SOFTWARE SECURITY

Atos to acquire In Fidem to strengthen its position in the North American market in cybersecurity

prnewswire | January 12, 2021

Atos today reports that it has consented to an arrangement to gain In Fidem, a Canada-based particular online protection counseling firm. This obtaining will fortify Atos' situation as the #3 overall network protection administrations leader1 and specifically improve its North America network safety administrations abilities by carrying experienced advisors to the Atos group.

Reliable with its focused on procurement system, the activity will extend Atos' customer portfolio and set up skill in online protection administrations in Canada. Established in 2005 and settled in Montréal with workplaces in Québec City and Ottawa, In Fidem has skill in cloud security, computerized personality, hazard the executives, security tasks, advanced criminology and digital penetrate reaction. It is a main part in the Canadian market and has a demonstrated history of effectively tending to enormous private and public associations' advanced security challenges. In Fidem will bring its organization of in excess of 100 profoundly gifted experts to the Atos online protection group.

"This acquisition reinforces our position in a fast-growing cybersecurity market and is a key addition to our current cybersecurity business in North America. In Fidem's strong long-standing client relationships will bring added value to our teams. We're excited to unite our expertise with that of In Fidem and see many synergies between our teams and business approach," said Pierre Barnabé, Senior Executive Vice-President, Head of Big Data & Cybersecurity at Atos.

"This strategic move will enable our customers to benefit from Atos' extensive expertise, global presence and its leading rankings in Managed Security Services. We're convinced that the combined capabilities of our portfolio and expertise with that of Atos' will bring added value to our clients. We look forward to the next steps in our journey together," said Matthieu Chouinard, CEO of In Fidem.

The closing of the transaction is expected to take place in Q1 2021.

About Atos

Atos is a global leader in digital transformation with 110,000 employees and annual revenue of € 12 billion. European number one in cybersecurity, cloud and high-performance computing, the group provides tailored end-to-end solutions for all industries in 73 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos operates under the brands Atos and Atos|Syntel. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index.

The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

Spotlight

The consumerization of IT and the popularity of BYOD are jeopardizing the security and integrity of enterprise data. Seeking an easy way to share files across smart phones, tablets, and desktops, employees are using free public cloud file sharing services that lack rigorous security and audit controls. These services are prone to security outages, and they lack the centralized monitoring and control features that IT and security teams need for keeping data safe and demonstrating compliance.

Spotlight

The consumerization of IT and the popularity of BYOD are jeopardizing the security and integrity of enterprise data. Seeking an easy way to share files across smart phones, tablets, and desktops, employees are using free public cloud file sharing services that lack rigorous security and audit controls. These services are prone to security outages, and they lack the centralized monitoring and control features that IT and security teams need for keeping data safe and demonstrating compliance.

Related News

DATA SECURITY, SOFTWARE SECURITY

Appgate Launches Technology Alliance Partnership Program to Help Customers Simplify and Accelerate Zero Trust Advancement

Appgate | September 08, 2022

Appgate (OTC: APGT), the secure access company, today announced the launch of its Technology Alliance Partnership program and four of the program’s featured partners: Illumio, Menlo Security, CrowdStrike and Amazon Web Services (AWS). Appgate’s Technology Alliance Partnership program is designed to help organizations unlock greater performance from their cybersecurity investments and accelerate Zero Trust security adoption. This growing ecosystem of partners demonstrates Appgate’s vision and commitment to build purposeful product integrations that enable its customers to automate cybersecurity processes, optimize operations, reduce risk and improve the user experience. “While many organizations have embraced the principles of Zero Trust security, the reality is their goals cannot be met with any single product, vendor or platform. Our Technology Alliance Partnership program is designed to make it easier for our customers to navigate this complex landscape, simplify deployments and get the most out of their cybersecurity investments. “We’re thrilled to bring more value to our customers through our partnerships with Illumio, Menlo Security, CrowdStrike and AWS.” Barry Field, CEO, Appgate Zero Trust requires all users, devices and workloads—whether inside or outside an organization’s network—to be authenticated, authorized and continuously validated before receiving access to applications and data. Appgate’s Technology Alliance Partnership program enables partners to integrate with the company’s industry-leading Zero Trust Network Access (ZTNA) solution, Appgate SDP, through robust API integrations, clear documentation and dedicated support. Together, Appgate and its technology partners offer comprehensive offerings that help their customers reach Zero Trust goals with ease and speed: Illumio The combination of Appgate SDP and Illumio Core, a leading micro-segmentation solution, enables joint customers to achieve full-compass dynamic Zero Trust segmentation. Appgate SDP ensures secure access to workloads via the network perimeter (north-south traffic) by creating user-to-workload access controls that are cloaked, fine-grained and dynamic. Illumio Core micro-segments workloads within the interior (east-west traffic) to eliminate excess workload-to-workload interconnectivity. When co-deployed and integrated together, these solutions immediately improve any organization’s Zero Trust posture. “Security teams are turning to Zero Trust strategies to build resilience throughout their hybrid IT environments but find that no single vendor or solution can achieve their goals alone—an ecosystem-based approach is required,” said John Skinner, Vice President of Business Development at Illumio. “Both Zero Trust segmentation and ZTNA are important pillars of any Zero Trust strategy. Illumio is delighted to join forces with Appgate to deliver best-of-breed Zero Trust solutions in both categories to our customers to ensure minor breaches can’t grow to become disasters.” Menlo Security The combination of Appgate SDP and the Menlo Security Cloud Platform delivers a comprehensive secure access solution that safeguards all internet traffic, Software-as-a-Service (SaaS) applications and private networked resources. With this integration, enterprises can shift to a seamless, high-security Zero Trust framework with industry-leading data and threat protection, enabling users to browse the internet and access SaaS apps and private enterprise resources safely and securely. “The evolution toward hybrid workforces and public and private cloud infrastructures requires organizations to deploy a new approach to ensure secure access to web and SaaS applications and confidential enterprise data without affecting the user experience or productivity,” said Sanjit Shah, Head of Strategic Alliances, Menlo Security. “Teaming with Appgate enables our joint customers to adopt a comprehensive and scalable ZTNA-based approach that improves deployment and management flexibility, while providing secure web access to application workloads across public and private clouds using Menlo’s Cloud Security Platform with Isolation Core and Zero Trust private access to hybrid resources and IT infrastructure via Appgate SDP.” CrowdStrike Appgate’s integration with CrowdStrike helps organizations reduce their attack surface and mitigate lateral movement. Appgate SDP gathers intelligence provided through CrowdStrike Falcon Zero Trust Assessment (ZTA) to assess user, device and workload risk postures at the time of authentication and on an ongoing basis. This dynamic functionality makes it possible to leverage device health or behavioral changes provided by the CrowdStrike Falcon platform to build policy controls that restrict or deny access, preventing lateral movement across the network. AWS Enterprises that utilize the strong security foundations provided by AWS can augment the network security of their environments with Appgate SDP, which leverages AWS-native capabilities like tagging and auto scaling to provide fine-grained access and enterprise-grade scale. Appgate SDP ensures that only authorized users connect to AWS and hybrid architectures with multiple encrypted tunnels. Appgate SDP is available in the AWS Marketplace. About Appgate Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles. This people-defined security approach enables fast, simple and secure connections from any device and location to workloads across any IT infrastructure in cloud, on-premises and hybrid environments. Appgate helps organizations and government agencies worldwide start where they are, accelerate their Zero Trust journey and plan for their future.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Aunalytics Launches Security Patching Platform as a Service

Aunalytics | September 27, 2022

Aunalytics, a leading data management and analytics company delivering managed IT and data platform services for mid-sized and enterprise businesses, today initiated its Security Patching Platform, Co-managed Patching as a Service to complement the company’s Advanced Security solution suite. Windows OS and supported 3rd party patch management allow for tighter security in the defense against cyberattacks and the new offering ensures active remediation. According to a 2022 Data Breach Investigations Report by Verizon, around 70 percent of successful cyberattacks exploited known vulnerabilities with available patches, making it important to update operating systems and applications regularly to prevent such attacks. Now, Aunalytics’ new technology as a service includes the tools, structure, strategy and intelligence for managing patch deployment and is a complete solution with best practices, templates, libraries, and built-in alert thresholds. Lack of security patching leads to vulnerabilities within an organization’s information systems, internal controls, or system processes, which can then be exploited by cybercriminals. Using a collection of tools, cyber attackers use the vulnerability to gain unauthorized access to corporate systems and data. Identifying and resolving vulnerabilities is very important since a successful exploit can lead to a full-scale system breach. Workstation and server application patching ensures that organizations have baseline protection against the latest security vulnerabilities, preventing such attacks before they occur. However, patching can be difficult to manage and update in real-time as software fixes are published on an ongoing basis. Setting up and coordinating manual patching across an organization can be extremely cumbersome, taking days to organize, schedule, and execute across an entire company. McKinsey cites good patch management as a top proactive maintenance measure that can help organizations prevent cyberattacks. However, knowing the priority level for patch installment can be confusing and lead to poor patch management as a result. Enlisting the help of a partner to employ security patching best-practices can add true value to many organizations. Aunalytics patch detection, download, and installment methods are developed considering each client's security and uptime requirements and prioritized in order of threat potential. Aunalytics’ experienced security patching team proactively monitors for updates, eliminating worry for end users and server administrators. As part of the new service, users gain access to comprehensive security solutions with customized alerting and vulnerability prioritization, leveraging proprietary solutions and processes. The platform facilitates collaboration between IT and security teams and includes the following capabilities: Inventory and performance management and proactive alerting Patch deployment control strategy, prioritization, planning Patch vetting and blacklisting intelligence Windows Operating System patch management Supported 3rd Party Patch Management Anti-Malware DNS-based Malware Protection Device Encryption Management Innovative management tool library “Security patch exploits can have extremely damaging effects on an organization, decreasing revenues or causing reputational damage, making it imperative to have security patching in place. “Aunalytics’ Security Patching Platform services allow for the rapid resolution of these concerns to maintain the highest levels of cyber-resiliency.” Chris Nicholson, Vice President of Managed IT Services About Aunalytics Aunalytics is a leading data management and analytics company delivering Insights-as-a-Service for mid-sized businesses and enterprises. Selected for the prestigious Inc. 5000 list for two consecutive years as one of the nation’s fastest growing companies, Aunalytics offers managed IT services and managed analytics services, private cloud services, and a private cloud-native data platform for data management and analytics. The platform is built for universal data access, advanced analytics and AI -- unifying distributed data silos into a single source of truth for highly accurate, actionable business information.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Veracode Launches Container Security Offering That Secures Cloud-Native Application Development

Veracode | October 07, 2022

Veracode, a leading global provider of application security testing solutions, today announced the enhancement of its Continuous Software Security Platform to include container security. This early access program for Veracode Container Security is now underway for existing customers. The new Veracode Container Security offering, designed to meet the needs of cloud-native software engineering teams, addresses vulnerability scanning, secure configuration, and secrets management requirements for container images. “As developers embrace cloud-native computing practices, containers have become increasingly important for business efficiency. This launch helps close a substantial gap in the market for developer-friendly solutions that cover critical capabilities for container security. We are excited to bring this next enhancement of our platform to the market and empower customers to address security testing for more modern architectures and deployment styles.” Veracode Chief Product Officer, Brian Roche The Requirement for Container Security is Rapidly on the Rise Containers are increasingly used to simplify software deployment and runtime environment configuration management. They comprise small, fast, portable units of software in which code is packaged so that an application can be run quickly and reliably in different computing environments—from the desktop to the cloud. They provide an ecosystem of repositories, orchestration technologies, and capabilities that address related issues, such as service-to-service communication and configuration management. Instantiated in pipelines from code, containers have the benefit of immutability, meaning they are not updated, reconfigured or patched in production. Instead, the underlying image is updated with new capabilities and redeployed, helping to improve efficiency in the production environment. Despite the benefits of containers, they are affected by many of the same problems that traditionally plague physical production or virtual server hardware, such as vulnerabilities introduced through additional software, poorly managed secrets (like Amazon Web Services keys and credentials in Dockerfiles), and security misconfigurations. This has resulted in increased demand for products that address these issues and related problems, with the Global Container Security Market size expected to reach $3.9 billion by 2027*. Container security scanning analyzes container images against organizational or industry-specific standards to identify insecure processes, misconfigurations that could lead to a vulnerability, and inadequate authentication and access control. Veracode Container Security Integrates into the Developer Environment Many products already in the market are aimed at securing containers in runtime and offer limited support for developers, posing a major challenge for early remediation. Veracode’s solution instead integrates into the CI/CD (continuous integration and continuous delivery) pipeline and is available at the command line interface. Providing coverage for vulnerability detection and remediation, secrets management, and security configuration issues on the most popular operating systems, it delivers remediation advice to developers early in the software development life cycle so that insecure containers don’t ship to production. Veracode Container Security results are available in a variety of formats based on the user’s choice, including text, JSON (JavaScript Object Notation), and Software Bill of Materials (CycloneDX, SWID [Software Identification Tagging], or SPDX [Software Packaging Data Exchange]), making them easy to integrate with other tools. Providing developers and their teams with the tools to meet their specific needs means they can find and fix vulnerabilities early in the lifecycle, giving them confidence that their containerized application environment is secure. “Veracode Container Security will be instrumental for our developers to ensure that the workloads they deploy into our cloud are secure,” said the Director of Information Security at an automotive company. “Without this tool, it would take our team weeks to receive and action container results and these would only have been available in limited formats. Now, we’re excited to integrate findings into the pipeline before they even move into production, creating time and cost efficiencies for our business.” About Veracode Veracode is a leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.

Read More