DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Netskope | December 01, 2022
Netskope, a global leader in secure access service edge (SASE), is announcing new support of Amazon Web Services (AWS) to further improve visibility of risks and threats on AWS services, resulting in even stronger security postures for customers. Through this work, Netskope will support the launch of AWS Verified Access and Amazon Security Lake to drive innovation for enterprises running on AWS.
As the cybersecurity landscape becomes more complex and multifaceted, organizations want to confidently know their data, employees, and resources are safe from potential attacks. Netskope has helped thousands of customers, including more than 25 of the Fortune 100, improve their security posture through integrated zero trust network access (ZTNA), secure web gateway (SWG), cloud access security broker (CASB), cloud security posture management (CSPM), storage scanning with data loss prevention (DLP), cloud firewall, Borderless WAN, and more. By meeting the rigorous standards of supporting the launch of AWS Verified Access and Amazon Security Lake, Netskope and customers can have greater confidence in the company's deep technical expertise on AWS and its proven track record in securing even the most complex cloud journeys.
"As organizations search for seamless support and unification of their cloud security services, our work with AWS will help customers achieve even better visibility and protection in a cloud-first, hybrid work environment. "Hybrid work today happens in the office, at home, or on the go, and with this new support of Amazon Security Lake and AWS Verified Access, we'll help customers navigate their cloud security journey by securing data from anywhere, on any device."
Andy Horwitz, Vice President, Business Development and Technology Alliances at Netskope
Netskope will support Amazon Security Lake and AWS Verified Access by providing visibility and real-time data and threat protection when accessing cloud services, applications, and data. Customers can expect broader and more granular data sharing to expose cloud threats and security gaps, better alert prioritization so security teams can remediate the highest threats first, and a stronger security posture with faster remediation strategies in place.
"Netskope and AWS continue to help organizations with security capabilities they need to protect their users and data everywhere," said Chris Grusz, Director, ISV Partner and AWS Marketplace Business Development. "Netskope is a trusted security provider for many cloud-first organizations, and the expanded relationship with AWS will allow customers to better realize the full value of their AWS Security investments."
About Netskope
Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.
Read More
DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY
Veza | December 02, 2022
Veza today announced that its Open Authorization API (OAA) is now public on GitHub for community collaboration, extending the reach of identity-first security across the enterprise. Developers can now create and share connectors to extend the Veza Authorization Graph to all sensitive data, wherever it lives, including cloud providers, SaaS apps, and custom-built internal apps, accelerating their company’s path to zero trust security.
Security professionals espouse the principle of ‘Least Privilege’ to secure enterprise data, but the rush to a multi-cloud, multi-app environment has exploded the complexity and layers of interconnection for which access must be understood, monitored, and constantly remediated to achieve and maintain least privilege. Recent attacks on Okta and Twilio demonstrate that companies are allowing overly-broad access to data via constructs of groups, roles, policies, and system specific permissions. Veza connects the dots of effective permissions across cloud providers, SaaS apps and identity platforms, making it easy to visualize who can view or delete sensitive data. OAA allows organizations and the broader community to create their own integrations with Veza, extending visibility to any resource, including SaaS apps like GitLab and Jira as well as custom-built internal apps.
“The vast majority of cybersecurity failures are rooted in issues with the gap that exists between identity, access to data, and permissions,” said Tarun Thakur, co-founder and CEO, Veza. “Since our founding, we have been committed to protecting our customers from threats like ransomware, privilege abuse, and data breaches. With Veza Open Authorization API, we are extending our identity-first security approach broadly in the market and arming organizations with the tools they need to remediate undesirable and unnecessary data access at a granular level, and meet the requirements of access governance for enterprise systems, both on-premises and in the cloud."
With Veza's Open Authorization API, customers can translate and visualize authorization metadata from any SaaS app, custom and in-house applications. Users can explore identity-to-data relationships through the Authorization Graph, monitor for least privilege misconfigurations and violations, and conduct comprehensive entitlement reviews for all of their sensitive data.
“We specifically chose Veza because their Open Authorization API allowed us to connect to our custom internal applications. We follow the principle of least privilege, but with so many systems to review, we valued Veza’s unique ability to give us a comprehensive view quickly. They made it faster and easier for our team to review all permissions with confidence.”
-Riaz Lakhani, CISO of Barracuda Networks.
As an open-source project on GitHub, Veza’s Open Authorization API allows customers and partners to learn from, and build upon, each other’s work to create a control plane that reaches all data. By bringing OAA SDK and connectors available on GitHub Community, Veza empowers customers to ingest authorization metadata previously isolated in internal systems and SaaS applications. The OAA community has already created integrations for critical SaaS apps including GitHub, GitLab, Bitbucket, Jira, Zendesk, Slack, Coupa Software, Pagerduty, and Looker. These integrations are available now to all Veza customers.
“Veza solves the problem of aligning identities to data,” said Craig Rosen, Chief Security & Trust Officer at ASAPP. “Veza’s Open Authorization Platform helped us extend that visibility to all the apps and data that matter most to us, like GitHub and Jira. Now it is easy for our security professionals to understand (and remediate) who has access to our important intellectual property.”
About Veza
Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to visualize, remediate, and control who can and should take what action on what data. We empower customers to take an identity-first approach to secure data by addressing critical business needs of streamlining identity and access governance, implementing data lake security, managing cloud entitlements, and modernizing privileged access. Our Authorization Graph connects identities to data across enterprise systems, enabling analysis, monitoring, and certification of end-to-end access. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza to secure their enterprise data. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures.
Read More
DATA SECURITY,ENTERPRISE SECURITY,PLATFORM SECURITY
Laminar | November 30, 2022
Laminar, a leader in public cloud data security, today announced it is supporting the launch of Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned purpose-built data lake. With support for the Open Cybersecurity Schema Framework (OCSF) standard, Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response.
“All cybersecurity in the end is about protecting data and all cybersecurity is more effective and efficient with data-context. “Laminar is proud to be a launch partner for Amazon Security Lake, adding data-context to security events for better risk models, effective investigations and efficient remediation.”
Amit Shaked, co-founder and CEO, Laminar
Amazon Security Lake helps organizations aggregate, manage, and derive value from log and event data on the cloud and on-premises to give security teams greater visibility across their organizations. With Amazon Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases. Amazon Security Lake helps customers optimize security log data retention by optimizing the partitioning of data to improve performance and reduce costs. Now, analysts and engineers can easily build and use a centralized security data lake to improve the protection of workloads, applications, and data.
Laminar is a Data Security Posture Management (DSPM) leader that delivers autonomous, agentless, and continuous data security for everything that you build and run on the cloud. Laminar provides autonomous discovery and classification for all data across AWS and hybrid cloud environments into a cloud data catalog, prioritization of data assets by our proprietary risk model, and an agentless and asynchronous approach to DSPM to reduce the exposure surface without impacting performance.
“Data is every enterprise’s most valuable asset, which makes protecting it a critical capability for all cybersecurity solutions,” said Rod Wallace, General Manager for Amazon Security Lake. “Amazon Security Lake enables security teams to optimize security log data collection and retention by optimizing the partitioning of data to improve performance and reduce costs. With the Laminar integration, analysts and engineers can store their data in the OCSF format for further analytics to improve the protection of workloads, applications, and data.”
About Laminar
Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers and cloud data warehouses. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne.
Read More