'TeleSign embeds trust at every touchpoint,' assures Joseph Burton

Joseph Burton, Chief Executive Officer at TeleSign elaborates on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. Read on to know about the biggest online financial threat for consumers and much more.

In 2022, Buy Now Pay Later (BNPL) will continue to be a top retail priority. As BNPL growth continues to surge – so will the opportunities for fraudsters.


MEDIA 7: Thank you so much for doing this with us! It’s the holiday season, shopping and online transactions are happening on a large scale. What is the biggest online financial threat for consumers?
JOSEPH BURTON:
When it comes to cybercrime, essentially every person has been a victim – 9 out of 10 people have been subject to credit card fraud, identity theft, or a data breach. Millions of usernames and passwords, physical addresses, credit card numbers, and social security numbers are breached every week and are made available on the dark web. With all of that Personable Identifiable Information (PII) online, synthetic identity theft has become the fastest-growing type of financial fraud in the United States. Unlike traditional identity theft where criminals steal a specific person’s identity, synthetic identity theft involves creating a new, fictitious identity. Fraudsters use a mix of real and fake information – social security numbers, phone numbers, addresses, and birth dates – to create a fake identity.

Fraudsters use these synthetic identities to apply for credit cards and loans, illegally purchase goods online, and create fake product reviews. Synthetic identity fraud creates financial and reputational consequences for consumers, retailers, and financial institutions. For consumers, they are at risk of unauthorized purchases on their credit or debit cards and negative marks on their credit score. And their purchase decisions can be influenced by fake, positively inflated product reviews. Synthetic identity fraud is made possible by elaborate phishing and social engineering schemes. Fraudsters use deceitful emails, text messages, phone calls, and web pages to coerce PII from unsuspecting consumers. Phishing attacks are Pandora’s box to consumer fraud.





M7: Online retailers are now required to improve their security measures given the rise in threats to data privacy. How is TeleSign contributing to the fight against fraud?
JB:
Fraud is increasingly common, costly, and complex. With billions of targets and trillions of dollars at stake, fraudsters have found their groove. 2021 was the first time that successful fraud attempts outnumbered those prevented. In the last 24 months, half – 47% – of companies experienced fraud. Fraudulent losses are significant. On average, businesses lose 5% of their annual revenue to fraud. In addition to the financial risk, fraud introduces a lack of customer satisfaction, as well as reputational & legal damages. Faced with an array of sophisticated attacks, TeleSign helps security teams create a multilayered fraud prevention framework using digital identity signals, machine learning algorithms, and behavioral risk assessments to stay one step ahead of bad actors.

Throughout every stage of the customer journey, TeleSign helps to detect and defend against fraud. When onboarding new customers, businesses can layer in digital identity signals to flag risky users, block fake users, while giving legitimate users a fast and frictionless sign-up experience. For active accounts, TeleSign embeds trust at every touchpoint, ensuring every log-in is secure and every transaction is safe. TeleSign's zero-trust approach assesses the risk of every interaction to maintain the integrity of every account.



Read More: Gartner’s Akhil Gopinath advises, ‘To pivot your business model and grow out of the pandemic phase’


When consumers can use their preferred communication channels, more than half are more likely to recommend, buy more, or make a first-time purchase.



M7: TeleSign focuses on Promotion Abuse, Communication Fraud, and Buy Now Pay Later Fraud. These terms are relatively new, could you please elaborate on these for our readers?
JB: Communications Fraud/IRSF (G)


Despite plaguing the telecom industry for more than two decades, International Revenue Share Fraud (IRSF) is a relatively unknown type of attack and it’s experiencing a digital resurgence. IRSF is caused by the artificial inflation of call traffic to premium-rate numbers across the world. Generally, the fraudster leases expensive phone numbers – like psychic or dating hotlines – from an International Premium Rate Number Providers (IPRN) and both parties receive a share of the revenue for every call that’s placed. Over the last couple of years, we have seen fraudsters deploy new, sophisticated tactics to generate a higher volume of calls. For example, using bots and automated scripts, fraudsters can create millions of fake account creations or password reset requests. They nefariously attack web and mobile applications knowing that a voice call – to the premium number they profit on– is a component of account registration or password reset flow. IRSF is sneaky and happens behind the scenes. It is responsible for a $4-6 billion loss each year.

Promotion Abuse

As the retail season kicks into high gear, retailers must create compelling offers, discounts, and promotions to attract customers. But for many retailers, promotions are a double-edged sword. While they keep customers loyal and increase conversion rates, the inevitable abuse of promotions is costly. Promotion abuse occurs when one consumer uses multiple accounts to take advantage of rewards, sales, or other discounts. From sign-up bonuses to coupon codes, three out of four retailers (73%) have experienced promotion abuse in the last 12 months, which equates to an approximate 1.2% loss of revenue. To cut down on promotion abuse, retailers need to close their loopholes and prevent consumers from creating multiple accounts with fake email addresses and/or phone numbers.

Buy Now Pay Later Fraud

Convenience, useability, and affordability: a recipe for consumer success. It is those benefits that have made Buy Now, Pay Later (BNPL) platforms a ubiquitous success. A modern ‘payment plan’ and reimagined ‘layaway,’ BNPL is short-term financing that allows consumers to make a purchase and receive it immediately, but pay for it at a later time, usually over a series of installments. In 2022, BNPL will continue to be a top retail priority and I expect to see retailers extend BNPL payment options in their physical retail stores. As BNPL growth continues to surge – so will the opportunities for fraudsters.



2021 was the first time that successful fraud attempts outnumbered those prevented.



M7: TeleSign connects and protects online experiences with its engagement solutions. What are the different ways TeleSign helps ensure secure and reliable customer communication?
JB:
Communication across the customer journey is dynamic. Eighty-two percent of B2B buyers and 72% of B2C customers use multiple communication channels throughout their path to purchase. In fact, the availability of multichannel communication increases the bottom line. According to Forrester, when consumers can use their preferred communication channels, more than half are more likely to recommend, buy more, or make a first-time purchase. To excel in today’s competitive markets, it’s critical to make your customer communication fast, easy, and secure. From account verification to purchase confirmation, TeleSign delivers reliable communication across the customer journey.

As the pioneer of SMS verification, TeleSign helps connect the world’s most trusted brands to their customers. Our programmable engagement solution empowers businesses to embed messaging, voice, and authentication capabilities into their product and applications via developer-friendly APIs. TeleSign is at the forefront of keeping the digital economy secure, with an established presence on nearly every communications channel. Our customers can create tailored, omnichannel user experiences. And with a global footprint, more than seven hundred direct-to-carrier routes, and constant network traffic monitoring, TeleSign’s dependability is unmatched.



Read More: IDC’s Ritu Jyoti believes ‘Technology investments like AI are critical enablers to business agility’

M7: You have had an exemplary professional journey of over 30 years. Seeing the rapid change in technology and digitalization what future do you predict for this industry?
JB:
Today we’re protecting humans, tomorrow we’re protecting devices and machines – bringing the digital identity business to twenty-five billion devices.


ABOUT TELESIGN

TeleSign provides continuous trust to leading global enterprises by connecting, protecting, and defending their digital identities. TeleSign verifies over five billion unique phone numbers a month, representing half of the world’s mobile users, and provides critical insight into the remaining billions. The company’s powerful AI and extensive data science deliver identity with a unique combination of speed, accuracy, and global reach. TeleSign solutions prevent fraud, secure communications, and enable the digital economy by allowing companies and customers to engage with confidence. Learn more at www.telesign.com and follow us on Twitter at @TeleSign.

More C-Suite on deck

‘Security solutions need to be consistent, regardless of geography or technical stack,’ emphasizes Nishant Kaushik

Media 7 | June 16, 2023

Nishant Kaushik is an excellent technologist with strategic foresight and tactical know-how to manage technology-driven businesses and security expansion plans. He has successfully led cross-functional and highly focused teams to achieve business objectives that align with customer needs. Read this interview to discover Nishant’s expertise and unique perspective on omnichannel security and risk management.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

‘Security solutions need to be consistent, regardless of geography or technical stack,’ emphasizes Nishant Kaushik

Media 7 | June 16, 2023

Nishant Kaushik is an excellent technologist with strategic foresight and tactical know-how to manage technology-driven businesses and security expansion plans. He has successfully led cross-functional and highly focused teams to achieve business objectives that align with customer needs. Read this interview to discover Nishant’s expertise and unique perspective on omnichannel security and risk management.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

Related News

Software Security

Deepwatch Announces New Forensic-Focused Operations Service To Enhance Cyber Resilience

Deepwatch | January 09, 2024

Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience. Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting. According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.” Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include: Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization. Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads. Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle. Reporting and Reviews - Deepwatch provides customers with reports, including: Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations. Summary presentations on the solution engagement status, including but not limited to hunting reports. Up to two executive reviews of the solution and observables per year. Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria. Annual intelligence reports on incident lessons learned and predictions. Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report. Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities. “As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.” About Deepwatch Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Software Security

Keeper Streamlines Compliance Processes With Granular Sharing Enforcements

Keeper Security, Inc. | January 11, 2024

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, announces Granular Sharing Enforcements will soon be available for all products in the Keeper® platform. Granular Sharing enables administrators to enforce detailed creating and sharing permissions at the user level. By implementing these permissions, organizations can ensure employees only have access to the resources necessary for their roles, minimizing the risk of unauthorized access, data breaches and lateral movement within a network. "It's critical for organizations to have security solutions that help them adhere to increasing regulations and compliance requirements," said Craig Lurey, CTO and Co-founder of Keeper Security. "Granular permission control helps organizations enhance their security posture by restricting access to sensitive information and systems. With Granular Sharing Enforcements, it's easier than ever for IT administrators to better control the principle of least privilege and streamline operations within their organizations." Keeper's added Granular Sharing Enforcement policies provide more detailed restrictions that administrators can apply to users for both creating and sharing records. Most employees do not need access to all of the data or functionalities within an organization, and many industries and geographical regions have specific regulations and compliance requirements regarding data protection and privacy, including HIPAA, GDPR, PCI DSS and SOX. Granular permission controls enable organizations to align with local and industry regulations by allowing them to define and enforce access policies. This helps in ensuring the organization is compliant with industry standards and legal requirements. Key features of Keeper's Granular Sharing Enforcements include: Auditing: Keeper provides clear alerting and reporting on over 100 different event types. Version control: Only a small subset of users have permissions to update or share records, helping teams ensure information is consistent and accurate. Seamless access on any device: Keeper provides the same user experience across platforms, ensuring cross functionality and ease of use, whether on web, desktop or mobile. Encryption: Keeper provides secure sharing with elliptic curve encryption, ensuring cybercriminals cannot intercept passwords or other shared records in transit. Keeper Administrators can easily customize permissions to best suit the compliance needs of their organization. Administrators modify permissions in the Enforcement Policies section of the Admin Console for the chosen role by selecting Creating and Sharing. Most permissions are activated by default for maximum security. Enforcements have been designed to be simple and powerful, allowing admins to choose the appropriate settings for their unique needs. Granular Sharing Enforcements will be available for all sharing needs within Keeper's Enterprise Password Manager, Keeper Secrets Manager and KeeperPAM. With Keeper's zero-knowledge password management and security platform, IT administrators have complete visibility into employee password practices, enabling them to monitor password use and enforce password security policies, including strong, unique passwords, Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), and other security policies. Keeper Secrets Manager® is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data. Its latest offering, KeeperPAM™, provides next-generation Privileged Access Management (PAM) that is disrupting the traditional PAM market. KeeperPAM delivers enterprise-grade password, secrets and privileged connection management within a unified SaaS platform that is cost-effective, easy to use and simple to deploy. KeeperPAM enables least-privilege access with zero-trust and zero-knowledge security. Enterprises select Keeper because of its strong security architecture, ability to support federated and passwordless authentication with any identity provider, seamless integration into on-premises, cloud or hybrid environments and ease of use across desktop and mobile devices. About Keeper Security Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper's affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging.

Read More

Software Security

Deepwatch Announces New Forensic-Focused Operations Service To Enhance Cyber Resilience

Deepwatch | January 09, 2024

Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience. Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting. According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.” Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include: Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization. Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads. Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle. Reporting and Reviews - Deepwatch provides customers with reports, including: Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations. Summary presentations on the solution engagement status, including but not limited to hunting reports. Up to two executive reviews of the solution and observables per year. Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria. Annual intelligence reports on incident lessons learned and predictions. Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report. Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities. “As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.” About Deepwatch Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Software Security

Keeper Streamlines Compliance Processes With Granular Sharing Enforcements

Keeper Security, Inc. | January 11, 2024

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, announces Granular Sharing Enforcements will soon be available for all products in the Keeper® platform. Granular Sharing enables administrators to enforce detailed creating and sharing permissions at the user level. By implementing these permissions, organizations can ensure employees only have access to the resources necessary for their roles, minimizing the risk of unauthorized access, data breaches and lateral movement within a network. "It's critical for organizations to have security solutions that help them adhere to increasing regulations and compliance requirements," said Craig Lurey, CTO and Co-founder of Keeper Security. "Granular permission control helps organizations enhance their security posture by restricting access to sensitive information and systems. With Granular Sharing Enforcements, it's easier than ever for IT administrators to better control the principle of least privilege and streamline operations within their organizations." Keeper's added Granular Sharing Enforcement policies provide more detailed restrictions that administrators can apply to users for both creating and sharing records. Most employees do not need access to all of the data or functionalities within an organization, and many industries and geographical regions have specific regulations and compliance requirements regarding data protection and privacy, including HIPAA, GDPR, PCI DSS and SOX. Granular permission controls enable organizations to align with local and industry regulations by allowing them to define and enforce access policies. This helps in ensuring the organization is compliant with industry standards and legal requirements. Key features of Keeper's Granular Sharing Enforcements include: Auditing: Keeper provides clear alerting and reporting on over 100 different event types. Version control: Only a small subset of users have permissions to update or share records, helping teams ensure information is consistent and accurate. Seamless access on any device: Keeper provides the same user experience across platforms, ensuring cross functionality and ease of use, whether on web, desktop or mobile. Encryption: Keeper provides secure sharing with elliptic curve encryption, ensuring cybercriminals cannot intercept passwords or other shared records in transit. Keeper Administrators can easily customize permissions to best suit the compliance needs of their organization. Administrators modify permissions in the Enforcement Policies section of the Admin Console for the chosen role by selecting Creating and Sharing. Most permissions are activated by default for maximum security. Enforcements have been designed to be simple and powerful, allowing admins to choose the appropriate settings for their unique needs. Granular Sharing Enforcements will be available for all sharing needs within Keeper's Enterprise Password Manager, Keeper Secrets Manager and KeeperPAM. With Keeper's zero-knowledge password management and security platform, IT administrators have complete visibility into employee password practices, enabling them to monitor password use and enforce password security policies, including strong, unique passwords, Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), and other security policies. Keeper Secrets Manager® is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data. Its latest offering, KeeperPAM™, provides next-generation Privileged Access Management (PAM) that is disrupting the traditional PAM market. KeeperPAM delivers enterprise-grade password, secrets and privileged connection management within a unified SaaS platform that is cost-effective, easy to use and simple to deploy. KeeperPAM enables least-privilege access with zero-trust and zero-knowledge security. Enterprises select Keeper because of its strong security architecture, ability to support federated and passwordless authentication with any identity provider, seamless integration into on-premises, cloud or hybrid environments and ease of use across desktop and mobile devices. About Keeper Security Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper's affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging.

Read More

Spotlight

TeleSign

TeleSign

TeleSign provides continuous trust to leading global enterprises by connecting, protecting, and defending their digital identities. TeleSign verifies over five billion unique phone numbers a month, representing half of the world’s mobile users, and provides critical insight into the remaining billio...

Events

Resources

resource image

Enterprise Security, Network Threat Detection, Software Security

2023's Must-Attend Networking Security Conferences for Businesses

Article

resource image

Network Threat Detection, Platform Security, Software Security

Digital Defense 2023: Top Network Security Trends for Businesses

Article

resource image

Enterprise Security, Network Threat Detection, Software Security

2023's Must-Attend Networking Security Conferences for Businesses

Article

resource image

Network Threat Detection, Platform Security, Software Security

Digital Defense 2023: Top Network Security Trends for Businesses

Article

Events