ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

BIgID Introduces Secrets Detection Capabilities to Mitigate Risk

BigID | March 17, 2023 | Read time : 04:00 min

BIgID Introduces Secrets Detection Capabilities to Mitigate Risk

BigID, the leading platform for data security, compliance, privacy, and governance, today introduced purpose-built AI and ML-based data discovery and classification capabilities designed to quickly and easily detect secrets across enterprise data and reduce risk from potential data breaches and leaks.

Secrets - including as API keys, tokens, usernames and passwords, and security certificates - are commonly shared, cloned, and distributed across enterprise data environments as a means for better collaboration and efficiency. Unfortunately, the proliferation of secrets across these environments increases the attack surface and quickly raises security risks. Data containing secrets can inadvertently get pushed into production, while other secrets can be exposed to internal and external bad actors.

With BigID's native secrets detection capabilities, organizations can:

  • Scan for secrets across the entire software development ecosystem including GitLab, GitHub, Jira, Confluence, Powershell scripts, Slack, and hundreds of other data sources across the environment
  • Detect secrets faster and more accurately using patented AI and ML-based data classification techniques
  • Proactively protect secrets with streamlined and automated remediation to continually mitigate the threat of exposure

"Secrets-in-code remains one of the most overlooked vulnerabilities in security, despite being a priority target in some of the biggest breaches of late," said Tyler Young, CISO at BigID. "BigID's purpose-built AI and ML-based data discovery and classification give security teams speed and confidence to protect secrets from unwanted exposure so they don't become another headline."

About BigID

BigID enables organizations to know their enterprise data and take action for data-centric security, privacy, compliance and governance. Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. BigID has been recognized for its data intelligence innovation as a 2019 World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, the 2021 Inc 5000 as the #19th fastest growing company and #1 in Security, the 2021 and 2022 Deloitte 500, and an RSA Innovation Sandbox winner.

Spotlight

Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.

Spotlight

Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Lookout Announces Acquisition of its Consumer Mobile Security Business Segment

Businesswire | April 27, 2023

Lookout, Inc., the endpoint-to-cloud security company, today announced it has entered into an agreement to sell its consumer mobile security business to F-Secure, a global provider of consumer security products and services. This complementary acquisition expands F-Secure’s market leadership in the communication service provider channel and accelerates its vision of becoming the No. 1 security experience company. With this transaction, Lookout’s core business will now evolve into a pure-play enterprise company. “In today's complex cybersecurity landscape, consumers want consolidated solutions that secure every aspect of their digital lives in a seamless experience,” said Jim Dolce, Lookout CEO. “Early discussions with F-Secure led both parties to the realization that we’d be better together. The combination creates a holistic, integrated consumer experience while building on a shared partner-centric go-to-market model. The impact on customers is a genuine example of when one plus one equals three.” With this partial divestiture, Lookout’s core enterprise business will continue to expand and diversify to address the most pressing security challenges facing IT and security leaders today. The core business includes Lookout’s Mobile Endpoint Security (MES) and its Security Services Edge (SSE) cloud-native solution, the Lookout Cloud Security Platform. Lookout plans to redirect the transaction proceeds back into the business and invest in expanding its enterprise products and customer base with a clear focus and vision. “Our success in the highly competitive enterprise market has compelled us to focus our product and go-to-market efforts to gain advantage,” continued Dolce. “By doubling down on the enterprise market, we’ll be better positioned to capitalize on its projected hypergrowth, fueled by an increase in remote and hybrid work, a shift to cloud-based delivery models and the transition to zero-trust architectures.” Lookout entered the fast-growing cloud security market through its acquisition of CipherCloud in March 2021, and that business continues to grow and expand. Its Cloud Security Platform was recently scored among the highest three vendors in the 2023 Gartner Critical Capabilities for Security Service Edge (SSE)1 report in each of the four use cases. The Gartner Critical Capabilities for SSE – an essential companion to the Gartner Magic Quadrant™ for SSE2 in which Lookout was named a Visionary for the second year in a row – is a comparative analysis that scores products or services against a set of critical differentiators that every business needs, as identified by Gartner. The divestiture of Lookout’s consumer mobile security business segment is expected to close by the end of June, 2023. About Lookout Lookout, Inc. is the endpoint-to-cloud security company purpose-built for the intersection of enterprise and personal data. We safeguard data across devices, apps, networks and clouds through our unified, cloud-native security platform — a solution that's as fluid and flexible as the modern digital world. By giving organizations and individuals greater control over their data, we enable them to unleash its value and thrive. Lookout is trusted by enterprises of all sizes, government agencies and millions of consumers to protect sensitive data, enabling them to live, work and connect — freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter. © 2023 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design®, and SIGNAL FLARE® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, SCREAM, the 4 Bar Shield Design, and the Lookout multi-color/multi-shaded Wingspan design.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

ZeroFox Announces Generative AI Capabilities, Develops FoxGPT

Globenewswire | May 11, 2023

ZeroFox (Nasdaq: ZFOX), a leading external cybersecurity provider, announced its plans for releasing generative AI into its External Cybersecurity Platform with the preview of FoxGPT. FoxGPT capabilities will optimize intelligence analyst workflows with the ability to analyze and contextualize malicious content online, enhancing the ability to combat the growing sophistication of cybercriminals. Built by cybersecurity and intelligence professionals, for cybersecurity and intelligence professionals, ZeroFox commits to AI transparency, security, and privacy of information. Recent cutting-edge advancements in AI, including the release of GPT 3.5, followed by GPT 4.0, are part of a larger, fast-paced AI revolution poised to change how humans and technology interact. As companies embrace these advancements to streamline and automate certain aspects of their business, threat actors are also embracing generative AI capabilities for more sophisticated phishing and fraud, social engineering, spam, and the production of malicious content. ZeroFox's adaptation of generative AI, FoxGPT, accelerates the analysis and summarization of intelligence across large datasets, allowing the identification of malicious content, phishing attacks, and potential account takeovers. "We at ZeroFox are consistently dedicated to external cybersecurity innovation, and I'm thrilled to share the next step in our innovation roadmap with the development of generative AI capabilities within our platform, FoxGPT," said Mike Price, CTO at ZeroFox. "We understand the impact of generative AI and the risks of threat actors abusing it. We're committed to harnessing this technology while capturing explainable results and the security and confidentiality of customer data." ZeroFox has steadily integrated other machine learning capabilities into its platform over the past few years, enhancing its ability to keep pace with emerging technologies. FoxGPT is a significant advancement for ZeroFox, enabling it to provide even more powerful external cybersecurity platform capabilities. ZeroFox is committed to AI transparency, security, and privacy of information in order to give customers the confidence that their data is secure. ZeroFox plans to responsibly release FoxGPT to opt-in customers throughout the year. About ZeroFox ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Immersive Labs Unveils World’s First Comprehensive Score to Gauge Enterprise Cyber Resilience

Businesswire | May 08, 2023

Immersive Labs, the leader in people-centric cyber resilience, today announced the launch of the Immersive Labs Resilience Score. The score measures an organization’s workforce preparedness for cyber attacks and breaches based on Immersive Labs’ years of benchmarking data across industry verticals. The score will help organizations identify weaknesses in their teams’ cyber capabilities, address skills gaps to prevent or mitigate damage to their revenues and brand reputations, and contribute to the factors that can lower insurance premiums. The Immersive Labs Resilience Score addresses a major challenge facing cyber leaders around the world today: a lack of confidence in, or awareness of, their teams’ real readiness to confront threats. Alarmingly, 80% of cyber leaders don’t think, or are unsure, their teams have the capabilities to respond to future attacks, according to a new study commissioned by Immersive Labs and conducted by Forrester Consulting.* “There is a common misconception that teams’ cyber capabilities are not measurable, but advancements in cyber exercising give us new insights to predict risk and build vital cyber capabilities across the workforce,” said Paul Bentham, Chief Product Officer, Immersive Labs. “The new Immersive Labs Resilience Score demonstrates that resilience can be assessed, benchmarked, and increased based on performance data. This is a huge leap forward in proving cyber capabilities compared to outdated, legacy cybersecurity training.” How the Immersive Labs Resilience Score Works The Immersive Labs platform provides realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities across the entire workforce, from executive decision makers to cyber defense, application security, IT, cloud teams and more. Now, when organizations use the platform to upskill their people, they will be able to view their overall resilience score against industry benchmarks and best practices, and see progress over time. The Resilience Score is calculated based on several factors, including: Executive and Crisis Management teams can effectively manage a complex crisis stemming from a cyber incident with consistent decision making and high levels of confidence Cyber teams can work together to solve complex red-team and blue-team scenarios using real-world environments Cyber teams are assigned to job roles and can prove their ability to carry out tasks in-line with new CVEs and capabilities Developers are able to prove their ability to code securely and systematically reduce vulnerabilities in the SDLC Cloud engineers are able to identify and fix common misconfigurations in real cloud environments End users are confident in end user security outcomes including how to report an incident and spot business email compromise The organization has proper security framework coverage, including MITRE ATT&CK Teams and individuals are mapped to job skills and are proving their technical abilities and that their skills are being kept up to date The Immersive Labs Resilience Score will be available to all customers beginning in late Q2 2023. To learn more about this new capability, please visit: https://www.immersivelabs.com/the-score/ *Forrester Opportunity SnapShot: “Cyber Leaders Need a More Effective Approach to Building and Proving Resilience” – A custom study commissioned by Immersive Labs, March 2023 About Immersive Labs Immersive Labs is the leader in people-centric cyber resilience. We help organizations continuously assess, build, and prove their cyber workforce resilience for teams across the entire organization, from front-line cybersecurity and development teams to Board-level executives. We provide realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities and decision-making against the latest threats. Organizations can now prove their cyber resilience by measuring their readiness compared to industry benchmarks, building team capabilities, and demonstrating risk reduction and compliance with data-backed evidence. Immersive Labs is trusted by the world’s largest organizations and governments, including Citi, Pfizer, Humana, HSBC, the UK Ministry of Defence, and the NHS England. We are backed by Goldman Sachs Asset Management, Summit Partners, Insight Partners, Citi Ventures, Ten Eleven Ventures, and Menlo Ventures.

Read More