DATA SECURITY, SOFTWARE SECURITY
Virtru | March 03, 2023
On March 2, 2023, Virtru, a prominent figure in data-centric security and privacy, announced its involvement in NIST's National Cybersecurity Center of Excellence (NCCoE) Data Classification Practices: Facilitating Data-Centric Security Management initiative. As part of a team of global technology leaders, Virtru will collaborate with NIST to develop recommended data classification and data-centric security practices, which will protect data while supporting business practices and transactions. The goal of this collaborative effort is to promote data-centric security on a larger scale.
As systems become more mobile, dispersed and shared across different environments and stewardship, traditional network-centric security measures are increasingly ineffective at protecting information. Data-centric security aims to safeguard data at the object level by securing it directly rather than simply securing the systems and networks that store and transmit it. Organizations employing this approach can identify their data, its characteristics, and the security and privacy requirements needed to control and protect it fully.
Virtru has a long-standing history of partnering with the public- and private-sector organizations to achieve data-centric security, serving the federal intelligence community, the largest financial institutions globally, and over 8,000 organizations worldwide. Virtru's technology enables organizations to enforce policy, encryption and access controls directly to data being transmitted via files, emails and SaaS applications while allowing organizations to manage their encryption keys for complete control and data sovereignty.
Virtru's Chief Technology Officer, Will Ackerly, commented, "Data-centric security is central to everything we do at Virtru," He further emphasized, "Our goal is to enable the mission — that means moving data freely, but securely. Being a member of NIST's NCCoE Data Classification project is a manifestation of more than a decade of hard work. By tagging data appropriately, we can help ensure public- and private-sector organizations can trust that their data will be used and shared appropriately, just as the data creator intended. This is vital to the future of collaboration."
(Source – Globe Newswire)
Virtru is a leading data security and privacy solutions provider. With end-to-end encryption for major data-sharing platforms like Microsoft and Google, it helps customers take charge of their data wherever it is shared. It empowers organizations to keep control of their data by ensuring that it is protected everywhere it is stored and shared. The company is trusted by over 8,000 customers worldwide and is dedicated to safeguarding their sensitive data according to the highest security standards. Its Trusted Data Format (TDF) is an industry standard that provides persistent data protection through encryption technology for data shared via email, collaboration tools, cloud environments, and enterprise SaaS applications.
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Telos Corporation | January 09, 2023
SteelCloud LLC, a leading CIS and STIG compliance automation software developer and Telos Corporation, a renowned provider of cyber, enterprise, and cloud security solutions to the world's most security-conscious organizations, recently announced entering into a partnership to assist customers in reducing the complexity of NIST Risk Management Framework (RMF) compliance. Customers gain access to all seven RMF phases via a unified, automated solution.
SteelCloud's ConfigOS capabilities take care of the identify/ categorize, select, and implement components of RMF for technical assets. ConfigOS examines an asset, determining whether Security Technical Implementation Guides (STIG) apply, scanning against the STIG standards, identifying compliance indicators, and automating the remediation of findings. Meanwhile, Xacta incorporates and uses this information during the RMF's assessment and authorization processes, as well as when the monitor step is initiated once authorization to operate (ATO) is obtained.
Working together, ConfigOS and Xacta drive decisions to address identification and selection problems while reporting important indicator metrics required to achieve and sustain ATO. STIG and vulnerability data from ConfigOS are integrated into Xacta and mapped to appropriate requirements as part of Assessment and Authorization (A&A), providing customers with a streamlined approach to gaining necessary permissions. Xacta's workflow automation streamlines the whole NIST RMF workflow, managing validation, analysis, documentation, and accreditation processes from start to end.
About Telos Corporation
Telos Corporation provides solutions for continuous security assurance of personnel, systems, and information to the world's most security-conscious enterprises, empowering and protecting them. The company offers enterprise security solutions for identity and access management, organizational messaging, secure mobility, and network management and defense. Telos Corporation serves commercial organizations, regulated sectors, and government customers all around the world.
SteelCloud is a company that creates STIG and CIS compliance software for government and business clients. The company's product reduces the complexity, effort, and cost of implementing federal security standards by automating policy and security repair. SteelCloud has provided enterprise-wide security policy-compliant solutions, easing setup, and ongoing security and compliance support. SteelCloud goods are simple to obtain through our GSA Schedule 70 contract.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
SlashNext | March 01, 2023
On February 28, 2023, SlashNext, a leading SaaS-based Integrated Cloud Messaging Security solutions provider across web, email and mobile, announced the release of Generative HumanAI™, the industry's first artificial intelligence solution using generative AI to defend against advanced business email compromise (BEC), executive impersonation, supply chain attacks, and financial fraud. Adding Generative HumanAI ensures that customers have peace of mind, despite threat actors utilizing widely available AI tools to aid their efforts. The solution already has a 99.9% detection rate with its existing AI capabilities.
Generative HumanAI predicts vast numbers of potential AI-generated BEC threats by utilizing AI data augmentation and cloning technologies to evaluate a core threat and then produce thousands of other versions of that same core threat, which allows the system to train itself on possible variations.
This new solution joins SlashNext's existing HumanAI capabilities, which imitate human threat researchers by combining computer vision, natural language processing, and machine learning with relationship graphs and deep contextualization to thwart sophisticated multichannel messaging attacks.
Features of HumanAI consist:
Relationship Graphs & Contextual Analysis establish a baseline of known-good writing styles and communication patterns for each employee and supplier to detect unusual conversation and communication styles.
BEC Generative AI Augmentation automatically generates thousands of new BEC variants from today's threat to stop tomorrow's attacks.
Natural Language Processing analyzes text in the email body and attachments for tone, emotion, topic, intent and manipulation triggers related to social engineering tactics.
Computer Vision Recognition leverages SlashNext's LiveScan™ to inspect URLs in real-time for any visual divergence, such as layouts and images, to detect credential phishing webpages.
Sender Impersonation Analysis evaluates headline details and email authentication results to stop impersonation attacks.
File Attachment Inspection analyzes social engineering traits of attachments and malicious codes to stop ransomware.
SlashNext has been developing this patent-pending solution internally for over two years and is at the forefront of multichannel messaging security. Its threat researchers recognized that generative AI would soon change the face of BEC attacks.
SlashNext is a leading cloud-based messaging security solutions provider to safeguard against malicious messages across all digital channels. Its integrated messaging security platform, called SlashNext Complete™, is equipped with patented HumanAI™ technology having a detection accuracy rate of 99.9% and is capable of detecting real-time threats across various messaging channels such as mobile, email and web-based messaging applications like LinkedIn, M365, Gmail, WhatsApp, Slack, Telegram, Teams, and others. By taking advantage of SlashNext's Integrated Cloud Messaging Security, businesses can safeguard their sensitive information from data theft and financial fraud breaches. The company's solution is designed to detect and prevent zero-hour threats in real-time to ensure their customers' highest level of security.