Broadcom is rumored to be in talks to acquire cybersecurity firm Symantec

HardwareZone | July 04, 2019

Bloomberg has reported Broadcom is in “advanced talks” to acquire security software firm Symantec. Broadcom wants to expand its business into the “more profitable” software market segment. According to Bloomberg’s sources, the two firms should come into an agreement within weeks. Symantec is one the largest cybersecurity firms; since 2015, the firm has operated its Security Operations Center (SOC) in Singapore. The Singapore SOC is the firm’s sixth such center in the world and the fourth in Asia-Pacific. Broadcom isn’t the first hardware manufacturer to acquire a software firm. In 2010, Intel acquire computer security firm McAfee for US$7.7 billion; however, in 2018, the chipmaker divested 51% of McAfee to a private equity firm TPG Capital. As for Broadcom, this rumored acquisition comes in the wake of its recent US$18.8 billion purchase of software firm CA Technologies. Most readers will recall US President Donald Trump’s successful objection to Broadcom attempted acquisition of Qualcomm in March last year.

Spotlight

Encryption and related technologies are widely and frequently used as a means of ensuring that information is secure, and their importance has been growing with the increasingly widespread utilisation of the Internet. Download this white paper to learn of cryptography and how encryption-related technologies have evolved and will continue to evolve as well as the measures Internet users should consider when implementing modern encryptions.

Spotlight

Encryption and related technologies are widely and frequently used as a means of ensuring that information is secure, and their importance has been growing with the increasingly widespread utilisation of the Internet. Download this white paper to learn of cryptography and how encryption-related technologies have evolved and will continue to evolve as well as the measures Internet users should consider when implementing modern encryptions.

Related News

SOFTWARE SECURITY

One Identity Announces Innovations to Security Platform

One Identity | June 06, 2022

Following the purchase of One Login last year, One Identity, a pioneer in unified identity security, today announced additional advancements to its Unified Identity Security Platform. In addition to One Identity's best-in-class offerings in Identity Governance and Administration (IGA), Identity and Access Management (IAM), Privileged Access Management (PAM), and Active Directory Management and Security (ADMS), the incorporation of OneLogin to the platform allows organizations to transition from a factionalized to a holistic approach to identity security. The inclusion of Safeguard Alchemy, a seamless on-boarding for PAM through One Identity's Starling platform, as well as device-level MFA, which offers the capability of secure MFA login access to devices, to the Unified Identity Security Platform. These new capabilities complement the platform's comprehensive analytics, as does a new passwordless auto-login function in One Identity's Safeguard product. Organizations can enable Zero Trust enforcement of access rights by ensuring the proper access permissions are provided throughout the company using a new entitlement right-sizing function. “The acquisition of OneLogin last year was a critical step for us to be able to deliver a complete and unified security strategy to our customers. Traditional identity and access management tools manage environments in a disjointed manner, leading to identity sprawl — a fragmented and inefficient approach to identity security. One Identity is transforming the way its customers are able to manage and protect access to their most valuable assets — people, identities and data — with a now complete powerful suite of identity security solutions that help simplify access management, reduce IT costs, improve security, and enhance user experience.” Bhagwat Swaroop, President and General Manager at One Identity Customers can now safeguard Windows workstations with industry-standard multi-factor authentication (MFA), leverage system-level checks to improve cybersecurity, and close security gaps in a distributed workforce and infrastructure by utilizing a combination of two powerful MFA solutions from OneLogin and One Identity. This desktop level multi-factor authentication is one of the core characteristics that distinguishes One Identity from other identity and access management suppliers, allowing enterprises to expedite cloud migration and easily scale, protect, and manage identities. The integration of OneLogin and One Identity Manager also provides customers with a centralized and mature IAM and IGA on-boarding and full identity lifecycle solution, including SSO and MFA that addresses enterprise provisioning, user self-service, approval workflows, user access attestation, user access termination, time-based access, and compliance reporting. As security breaches become more common and cybersecurity requirements get more stringent, One Identity assists clients in their transition to a Zero Trust security approach. With the integration of OneLogin into One Identity's Single Identity Security Platform, the firm provides enterprises with an united picture of users, accounts, machine identities, and accounts, transforming businesses from fragmented to unified. This platform uses identity intelligence and analytics to provide cybersecurity professionals with a clear picture of their risk profile and the ability to take remedial steps as required.

Read More

PLATFORM SECURITY

Zscaler Achieves Zero Trust Security-as-a-Service FedRAMP High Authorization

Zscaler | August 02, 2022

Zscaler, Inc., the leader in cloud security, today announced that Zscaler Internet Access™ (ZIA™) achieved Federal Risk and Authorization Management Program (FedRAMP) High Authority to Operate from the FedRAMP Joint Authorization Board (JAB). This federal government certification enables ZIA to meet civilian agencies’ high security requirements, as well as those of the Department of Defense (DoD) and other intelligence organizations. ZIA is currently the only Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution that has achieved FedRAMP’s highest authorization. FedRAMP High authorization indicates to federal decision-makers that ZIA and ZPA have undergone rigorous audits of critical security controls to protect the government’s most sensitive unclassified data in remote cloud computing environments. The company’s Zscaler Private Access™ (ZPA™), the other key component of the Zscaler Zero Trust Exchange platform, is also JAB High authorized, and along with ZIA, comprise the JAB High authorized Zscaler Zero Trust Exchange™ for federal customers. The certification confirms that ZIA can securely connect government users to external applications, including SaaS applications and internet destinations, regardless of device, location, or network, providing superior cyber and data protection for mission-critical government information. With both ZIA and ZPA now JAB-High authorized, agencies can resolve ongoing user experience and cost challenges associated with securing the explosive use of cloud-based applications. These challenges include continued poor user experience through VPNs, security risks from users who bypass VPNs leading to a lack of visibility and protection, and increased network usage costs associated with backhauling the growing volume of internet traffic flowing through the government's TIC. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE) – a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the Moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including zero trust, as well as met TIC 3.0 use cases. "This FedRAMP High authorization elevates Zscaler and our support of the US government as currently the only cloud security company with two FedRAMP High JAB authorizations in the market," said Drew Schnabel, Vice President of Federal at Zscaler. Federal agencies, DoD commands, and federal contractors can now take full advantage of the Zero Trust Exchange at the JAB High or Moderate level. Customers can align their security posture with their workload requirements and meet Executive Order 14028 zero trust goals at all levels available under the FedRAMP program. “Delivering zero trust and SASE through FedRAMP authorized platforms at the highest impact levels is crucial for the security of our nation's future. “Zscaler committed to our customers that we would deliver a comprehensive zero trust and SASE platform at the High and Moderate baseline levels. Today, we are proud to announce we have met that commitment. The Zscaler team continues to follow the guidance of Executive Order 14028, CISA’s TIC 3.0 and zero trust use cases, DOD/DISA’s National Defense Authorization Act, and our customers and partners. We are delivering FedRAMP High authorized cloud platforms, while helping agencies modernize and transform their legacy cybersecurity environments to cloud-based SASE and zero trust solutions.” Stephen Kovac, Chief Compliance Officer at Zscaler “FedRAMP High is a must-have for many federal agency deployments,” said Zeus Kerravala, Founder and Principal Analyst at ZK Research. “We see more and more CISOs and CIOs across state and local government, education, and the private sector recognizing the value of a third-party validated security assessment.” The Zero Trust Exchange is a cloud-native security platform that securely connects any user, device, and application, regardless of location. Following the principle of least-privileged access, the platform establishes trust through user identity and context – including location, device, application, and content – and then creates secure, direct connections based on policy enforcement. The platform supports IT federal mission transformation by reducing costs, eliminating the internet attack surface, and preventing lateral movement of threats while providing an excellent user experience. The Zscaler Zero Trust Exchange is powered by the world’s largest security cloud, with more than 10 years of operational excellence enabling the processing of more than 240 billion daily transactions and stopping over seven billion threats and policy violations per day for the largest, most demanding organizations around the globe. Today’s news builds on recent announcements including: Zscaler Private Access Achieves DoD Impact Level 5 (IL5) Zscaler is chosen to run a pilot program in support of Executive Order 14028 by the National Institute of Standards and Technology (NIST) Zscaler is First Zero Trust Remote Access Cloud Service to Achieve FedRAMP-High JAB Authorization ZIA™ receives Authorization to Operate (ATO) at the Moderate Impact level Zscaler is a Leader in the 2022 Gartner Magic Quadrant for Security Service Edge (SSE), following up 10 consecutive years as a Leader in the Gartner Magic Quadrant for Secure Web Gateway About FedRAMP FedRAMP is a government-wide program with input from numerous departments, agencies, and government groups. The program’s primary decision-making body is the Joint Authorization Board (JAB), comprised of the CIOs from DOD, DHS, and GSA. In addition to the JAB, other organizations such as OMB, the Federal CIO Council, NIST, DHS, and the FedRAMP Program Management Office (PMO) also play key roles in effectively running FedRAMP. Using a “do once, use many times” framework, the program ensures information systems/services used government-wide have adequate information security; eliminates duplication of effort and reduces risk management costs; and enables rapid and cost-effective procurement of information systems/services for federal agencies. About Zscaler Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Read More

PLATFORM SECURITY

Uptycs Unveils Advanced Container and Kubernetes Capabilities

Uptycs | May 27, 2022

Uptycs, the first cloud-native security analytics platform that enables both cloud and endpoint security from a single platform, today unveiled expanded container and Kubernetes security posture management (KSPM) features for its cloud workload protection platform (CWPP). These features enable real-time identification of containerized workloads, proactive scanning of container images in the CI/CD pipeline, constant compliance monitoring, and Kubernetes security policy audit and enforcement. According to Gartner, by 2026, over 90% of the world's enterprises will be operating containerized apps in production, up from less than 40% currently. Businesses, on the other hand, struggle to manage and maintain these transitory assets. Misconfigurations in the control plane and insecure policies at the single container layer are used by attackers to escalate permissions, conduct container escapes, and compromise nodes for executing code. "Organizations are rapidly scaling their Kubernetes environments and seeing tremendous gains in optimization, availability, and developer productivity, but too often Security teams are left playing catch up. With telemetry from Kubernetes systems supported by our analytics platform, Security teams know immediately what resources they have and the security posture of those resources—across public and private clouds, scaling to tens of thousands of pods. Combined with our industry-leading container security capabilities, this gives Security teams confidence that they have the proper controls in place to minimize risk while enabling innovation." Ganesh Pai, CEO and Co-founder of Uptycs Uptycs offers both fully managed (AWS EKS, Azure AKS, Google GKE) and self-managed Kubernetes environments, such as VMware Tanzu and Google Anthos. Uptycs contains a range of container runtimes (Docker, containerd, CRI-O). The latest KSPM capabilities offered by the Uptycs platform are now readily accessible and will be shown at the 2022 RSA Conference (booth #435) from June 6-9. Learn more about the Uptycs container and Kubernetes security service by visiting the Uptycs blog.

Read More