Software Security
Cisco | September 25, 2023
Cisco and Splunk are joining forces to advance organizations from reactive threat handling to proactive threat anticipation and prevention.
Together, they will emerge as a major global software entity, boosting Cisco's shift towards recurring revenue.
This collaboration unites two esteemed workplaces with shared values, robust cultures, and skilled teams.
The synergy between these pioneering companies positions them for leadership in AI-driven security and observability.
Anticipated to yield positive cash flow and improved gross margins in the initial fiscal year following the merger, with non-GAAP EPS enhancement expected by year two.
Cisco and Splunk, the leader in cybersecurity and observability, today announced a definitive agreement under which Cisco will acquire Splunk for $157 per share in cash, representing an equity value of approximately $28 billion. Gary Steele, president and CEO of Splunk, will join Cisco's Executive Leadership Team upon completion of the acquisition, reporting to Cisco chair and CEO Chuck Robbins.
Chair and CEO of Cisco, Chuck Robbins, remarked,
We're excited to bring Cisco and Splunk together. Our combined capabilities will drive the next generation of AI-enabled security and observability. From threat detection and response to threat prediction and prevention, we will help make organizations of all sizes more secure and resilient.
[Source: Cision PR Newswire]
Every company relies on data to operate its business and make mission-critical choices in today's hyper-connected environment. Accelerating and adopting generative AI, growing danger surfaces, and different cloud environments offer unprecedented complexity for enterprises. To be digitally resilient, organizations must better manage, preserve, and unleash data's value.
Gary Steele, president and CEO of Splunk, stated that they would together form a global security and observability leader that will harness the power of data and AI to deliver outstanding customer outcomes and transform the industry. Steele added that they’re eager to join forces with a trusted and long-time partner who shares their passion for innovation and top customer experience, and they expect their community of Splunk employees to benefit from the greater opportunities as they bring together two purpose-driven and respected organizations.
Cisco and Splunk will give insight across hybrid and multi-cloud systems, enabling clients to provide seamless application experiences for digital enterprises. The companies can help other organizations responsibly use AI due to their scale, data visibility, and trust. These two firms will unite to invest more in innovative products, accelerate innovation, and expand globally to serve clients of all sizes. The transaction is expected to be cash flow positive and gross margin accretive in the first fiscal year post-close, with non-GAAP EPS accretive in year two. The acquisition is subject to regulatory approval and customary closing conditions, including approval by Splunk shareholders.
Advisors for the Cisco-Splunk acquisition include Tidal Partners LLC, Simpson Thacher & Bartlett LLP Cravath and Swaine & Moore LLP, among others.
Read More
API Security
Salt Security | September 20, 2023
Salt Security, a prominent API security company, has announced the expansion of its partnership with CrowdStrike, a leading cybersecurity technology company providing cloud workload and endpoint security, cyberattack response, and threat intelligence services. This expansion involves the integration of the Salt Security API Protection Platform with the widely recognized CrowdStrike Falcon Platform.
Roey Eliyahu, Co-founder and CEO of Salt Security, stated,
Protecting against API threats requires deep visibility and robust runtime protection. We’re excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organizations with extended runtime protections and posture management across the cloud and application landscapes.
[Source – Cision PR Newswire]
Through this integration, customers gain access to a comprehensive 360-degree view of API security risks, particularly focusing on the application-layer attack surface. This integration is accessible via the CrowdStrike Marketplace and provides valuable API threat intelligence. It also enhances cross-organization API security capabilities by streamlining and enhancing the workflows related to API auditing, monitoring, and enforcement.
The partnership between Salt Security, offering top-notch API runtime monitoring and AI-driven insights, and CrowdStrike, renowned for its award-winning AI-powered protection, provides organizations with complete visibility into their API attack surface. This integration also offers valuable context regarding the severity of threats in relation to business-critical aspects.
With this partnership, customers benefit from:
API vulnerability and threat context
API threat mitigation
API threat management automation
The patented Salt API security platform stands out for its utilization of cloud-scale big data, artificial intelligence (AI), and machine learning (ML). These technologies work in tandem to automate the process of discovering and cataloging an organization's entire set of APIs. Salt plays a crucial role in pinpointing areas where APIs might expose sensitive data. This proactive approach aids enterprises in recognizing and mitigating potential API threats while also reinforcing their overall API security.
Gur Talpaz, Head of Falcon Fund and Vice President of Corporate Development at CrowdStrike, said,
With APIs now a prime target for malicious actors, securing them requires a comprehensive and diligent approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organizations complete visibility into their application-layer attack surface and a detailed understanding of their application threat landscape.
[Source – Cision PR Newswire]
About Salt Security
Salt Security is a leading API security company that safeguards the APIs at the core of all modern applications. Its API Protection Platform is the sole API security solution that integrates the power of cloud-scale big data with time-tested machine learning and artificial intelligence to detect and prevent API attacks. Salt provides extensive context, real-time analysis, and continuous insights for API discovery, hardening APIs, and attack prevention by correlating the activities of millions of APIs and users over time.
Read More
Software Security
ZeroFox | September 22, 2023
ZeroFox, an industry-leading provider of enterprise software-as-a-service for external cybersecurity, has announced the unveiling of multiple anti-phishing product enhancements. These updates solidify ZeroFox's position as the world leader in digital risk protection. Developed using cutting-edge AI/ML technologies and designed by a team of top-tier security experts, these new anti-phishing features boost escalated alert volume, reduce the occurrence of false positives, and expedite the process from threat identification to initial disruption and successful takedowns for all our customers.
The importance of these new features cannot be overstated, especially given the rising threat landscape. In the first half of 2023, ZeroFox Intelligence has recorded a substantial increase in the volume and complexity of phishing attacks, including a 30% surge in domain takedowns compared to the first half of 2022. New ZeroFox phishing trend research also highlights the adoption of evasion techniques like cloaking alongside emerging tactics such as SEO poisoning and phishing-as-a-service. These developments underscore the critical role of these new capabilities in safeguarding against evolving cyber threats.
Continuous and Complete Protection Against Domain-based Threats
ZeroFox adopts a unique approach to phishing compared to email security and conventional anti-phishing providers. Its strategy revolves around the identification, disruption, and elimination of the domains necessary for launching phishing campaigns. With daily monitoring of over 65 million domains, ZeroFox combats various threats like typo squats, subdomain spoofs, homoglyphs, and other malicious domain and URL-based attacks, effectively shielding customers and preventing any disruptions to business operations.
Incorporate advanced domain protection capabilities to enhance their cybersecurity measures, aiming to achieve substantial and measurable business outcomes:
Reduce Phishing Risks with Anti-Cloaking Capabilities:
Strengthen Compliance and Trust with SSL Monitoring
Secure Brand Identity with Favicon Search
Improve Operational Efficiency with Enhanced Subdomain Coverage
Enhance User Experience (UX) with Weblog Monitoring
Mike Price, Chief Technology Officer of ZeroFox, said,
ZeroFox has been detecting and disrupting phishing attacks for the last decade, constantly enhancing our solution to protect our customers from changing phishing techniques used by threat actors, including the widespread use of malicious cloaking and subdomains techniques.
[Source – Globe Newswire]
Price stated that the enhanced capabilities being announced represented their ongoing commitment to tackling the increasing phishing challenge encountered by security teams. He emphasized that as phishing continued to evolve, ZeroFox would remain a trusted anti-phishing partner dedicated to safeguarding customers from both current and future phishing techniques.
About ZeroFox
ZeroFox, a prominent enterprise software-as-a-service provider in the field of external cybersecurity, has revolutionized security beyond the corporate perimeter on the internet, where businesses conduct their operations and threat actors are active. Their platform seamlessly integrates cutting-edge AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust set of breach, incident, and takedown response tools. This enables them to uncover and disrupt various threats, including phishing and fraud campaigns, botnet exposures, impersonations, credential theft, data breaches, and physical threats that target domains, brands, personnel, and assets.
Read More