DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Beyond Identity Launches Zero Trust Series with Security Industry Leaders

Beyond Identity | March 16, 2023 | Read time : 04:00 min

Beyond Identity Launches Zero Trust Series with Security Industry Leaders

Beyond Identity, the industry leader in providing phishing-resistant, passwordless MFA, has announced the official launch of 'Zero Trust Authentication' as a subcategory of zero trust technology, along with the introduction of the Zero Trust Leadership series of events worldwide, which will be held throughout 2023.

Combining industry-leading security integrators and technologies, such as Beyond Identity, CrowdStrike, Palo Alto Networks, Optiv, World Wide Technology, BeyondTrust, Climb Channel SolutionsPing Identity, and Guidepoint Security will enable organizations to move toward secure authentication designed to improve the zero-trust strategies of the Fortune 5000.

Zero Trust Authentication was created in response to the failure of conventional authentication methods, a problem that has been compounded by the rise of cyberattacks. Implementing Zero Trust Authentication will enable businesses to surpass the constraints of legacy multi-factor authentication (MFA) and passwords and deploy more effective security strategies.

To achieve this, the Zero Trust Authentication strategy incorporates components like Beyond Identity's risk scoring and continuous authentication functionalities, which greatly increase the given level of security.

Tom Jermoluk, Co-Founder and Chief Executive Officer of Beyond Identity, mentioned, "In working with leaders across the security ecosystem, it became apparent to us that the industry needs to formally bring identity and access management into the security fold to continuously deliver the highest level of security around users and devices."

(Source – Business Wire)

He added, "We are bringing together the leaders from the essential technology categories to ensure authentication decisions are risk based and continuously informed with signals from the wealth of existing cybersecurity tooling. Through close technology collaboration and now go-to-market collaboration in this Zero Trust Leadership series, we are delivering strong authentication built for an 'always on' zero trust world coupled with the practical advice and best practices so that enterprises can finally close identity and access management vulnerabilities."

(Source – Business Wire)

About Beyond Identity

Beyond Identity is redefining digital access for companies seeking to enhance protection against cyber assaults and provide the greatest levels of security for their customers, employees, and developers. The company's phishing-resistant, passwordless, and Zero Trust Authentication technologies enhance both security and the user experience.

The platform provides continuous risk-based authentication that incorporates signals from the zero-trust ecosystem to guarantee that only valid users and secure devices get or keep access to vital resources. Snowflake, Roblox, and Unqork rely on Beyond Identity's highly accessible cloud-native platform to deter assaults and advance their zero-trust strategy.

Spotlight

Cisco Security Cloud is the one solution to help you be resilient across your network, users, clouds and apps. You'll be able to see across the multicloud environments, anticipate what’s next, take the right action, close security gaps, and more.

Spotlight

Cisco Security Cloud is the one solution to help you be resilient across your network, users, clouds and apps. You'll be able to see across the multicloud environments, anticipate what’s next, take the right action, close security gaps, and more.

Related News

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Bitsight Expands into Integrated Cyber Risk Management Empowering Risk Leaders to Address Rising Threats to Business Operations

Prnewswire | April 21, 2023

Bitsight, a leader in managing and monitoring cyber risk, today unveiled its expansion into a broader category of integrated cyber risk management. As the category creator and global leader in the cybersecurity ratings industry, Bitsight's enhanced strategy will deliver new capabilities to empower security professionals and business leaders to more effectively and holistically manage cyber risk. The announcement includes large-scale distribution of risk data and insights through Moody's/BVD's Orbis, a new Third-Party Vulnerability Detection & Response solution, and more predictive cyber risk ratings that help mitigate cyber risk and make CISOs and risk professionals' jobs easier. Bitsight's integrated solutions address the needs of CISOs and risk leaders, whose roles have become more challenging in recent years with digital transformation, supply chain risk, and expanded attack surfaces. "As the cyber threat landscape worsens and the global regulatory landscape demands more nimble and thorough risk management, Bitsight has evolved to stay ahead of our customers' needs. Business leaders, risk leaders and boards are turning to us as an integrated solution to manage risk and build trust across their ecosystem," said Bitsight CEO Steve Harvey. Furthermore, comprehensive cyber risk management is also essential to good corporate governance, reaffirmed by the recently released White House national cyber strategy, pending SEC regulations on cybersecurity disclosure, and cybersecurity requirements emerging throughout Europe and Asia. Harvey noted, "Our strategic shift to become an integrated cyber risk management leader means we're able to provide customers and governments with the industry's most impactful data, services and tools to confidently navigate the uncertain cyber landscape." Accelerated Partnership with Moody's Corporation Newly-added integrations with Moody's will deliver expanded insights for enterprises and assist with holistic cyber risk management. In October 2021, Moody's Corporation invested $250 million in Bitsight, and the two companies announced a landmark partnership agreement. Through this partnership, Bitsight became the primary cyber risk analytics provider across Moody's suite of integrated risk assessment offerings. Bitsight data is now accessible by nearly 2,000 global credit analysts within Moody's Investors Service. These analysts are leveraging Bitsight to better understand the relative cyber risk of issuers, engage issuers on cybersecurity risk, and publish research on the intersection of cyber risk and credit risk. Additionally, Bitsight ratings data is now also integrated within Moody's Analytics' BVD Orbis platform, enabling non-technical risk managers to easily consider cyber risk factors in counterparty risk analysis. "The rise of cyberattacks and ransomware has created an imperative for business leaders and boards to assess and quantify their cyber risk," said Moody's Analytics President Stephen Tulenko. "Bitsight is our trusted partner in helping leaders to better understand, measure, and navigate the cyber risk landscape with confidence." Through these integrations, Bitsight and Moody's insights may be used together in powerful combinations for applications such as Know-Your-Customer, supply chain management, insurance underwriting, and credit risk assessment. New Third-Party Vulnerability Detection & Response Application To further its cyber risk management capabilities, Bitsight has enhanced its Third-Party Vulnerability Detection tool to include a Response workflow. Zero-day attacks and other vulnerabilities are increasingly common, and most companies are struggling to properly manage third-party exposure to critical vulnerabilities quickly, effectively, and at scale. With Vulnerability Detection & Response, cybersecurity teams can now access the most important vulnerability data and effectively prioritize vendor outreach with built-in questionnaires while tracking vendor response progress in real time. This release is another innovative application showcasing Bitsight's continued commitment to helping customers better monitor, manage, and mitigate vulnerabilities across their third-party ecosystems. More Predictive Cyber Risk Ratings – Bitsight's Ratings Algorithm Update Bitsight has launched a new ratings algorithm, with several key enhancements, most notably modifying the weights of several risk vectors based on independent research and insight into how those risk vectors correlate to real life cyber events. As a part of delivering an integrated cyber risk management solution, Bitsight remains committed to investing in and producing actionable cybersecurity ratings that have the strongest correlation in the industry to the likelihood of a cyber incident. "Cybersecurity ratings remain a critical tool in cybersecurity and risk leaders' arsenals, while the pressures and demands to address cyber risk have significantly expanded," said Harvey. As attacks on organizations intensify and business leaders demand greater strategic support to address risk, Bitsight's mission to build trust in the digital economy has extended well beyond cyber risk ratings. "Risk leaders globally spend every day working against a relentless and growing problem of cyber risk uncertainty," said Harvey. "And as waves of digital transformation continue to disrupt cybersecurity stability, we are committed to supporting our current and future customers with a broad and unified cyber risk management solution that helps them navigate with greater confidence." Supporting Resources Learn more about our partnership with Moody's Corporation here Learn more about Third-Party Vulnerability Detection & Response her Learn more about the Rating Algorithm Update here About Bitsight Bitsight is a global cyber risk management leader transforming how organizations manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss. Built on over a decade of market-leading innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

AdaCore Launches RecordFlux

Businesswire | March 28, 2023

AdaCore, a trusted provider of software development and verification tools, today announced the launch of its new RecordFlux technology, designed to ease the development and security of binary communication protocols. The technology comprises a Domain Specific Language (DSL) to precisely describe complex binary data formats and communication protocols, and a toolset to verify specifications and generate provable SPARK code that can be executed on a target CPU. Through RecordFlux, users can define and implement complex communication protocols and prove security properties, such as memory safety, at much less cost and effort than would be possible with a manual approach. The precision of the RecordFlux DSL ensures that the specifications are unambiguous, the high-level nature of the DSL makes the specifications easily understandable by domain experts, and the expressive power of the DSL can capture the most complex real-world protocols. And since the RecordFlux code generator produces source code in the formal methods-based SPARK language, users can obtain automated proofs of a wide range of security properties in the resulting software. The net effect is more secure and reliable code, at lower cost. “Interaction between software components is governed by protocol and format specifications. Unfortunately, most specification documents are complex texts written in English which need to be translated to software implementations manually, leaving room for human error,” said Alex Senier, AdaCore’s RecordFlux Team Lead. “Logic errors and critical flaws are often poorly mitigated by the widespread use of unsafe programming languages, resulting in severe security vulnerabilities. With RecordFlux, we aim to provide a solution that saves time and money by automating provable code generation while ensuring the absence of low-level vulnerabilities like buffer overflows that attackers could exploit.” About RecordFlux RecordFlux is a toolset for creating high-assurance implementations of binary data formats and communication protocols. The technology includes a Domain Specific Language, a comprehensive toolset, and customized expert support. By using SPARK Pro, developers can take the SPARK code generated from RecordFlux specifications and automatically prove that the code is free of run-time errors and respects the original specification. Code generated by RecordFlux is also compatible with GNAT Pro Assurance, AdaCore’s complete solution for projects with the most stringent requirements for reliability, long-term maintenance, or certification. The compiler-hardening options provided by GNAT Pro Assurance can be used to mitigate further attacks on network-facing protocol-handling code. About AdaCore Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical, and security-critical systems. Over the years, customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, defense systems, automotive, railway, space, air traffic management/control, medical devices, and financial services.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Lookout Launches Mobile Endpoint Detection and Response for MSSPs to Close the Mobile Security Gap for Customers

Prnewswire | April 20, 2023

Lookout, Inc., the endpoint-to-cloud security company, today announced the availability of Lookout Mobile Endpoint Security, the industry's most advanced mobile endpoint detection and response (EDR) offering for managed security service providers (MSSPs). This solution enables MSSPs to deliver a complete turn-key program for identifying risk, protecting sensitive data and securing their customers' mobile devices. With Lookout's Mobile EDR, MSSPs can help organizations reduce the risk of a data breach through mobile phishing, ransomware and exploitation of device and app vulnerabilities. While businesses are adapting to the "new normal" of remote working and continuing to invest in mobile devices, many are still struggling with keeping up with mobile security. According to industry data, less than half of SMBs specifically have any form of mobile security in place1 – as a result mobile threats are on the rise year over year. In Lookout's recent Global State of Mobile Phishing report, 2022 marked the highest percentage of mobile phishing encounter rates ever, with an average of more than 30% of personal and enterprise users exposed to these attacks every quarter. Lookout also found that users on all devices – whether personal or work provided – are tapping more on mobile phishing links in comparison to just two years ago2. A Turn-Key Program to Close Security Gaps and Manage Mobile Risk Lookout's Mobile EDR program for MSSPs allows them to address these mobile security challenges head on – by partnering with Lookout, MSSPs have access to the Lookout mobile dataset of security telemetry, which is built on graph-based machine intelligence that analyzes data globally from more than 210 million devices, 175 million apps and ingests four million web URLs daily. In addition, Lookout's comprehensive Mobile EDR solution enables MSSPs to detect and block mobile phishing attempts; detect unauthorized camera and mic access through surveillanceware; detect and prevent credential theft and data exfiltration; detect device compromise; check all apps for risky behavior; and detect app and OS vulnerabilities. Lookout also helps MSSPs reduce resource constraints by decreasing their policy administration time by 80%. Other operational benefits for MSSPs include a 95% user self remediation rate and optimized battery consumption leading to less support tickets as well as built-in multi-tenancy for easier management. "As the threat landscape becomes increasingly sophisticated, businesses of all sizes must evolve their security strategy to keep up with and proactively address these threats, yet many do not have the security tools or skill sets in place to tackle this on their own," said Eva-Maria Elya, vice president, MSSP Sales at Lookout. "The MSSP ecosystem becomes a natural partner for them to turn to for help in managing their security posture, including identifying risk, ensuring compliance and safeguarding sensitive data across their device landscape. By extending our channel partner program to MSSPs, we help ensure these customers have access to the best security solutions delivered through the leading MSSP organizations." The Lookout Mobile EDR program for MSSPs is available today. For more information on how Lookout supports SMB customers and MSSPs, click here. About Lookout Lookout, Inc. is the endpoint-to-cloud security company purpose-built for the intersection of enterprise and personal data. We safeguard data across devices, apps, networks and clouds through our unified, cloud-native security platform — a solution that's as fluid and flexible as the modern digital world. By giving organizations and individuals greater control over their data, we enable them to unleash its value and thrive. Lookout is trusted by enterprises of all sizes, government agencies and millions of consumers to protect sensitive data, enabling them to live, work and connect — freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter. © 2023 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design®, and SIGNAL FLARE® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, SCREAM, the 4 Bar Shield Design, and the Lookout multi-color/multi-shaded Wingspan design.

Read More