SOFTWARE SECURITY

Atos is completing the acquisition of In Fidem, a Canadian cybersecurity firm.

prnewswire | January 20, 2021

Atos today reports it has finished the obtaining of In Fidem, a Canada-based particular online protection counseling firm, with skill in cloud security, computerized character, hazard the board, security activities, advanced criminology and digital penetrate reaction. The activity will extend Atos' worldwide customer portfolio and ability in network protection benefits and will assist with advancing put resources into Canadian organizations and computerized labor force, adding an incentive for neighborhood clients and the nearby ability pool.

This online protection securing joins those of Paladion, digital.security and SEC Consult made in the course of recent months in different nations and supports Atos' vision of ceaseless advancement in essential business sectors, strengthening its situation as a worldwide pioneer inside network safety administrations, counseling and development.

"Atos and In Fidem today unite their expertise to bring added value to our digital teams and for our clients in Canada and around the world," said Pierre Barnabé, Senior Executive Vice-President, Head of Big Data & Cybersecurity at Atos. "We are delighted to welcome the more than 100 consultants from In Fidem to continue our strategy of developing and consolidating our cybersecurity expertise and to strengthen our leadership in secure decarbonized digital solutions."

"Atos understands our aim to support our clients with multi-disciplinary teams. They share our corporate vision which is centered on the return of our clients' security investment and trust. Combining our forces, we will enhance our services to our customers," said Matthieu Chouinard, CEO of In Fidem.

About Atos

Atos is a global leader in digital transformation with 110,000 employees and annual revenue of € 12 billion. European number one in cybersecurity, cloud and high-performance computing, the group provides tailored end-to-end solutions for all industries in 73 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos operates under the brands Atos and Atos|Syntel. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index.

The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

Spotlight

Gone are the days when these mobile devices were regarded as gadgets for only a small group of employees – their use as key business tools is now widespread and increasing all the time. They are a natural part of everyday life for today’s generation,the so-called digital natives.Using communication devices on the move, however, exposes workers to potential security risks, including theft or loss outside of secure company premises. Notebooks can be left unattended in a car or conference room. And, left unsupervised, even a short period of time is sufficient to access any confidential data on a device.

Spotlight

Gone are the days when these mobile devices were regarded as gadgets for only a small group of employees – their use as key business tools is now widespread and increasing all the time. They are a natural part of everyday life for today’s generation,the so-called digital natives.Using communication devices on the move, however, exposes workers to potential security risks, including theft or loss outside of secure company premises. Notebooks can be left unattended in a car or conference room. And, left unsupervised, even a short period of time is sufficient to access any confidential data on a device.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Security Compass Releases New Developer-Centric Threat Modeling Capabilities in SD Elements in Support of New Secure Software Development Guidelines

Security Compass | October 19, 2022

Security Compass, a leading cybersecurity solution provider, today announced the release of SD Elements 2022.3, which offers new capabilities that make it easier for software developers to identify software application security threats and exactly where to implement countermeasures to mitigate the risks. The latest version of SD Elements also includes new security content that allows software development organizations to demonstrate compliance with the latest threat modeling and secure development best practices from the National Institute of Standards and Technology (NIST) referenced in Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” The new SD Elements capabilities help organizations comply with the latest NIST software threat modeling and secure development standards, even when security knowledge and availability of security experts is limited. Other benefits include improved collaboration among security, software development, hardware engineering, and DevOps teams, and reduced time and costs associated with software threat modeling and demonstrating compliance with multiple security standards and regulations such as EO 14028 as well as with more than 80 other secure development industry regulations and guidelines. Key updates to SD Elements 2022.3 include: Developer-centric threat modeling diagram enhancements: Surfacing threats is important, but knowing where threats are and how to prioritize and mitigate them is even more important. New threat modeling diagram enhancements help software development and application security teams better understand where the threat exists, which threats to prioritize for remediation first, and exactly where countermeasures should be applied. New customizable dashboards in Advanced Reporting: New dashboards enable application security teams to identify the most prevalent threats and weaknesses across the organization’s software portfolio, as well as perform in-depth analyses of their software security and compliance posture on both a per-project basis, as well as across their entire software portfolio. New security content: New security content helps organizations meet U.S. federal government security requirements in accordance with Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity;” new Ansible infrastructure as code (IaC) and automotive supply chain (UNECE WP.29 / R155) security content helps ensure software development teams have the guidance they need to ensure the code they write complies with secure development best practices. New integrations: The extensive SD Elements integration ecosystem now includes a new integration for Micro Focus Fortify on Demand. New just-in-time training content: 34 new Terraform Infrastructure as Code (IaC) and Payment Card Industry (PCI) Software Security Framework (SSF) just-in-time training micro-modules have been added to the existing library of over 800 just-in-time training micromodules already included in SD Elements. New developer-centric eLearning courses: New eLearning courses for Terraform, PCI SSF, the OWASP top 10, and OAuth Security Fundamentals have been added to the existing library of more than 40 Security Compass eLearning courses focused on application security, operational security, compliance, and secure coding best practices. “The importance of software threat modeling continues to grow. “NIST now recommends that software developers follow secure software development best practices and perform software threat modeling multiple times during development, especially when developing new capabilities. All companies that sell (or want to sell) software to the U.S. federal government, whether directly or through resellers or other channels, must comply with EO 14028 by September 15, 2023, and should therefore quickly begin assessing their compliance with the latest NIST guidance and develop action plans to address any gaps.” Trevor Young, Chief Product Officer, Security Compass For more details about the latest capabilities in SD Elements, click here, or register to attend the upcoming webinar, “How to Speed Up Software Threat Modeling, Threat Remediation, and NIST Software Supply Chain Security Compliance” on Nov. 16, 2022 at 1:00pm ET. About Security Compass Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Swimlane Launches First Comprehensive Security Automation Ecosystem for OT Environments

Swimlane | November 15, 2022

Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments. The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure. Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role. “Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.” Cody Cornell Co-founder and Chief Strategy Officer of Swimlane Swimlane’s security automation ecosystem for OT environments currently includes the following: Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points. Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk. 1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods. “Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.” Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Phosphorus Announces New Partnership with Dewpoint to Expand Its xIoT Security Solutions and Platform in US Market

Phosphorus | September 26, 2022

Phosphorus, the leading provider of advanced and full-scope security for the extended Internet of Things (xIoT), today announced a partnership with Dewpoint. The IT and security solutions provider will act as a value-added reseller (VAR) for Phosphorus in the US market. The new partnership will see the two companies jointly delivering a new generation of xIoT security solutions in the US to meet growing enterprise demand for xIoT attack surface management and remediation capabilities. “xIoT security is a critical need for today’s enterprises, and these risks are left unaddressed by traditional IT security solutions. We look forward to working with Dewpoint to help expand our US sales channels and bring the world’s most advanced xIoT security platform to more organizations.” Kal Gajera, Director of North America Channels at Phosphorus Phosphorus’s Extended Enterprise xIoT Security Platform is the world’s first and only automated security platform capable of delivering xIoT Attack Surface Management, xIoT Hardening, and Remediation, and xIoT Detection and Response across the full range of IoT, OT, and Network-connected devices—spanning both new and legacy devices. This enables large organizations to scale xIoT technologies (which can amount to millions of devices per organization) without having to add any additional employees to find, fix, and monitor them. ABOUT PHOSPHORUS Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our Extended Enterprise xIoT Security Platform delivers Attack Surface Management, Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, and Network device vulnerabilities—including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates. ABOUT DEWPOINT Dewpoint has been bringing business and technology together since 1996. We make sure technology is solving all your business problems, providing transparency of spend for executives, and enhancing collaboration and flexibility. As the IT industry and businesses continue to change, Dewpoint provides the thought leadership and industry expertise to offer a new level of services in project management, digital innovation, infrastructure, security, cloud, and a range of tailored professional and managed service solutions for all our clients.

Read More