DATA SECURITY, SOFTWARE SECURITY
Virtru | March 03, 2023
On March 2, 2023, Virtru, a prominent figure in data-centric security and privacy, announced its involvement in NIST's National Cybersecurity Center of Excellence (NCCoE) Data Classification Practices: Facilitating Data-Centric Security Management initiative. As part of a team of global technology leaders, Virtru will collaborate with NIST to develop recommended data classification and data-centric security practices, which will protect data while supporting business practices and transactions. The goal of this collaborative effort is to promote data-centric security on a larger scale.
As systems become more mobile, dispersed and shared across different environments and stewardship, traditional network-centric security measures are increasingly ineffective at protecting information. Data-centric security aims to safeguard data at the object level by securing it directly rather than simply securing the systems and networks that store and transmit it. Organizations employing this approach can identify their data, its characteristics, and the security and privacy requirements needed to control and protect it fully.
Virtru has a long-standing history of partnering with the public- and private-sector organizations to achieve data-centric security, serving the federal intelligence community, the largest financial institutions globally, and over 8,000 organizations worldwide. Virtru's technology enables organizations to enforce policy, encryption and access controls directly to data being transmitted via files, emails and SaaS applications while allowing organizations to manage their encryption keys for complete control and data sovereignty.
Virtru's Chief Technology Officer, Will Ackerly, commented, "Data-centric security is central to everything we do at Virtru," He further emphasized, "Our goal is to enable the mission — that means moving data freely, but securely. Being a member of NIST's NCCoE Data Classification project is a manifestation of more than a decade of hard work. By tagging data appropriately, we can help ensure public- and private-sector organizations can trust that their data will be used and shared appropriately, just as the data creator intended. This is vital to the future of collaboration."
(Source – Globe Newswire)
Virtru is a leading data security and privacy solutions provider. With end-to-end encryption for major data-sharing platforms like Microsoft and Google, it helps customers take charge of their data wherever it is shared. It empowers organizations to keep control of their data by ensuring that it is protected everywhere it is stored and shared. The company is trusted by over 8,000 customers worldwide and is dedicated to safeguarding their sensitive data according to the highest security standards. Its Trusted Data Format (TDF) is an industry standard that provides persistent data protection through encryption technology for data shared via email, collaboration tools, cloud environments, and enterprise SaaS applications.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | May 10, 2023
CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced enhancements to its CyberArk Identity Flows orchestration solution, including new integrations with Gurucul, Proofpoint and SentinelOne. Part of the CyberArk Identity Security Platform, CyberArk Identity Flows automates risk response tasks and processes through no-code app integrations and workflows, and improves response times, efficiency and productivity.
CyberArk Identity Flows includes a user-friendly workflow builder with powerful integration and orchestration capabilities for identity-related business processes, data management and security event responses.
New features enable organizations to orchestrate complex responses to a potential threat or security event and act on the valuable data provided by threat monitoring and alerting systems. For example, when a security alert is triggered due to continued failed login attempts, users can be automatically moved into a “risky persons” group to restrict access to specific resources. This feature can also automatically notify relevant parties of the risk, create IT tickets, or take other actions based on security policies.
The new technology integrations, available on CyberArk Marketplace, expand these capabilities to work with the industry’s leading threat detection systems, including:
Gurucul Security Analytics and Operations Platform – detects threats and provides analytics-driven risk scoring to quickly identify and prioritize new, emerging and unknown threats. CyberArk Identity Flows can gather the risk score from Gurucul and orchestrate appropriate responses and actions to reduce the manual effort associated with threat investigation and remediation while securing the associated identity(s).
Proofpoint Targeted Attack Protection (TAP) – detects email threats and assigns a level of risk to individuals with a Very Attacked People (VAP) feature. CyberArk Identity Flows can utilize the insights provided by Proofpoint to orchestrate appropriate responses such as moving identities into different groups to change access permissions, change an authentication policy, send alerts, post notifications or create IT tickets.
SentinelOne Singularity Platform – detects and hunts for threats across user endpoints, containers, cloud workloads and IoT devices. When risks are detected, CyberArk Identity Flows leverages that context to make decisions within workflow actions that need to take place across the identity infrastructure.
With CyberArk Identity Flows, workflows can be built in minutes through a user-friendly visual editor and thousands of pre-built connectors to more than 700 applications. CyberArk Identity Flows now also integrates with CyberArk Identity Security Intelligence, a shared service of the CyberArk Identity Security Platform that leverages user behavior analytics to detect and remediate anomalous and risky activity by employees. When high-risk behavior is detected, CyberArk Identity Flows is used to orchestrate response actions to reduce response times to attacks to minimize risk.
“Flexible automation and orchestration are critical to a proactive Identity Security program and vital to improving the security posture of our clients. That’s why we’ve been so focused on delivering new CyberArk Identity Flows innovations,” said Peretz Regev, chief product officer at CyberArk. “With these enhancements and integrations, we make it simple for organizations to use CyberArk Identity Flows to reduce IT overhead, accelerate service agility and strengthen their overall security, ultimately improving operational efficiencies.”
CyberArk Identity Flows can be purchased as a standalone solution, or as part of the CyberArk Identity Security Platform. CyberArk applies intelligent privilege controls to all identities – human and machine – with continuous threat detection and prevention across the entire identity lifecycle. With the CyberArk Identity Security Platform, organizations can enable Zero Trust and least privilege with complete visibility, enabling every identity to securely access any resource, located anywhere, from everywhere.
To learn more, please register for “Better Security with Threat Response Automation,” a webinar taking place on May 18, 2023 or visit https://www.cyberark.com/products/identity-flows/.
CyberArk (NASDAQ: CYBR) is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
GlobeNewswire | March 23, 2023
Tenable®, the Exposure Management company, today announced significant advancements to Tenable Cloud Security, a unified and scalable Cloud Security Posture Management (CSPM) and vulnerability management solution delivered on the Tenable One exposure management platform, and expanded availability of Tenable Agentless Assessment for Microsoft Azure.
Hybrid and multi-cloud strategies enable organizations to satisfy unique business requirements and accelerate innovation. But managing highly complex and distributed cloud environments – each with its own security tools, processes and specialized skill requirements – is neither easy nor straightforward. As a result, security issues such as simple misconfigurations and excessive privileges – the root cause of the majority of cloud breaches – can go unseen.
Tenable Cloud Security enables organizations to achieve consistent cloud security and compliance by bringing all cloud vulnerabilities, misconfigurations and drift across multi-cloud and cloud-native environments to the forefront, providing organizations with a unified cloud security solution that simplifies and scales cloud security posture management. Tenable Cloud Security’s built-in best practices consistently enforce security posture and compliance across environments, detecting and preventing risky configurations from ever reaching cloud runtimes.
When deployed as part of Tenable One, customers gain advanced vulnerability prioritization capabilities and automated remediation workflows, enabling security and DevOps teams to prioritize remediation efforts where they can have the biggest impact on security and compliance posture.
“Cloud environments are in a constant state of change, meaning that security, compliance and governance is a ‘never-done’ job,” said Nico Popp, chief product officer, Tenable. “With more than half of data breaches occurring in the cloud, organizations are racing against the clock and cannot afford for weak code to go into runtime. To effectively scale security at the speed and scale of the cloud, the pendulum must swing from reactive threat detection and response to exposure management and preventive cloud security posture management.”
Additional new and enhanced CSPM features include:
Continuous Discovery and Assessment - Improved cloud account onboarding enables organizations to continuously discover and assess both managed and unmanaged cloud accounts, limiting blind spots and minimizing risks.
Most Comprehensive Policy Portal, Views and Content - New policy portal makes it easy to view and customize over 1,500 out-of-the-box policies spanning 20 industry benchmarks and regulations. Enriched by the expertise and speed of Tenable Research, including the industry’s most comprehensive library of 71,000 known vulnerabilities, Tenable Cloud Security has 2.6 times more cloud Center for Internet Security (CIS) certifications than any other cloud security vendor. Organizations can visualize misconfiguration details, impacted resources and all the context needed to quickly remediate issues. With the new low code policy group editor, organizations can create custom policy groups enabling security teams to build custom policy groups leveraging existing policies.
Automated Cloud-to-Cloud Drift Detection - New drift detection enables organizations to maintain compliance by detecting configuration drift in runtime and between Infrastructure-as-Code (IaC), automating pull requests including corrected code or step-by-step instructions to the right owner, or applying remediation code automatically to significantly reduce mean-time-to-remediation.
Enhanced Reporting and Collaboration: Enhanced reporting capabilities enable security teams to accurately report on key metrics to executive leadership while increasing cross functional collaboration between security operations and compliance teams. Report and share security posture findings by role, function or by industry benchmarks and regulatory frameworks – such as CIS, SOC 2 and 20+ others.
Tenable® is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies.