SOFTWARE SECURITY

BlastWave Unifies Remote Cloud Security with Bulk Onboarding and Login Convenience Through BlastShield Software Update

BlastWave | June 17, 2022

BlastWave
BlastWave, a zero-trust networking solution provider that reduces the cost and complexity of remote access VPN management, today announced enhancements to its zero-trust security software solution, BlastShield™. The enhancements include added security capability for the three main cloud service providers, identity manager unification, Azure gateway security integration and easy bulk onboarding. BlastWave sees these updates as increasingly important with the global workforce shift to remote cloud environments on multiple vendor platforms.

The recent update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment without forcing a user to rely on the respective security measures of each provider. This means users can have workloads distributed across provider environments but only one user authentication system. The update continues BlastWave's mission of convenient, cutting-edge cybersecurity, all while offering enhanced protection within identity management systems. Most importantly, users can take advantage of BlastShield's heightened speed and functionality, two vital features in multi-functional, cloud environments.

This latest update also adds support for gateway security in Azure environments, expanding on BlastShield's previous gateway security capabilities in GCP, AWS, ESXi and COTS hardware systems. This new gateway security integration increases functionality for Azure users, allowing them to rely on password-less authentication instead of dated VPN security measures within their cloud-based Azure environments.

BlastShield's latest update streamlines bulk onboarding, a typically arduous process, leveraging customers' SSO functionality. This update's features rely on an industry-standard API, System for Cross-domain Identity Management (SCIM), designed to simplify the management of user identities in cloud-based services as well as applications. It enables the automatic exchange of user information between identity domains, eliminating the insecure provisioning of identity managers when onboarding large numbers of users in distributed cloud environments. Identity managers have conventionally suffered from potential exposure to credential theft, SIM jacking, and other threat vectors. BlastShield's update addresses these vulnerabilities without hampering the convenience of identity managers.

"BlastShield's latest update enhances our proven security mechanisms with single sign-on identity management tools and offers simplified bulk onboarding. "Many competitors are focusing more on endpoint security in these hybrid cloud environments, but we're offering a macro-level security approach that combines the convenience of identity management systems like Okta and One Identity with the proven agile security of BlastShield's network-level ZTNA and microsegmentation."

Michael Bacon, BlastWave Solution Engineer

The recent software update and resulting functionality are automatic for new subscribers and can be implemented with the click of a button in the BlastShield interface for current professional and enterprise customers.

"In the past, cybersecurity may have elicited groans from providers, largely due to its perceived inconvenience. This update lends BlastWave's proven security stack to the login convenience offered by established identity managers," said Mel Knight, Brier and Thorn CISO. "Once again, whether through bulk onboarding via secure provisioning or enhanced Azure environment security, BlastWave continues to imbue existing technologies with their patented, proven ZTNA security solution. We are excited for our customers to experience this update's improved, secure convenience, bulk onboarding, and multi-vendor cloud security."

About BlastWave 
Founded by former executives and technologists from Apple and Cisco, BlastWave is taking a fundamentally different approach to security aimed at protecting privacy and connected devices from cyberattacks. BlastWave's patented product, BlastShield™️, is an integrated, zero-trust stack that combines state-of-the-art passwordless multi-factor authentication with high-performance, resilient encrypted connectivity and built-in microsegmentation. BlastWave is backed by Rocket Strategies, Lucas Venture Group, and Millennium Investments. The company is headquartered in Palo Alto, California.

Spotlight

"Traditional security approaches are manifestly not adequate to protect an organization’s critical financial and data assets. Security and forensics teams need more insight into attackers, so that they can gain a deeper understanding of who they are, how they’re operating, and what they are likely to do in the future. Armed with such information, teams can better defend against existing infrastructure and techniques, and can even predict and block future attacks from the same threat group."

Spotlight

"Traditional security approaches are manifestly not adequate to protect an organization’s critical financial and data assets. Security and forensics teams need more insight into attackers, so that they can gain a deeper understanding of who they are, how they’re operating, and what they are likely to do in the future. Armed with such information, teams can better defend against existing infrastructure and techniques, and can even predict and block future attacks from the same threat group."

Related News

PLATFORM SECURITY

Cyber Security Innovator Coro Launches Incubiz, a Unique Incubator Program to Discover and Develop the Next-Generation of Cyber Security Entrepreneurs

Coro | July 28, 2022

Coro, the all-in-one cyber security platform for mid-market organizations, growing businesses, and lean IT teams, today announced the launch of its unique Incubiz program. This program is designed to help entrepreneurs build and grow a successful business in one of the hottest markets today - cyber security - with zero risk, upfront costs, or experience needed. Incubiz will debut in Chicago, Illinois, the location of Coro’s newest U.S. office. Small businesses account for 99.6% of Illinois' private enterprise, making them a vital part of the state's economy. Additionally, Illinois is the 7th largest tech employer in the country, employing over 318 thousand people. According to Zoominfo, Chicago and the surrounding suburbs are home to about 219,000 small to mid sized businesses and more than 4,000 mid-market companies. It is also one of the hottest startup markets in the U.S. With more than six thousand technology companies and 378 startups founded in the city in the past five years, these companies are all vying for cybersecurity help, making Chicago the perfect hub for the next step in Coro’s growth. Driven by a robust talent pipeline, the state of Illinois is on the way to achieving Tier-1 tech hub status. In 2021, it had the fourth largest increase in technology job postings, and only three states added more tech jobs than Illinois over the past decade. But with the state’s employment opportunities shifting away from manufacturing and toward service- and knowledge-based work, many medium-wage jobs have been eliminated and many workers do not have the skills or education to attain higher-wage employment. A recent Illinois Future of Work report found that there is a need to create “stronger on-ramps for high wage jobs” in the state, citing that not having a bachelor’s degree is holding many back from being considered for higher-earning positions. This is further polarizing the job market, given that only 35.5% of Illinois adults have a bachelor’s degree. In support of the state’s drive to make higher-earning jobs available for more workers, to build off Chicago’s tech momentum, and to close the cyber security skills gap our nation is facing, Coro has created an innovative, one-of-a-kind program to provide job opportunities in one of the hottest markets today, without any prior cyber security experience or college education. The Incubiz program is open to entrepreneurs looking to start a cyber security business, buy into a franchise, or start a managed service provider/managed security service provider (MSP/MSSP) that provides outsourced security monitoring and management. Incubiz provides the potential for employees to achieve higher earnings without the prerequisite of many similar job openings. Individuals accepted into Coro’s 18-month Incubiz program will be provided with the training, support, and infrastructure needed to build a valuable skill set and ultimately launch their own cyber security business. Not only are there no costs to participants, they will be paid a competitive salary as a Coro Authorized Security Consultant. Upon completion of the program, participants will be able to operate independently, but with access to continued support and residual income from any customers brought in during the incubation period. “Coro’s mission is to continually innovate and develop the best cyber security tools possible. We’re excited to offer our expertise and resources to help the next generation of cyber entrepreneurs through our new Incubiz program. “The Illinois job market is at a crossroad, and this program is a great opportunity for workers to attain a higher-paying job without needing a predefined skillset or degree. Chicago is the perfect market to launch IncuBiz, and we are eager to add to the city’s flourishing tech scene and offer more equitable employment opportunities within the state.” Jim Tarantino, Chief Revenue Officer at Coro Coro developed its powerful cyber security platform to address the noticeable cyber security gaps in the mid-market and SMB segments, making enterprise-grade security accessible to any business at a fraction of the cost of other solutions. Coro is one of the fastest growing cyber security companies today and has seen significant momentum with 300% year-over-year growth for each of the past three years and into 2022. Earlier this year, Coro announced $80M in funding and a rapid expansion in the Chicago market. About Coro Coro is one of the fastest growing security solutions for the mid-market, providing all-in-one protection that empowers organizations to defend against malware, ransomware, phishing, and bots across devices, users, and cloud applications. More than 5,000 businesses depend on Coro for holistic security protection, unrivaled ease of use, and unmatched affordability. Built on the principle of non-disruptive security, the Coro platform employs innovative AI technology to identify and remediate the many security threats that today's distributed businesses face, without IT teams having to worry, investigate, or fix issues themselves. Investors in Coro include Balderton Capital, JVP, MizMaa Ventures, and Ashton Kutcher’s Sound Ventures.

Read More

DATA SECURITY

Cyware Achieves SOC 2 Type 2 Compliance for Data Security

Cyware | June 24, 2022

Cyware, the industry's leading provider of the technology platform for building Cyber Fusion Centers for businesses and threat intelligence sharing for ISACs and ISAOs, announces the successful completion of the System and Organization Controls (SOC) 2 Type 2 Audit for the trust services criteria relevant to Security ("applicable trust services criteria") set forth in TSP section 100, Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Integrity, Confidentiality, and Integrity, Confident (AICPA, Trust Services Criteria). The result demonstrates the company's dedication to the highest levels of data protection. The American Institute of Certified Public Accountants (AICPA) developed SOC 2 as a reporting framework that establishes guidelines for Software-as-a-Service (SaaS) enterprises that manage customer and user data. The accreditation confirms that the organization's internal systems and controls are in ongoing conformity with the SOC 2 audit criteria. Schellman & Company, a worldwide-recognized attestation and compliance services provider, performed the audit for Cyware. “Commitment to the highest levels of data security has always been one of our foremost business priorities. The SOC 2 Type 2 certification process is not easy to achieve but our team was fully committed and prepared to ensure we check all the required boxes. The new milestone will further strengthen the confidence of our current and future customers in our robust compliance with industry benchmark data security standards including SOC 2 (Type 1 and Type 2) and ISO/IEC 27001:2013.” Anuj Goel, CEO, Cyware Cyware unifies previously compartmentalized security operations, allowing firms to more efficiently automate and exchange threat data, as well as cooperate on threat response inside their security divisions and with other enterprises within their network.

Read More

DATA SECURITY

QuSecure Partners with DataBridge Sites

DataBridge Sites | June 15, 2022

QuSecure, Inc., a pioneer in post-quantum cybersecurity (PQC), announced today a collaboration with DataBridge Sites, a cutting-edge data center provider that serves off-site business critical IT environments, to demonstrate its Quantum-as-a-Service (QaaS) orchestration platform QuProtect. QuProtect is the industry's first end-to-end post-quantum cybersecurity software-based solution that uses quantum secure channels to safeguard encrypted communications and data with quantum resilience. As an outcome of the collaboration, QuProtect is the first and only PQC solution provided as a live service in a data center. Business, IT, and security executives may quickly learn more about a successful PQC implementation by offering an accessible and tangible example of advanced PQC at datacenters like DataBridge. According to Shor's algorithm, any quantum computer with sufficient power would ultimately overcome all present global encryption. As a result, in order to secure data and communications, all business and government bodies must update to quantum-resistant equipment. Furthermore, data stolen now can be decoded in the future by a quantum computer, thus major enterprises must begin the strategic and information collecting stages of transitioning their cybersecurity to assure quantum resilience. The QuSecure/Databridge collaboration offers a technique for demonstrating quantum resilience. “Our team is very excited to now be home to the QuSecure environment, which is the first PQC software that is currently live in a data center. Our company sees the quantum computing industry as a rapid growth area that can be used widespread through the commercial and federal marketplace. QuSecure’s unique offering will add to our ecosystem of service providers for clients to utilize.” Mike Lozupone, DataBridge Sites director of business development He further added, “DataBridge sees this partnership as being mutually beneficial, and we feel fortunate to work with companies like QuSecure as their business continues to grow. We expect new customers to be driven to our facility to benefit from the combination of QuSecure’s quantum security offerings and the infrastructure scale and physical security provided by DataBridge Sites.” QuProtect delivers quantum-resistant cryptography at any time, on any device. QuProtect employs an end-to-end, quantum-security-as-a-service (QSaaS) architecture that addresses the most vulnerable aspects of the digital ecosystem by combining zero-trust, next-generation post-quantum cryptography, quantum-strength keys, high availability, simple deployment, and active defense into a detailed and coherent cybersecurity suite. The end-to-end method is built around the full data lifecycle, including data storage, communication, and consumption. Skip Sanzeri, QuSecure Founder and COO said that “DataBridge is a world-class organization, and we are pleased to partner with them to provide the first instance of post-quantum cybersecurity available in a data center. The quantum threat, or Q-Day, is coming at us rapidly, and in May the White House published two initiatives to actively build U.S. quantum computing and post-quantum cybersecurity programs. Our partnership with DataBridge is another big step along the way to National Security in line with the White House memos.” QuProtect is the most sophisticated PQC solution in the market, offering quantum-resilience for many of today's key use cases such as network, IoT, edge devices, and satellite communications. QuProtect may be hosted on-premises or in the cloud, giving the most suitable solution to the post-quantum dilemma and addressing today's complicated compliance concerns, such as BYOD and work-from-home regulations. PQC can be implemented across all network devices with minimum interruption to existing systems, defending against present and future quantum assaults that might irrevocably destroy industries and infrastructures in the government and commercial sectors.

Read More