE platform. By meeting the rigorous standards in support of Amazon Security Lake, organizations can have greater confidence in Netskope's deep technical expertise on AWS and our proven track record in securing even the most complex cloud environments." To learn more about how Netskope helps organizations further strengthen their security posture by sharing security-related logs and threat information with Amazon Security Lake, visit here. About Netskope Netskope, a global SASE leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements. Learn how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, API SECURITY

Traceable AI Announces the Industry’s First API Security Reference Architecture for a Zero Trust World

Businesswire | June 06, 2023

Traceable AI, the industry's leading API security company, today announced the release of the industry's first API Security Reference Architecture for Zero Trust. This groundbreaking reference architecture serves as a guide for security leaders as the industry addresses the urgency of integrating API Security into Zero Trust Security initiatives. Zero Trust, a cybersecurity framework that emphasizes continuous verification and helps to minimize the attack surface, has proven effective in enhancing security for many organizations, from large enterprises, to the US Government. However, traditional Zero Trust approaches have primarily focused on network-level controls and identity access management, neglecting the critical API layer. Traceable’s API Security Reference Architecture is aligned with the NIST Zero Trust Architecture, a publicly available, vendor-neutral framework widely adopted by government entities such as CISA, DoD, DISA, NSA, GSA and NCCoE, as well as by many leading cybersecurity vendors. By leveraging the NIST framework, Traceable ensures compatibility, interoperability, and adherence to industry standards, making it a reliable and trusted guide for organizations implementing Zero Trust for their APIs. The extensive reference architecture provides organizations with a prescriptive methodology to operationalize Zero Trust for APIs: Advanced API Security: The reference architecture gives organizations a way to implement robust security measures specifically designed for APIs, including eliminating implied or persistent trust for APIs, thereby minimizing the risk of API-related vulnerabilities, attacks, and data breaches. Comprehensive Risk Management: The reference architecture recommends incorporating automatic user authentication and authorization, granular data access policies, and asset risk assessments, can organizations can effectively manage and mitigate risks associated with API access and usage. Increased Visibility and Control: The architecture explains why organizations should obtain granular visibility, which allows organizations to monitor and record all API transactions, enabling better analysis, threat detection, and incident response capabilities. Improved Compliance and Data Protection: The automatic identification and classification of sensitive data sets ensure compliance with data protection regulations such as HIPAA, GDPR, and PCI-DSS, reducing the risk of regulatory penalties and reputational damage. Seamless Automation and Orchestration: The reference architecture recommends integration with XDR, SIEM, and SOAR solutions, so organizations can enhance their overall security posture, automate response actions, and streamline security operations. Scalability and Flexibility: The architecture offers a flexible distribution model for PEPs and data collection points, allowing organizations to scale their API security infrastructure based on their unique requirements and architecture. Future-Proofing: By aligning with the NIST Zero Trust Architecture and industry standards, organizations adopting the API Security Reference Architecture can ensure compatibility, interoperability, and the ability to evolve alongside emerging technologies and security best practices. Traceable’s API Security Reference Architecture for Zero Trust introduces a new approach to secure APIs using Zero Trust concepts, acknowledging their unique security requirements. It provides organizations with a comprehensive framework to implement Zero Trust controls specifically tailored to APIs, ensuring the protection of digital assets and mitigating the risk of data breaches. Dr. Chase Cunningham weighs in on Traceable’s approach: "APIs provide a new means of applying controls across enterprise applications, " says Dr. Cunningham, “However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with Zero Trust principles. By combining Zero Trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively." Throughout the past year, Traceable has continued to reaffirm its commitment to extending Zero Trust methodologies to API Security. With the addition of Zero Trust creator John Kindervag and Dr. Zero Trust, Chase Cunningham as Traceable advisors, Traceable continues to strengthen its expertise in this space. To date, Traceable has become a valuable partner to a number of large enterprises as the industry turns its eyes toward the importance of API security. With the rollout of their Zero Trust API Access solution alongside this reference architecture, Traceable continues to lead the industry toward the advancement of API security. This reference architecture is now available for organizations to explore and implement, empowering them to achieve complete API security in a Zero Trust world. About Traceable Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Uptycs Integrates with Amazon Security Lake to Enable the Correlation of its CNAPP and XDR Security Telemetry with a Vast Ecosystem of Security Tools

Prnewswire | June 01, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced an integration with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes security data from across AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers. The integration with Uptycs helps organizations speed up threat detection and incident response by correlating Uptycs telemetry and events with data from a vast number of other security tools. With the proliferation of technologies and environments, security teams need to spend time setting up one-to-one integrations between their tools to correlate threat activity. This is expensive and delays response to security threats. In contrast, a shift up approach to cybersecurity does not need complex integrations and intermediary systems to connect the dots. The premise involves getting the data in a standardized format right out of the gate, and streaming it up into a data lake so security teams can do cross-correlations that speed up threat detection and response. The OCSF project offers a consistent approach towards cybersecurity telemetry by providing a standard schema for common security events, defining versioning criteria to facilitate schema evolution, and including a self-governance process for security log producers and consumers. This enables organizations to easily bring together data from multiple security tools. "We are excited to bring the security telemetry from Uptycs into Amazon Security Lake," says Ganesh Pai, CEO and co-founder of Uptycs. "A key tenet of the shift up approach to cybersecurity is to stream normalized security telemetry into a data lake, moving security analytics processing power to the cloud. Uptycs and AWS customers can now enjoy enhanced protection and faster reaction time as they benefit from standardized OCSF-based telemetry across their on-prem and cloud workloads." Using the OCSF format, Uptycs and Amazon Security Lake allow organizations to have a consistent telemetry, enabling them to easily correlate data from a variety of security, SIEM, and SOAR tools. Uptycs, an AWS Security Competency Partner, will send a wealth of OCSF-formatted data from on-premises and cloud assets to Amazon Security Lake, including behavioral threat detections from endpoints and cloud workloads, anomaly detections, policy violations, risky policies, misconfigurations, and vulnerabilities. Uptycs prospects and customers can get started with the Amazon Security Lake integration by contacting Uptycs. About Uptycs Your developer's laptop is just a hop away from cloud infrastructure. Attackers don't think in silos, so why would you have siloed solutions protecting public cloud, private cloud, containers, laptops, and servers? Uptycs reduces risk by prioritizing your responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across your modern attack surface—all from a single platform, UI, and data model. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture.

Read More

Spotlight

Poly

Poly

Plantronics, Inc. (“Poly” – formerly Plantronics and Polycom) (NYSE: PLT) is a global communications company that powers meaningful human connection and collaboration. Poly combines legendary audio expertise and powerful video and conferencing capabilities to overcome the distractions, complexity, a...

Events

Resources