DATA SECURITY

Barracuda Has Completedits Acquisition of SKOUT Cybersecurity

Barracuda | July 14, 2021

A leading provider of cloud-enabled security solutions and trusted partner, Barracuda Networks, Inc., has announced its completion of the acquisition of SKOUT Cybersecurity. SKOUT Cybersecurity is a leader in cyber-as-a-service software, a provider of an extended detection and response (XDR) platform and service and for Managed Service Providers (MSPs), based in Melville, NY.

Acquisition highlights: 

• SKOUT's XDR platform links with serious security infrastructures such as firewall, email, identity, access, and a 24x7 SOC that aids the uncovering of and replies to cyberattacks.

• Enlarges Barracuda's solutions for MSPs, offering an XDR platform for practical real-time nonstop security monitoring with response services for succeeded networks, endpoints, and cloud.

• Allows clients to address threats more competently with supplementary threat analysis, threat detection, and response capabilities.

• By mixing with existing security substructure, SKOUT deals investment security for MSPs, making it more remarkable to handle cyberattacks in varied customer settings.

• Removes clients' staffing and training for 24x7 service instead ofusing SKOUT's security specialists to handle the SOC process. It offers MSPs choice and tractability when building out their cybersecurity practice and features an influential mixture of solutions, enablement tools, and human security know-how.

About Barracuda

Barracuda strive to make the world a safer place. More than 200,000 organizations worldwide trust Barracuda to protect them.Barracuda Networks, Barracuda, and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the US and other countries.

Spotlight

Dashlane Business supports login with single sign-on (SSO), using any SAML 2.0 enabled IdP. In a single-sign-on setup, the user doesn’t have to input UserMP . Instead, a random key is generated at account creation. This key (the data encryption key) is delivered to the Dashlane app after the user successfully logs in to the IdP, and it is used as a symmetric encryption key to encrypt and decrypt the user data.

Spotlight

Dashlane Business supports login with single sign-on (SSO), using any SAML 2.0 enabled IdP. In a single-sign-on setup, the user doesn’t have to input UserMP . Instead, a random key is generated at account creation. This key (the data encryption key) is delivered to the Dashlane app after the user successfully logs in to the IdP, and it is used as a symmetric encryption key to encrypt and decrypt the user data.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Forcepoint Delivers Data Security Everywhere, Extending DLP Policies from Endpoints to the Cloud

Businesswire | April 27, 2023

Global security leader Forcepoint today extended the depth and breadth of its Data-first SASE (Secure Access Service Edge) offering with the launch of Forcepoint Data Security Everywhere. Forcepoint is simplifying enterprise DLP management across cloud, web and private apps and streamlining compliance wherever hybrid workers store, access and use confidential information. The company is also bringing to market Forcepoint ONE Insights that enables users to quickly visualize and quantify the financial value of security efficacy delivered by Forcepoint solutions. Forcepoint ONE Insights’ visualization console presents key performance indicators such as adoption, data and threat protection, policy violations, performance, and risk. “Data isn’t the new oil; it is the new air. Literally everything runs on data today and our lives and livelihoods depend on it. Before today, securing data required a mishmash of point solutions. Forcepoint is taking the lead in solving this problem with Forcepoint Data Security Everywhere,” said Manny Rivelo, CEO of Forcepoint. “We’re delivering enterprise-wide data security plus the power and flexibility of Forcepoint ONE SSE to keep data safe at all times, even after it is accessed. Comprehensive data security is a critical capability within our Data-first SASE solution, providing the visibility and control organizations need to protect their data and simplify Zero Trust security.” In two years, humanity's collective data will reach 175 billion terabytes -- the number 175 followed by 21 zeros. This data includes everything that powers business and consumers’ day-to-day lives. It is accessed and used by hybrid workforces on corporate endpoints and personal devices such as phones and tablets to do their jobs. Forcepoint Data Security Everywhere is a direct response to the reality that business productivity depends upon people having the ability to safely and efficiently use data anywhere. By connecting Forcepoint Enterprise DLP to the Forcepoint ONE Security Service Edge (SSE) platform, customers can extend a new or existing enterprise DLP policy, including its advanced classifiers, data fingerprinting, and enforcement settings, to the web and cloud. A unified security policy from Forcepoint protects sensitive data across all channels, including endpoints, websites, cloud services, networks, email and private apps. Forcepoint’s data-first approach goes far beyond basic data protection that is often built into SASE solutions. By classifying data and organizing it into different groups rather than relying on hardcoded patterns, Forcepoint data security policies can be written once and enforced everywhere to automatically handle new instances and types of sensitive data. This end-to-end enforcement is ideal for organizations with cloud-based applications or distributed workforces. Key Benefits of Enforcing Data Security Everywhere Adds Forcepoint ONE SSE channels to Forcepoint Enterprise DLP, protecting data across any website, cloud application, and web-based private applications. Applies new or existing DLP policies across CASB, SWG, and ZTNA channels. Simplifies DLP management by leveraging over 1,600 out-of-the-box classifiers, policies and templates enabling granular enforcement for files. Gives security operations center (SOC) and IT teams complete incident reporting and forensic information from a single management console. Forcepoint Data Security Everywhere is immediately available direct from Forcepoint and through the company’s global network of channel partners. AI-powered Data Visualization with Forcepoint ONE Insights Further extending the value-added capabilities of Forcepoint ONE, in late Q2 2023 the company will unveil Forcepoint ONE Insights, formerly code-named Symphony, which provides economic value and advanced security analytics for real-time insights into an organization's security status. Forcepoint ONE Insights technology, included with all Forcepoint ONE subscriptions, uses machine learning and artificial intelligence to analyze security data from multiple sources, such as network traffic, endpoint devices, and cloud applications. Using the at-a-glance visualization, security teams can identify potential threats more quickly, reducing the risk of data breaches. They can also see in real-time dashboards showing the economic value of their use of Forcepoint ONE. Meet Forcepoint Experts at RSA 2023 During the week of RSA, April 25-27, the company will provide hands-on opportunities with Forcepoint Data Security Everywhere and Forcepoint ONE Insights at the Forcepoint Experience Center on the fourth floor of the St. Regis San Francisco. Organizations that want to learn more and get demos can request a meeting. About Forcepoint Forcepoint simplifies security for global businesses and governments. Forcepoint’s all-in-one, truly cloud-native platform makes it easy to adopt Zero Trust and prevent the theft or loss of sensitive data and intellectual property no matter where people are working. Based in Austin, Texas, Forcepoint creates safe, trusted environments for customers and their employees in more than 150 countries. Engage with Forcepoint on www.forcepoint.com, Twitter, and LinkedIn.

Read More

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Aqua Security Launches Industry First Real-Time CSPM

Globenewswire | May 17, 2023

Aqua Security, the pioneer in cloud native security, today announced the launch of Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, offering the best visibility and context in the industry. Real-Time CSPM provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and dramatically reduces noise so security practitioners can rapidly identify, prioritize, and remediate the most important cloud security risks, saving time and money. “Customers have told us that they are bogged down by too much noise from current CSPM offerings,” said Amir Jerbi, CTO and co-founder, Aqua Security. “They receive too many findings yet lack complete visibility and therefore the ability to properly prioritize. Simply put, they fix the wrong things and end up compromised. This is where Aqua comes in. We are introducing Real-Time CSPM so security practitioners can pinpoint the most significant cloud risks and remediate them quickly.” With Real-Time CSPM, teams have a complete view of cloud security risk and surface the most critical findings. This includes the ability to match correlated findings across multi-cloud environments, deduplicate findings and focus on identifying real cloud risks with smarter insights. Instead of wasting time on issues with low effective risk, customers can focus on what truly matters most and provide the context needed for resource owners to remediate quickly and secure their cloud applications. “One of the world’s largest telcos turned to Aqua to provide better visibility and context. They went from 120M risk findings to 50k and they saw a reduction in their attack surface by 99% in just months. If everything is a priority, then nothing is – that’s why they chose Aqua,” said Jerbi. Detailed context also allows teams to connect issues found in their cloud to their respective code repositories. With better prioritization and the ability to identify risk ownership, Real-Time CSPM then allows for rapid remediation of those most critical issues. Security professionals can focus their limited resources to manage, investigate and respond faster. Identify Attacks That Agentless Solutions Cannot See Point-in-time scanning opens the door for increased attacks. According to the IDC report, “The State of Cybersecurity Maturity in Vulnerability Management Among U.S. Organizations,” 74% of organizations scan less than 85% of their IT assets when they do scan, leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them. By then it is too late. Aqua Real-Time CSPM eliminates that risk and delivers real-time visibility and risk prioritization in a single, unified platform for faster, more effective risk management. Unlike point-in-time scanning solutions, Aqua Real-Time CSPM provides a deeper layer of visibility for better context, leading to the ability to prioritize the most critical cloud security risks. “Other CSPM solutions give you a false sense of security. Whether you scan daily or monthly, you’re only seeing a portion of the risks with a point-in-time scan. And that’s not true security,” said Jerbi. Further data from Aqua Nautilus, Aqua’s cloud security research team, supports the need for real-time scanning. Nautilus uses an extensive honeypot network to detect and analyze over 80,000 attacks a month. Of those attacks, one in three do not leave a footprint and would be missed by point-in-time scanning solutions. Similarly, zero-day attacks are missed, whilst other standard operating procedures like ephemeral containers and transient attacks raise that number to 50%. Real-Time CSPM is part of the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP). The Aqua Platform is composed of a fully integrated set of security and compliance capabilities to discover, prioritize, and eliminate risk in minutes across the full software development life cycle. Aqua improves operational efficiency by connecting cloud to code and tracing runtime risks to the code and developer who can fix them. By connecting CSPM to runtime, it shields risks that cannot be immediately addressed with a code fix. For more information on Aqua’s Real-Time CSPM, visit the blog. About Aqua Security Aqua Security stops cloud native attacks and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

BreachLock Releases API Penetration Testing Service to Improve API Security Testing for Companies

Prnewswire | March 29, 2023

BreachLock officially launched its API Penetration Testing Service today, making API security testing faster, more scalable, and more affordable compared to alternative pentesting providers. The company is best known for its human-led, AI-enabled Pen Testing as a Service (PTaaS) solution delivered via its award-winning client portal. API penetration testing will help organizations prevent cybercriminals from exploiting unpatched API vulnerabilities to perpetrate cybercrimes. BreachLock is known for its innovative pentesting approach as a leader in the emerging PTaaS market. With a global reputation for delivering enterprise-grade penetration testing services, Breachlock leverages automation to ensure affordability and speed for clients held back by alternative pentesting options. With integrated remediation, companies can decrease their window of exposure to critical API vulnerabilities fast. Clients receive evidence-backed pentest reports with guided remediation on critical vulnerabilities, along with 12 months of access to retest, generate reports, and run scans inside the client portal. Regarding its new security testing offering, BreachLock's Founder & CEO, Seemant Sehgal, comments, "With the rise in security breaches involving insecure APIs, it's our responsibility to enable clients to prevent similar incidents." Sehgal adds, "Staying ahead of cyber adversaries is the name of the game. With today's threat landscape, agile pentesting is the key to combatting security breaches, especially when done regularly." BreachLock's API pentesting service is conducted by 100% in-house, certified expert pentesters (e.g., CREST, OSCE, OSCP, CISSP, CEH) that leverage AI and automation to accelerate the process and deliver more accurate results that closely correlate with OWASP best practices. Its security experts apply maximum business logic to every API pentest during a manual deep dive and ensure zero false positives by validating automated findings. About BreachLock BreachLock® is a global leader in cybersecurity and Penetration Testing services combining the power of human hackers, artificial intelligence, and automation. Engineered for agility and scalability for digital environments of any scale, on its cloud-native platform, BreachLock delivers full-stack, Human-led, AI-enabled, Pen Testing as a Service (PTaaS), enabling organizations to accelerate pentesting by 50% and reduce TCO by 50% in comparison to alternative penetration testing companies. BreachLock helps clients accelerate their security maturity, meet compliance requirements (i.e., PCI DSS, ISO 27001, HIPAA, GDPR, SOC 2), and conduct third party security vendor assessments.

Read More