'TeleSign embeds trust at every touchpoint,' assures Joseph Burton

Media 7 | December 8, 2021

Joseph Burton, Chief Executive Officer at TeleSign elaborates on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. Read on to know about the biggest online financial threat for consumers and much more.

In 2022, Buy Now Pay Later (BNPL) will continue to be a top retail priority. As BNPL growth continues to surge – so will the opportunities for fraudsters.


MEDIA 7: Thank you so much for doing this with us! It’s the holiday season, shopping and online transactions are happening on a large scale. What is the biggest online financial threat for consumers?
JOSEPH BURTON:
When it comes to cybercrime, essentially every person has been a victim – 9 out of 10 people have been subject to credit card fraud, identity theft, or a data breach. Millions of usernames and passwords, physical addresses, credit card numbers, and social security numbers are breached every week and are made available on the dark web. With all of that Personable Identifiable Information (PII) online, synthetic identity theft has become the fastest-growing type of financial fraud in the United States. Unlike traditional identity theft where criminals steal a specific person’s identity, synthetic identity theft involves creating a new, fictitious identity. Fraudsters use a mix of real and fake information – social security numbers, phone numbers, addresses, and birth dates – to create a fake identity.

Fraudsters use these synthetic identities to apply for credit cards and loans, illegally purchase goods online, and create fake product reviews. Synthetic identity fraud creates financial and reputational consequences for consumers, retailers, and financial institutions. For consumers, they are at risk of unauthorized purchases on their credit or debit cards and negative marks on their credit score. And their purchase decisions can be influenced by fake, positively inflated product reviews. Synthetic identity fraud is made possible by elaborate phishing and social engineering schemes. Fraudsters use deceitful emails, text messages, phone calls, and web pages to coerce PII from unsuspecting consumers. Phishing attacks are Pandora’s box to consumer fraud.





M7: Online retailers are now required to improve their security measures given the rise in threats to data privacy. How is TeleSign contributing to the fight against fraud?
JB:
Fraud is increasingly common, costly, and complex. With billions of targets and trillions of dollars at stake, fraudsters have found their groove. 2021 was the first time that successful fraud attempts outnumbered those prevented. In the last 24 months, half – 47% – of companies experienced fraud. Fraudulent losses are significant. On average, businesses lose 5% of their annual revenue to fraud. In addition to the financial risk, fraud introduces a lack of customer satisfaction, as well as reputational & legal damages. Faced with an array of sophisticated attacks, TeleSign helps security teams create a multilayered fraud prevention framework using digital identity signals, machine learning algorithms, and behavioral risk assessments to stay one step ahead of bad actors.

Throughout every stage of the customer journey, TeleSign helps to detect and defend against fraud. When onboarding new customers, businesses can layer in digital identity signals to flag risky users, block fake users, while giving legitimate users a fast and frictionless sign-up experience. For active accounts, TeleSign embeds trust at every touchpoint, ensuring every log-in is secure and every transaction is safe. TeleSign's zero-trust approach assesses the risk of every interaction to maintain the integrity of every account.



Read More: Gartner’s Akhil Gopinath advises, ‘To pivot your business model and grow out of the pandemic phase’


When consumers can use their preferred communication channels, more than half are more likely to recommend, buy more, or make a first-time purchase.



M7: TeleSign focuses on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. These terms are relatively new, could you please elaborate on these for our readers?
JB: Communications Fraud/IRSF (G)


Despite plaguing the telecom industry for more than two decades, International Revenue Share Fraud (IRSF) is a relatively unknown type of attack and it’s experiencing a digital resurgence. IRSF is caused by the artificial inflation of call traffic to premium-rate numbers across the world. Generally, the fraudster leases expensive phone numbers – like psychic or dating hotlines – from an International Premium Rate Number Providers (IPRN) and both parties receive a share of the revenue for every call that’s placed. Over the last couple of years, we have seen fraudsters deploy new, sophisticated tactics to generate a higher volume of calls. For example, using bots and automated scripts, fraudsters can create millions of fake account creations or password reset requests. They nefariously attack web and mobile applications knowing that a voice call – to the premium number they profit on– is a component of account registration or password reset flow. IRSF is sneaky and happens behind the scenes. It is responsible for a $4-6 billion loss each year.

Promotion Abuse

As the retail season kicks into high gear, retailers must create compelling offers, discounts, and promotions to attract customers. But for many retailers, promotions are a double-edged sword. While they keep customers loyal and increase conversion rates, the inevitable abuse of promotions is costly. Promotion abuse occurs when one consumer uses multiple accounts to take advantage of rewards, sales, or other discounts. From sign-up bonuses to coupon codes, three out of four retailers (73%) have experienced promotion abuse in the last 12 months, which equates to an approximate 1.2% loss of revenue. To cut down on promotion abuse, retailers need to close their loopholes and prevent consumers from creating multiple accounts with fake email addresses and/or phone numbers.

Buy Now Pay Later Fraud

Convenience, useability, and affordability: a recipe for consumer success. It is those benefits that have made Buy Now, Pay Later (BNPL) platforms a ubiquitous success. A modern ‘payment plan’ and reimagined ‘layaway,’ BNPL is short-term financing that allows consumers to make a purchase and receive it immediately, but pay for it at a later time, usually over a series of installments. In 2022, BNPL will continue to be a top retail priority and I expect to see retailers extend BNPL payment options in their physical retail stores. As BNPL growth continues to surge – so will the opportunities for fraudsters.



2021 was the first time that successful fraud attempts outnumbered those prevented.



M7: TeleSign connects and protects online experiences with its engagement solutions. What are the different ways TeleSign helps ensure secure and reliable customer communication?
JB:
Communication across the customer journey is dynamic. Eighty-two percent of B2B buyers and 72% of B2C customers use multiple communication channels throughout their path to purchase. In fact, the availability of multichannel communication increases the bottom line. According to Forrester, when consumers can use their preferred communication channels, more than half are more likely to recommend, buy more, or make a first-time purchase. To excel in today’s competitive markets, it’s critical to make your customer communication fast, easy, and secure. From account verification to purchase confirmation, TeleSign delivers reliable communication across the customer journey.

As the pioneer of SMS verification, TeleSign helps connect the world’s most trusted brands to their customers. Our programmable engagement solution empowers businesses to embed messaging, voice, and authentication capabilities into their product and applications via developer-friendly APIs. TeleSign is at the forefront of keeping the digital economy secure, with an established presence on nearly every communications channel. Our customers can create tailored, omnichannel user experiences. And with a global footprint, more than seven hundred direct-to-carrier routes, and constant network traffic monitoring, TeleSign’s dependability is unmatched.



Read More: IDC’s Ritu Jyoti believes ‘Technology investments like AI are critical enablers to business agility’

M7: You have had an exemplary professional journey of over 30 years. Seeing the rapid change in technology and digitalization what future do you predict for this industry?
JB:
Today we’re protecting humans, tomorrow we’re protecting devices and machines – bringing the digital identity business to twenty-five billion devices.


ABOUT TELESIGN

TeleSign provides continuous trust to leading global enterprises by connecting, protecting, and defending their digital identities. TeleSign verifies over five billion unique phone numbers a month, representing half of the world’s mobile users, and provides critical insight into the remaining billions. The company’s powerful AI and extensive data science deliver identity with a unique combination of speed, accuracy, and global reach. TeleSign solutions prevent fraud, secure communications, and enable the digital economy by allowing companies and customers to engage with confidence. Learn more at www.telesign.com and follow us on Twitter at @TeleSign.

More C-Suite on deck

Panzura's Glen Shok explains why file security and military-grade encryption should be applied to all data stored in the cloud

Media 7 | March 11, 2022

Glen Shok, CTO and VP Cloud Architects at Panzura, looks into his crystal ball and shares with us his predictions of the developments in the cybersecurity space. In this interview, we had the opportunity to explore novel malware tactics like ransomware and data wiper exploits, and the different solutions Panzura offers enterprises to improve their security measures. Read on to learn more about upticks in this cybersecurity landscape, and how Panzura can get businesses battle-ready against these attacks.

Read More

Arkose Labs's Vanita Pandey believes ‘Online account is going to be the currency that people will trade on’

Media 7 | December 13, 2021

Vanita Pandey, CMO - Arkose Labs, speaks about the role that Innovative Payment Models play in the changing dynamics of purchase and shopping. Read on to know her thoughts about how necessary is content for attracting consumers in this age and much more.

Read More

Cryptix AG’s Alexandre Horvath wants users to adopt a Zero Trust policy to secure their digital footprint

Media 7 | November 12, 2021

Alexandre Horvath, Chief Information Security & Data Protection Officer at Cryptix AG sheds light on the importance of cybersecurity in the ever-growing landscape of DLT and blockchain. Read on as he elaborates the importance of Zero Trust for data privacy and the struggle of keeping pace with GDPR compliance.

Read More

Panzura's Glen Shok explains why file security and military-grade encryption should be applied to all data stored in the cloud

Media 7 | March 11, 2022

Glen Shok, CTO and VP Cloud Architects at Panzura, looks into his crystal ball and shares with us his predictions of the developments in the cybersecurity space. In this interview, we had the opportunity to explore novel malware tactics like ransomware and data wiper exploits, and the different solutions Panzura offers enterprises to improve their security measures. Read on to learn more about upticks in this cybersecurity landscape, and how Panzura can get businesses battle-ready against these attacks.

Read More

Arkose Labs's Vanita Pandey believes ‘Online account is going to be the currency that people will trade on’

Media 7 | December 13, 2021

Vanita Pandey, CMO - Arkose Labs, speaks about the role that Innovative Payment Models play in the changing dynamics of purchase and shopping. Read on to know her thoughts about how necessary is content for attracting consumers in this age and much more.

Read More

Cryptix AG’s Alexandre Horvath wants users to adopt a Zero Trust policy to secure their digital footprint

Media 7 | November 12, 2021

Alexandre Horvath, Chief Information Security & Data Protection Officer at Cryptix AG sheds light on the importance of cybersecurity in the ever-growing landscape of DLT and blockchain. Read on as he elaborates the importance of Zero Trust for data privacy and the struggle of keeping pace with GDPR compliance.

Read More

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Fortinet Launches Managed Cloud-Native Firewall Service to Simplify Network Security Operations, Available Now on AWS

Fortinet | November 29, 2022

Fortinet®, a global leader in broad, integrated and automated cybersecurity solutions, today announced the availability of FortiGate Cloud-Native Firewall (FortiGate CNF) on Amazon Web Services (AWS), an enterprise-grade, managed next-generation firewall service specifically designed for AWS environments. FortiGate CNF incorporates FortiGuard artificial intelligence (AI)-powered Security Services for real-time detection of and protection against malicious external and internal threats, and is underpinned by FortiOS for a consistent network security experience across AWS and on-prem environments. By shifting the management of network security infrastructure to Fortinet via FortiGate CNF, customers can focus more on their core competencies and deploying effective security policies to protect their business-critical applications and data. Natively supporting AWS and available now in AWS Marketplace, FortiGate CNF gives customers immediate access to FortiGuard AI-powered Security Services for enterprise-grade protection, including URL filtering, DNS filtering, IPS, application control and other FortiGuard security services, that organizations rely on. FortiGate CNF enables customers to realize the following benefits: Region-wide network protection at optimized costs: FortiGate CNF is designed to easily aggregate security across cloud networks, availability zones and virtual private clouds (VPCs) in a cloud region. It also natively supports AWS to help optimize cloud security spend and uses AWS Graviton instances to deliver better price performance than other offerings. Simplified network security operations with cloud-native integrations: FortiGate CNF provides a simple, intuitive user interface (UI) that minimizes the need for security expertise and makes it easy to define and deploy robust security policies including dynamic meta-data based policies on AWS. This AWS support helps security teams move at the speed and scale of applications teams, while support of AWS Gateway Load Balancer eliminates do-it-yourself automation and helps secure Amazon Virtual Private Cloud (Amazon VPC) environments while improving high availability and scaling. Additionally, support of AWS Firewall Manager simplifies security management and automates security rollout. Increased compliance with consistent enterprise-grade security across on-prem and cloud deployments: In a recent survey of more than 800 cybersecurity professionals, 78% of respondents indicated that a cloud security platform with a single dashboard could help them better protect data across their cloud footprint and strengthen their security posture. FortiGate CNF provides an intuitive dashboard to easily manage security policies across a customer’s AWS deployments. As part of the Fortinet Security Fabric platform, it also offers a single pane of glass through FortiManager to centralize policy management, increase visibility and automate policy enforcement on AWS and beyond. This capability helps teams effectively apply security controls seamlessly across hybrid cloud and on-premises deployments. Enhanced with AI-powered global threat intelligence: FortiGate CNF includes a suite of trusted FortiGuard AI-powered security services, developed and continually improved by FortiGuard Labs. Using AI/machine learning (ML) models, FortiGate CNF with FortiGuard Security Services enables a proactive security posture and remediation of known and unknown threats based on real-time threat intelligence, behavior-based detection and automated prevention. Fortinet and AWS – Better Together FortiGate CNF is the latest example of Fortinet's commitment to delivering cloud-native services to support our customers. Fortinet’s work with AWS ensures that customers’ public cloud workloads are protected by best-in-class security solutions powered by comprehensive threat intelligence. Fortinet support of key AWS services simplifies security management, facilitating full visibility across environments and providing broad protection across your workloads and applications. Throughout any stage in a customer’s migration to the cloud, Fortinet Security Fabric, the industry’s highest performing cybersecurity mesh platform, delivers security-driven networking and adaptive cloud protection for the ultimate flexibility and control needed to build in the cloud. Supporting Quotes “Fortinet was the clear choice for help when we decided to move our workloads from a data center to a public cloud environment on AWS. By leveraging Fortinet cloud security solutions to complement native AWS security groups, we were able to accelerate our cloud migration to just one month, a process that that would typically take one year. With the introduction of FortiGate CNF, Yedpay is looking forward to having the option of a managed firewall service powered by the collective cloud infrastructure expertise of Fortinet and AWS to further bolster our existing cloud security and enable us to securely grow our business.” Simon Lau, CIO & CISO, Yedpay “We know organizations are looking to further simplify and modernize security on the cloud, which is why we’re working with Fortinet to deliver adaptive cloud security solutions. With FortiGate CNF, customers can build confidently, boost agility, and take advantage of everything AWS has to offer. As a fully managed cloud-native service, FortiGate CNF provides the enterprise-level firewall services and network security that helps reduce risk and improve compliance, and optimizes customers’ security investments. We’re looking forward to continuing our work with Fortinet to help our mutual customers accelerate their cloud security goals.” Dave Ward, GM, Application Networking, AWS About Fortinet Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 595,000 customers trust Fortinet to protect their businesses.

Read More

DATA SECURITY,ENTERPRISE SECURITY,PLATFORM SECURITY

Laminar Supports Launch of Amazon Security Lake

Laminar | November 30, 2022

Laminar, a leader in public cloud data security, today announced it is supporting the launch of Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned purpose-built data lake. With support for the Open Cybersecurity Schema Framework (OCSF) standard, Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response. “All cybersecurity in the end is about protecting data and all cybersecurity is more effective and efficient with data-context. “Laminar is proud to be a launch partner for Amazon Security Lake, adding data-context to security events for better risk models, effective investigations and efficient remediation.” Amit Shaked, co-founder and CEO, Laminar Amazon Security Lake helps organizations aggregate, manage, and derive value from log and event data on the cloud and on-premises to give security teams greater visibility across their organizations. With Amazon Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases. Amazon Security Lake helps customers optimize security log data retention by optimizing the partitioning of data to improve performance and reduce costs. Now, analysts and engineers can easily build and use a centralized security data lake to improve the protection of workloads, applications, and data. Laminar is a Data Security Posture Management (DSPM) leader that delivers autonomous, agentless, and continuous data security for everything that you build and run on the cloud. Laminar provides autonomous discovery and classification for all data across AWS and hybrid cloud environments into a cloud data catalog, prioritization of data assets by our proprietary risk model, and an agentless and asynchronous approach to DSPM to reduce the exposure surface without impacting performance. “Data is every enterprise’s most valuable asset, which makes protecting it a critical capability for all cybersecurity solutions,” said Rod Wallace, General Manager for Amazon Security Lake. “Amazon Security Lake enables security teams to optimize security log data collection and retention by optimizing the partitioning of data to improve performance and reduce costs. With the Laminar integration, analysts and engineers can store their data in the OCSF format for further analytics to improve the protection of workloads, applications, and data.” About Laminar Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers and cloud data warehouses. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne.

Read More

DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY

Veza Announces Open Authorization API to Extend Identity-First Security Across the Enterprise Data Landscape

Veza | December 02, 2022

Veza today announced that its Open Authorization API (OAA) is now public on GitHub for community collaboration, extending the reach of identity-first security across the enterprise. Developers can now create and share connectors to extend the Veza Authorization Graph to all sensitive data, wherever it lives, including cloud providers, SaaS apps, and custom-built internal apps, accelerating their company’s path to zero trust security. Security professionals espouse the principle of ‘Least Privilege’ to secure enterprise data, but the rush to a multi-cloud, multi-app environment has exploded the complexity and layers of interconnection for which access must be understood, monitored, and constantly remediated to achieve and maintain least privilege. Recent attacks on Okta and Twilio demonstrate that companies are allowing overly-broad access to data via constructs of groups, roles, policies, and system specific permissions. Veza connects the dots of effective permissions across cloud providers, SaaS apps and identity platforms, making it easy to visualize who can view or delete sensitive data. OAA allows organizations and the broader community to create their own integrations with Veza, extending visibility to any resource, including SaaS apps like GitLab and Jira as well as custom-built internal apps. “The vast majority of cybersecurity failures are rooted in issues with the gap that exists between identity, access to data, and permissions,” said Tarun Thakur, co-founder and CEO, Veza. “Since our founding, we have been committed to protecting our customers from threats like ransomware, privilege abuse, and data breaches. With Veza Open Authorization API, we are extending our identity-first security approach broadly in the market and arming organizations with the tools they need to remediate undesirable and unnecessary data access at a granular level, and meet the requirements of access governance for enterprise systems, both on-premises and in the cloud." With Veza's Open Authorization API, customers can translate and visualize authorization metadata from any SaaS app, custom and in-house applications. Users can explore identity-to-data relationships through the Authorization Graph, monitor for least privilege misconfigurations and violations, and conduct comprehensive entitlement reviews for all of their sensitive data. “We specifically chose Veza because their Open Authorization API allowed us to connect to our custom internal applications. We follow the principle of least privilege, but with so many systems to review, we valued Veza’s unique ability to give us a comprehensive view quickly. They made it faster and easier for our team to review all permissions with confidence.” -Riaz Lakhani, CISO of Barracuda Networks. As an open-source project on GitHub, Veza’s Open Authorization API allows customers and partners to learn from, and build upon, each other’s work to create a control plane that reaches all data. By bringing OAA SDK and connectors available on GitHub Community, Veza empowers customers to ingest authorization metadata previously isolated in internal systems and SaaS applications. The OAA community has already created integrations for critical SaaS apps including GitHub, GitLab, Bitbucket, Jira, Zendesk, Slack, Coupa Software, Pagerduty, and Looker. These integrations are available now to all Veza customers. “Veza solves the problem of aligning identities to data,” said Craig Rosen, Chief Security & Trust Officer at ASAPP. “Veza’s Open Authorization Platform helped us extend that visibility to all the apps and data that matter most to us, like GitHub and Jira. Now it is easy for our security professionals to understand (and remediate) who has access to our important intellectual property.” About Veza Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to visualize, remediate, and control who can and should take what action on what data. We empower customers to take an identity-first approach to secure data by addressing critical business needs of streamlining identity and access governance, implementing data lake security, managing cloud entitlements, and modernizing privileged access. Our Authorization Graph connects identities to data across enterprise systems, enabling analysis, monitoring, and certification of end-to-end access. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza to secure their enterprise data. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Fortinet Launches Managed Cloud-Native Firewall Service to Simplify Network Security Operations, Available Now on AWS

Fortinet | November 29, 2022

Fortinet®, a global leader in broad, integrated and automated cybersecurity solutions, today announced the availability of FortiGate Cloud-Native Firewall (FortiGate CNF) on Amazon Web Services (AWS), an enterprise-grade, managed next-generation firewall service specifically designed for AWS environments. FortiGate CNF incorporates FortiGuard artificial intelligence (AI)-powered Security Services for real-time detection of and protection against malicious external and internal threats, and is underpinned by FortiOS for a consistent network security experience across AWS and on-prem environments. By shifting the management of network security infrastructure to Fortinet via FortiGate CNF, customers can focus more on their core competencies and deploying effective security policies to protect their business-critical applications and data. Natively supporting AWS and available now in AWS Marketplace, FortiGate CNF gives customers immediate access to FortiGuard AI-powered Security Services for enterprise-grade protection, including URL filtering, DNS filtering, IPS, application control and other FortiGuard security services, that organizations rely on. FortiGate CNF enables customers to realize the following benefits: Region-wide network protection at optimized costs: FortiGate CNF is designed to easily aggregate security across cloud networks, availability zones and virtual private clouds (VPCs) in a cloud region. It also natively supports AWS to help optimize cloud security spend and uses AWS Graviton instances to deliver better price performance than other offerings. Simplified network security operations with cloud-native integrations: FortiGate CNF provides a simple, intuitive user interface (UI) that minimizes the need for security expertise and makes it easy to define and deploy robust security policies including dynamic meta-data based policies on AWS. This AWS support helps security teams move at the speed and scale of applications teams, while support of AWS Gateway Load Balancer eliminates do-it-yourself automation and helps secure Amazon Virtual Private Cloud (Amazon VPC) environments while improving high availability and scaling. Additionally, support of AWS Firewall Manager simplifies security management and automates security rollout. Increased compliance with consistent enterprise-grade security across on-prem and cloud deployments: In a recent survey of more than 800 cybersecurity professionals, 78% of respondents indicated that a cloud security platform with a single dashboard could help them better protect data across their cloud footprint and strengthen their security posture. FortiGate CNF provides an intuitive dashboard to easily manage security policies across a customer’s AWS deployments. As part of the Fortinet Security Fabric platform, it also offers a single pane of glass through FortiManager to centralize policy management, increase visibility and automate policy enforcement on AWS and beyond. This capability helps teams effectively apply security controls seamlessly across hybrid cloud and on-premises deployments. Enhanced with AI-powered global threat intelligence: FortiGate CNF includes a suite of trusted FortiGuard AI-powered security services, developed and continually improved by FortiGuard Labs. Using AI/machine learning (ML) models, FortiGate CNF with FortiGuard Security Services enables a proactive security posture and remediation of known and unknown threats based on real-time threat intelligence, behavior-based detection and automated prevention. Fortinet and AWS – Better Together FortiGate CNF is the latest example of Fortinet's commitment to delivering cloud-native services to support our customers. Fortinet’s work with AWS ensures that customers’ public cloud workloads are protected by best-in-class security solutions powered by comprehensive threat intelligence. Fortinet support of key AWS services simplifies security management, facilitating full visibility across environments and providing broad protection across your workloads and applications. Throughout any stage in a customer’s migration to the cloud, Fortinet Security Fabric, the industry’s highest performing cybersecurity mesh platform, delivers security-driven networking and adaptive cloud protection for the ultimate flexibility and control needed to build in the cloud. Supporting Quotes “Fortinet was the clear choice for help when we decided to move our workloads from a data center to a public cloud environment on AWS. By leveraging Fortinet cloud security solutions to complement native AWS security groups, we were able to accelerate our cloud migration to just one month, a process that that would typically take one year. With the introduction of FortiGate CNF, Yedpay is looking forward to having the option of a managed firewall service powered by the collective cloud infrastructure expertise of Fortinet and AWS to further bolster our existing cloud security and enable us to securely grow our business.” Simon Lau, CIO & CISO, Yedpay “We know organizations are looking to further simplify and modernize security on the cloud, which is why we’re working with Fortinet to deliver adaptive cloud security solutions. With FortiGate CNF, customers can build confidently, boost agility, and take advantage of everything AWS has to offer. As a fully managed cloud-native service, FortiGate CNF provides the enterprise-level firewall services and network security that helps reduce risk and improve compliance, and optimizes customers’ security investments. We’re looking forward to continuing our work with Fortinet to help our mutual customers accelerate their cloud security goals.” Dave Ward, GM, Application Networking, AWS About Fortinet Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 595,000 customers trust Fortinet to protect their businesses.

Read More

DATA SECURITY,ENTERPRISE SECURITY,PLATFORM SECURITY

Laminar Supports Launch of Amazon Security Lake

Laminar | November 30, 2022

Laminar, a leader in public cloud data security, today announced it is supporting the launch of Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned purpose-built data lake. With support for the Open Cybersecurity Schema Framework (OCSF) standard, Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response. “All cybersecurity in the end is about protecting data and all cybersecurity is more effective and efficient with data-context. “Laminar is proud to be a launch partner for Amazon Security Lake, adding data-context to security events for better risk models, effective investigations and efficient remediation.” Amit Shaked, co-founder and CEO, Laminar Amazon Security Lake helps organizations aggregate, manage, and derive value from log and event data on the cloud and on-premises to give security teams greater visibility across their organizations. With Amazon Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases. Amazon Security Lake helps customers optimize security log data retention by optimizing the partitioning of data to improve performance and reduce costs. Now, analysts and engineers can easily build and use a centralized security data lake to improve the protection of workloads, applications, and data. Laminar is a Data Security Posture Management (DSPM) leader that delivers autonomous, agentless, and continuous data security for everything that you build and run on the cloud. Laminar provides autonomous discovery and classification for all data across AWS and hybrid cloud environments into a cloud data catalog, prioritization of data assets by our proprietary risk model, and an agentless and asynchronous approach to DSPM to reduce the exposure surface without impacting performance. “Data is every enterprise’s most valuable asset, which makes protecting it a critical capability for all cybersecurity solutions,” said Rod Wallace, General Manager for Amazon Security Lake. “Amazon Security Lake enables security teams to optimize security log data collection and retention by optimizing the partitioning of data to improve performance and reduce costs. With the Laminar integration, analysts and engineers can store their data in the OCSF format for further analytics to improve the protection of workloads, applications, and data.” About Laminar Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers and cloud data warehouses. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne.

Read More

DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY

Veza Announces Open Authorization API to Extend Identity-First Security Across the Enterprise Data Landscape

Veza | December 02, 2022

Veza today announced that its Open Authorization API (OAA) is now public on GitHub for community collaboration, extending the reach of identity-first security across the enterprise. Developers can now create and share connectors to extend the Veza Authorization Graph to all sensitive data, wherever it lives, including cloud providers, SaaS apps, and custom-built internal apps, accelerating their company’s path to zero trust security. Security professionals espouse the principle of ‘Least Privilege’ to secure enterprise data, but the rush to a multi-cloud, multi-app environment has exploded the complexity and layers of interconnection for which access must be understood, monitored, and constantly remediated to achieve and maintain least privilege. Recent attacks on Okta and Twilio demonstrate that companies are allowing overly-broad access to data via constructs of groups, roles, policies, and system specific permissions. Veza connects the dots of effective permissions across cloud providers, SaaS apps and identity platforms, making it easy to visualize who can view or delete sensitive data. OAA allows organizations and the broader community to create their own integrations with Veza, extending visibility to any resource, including SaaS apps like GitLab and Jira as well as custom-built internal apps. “The vast majority of cybersecurity failures are rooted in issues with the gap that exists between identity, access to data, and permissions,” said Tarun Thakur, co-founder and CEO, Veza. “Since our founding, we have been committed to protecting our customers from threats like ransomware, privilege abuse, and data breaches. With Veza Open Authorization API, we are extending our identity-first security approach broadly in the market and arming organizations with the tools they need to remediate undesirable and unnecessary data access at a granular level, and meet the requirements of access governance for enterprise systems, both on-premises and in the cloud." With Veza's Open Authorization API, customers can translate and visualize authorization metadata from any SaaS app, custom and in-house applications. Users can explore identity-to-data relationships through the Authorization Graph, monitor for least privilege misconfigurations and violations, and conduct comprehensive entitlement reviews for all of their sensitive data. “We specifically chose Veza because their Open Authorization API allowed us to connect to our custom internal applications. We follow the principle of least privilege, but with so many systems to review, we valued Veza’s unique ability to give us a comprehensive view quickly. They made it faster and easier for our team to review all permissions with confidence.” -Riaz Lakhani, CISO of Barracuda Networks. As an open-source project on GitHub, Veza’s Open Authorization API allows customers and partners to learn from, and build upon, each other’s work to create a control plane that reaches all data. By bringing OAA SDK and connectors available on GitHub Community, Veza empowers customers to ingest authorization metadata previously isolated in internal systems and SaaS applications. The OAA community has already created integrations for critical SaaS apps including GitHub, GitLab, Bitbucket, Jira, Zendesk, Slack, Coupa Software, Pagerduty, and Looker. These integrations are available now to all Veza customers. “Veza solves the problem of aligning identities to data,” said Craig Rosen, Chief Security & Trust Officer at ASAPP. “Veza’s Open Authorization Platform helped us extend that visibility to all the apps and data that matter most to us, like GitHub and Jira. Now it is easy for our security professionals to understand (and remediate) who has access to our important intellectual property.” About Veza Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to visualize, remediate, and control who can and should take what action on what data. We empower customers to take an identity-first approach to secure data by addressing critical business needs of streamlining identity and access governance, implementing data lake security, managing cloud entitlements, and modernizing privileged access. Our Authorization Graph connects identities to data across enterprise systems, enabling analysis, monitoring, and certification of end-to-end access. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza to secure their enterprise data. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures.

Read More

Spotlight

TeleSign

TeleSign

TeleSign provides continuous trust to leading global enterprises by connecting, protecting, and defending their digital identities. TeleSign verifies over five billion unique phone numbers a month, representing half of the world’s mobile users, and provides critical insight into the remaining billio...

Events

Resources

resource image

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

Cybersecurity Awareness when using Teams.

Video

resource image

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

How to protect yourself from cyber attacks

Video

resource image

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

Cybersecurity Awareness when using Teams.

Video

resource image

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

How to protect yourself from cyber attacks

Video

Events