Home > News > featured news > Balbix Announces Cybersecurity Posture Automation for Microsoft Azure

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Balbix Announces Cybersecurity Posture Automation for Microsoft Azure

Balbix | December 19, 2022 | Read time : 03:50 min

Balbix Announces Cybersecurity Posture Automation for Microsoft Azure
Balbix, the leader in cybersecurity posture automation, announced its support for Microsoft Azure today. With these new capabilities, Balbix now supports the three top cloud service providers – Microsoft Azure, Amazon Web Services and Google Cloud Platform – as well as traditional environments. Balbix also announced enhanced platform support for the Microsoft ecosystem, including Azure services, Windows, Microsoft Store apps and Azure Active Directory single sign-on.

McKinsey estimates that by 2025, organizations aspire to have 60 percent of their IT environments in the cloud. Yet, according to the Cybersecurity Insiders State of Security Posture Report, 62 percent of organizations lack confidence in their security posture. These findings highlight the growing need for effective cloud security solutions.

Balbix's support for Azure cloud services includes Azure Virtual Machines, Azure Service Bus Messaging, Azure Key Vault, Azure Blob Storage, Azure Cosmos DB, Azure Kubernetes Service (AKS), Azure SQL Database, Azure AKS Deployments, and Azure Functions. A new API-based Balbix Connector for Microsoft Azure and optional sensors for virtual machines capture data from Azure for analysis by the Balbix brain.

Cybersecurity teams can now:

  • Get comprehensive, real-time visibility of Azure assets, categorized into compute, storage, network, containers, database, security, and identity.
  • Capture system details for virtual machines, including network, storage, open ports, users, software bill of materials (SBOM) and security controls.
  • Combine Azure cloud data with data from other tools to map over 400 cybersecurity, IT and business attributes to assets.
  • Obtain visibility into misconfigurations – the most commonly exploited attack vector in cloud-hosted environments.
  • Leverage (optional) Balbix host sensors to gain visibility into additional types of vulnerabilities, such as unpatched software vulnerabilities, weak credentials, and trust issues.

Unified Visibility for Multi-Cloud Environments
Balbix's new support for Azure means that organizations now have access to an integrated Cyber Asset Attack Surface Management (CAASM) solution that works across the top three cloud providers, traditional data center and office environments, and mobile employee devices. Cybersecurity practitioners get a single tool to automatically combine data from disparate solutions into a unified view of their assets.

Balbix provides more than just visibility. Unlike other solutions, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) capabilities. This tight integration enables maximally automated identification, prioritization and mitigation of security issues. Gaps in security controls are identified and rectified quickly. CISOs and their teams can calculate cyber risk for the entire enterprise, across cloud and non-cloud assets, in dollars, and make cybersecurity decisions, informed by real-time data and insights.

"Multi-cloud deployments have added additional complexity for cybersecurity practitioners. These challenges include fragmented visibility across cloud and non-cloud environments and an inability to prioritize vulnerabilities enterprise-wide," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "With support for Microsoft Azure, Balbix now helps users address these challenges across the top three cloud providers."

Broad Support for the Microsoft Ecosystem
Balbix's support for Microsoft Azure also adds to its broader support for the Microsoft ecosystem. These capabilities include security posture automation for assets running Windows and other Microsoft software, and third-party software products running on those assets. For Windows OS, Balbix provides a consolidated view of patch status and compliance across all assets with recommended fixes based on patch precedence.

"I'm very excited to announce our support for Microsoft Azure cloud services. Organizations can manage their cyber risk for Microsoft Azure, multi-cloud and hybrid environments using a single integrated and maximally automated paradigm. "With this software release, we've also enhanced our support for Windows to help Microsoft customers better protect their infrastructure."

Gaurav Banga, Founder and CEO of Balbix

In addition, Balbix now allows security teams to manage the security posture of applications downloaded from the Microsoft Store. Balbix is also announcing a new integration with Microsoft Azure Active Directory single sign-on.

About Balbix
Balbix enables businesses to reduce cyber risk by quickly identifying and mitigating their riskiest cybersecurity issues. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate their cloud and on-premise asset inventory, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data, not opinions.

Spotlight

Reveal Risk Whitepaper: Measuring And Managing Cyber Resilience

Cyber Resilience (according to NIST) is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”

Resiliency in cybersecurity is not a new concept. It has long been postulated as a goal or used to convey that a business needs to be ready for the unpredictable that can and will arise in a volatile cyber-risk climate. However, we have seen that there is a disconnect between current practices for evaluating & leading cyber programs, and understanding, measuring, & building true cyber resiliency.

More featured news

Spotlight

Reveal Risk Whitepaper: Measuring And Managing Cyber Resilience

Cyber Resilience (according to NIST) is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”

Resiliency in cybersecurity is not a new concept. It has long been postulated as a goal or used to convey that a business needs to be ready for the unpredictable that can and will arise in a volatile cyber-risk climate. However, we have seen that there is a disconnect between current practices for evaluating & leading cyber programs, and understanding, measuring, & building true cyber resiliency.

Related News

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Privacera Announces Integration with Databricks Unity Catalog

Privacera | February 23, 2023

On February 22, 2023, Privacera, a leading SaaS-based data security and access governance platform, announced its integration with Databricks Unity Catalog. Through this integration, users of both Privacera and Databricks can now facilitate data discovery and access across the Databricks Lakehouse Platform, including seamless migration of existing Privacera policies. Privacera increases the ability of its users to provide a holistic unified data security platform, protecting all data assets, including modern cloud-native data warehouses, on-premise legacy data sources, modern data lakehouses, and data mesh architectures. Users can trial these capabilities and spin up Privacera and Databricks together through pre-configured integration settings on Databricks Partner Connect, simplifying the process of testing a secure, well-governed data lakehouse with minimal administrative effort. The Unity Catalog integration supports table/view level access control, dynamic column-level data masking, dynamic row-level filtering, attribute-based access control, tag-based policies, and file/object level access control. Privacera enables enterprise data teams to protect sensitive data and promote privacy by securely managing data access policies across multiple on-premise, hybrid, and multi-cloud data sources, automating manual governance processes to reduce time to insights. It is the only open-standards-based data security governance firm, natively integrating with the most popular data and analytic sources. Its scalable and data query performance architecture has made it the solution of choice for many Fortune 500 organizations worldwide. Privacera's CEO Balaji Ganesan commented, "Securing and governing the modern data lakehouse is a non-trivial challenge for its users and that's why we've invested in extending our modern data security governance capabilities to the Unity Catalog-powered data lakehouse." He further emphasized, "Our users can seamlessly apply the security and governance controls to Unity Catalog and other sources with ease and at scale, and through a proven, open security standard." About Privacera Privacera is a SaaS-based data security and access governance platform established in 2016 by the founders of Apache Ranger™ and Apache Atlas™. The platform enables data and security teams to simplify data security, access and privacy for data applications and analytical workloads. Its centralized data access governance platform extends beyond traditional Big Data environments to cloud-native services and analytics platforms such as AWS, GCP, Azure and Databricks and enables data democratization without compromising on compliance with data access control, data discovery, and encryption. In addition, the platform ensures compliance with regulations such as GDPR, LGPD, CCPA, and HIPAA while maximizing usability for data science and analytics teams.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Finite State Launches Next-Gen Platform for Software Supply Chain Security

Finite State | February 14, 2023

On February 13, 2023, Finite State, a pioneer in enterprise software supply chain risk management, announced its next generation platform, which includes extended SBOM management as well as the capacity to ingest and aggregate 120+ external data sources. The new platform provides Application and Product Security teams with a consolidated and prioritized risk perspective and unmatched visibility across the software supply chain lifecycle in order to grow operations employing continuous, next-generation risk management. With the release of the next-gen platform, Finite State users will be able to continually and confidently decrease risk across 'any-party' firmware, software, or applications via a single lens. Already featuring over 2 billion analytical data points, product and AppSec Security teams will be able to utilize external tooling and feed to create the most extensive SBOM (Software Bill of Materials) in the industry, outlining all vulnerabilities on software components and dependencies. The SBOM has emerged as the most crucial output for any business needing complete insight into its software supply chain to satisfy customer and vendor expectations, provide secure products, and comply with regulations. Best-in-class binary SCA (software composition analysis) from Finite State decomposes binaries (as opposed to source code) to provide corporate teams with continuous SBOM management tools to reduce AppSec risk. Finite State's Next-Generation platform will have the following features: End-to-end SBOM solution: An exhaustive solution for producing, collecting, visualizing, and distributing SBOMs in your supply chain. Advanced guidance: Remediation guidance that combines and reconciles results across all scans ingested or created in order to provide context-aware suggestions. Unified AppSec and Product Security Risk Management: The ability to ingest data from more than 120 scanners and feeds to integrate all of the tooling and information required to safeguard goods or systems within the context of the AppSec or Product Security environment. World-class binary SCA: Improved SBOM capabilities for breaking down a product or asset into numerous components for a precise risk assessment. Intuitive scoring system: A powerful scoring methodology that successfully expresses a product's or asset's risk levels via a simple numerical scale backed up by sophisticated risk prioritization. Full VEX support: With an enhanced vulnerability intelligence correlation, import and export all VEX formats. About Finite State Founded in 2017, Finite State enables businesses to take control of product and application security for their connected devices and software supply chains. It acts as the single pane of glass for clients, giving constant visibility into software supply chain risk across the software supply chain lifecycle. Its platform, backed by a team of seasoned experts, provides customers with the automation to scale risk mitigation and 2B+ data points to deliver actionable SBOMs and insights, critical vulnerability data, and remediation guidance required to mitigate AppSec and product risk and protect the connected attack surface.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

WatchGuard Announce Unveiling New Line of Firewall Products

WatchGuard Technologies | February 20, 2023

WatchGuard® Technologies, an industry leader in unified cybersecurity, has recently announced the launching of new tabletop firewall appliances: Firebox T25/T25-W, Firebox T45/T45-POE/T45-W-POE, and Firebox T85/T85-POE. By leveraging WatchGuard's Unified Security Platform® architecture to provide comprehensive security and streamlined management through WatchGuard Cloud, these new firewalls are built to give the performance that distributed, and remote business environments require to protect themselves against the latest network security threats. WatchGuard's new Firebox product line, which features increased memory and processing speeds for improved throughput, enables WatchGuard partners, MSPs and IT administrators to protect branch offices, office equipment, retail point-of-sale (POS) software, remote devices, and remote users from complex and emerging threats with minimal network configuration and management overhead. "This new generation of Fireboxes takes full advantage of our Unified Security Platform architecture, enabling MSPs to provide the robust solutions and simplified management they require to meet the needs of a wide range of customers and deployment scenarios," said Ryan Poutre, Product Manager at WatchGuard Technologies. (Source - GlobeNewswire) Key features for the new Firebox products include as follows: WatchGuard Firebox T25/T25-W: Offer small offices, home offices, and retail environments with stand-alone or centrally managed protection with complete enterprise-level network security. WatchGuard Cloud's zero-touch deployment enables speedy setup at remote sites to ensure a secure connection. WatchGuard Firebox T45/T45-POE/T45-W-POE: Provides stand-alone or centrally managed enterprise-level protection to small and medium-sized businesses. Improves visibility into network activity and security events. Offers flexible management tools that facilitate faster and more secure business connection setup at remote locations. WatchGuard Firebox T85-POE: Provides enterprise-level security with high performance that evolves with the network requirements. It offers users with two Power-over-Ethernet (PoE+) ports that enable power to peripheral devices. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is one of the leading companies in unified cybersecurity. The company's Unified Security Platform® is a unique way for managed service providers to get world-class security that helps their businesses grow and move faster while making their operations more efficient. Its award-winning products and services include network security and intelligence, multi-factor authentication, advanced endpoint protection, and secure Wi-Fi. They are used by more than 17,000 security service providers and resellers to shield more than 250,000 customers. The company's headquarters are in Seattle, Washington, and it has offices all over North America, Europe, Asia-Pacific, and Latin America.

Read More

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Privacera Announces Integration with Databricks Unity Catalog

Privacera | February 23, 2023

On February 22, 2023, Privacera, a leading SaaS-based data security and access governance platform, announced its integration with Databricks Unity Catalog. Through this integration, users of both Privacera and Databricks can now facilitate data discovery and access across the Databricks Lakehouse Platform, including seamless migration of existing Privacera policies. Privacera increases the ability of its users to provide a holistic unified data security platform, protecting all data assets, including modern cloud-native data warehouses, on-premise legacy data sources, modern data lakehouses, and data mesh architectures. Users can trial these capabilities and spin up Privacera and Databricks together through pre-configured integration settings on Databricks Partner Connect, simplifying the process of testing a secure, well-governed data lakehouse with minimal administrative effort. The Unity Catalog integration supports table/view level access control, dynamic column-level data masking, dynamic row-level filtering, attribute-based access control, tag-based policies, and file/object level access control. Privacera enables enterprise data teams to protect sensitive data and promote privacy by securely managing data access policies across multiple on-premise, hybrid, and multi-cloud data sources, automating manual governance processes to reduce time to insights. It is the only open-standards-based data security governance firm, natively integrating with the most popular data and analytic sources. Its scalable and data query performance architecture has made it the solution of choice for many Fortune 500 organizations worldwide. Privacera's CEO Balaji Ganesan commented, "Securing and governing the modern data lakehouse is a non-trivial challenge for its users and that's why we've invested in extending our modern data security governance capabilities to the Unity Catalog-powered data lakehouse." He further emphasized, "Our users can seamlessly apply the security and governance controls to Unity Catalog and other sources with ease and at scale, and through a proven, open security standard." About Privacera Privacera is a SaaS-based data security and access governance platform established in 2016 by the founders of Apache Ranger™ and Apache Atlas™. The platform enables data and security teams to simplify data security, access and privacy for data applications and analytical workloads. Its centralized data access governance platform extends beyond traditional Big Data environments to cloud-native services and analytics platforms such as AWS, GCP, Azure and Databricks and enables data democratization without compromising on compliance with data access control, data discovery, and encryption. In addition, the platform ensures compliance with regulations such as GDPR, LGPD, CCPA, and HIPAA while maximizing usability for data science and analytics teams.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Finite State Launches Next-Gen Platform for Software Supply Chain Security

Finite State | February 14, 2023

On February 13, 2023, Finite State, a pioneer in enterprise software supply chain risk management, announced its next generation platform, which includes extended SBOM management as well as the capacity to ingest and aggregate 120+ external data sources. The new platform provides Application and Product Security teams with a consolidated and prioritized risk perspective and unmatched visibility across the software supply chain lifecycle in order to grow operations employing continuous, next-generation risk management. With the release of the next-gen platform, Finite State users will be able to continually and confidently decrease risk across 'any-party' firmware, software, or applications via a single lens. Already featuring over 2 billion analytical data points, product and AppSec Security teams will be able to utilize external tooling and feed to create the most extensive SBOM (Software Bill of Materials) in the industry, outlining all vulnerabilities on software components and dependencies. The SBOM has emerged as the most crucial output for any business needing complete insight into its software supply chain to satisfy customer and vendor expectations, provide secure products, and comply with regulations. Best-in-class binary SCA (software composition analysis) from Finite State decomposes binaries (as opposed to source code) to provide corporate teams with continuous SBOM management tools to reduce AppSec risk. Finite State's Next-Generation platform will have the following features: End-to-end SBOM solution: An exhaustive solution for producing, collecting, visualizing, and distributing SBOMs in your supply chain. Advanced guidance: Remediation guidance that combines and reconciles results across all scans ingested or created in order to provide context-aware suggestions. Unified AppSec and Product Security Risk Management: The ability to ingest data from more than 120 scanners and feeds to integrate all of the tooling and information required to safeguard goods or systems within the context of the AppSec or Product Security environment. World-class binary SCA: Improved SBOM capabilities for breaking down a product or asset into numerous components for a precise risk assessment. Intuitive scoring system: A powerful scoring methodology that successfully expresses a product's or asset's risk levels via a simple numerical scale backed up by sophisticated risk prioritization. Full VEX support: With an enhanced vulnerability intelligence correlation, import and export all VEX formats. About Finite State Founded in 2017, Finite State enables businesses to take control of product and application security for their connected devices and software supply chains. It acts as the single pane of glass for clients, giving constant visibility into software supply chain risk across the software supply chain lifecycle. Its platform, backed by a team of seasoned experts, provides customers with the automation to scale risk mitigation and 2B+ data points to deliver actionable SBOMs and insights, critical vulnerability data, and remediation guidance required to mitigate AppSec and product risk and protect the connected attack surface.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

WatchGuard Announce Unveiling New Line of Firewall Products

WatchGuard Technologies | February 20, 2023

WatchGuard® Technologies, an industry leader in unified cybersecurity, has recently announced the launching of new tabletop firewall appliances: Firebox T25/T25-W, Firebox T45/T45-POE/T45-W-POE, and Firebox T85/T85-POE. By leveraging WatchGuard's Unified Security Platform® architecture to provide comprehensive security and streamlined management through WatchGuard Cloud, these new firewalls are built to give the performance that distributed, and remote business environments require to protect themselves against the latest network security threats. WatchGuard's new Firebox product line, which features increased memory and processing speeds for improved throughput, enables WatchGuard partners, MSPs and IT administrators to protect branch offices, office equipment, retail point-of-sale (POS) software, remote devices, and remote users from complex and emerging threats with minimal network configuration and management overhead. "This new generation of Fireboxes takes full advantage of our Unified Security Platform architecture, enabling MSPs to provide the robust solutions and simplified management they require to meet the needs of a wide range of customers and deployment scenarios," said Ryan Poutre, Product Manager at WatchGuard Technologies. (Source - GlobeNewswire) Key features for the new Firebox products include as follows: WatchGuard Firebox T25/T25-W: Offer small offices, home offices, and retail environments with stand-alone or centrally managed protection with complete enterprise-level network security. WatchGuard Cloud's zero-touch deployment enables speedy setup at remote sites to ensure a secure connection. WatchGuard Firebox T45/T45-POE/T45-W-POE: Provides stand-alone or centrally managed enterprise-level protection to small and medium-sized businesses. Improves visibility into network activity and security events. Offers flexible management tools that facilitate faster and more secure business connection setup at remote locations. WatchGuard Firebox T85-POE: Provides enterprise-level security with high performance that evolves with the network requirements. It offers users with two Power-over-Ethernet (PoE+) ports that enable power to peripheral devices. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is one of the leading companies in unified cybersecurity. The company's Unified Security Platform® is a unique way for managed service providers to get world-class security that helps their businesses grow and move faster while making their operations more efficient. Its award-winning products and services include network security and intelligence, multi-factor authentication, advanced endpoint protection, and secure Wi-Fi. They are used by more than 17,000 security service providers and resellers to shield more than 250,000 customers. The company's headquarters are in Seattle, Washington, and it has offices all over North America, Europe, Asia-Pacific, and Latin America.

Read More

More featured news