ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
BigID | March 17, 2023
BigID, the leading platform for data security, compliance, privacy, and governance, today introduced purpose-built AI and ML-based data discovery and classification capabilities designed to quickly and easily detect secrets across enterprise data and reduce risk from potential data breaches and leaks.
Secrets - including as API keys, tokens, usernames and passwords, and security certificates - are commonly shared, cloned, and distributed across enterprise data environments as a means for better collaboration and efficiency. Unfortunately, the proliferation of secrets across these environments increases the attack surface and quickly raises security risks. Data containing secrets can inadvertently get pushed into production, while other secrets can be exposed to internal and external bad actors.
With BigID's native secrets detection capabilities, organizations can:
Scan for secrets across the entire software development ecosystem including GitLab, GitHub, Jira, Confluence, Powershell scripts, Slack, and hundreds of other data sources across the environment
Detect secrets faster and more accurately using patented AI and ML-based data classification techniques
Proactively protect secrets with streamlined and automated remediation to continually mitigate the threat of exposure
"Secrets-in-code remains one of the most overlooked vulnerabilities in security, despite being a priority target in some of the biggest breaches of late," said Tyler Young, CISO at BigID. "BigID's purpose-built AI and ML-based data discovery and classification give security teams speed and confidence to protect secrets from unwanted exposure so they don't become another headline."
About BigID
BigID enables organizations to know their enterprise data and take action for data-centric security, privacy, compliance and governance. Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. BigID has been recognized for its data intelligence innovation as a 2019 World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, the 2021 Inc 5000 as the #19th fastest growing company and #1 in Security, the 2021 and 2022 Deloitte 500, and an RSA Innovation Sandbox winner.
Read More
DATA SECURITY, ENTERPRISE IDENTITY, NETWORK THREAT DETECTION
ForgeRock | March 21, 2023
ForgeRock®, a global digital identity leader, today announced ForgeRock Enterprise Connect Passwordless, a new passwordless authentication solution that eliminates the need for users to interact with passwords inside large organizations. Enterprise Connect Passwordless is the latest addition to ForgeRock’s industry-leading, passwordless authentication portfolio for consumer and workforce use cases.
Developed through ForgeRock’s strategic partnership with Secret Double Octopus, the new solution, integrated into ForgeRock Identity Platform, protects the most commonly used and vulnerable enterprise resources such as servers, workstations, remote desktops, and VPNs. It helps large enterprises proactively defend against costly cyber-attacks and unauthorized access by providing a passwordless experience to legacy applications, systems and services. In turn, organizations can deliver an employee experience that empowers people to access their information without needing to know a password.
“The move to passwordless authentication will fundamentally change every digital experience on the planet, starting with the most common experience of all - logging in,” said Peter Barker, Chief Product Officer, ForgeRock. “With the addition of Enterprise Connect Passwordless, ForgeRock is the only solution to offer a full spectrum of passwordless capabilities that help employees and consumers say goodbye to remembering their passwords.”
Organizations deploying ForgeRock Enterprise Connect Passwordless become a more secure enterprise by removing employee interaction with passwords, and reducing the risk of compromise. Benefits include eliminating employee account lockouts and reducing the volume of IT tickets, which can lower operational costs from help desk interactions, increase workforce productivity and enhance the user experience.
Removing Passwordless Orchestration and Deployment Complexities
ForgeRock Enterprise Connect Passwordless uses next generation identity orchestration capabilities that allow enterprises to easily design and implement passwordless login and access journeys tailored to their unique security and experience needs. With ForgeRock, organizations now have the freedom to move to passwordless at their own pace – without it being an “all or nothing” experience.
“When an organization decides it wants to go passwordless to improve user experiences, that can be a heavy lift, made lighter when accompanied by user journey orchestration technology,” said Jay Bretzmann, Research Vice President, Security Products, IDC. “The ability to rapidly create login experiences tailored to groups of diverse individuals is an imperative for modern enterprises. Orchestration not only provides the tools to do this, but also the ability to ‘fine-tune’ journeys in real-time. What used to take programmers and developers weeks or months can now be accomplished by non-technical IT or identity staff for a fraction of the time and cost.”
Available in Q2, Enterprise Connect Passwordless augments the company’s existing passwordless capabilities, adding to the ongoing work ForgeRock has been doing to eliminate consumer passwords for more than a decade.
A History of Paving the Passwordless Path for Enterprises
The ForgeRock Identity Platform has an extensive history of providing organizations several options to help deploy passwordless authentication for mobile and web applications to reduce fraud and improve the user experience.
ForgeRock can accelerate passwordless deployment with integration for applications, support for identity standards, easy to use workflows to enable workforce and CIAM passwordless user journeys, and web-based passwordless authentication through a browser using passkeys in their mobile devices. ForgeRock already supports passwordless authentication capabilities through FIDO2 WebAuthn standards and passkeys within the ForgeRock Identity Cloud, low-code, no-code access orchestration with ForgeRock Intelligent Access and AI-driven threat protection within ForgeRock Autonomous Access. ForgeRock also has alliances with partners that have developed curated FIDO solutions for many different types of applications.
About ForgeRock
ForgeRock® is a global digital identity leader helping people simply and safely access the connected world. The ForgeRock Identity Platform delivers enterprise-grade identity solutions at scale for customers, employees, and connected devices. More than 1,300 organizations depend on ForgeRock’s comprehensive platform to manage and secure identities with identity orchestration, dynamic access controls, governance, and APIs in any cloud or hybrid environment.
Read More
DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY
Beyond Identity | March 16, 2023
Beyond Identity, the industry leader in providing phishing-resistant, passwordless MFA, has announced the official launch of 'Zero Trust Authentication' as a subcategory of zero trust technology, along with the introduction of the Zero Trust Leadership series of events worldwide, which will be held throughout 2023.
Combining industry-leading security integrators and technologies, such as Beyond Identity, CrowdStrike, Palo Alto Networks, Optiv, World Wide Technology, BeyondTrust, Climb Channel SolutionsPing Identity, and Guidepoint Security will enable organizations to move toward secure authentication designed to improve the zero-trust strategies of the Fortune 5000.
Zero Trust Authentication was created in response to the failure of conventional authentication methods, a problem that has been compounded by the rise of cyberattacks. Implementing Zero Trust Authentication will enable businesses to surpass the constraints of legacy multi-factor authentication (MFA) and passwords and deploy more effective security strategies.
To achieve this, the Zero Trust Authentication strategy incorporates components like Beyond Identity's risk scoring and continuous authentication functionalities, which greatly increase the given level of security.
Tom Jermoluk, Co-Founder and Chief Executive Officer of Beyond Identity, mentioned, "In working with leaders across the security ecosystem, it became apparent to us that the industry needs to formally bring identity and access management into the security fold to continuously deliver the highest level of security around users and devices."
(Source – Business Wire)
He added, "We are bringing together the leaders from the essential technology categories to ensure authentication decisions are risk based and continuously informed with signals from the wealth of existing cybersecurity tooling. Through close technology collaboration and now go-to-market collaboration in this Zero Trust Leadership series, we are delivering strong authentication built for an 'always on' zero trust world coupled with the practical advice and best practices so that enterprises can finally close identity and access management vulnerabilities."
(Source – Business Wire)
About Beyond Identity
Beyond Identity is redefining digital access for companies seeking to enhance protection against cyber assaults and provide the greatest levels of security for their customers, employees, and developers. The company's phishing-resistant, passwordless, and Zero Trust Authentication technologies enhance both security and the user experience.
The platform provides continuous risk-based authentication that incorporates signals from the zero-trust ecosystem to guarantee that only valid users and secure devices get or keep access to vital resources. Snowflake, Roblox, and Unqork rely on Beyond Identity's highly accessible cloud-native platform to deter assaults and advance their zero-trust strategy.
Read More