PLATFORM SECURITY,SOFTWARE SECURITY,END POINT PROTECTION
Wallarm | January 23, 2023
Wallarm, a leading end-to-end API security provider, has recently announced the early release of the Wallarm API leak management solution, an improved API security technology designed to assist organizations in identifying and remediating attacks exploiting leaked API keys and secrets while also providing ongoing protection against hacks in the event of a leak.
Given the recent increase in hacks involving leaked API keys and other API secrets, Wallarm developed the API leak management solution in order to give a comprehensive solution for this issue by automatically detecting leaked API keys and secrets, implementing controls to prevent their use, and protecting against any follow-on attacks. As a result, it prohibits unwanted access to sensitive data within enterprises while also protecting their internal operations and customers from unauthorized use of that data.
With the average cost of an API leak incident being $1.2 million per year, protecting API keys is a security and financial need. However, as locating and revoking API keys is both time-consuming and resource-intensive, Wallarm's proactive API leak management solution focuses on automated detection, remediation, and control using a three-pronged approach:
Detect - Wallarm automatically searches public sources for leaked API secrets, which hackers can discover and exploit in under a minute.
Remediate - Regardless of protocol, Wallarm immediately blocks requests that use compromised API secrets across the entire API portfolio.
Control - Wallarm also continuously monitors and prevents the use of leaked API secrets.
The Wallarm API leak management solution is the first of its kind in the API security space and is coupled with other Wallarm capabilities such as API threat prevention, API discovery and cloud-native WAAP. Wallarm’s API security platform provides customers with full-spectrum visibility, detection, and security for their entire web application and API portfolio, regardless of protocol or environment. This minimizes tool sprawl and costs while also increasing risk management and fostering innovation.
About Wallarm
Wallarm, founded in 2016, provides End-to-End API Security solutions to safeguard web applications, APIs, microservices, and serverless workloads in cloud-native environments. With its commitment to developing the cybersecurity industry, it has designed a new security platform to defend tech firms and Global 2000 enterprises throughout their journey from their legacy apps to APIs in cloud-native infrastructures. Hundreds of Security and DevOps teams use Wallarm to discover all of their web apps and API endpoints, traffic flows, and sensitive data consumption for total visibility, secure their whole API portfolio against emerging risks, and respond to incidents automatically for better risk management.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Varonis | January 27, 2023
On January 26, 2023, Varonis Systems, Inc., a leader in data security and analytics, announced the availability of automated posture management to assist clients in resolving security and compliance gaps spanning their SaaS and IaaS systems.
Varonis continuously scans, identifies, and ranks cloud security threats, providing CISOs and compliance officers with real-time insight into their data security posture. With this new automation option, users can fix misconfigurations in applications such as Salesforce and AWS with a single click from a unified interface.
According to Gartner, through 2025, 99% of cloud security breaches will be the customer's fault. CIOs can counter this by adopting and enforcing rules for cloud ownership, accountability, and risk acceptance.
Varonis Field CTO, Brian Vecci, said, “Automated posture management takes the burden of understanding and remediating cloud misconfigurations off the customer.” He also said, “We stay on top of the latest configuration risks and best practices, so you don’t have to. Now, we can not only show you exactly how to improve your security posture, but we can also automatically mitigate risk on your behalf.”
(Source – GlobeNewswire)
This release marks a significant advancement in cloud data security. Passive data security posture management (DSPM) solutions need manual operations to generate help desk tickets for a person to review and fix in every cloud application manually. Varonis offers a uniform and automated method for minimizing the attack surface of multi-cloud environments.
Automated posture management is the most recent tool introduced by Varonis to simplify data security outcomes. Varonis introduced least privilege automation for Google Drive, Microsoft 365, and Box, as well as a new data security posture management (DSPM) dashboard early this month.
About Varonis
Varonis is a leader in data security and analytics, waging war differently from typical cybersecurity corporations. Instead, Varonis focuses on protecting business data like:
Sensitive files and emails
Strategic and product plans
Financial records
Confidential customer, patient, and employee data
In addition to data protection, Zero Trust, data governance, compliance, categorization, data privacy, and threat detection and response, Varonis solutions handle various other critical use cases. The company began operations in 2005 and has clients in the financial services, healthcare, industrial, energy and utilities, insurance, technology, media and entertainment, consumer and retail, and education industries, among others.
Read More
ENTERPRISE SECURITY,SOFTWARE SECURITY,IDENTITY MANAGEMENT
SailPoint | January 13, 2023
On January 12, 2023, SailPoint Technologies, Inc., a leading identity security enterprise, announced the acquisition of SecZetta, a prominent third-party identity risk solutions provider. With around half of today's firms comprising non-employees, organizations need to factor this rising group of identities into their identity security strategies.
By incorporating SecZetta, SailPoint will be able to expand its capabilities to assist businesses in gaining greater visibility into all types of identities, including both employee and non-employee identities, ranging from third-party contractors to temporary workers, and all this from a single, market-leading identity security platform. This acquisition will provide businesses with the centralized approach needed as well as the required identity verification to thoroughly validate non-employee identities across their organizations.
SailPoint and SecZetta have a long-established partnership, and once SecZetta's solutions get fully integrated into SailPoint's Identity Security Cloud platform, SailPoint will deliver a unified platform to its customers, providing context-rich identity information with an appropriate level of intelligence answering the "who should have access to what," "why," and "when" questions for this unique, often under-secured set of identities.
The addition of SecZetta will allow SailPoint to assist businesses with identity consolidation efforts, combining and arranging workforce data across authoritative sources into a consolidated identity repository. This identity intelligence will then be made available as a packaged offering within the identity security cloud platform in order to provide a more extensive identity security that provides the critical layer of risk management and governance required across employee and non-employee identities from a single platform.
About SailPoint
SailPoint is a leading identity security provider for modern enterprises. Through automating the administration and control of access by using the power of machine learning and AI, it delivers just the required to the right identities and technology resources at the appropriate time, matching the velocity, scale and environmental needs of today's cloud-oriented enterprise. SailPoint's sophisticated identification platform integrates seamlessly with existing systems and workflows, offering a unified view into all identities and their access. It strives to empower the most complex enterprises globally to build a secure foundation grounded in identity security.
Read More