SOFTWARE SECURITY

Bugcrowd Launches Reseller Partnership with SocialProof Security

Bugcrowd | June 27, 2022

Bugcrowd
Bugcrowd, the market leader in crowdsourced cybersecurity, announced today a strategic reseller collaboration with SocialProof Security, advancing the organization's objective to keep clients ahead of growing cyber threats. As part of the cooperation, Bugcrowd will resell SocialProof Security's services, including social engineering prevention training, protocol and practitioner seminars, and penetration testing.

In addition to reselling social engineering services, Bugcrowd continues to innovate and invest in its award-winning Security Knowledge Platform, which provides the most comprehensive suite of security solutions such as bug bounty, vulnerability disclosure programs, attack surface management, and pen testing as a service. Bugcrowd, for example, allows consumers to buy pen tests from a single supplier for any sort of use case, from basic assurance of simple web apps and networks to continuous testing of cloud services and APIs, and now, social engineering.

Due to their friendly hacker approach to boosting customer defenses against human-based assaults, SocialProof Security and CEO Rachel Tobac, the market leader in social engineering prevention services, have gained prominence. Twitter, PayPal, Uber, Prudential Insurance, Cisco Systems, WhatsApp, NATO, and the US Air Force are among the noteworthy clients of SocialProof Security.

"We are excited to work with Bugcrowd on this reseller partnership as we move forward with our aligned mission to arm organizations with a proactive means to reduce social engineering risk through education, identity verification protocol improvements, technical tools, and measuring those updates with social engineering penetration testing. The majority of cyber attacks now start with some element of social engineering—manipulating people to take actions that could harm organizations. This partnership illustrates the priority Bugcrowd places on actionable and measurable social engineering risk mitigation in a well-rounded security program," said Tobac.

"Even with current elevated threat levels, many organizations are surprisingly unprepared for the threats from social engineering attacks, as we repeatedly find low awareness across organizations, outdated or inconsistent identity verification, and limited practitioner skill sets. Fortunately, taking a multidimensional approach that combines prevention training and tools, human-based protocol updates, and pen testing can dramatically reduce the risk of social engineering attacks. We look forward to bringing this innovative solution to market as a part of our services."

Ashish Gupta, CEO of Bugcrowd

SocialProof specializes in defending against social engineering attacks, in which attackers deceive workers in order to get personally identifiable information (PII), passwords, and unauthorized access to accounts, money, or other sensitive information. Common attack vectors like phishing, impersonation, and pretexting can be used to carry out such manipulation. In fact, respondents to ISACA's 2021 State of Cybersecurity Survey rated social engineering as the #1 cyber threat.

Spotlight

In this paper, the authors study how to securely and efficiently, also flexibly share data with others over cloud storage. Now-a-days, data sharing is in very large scale. Also outsourcing of data is big data. They introduce new public-key crypto-systems which produce constant size cipher texts that efficiently representative for decryption rights for any set of cipher texts are possible. The aggregate key is combination of any set of secret keys and single key, but encompassing the power of all the keys being aggregated.

Spotlight

In this paper, the authors study how to securely and efficiently, also flexibly share data with others over cloud storage. Now-a-days, data sharing is in very large scale. Also outsourcing of data is big data. They introduce new public-key crypto-systems which produce constant size cipher texts that efficiently representative for decryption rights for any set of cipher texts are possible. The aggregate key is combination of any set of secret keys and single key, but encompassing the power of all the keys being aggregated.

Related News

PLATFORM SECURITY

Cerberus Sentinel completes acquisition of CyberViking

Cerberus Sentinel | July 07, 2022

Cerberus Cyber Sentinel Corporation (NASDAQ: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., announced that it has completed the acquisition of CyberViking, a cybersecurity company based in Georgia and Oregon. Upon the closing of the transaction, CyberViking became a wholly owned subsidiary of Cerberus Sentinel. CyberViking founder and cyber lead for the company is Carric Dooley. CyberViking specializes in application security services, incident response and threat hunting, and the creation and management of security operations centers. They have advised many Fortune 100 companies worldwide. "With the addition of CyberViking, we take a next step in expanding our international reach as well as broadening our expertise for our cybersecurity healthcare and industrial controls systems customers. "Carric is an innovative thinker who is well respected by customers for solving and preparing for challenging cybersecurity threats. The team is the very embodiment of our commitment to a culture of security." David Jemmett, founder and CEO, Cerberus Sentinel "We are looking forward to helping shape a global strategy for incident response, as well as driving new capabilities in application security," said Dooley. "We believe in the development of the cybersecurity community and have actively participated as trainers and presenters at global conferences. Our two organizations share a vision in helping our customers rise above the cybersecurity challenges inherent in threats today and in the future, and to get them to a place where they can concentrate on growing their business." About Cerberus Sentinel Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Read More

SOFTWARE SECURITY

Cowbell Cyber Unveils Cyber Risk Heatmap

Cowbell | May 26, 2022

Cowbell Cyber, the leading supplier of cyber insurance for small and medium-sized businesses (SMEs), announced the availability of its Cyber Risk Heatmap today. The Heatmap—the market's most data-rich and dynamic assessment of cyber risk portfolios—gives rapid insight into the distribution of covered risk across Cowbell's agencies and brokers, insurance and reinsurance partners, and underwriters' portfolios. Cowbell and its partners can now establish a balanced book of business, manage growth for profitability, and reduce the overall risk profile of each portfolio thanks to better visibility. As per a recent Cowbell study, 71% of policyholders want their cyber insurance provider to provide advice to reduce risk exposure. The difficulties of regularly monitoring cyber risk at the portfolio and individual account levels lead to risk selection blind spots. Cowbell proves its creativity by removing these shortcomings at the portfolio level for all stakeholders. As a result, the frequency and severity of reported claims are reduced. Cowbell's continually monitored risk pool currently includes 24 million SMEs, accounting for 75% of the total SME market in the United States. In a world where cyber insurance is becoming harder to obtain due to the volatile nature of cyber risks, Cowbell Cyber Heatmap allows us and our partners to quickly analyze the standing of any insurance book of business. The innovation Cowbell has brought to the cyber insurance landscape has, once again, allowed us to remain steadfast in our approach to properly assess and cover risk in the most rigorous manner." Rajeev Gupta, co-founder, and chief product officer at Cowbell Cyber. The Cowbell Variables underpin the Heatmap, a collection of risk rating factors that analyze the organization's cyber risk in real-time and then match it to the most applicable coverage for the company. Cowbell's Cyber Risk Framework provides the underlying technology, which involves security controls from multiple standards, including the NIST Cyber Security Framework, COBIT, the Payment Card Industry Data Security Standard (PCI DSS), and the most recently revised NIST Cybersecurity Supply Chain Risk Management (C-SCRM) program, augmented by Cowbell's proprietary controls. Cowbell's Cyber Risk Heatmap is free to all of Cowbell's 16,000 agency producers and is constantly updated to incorporate the most recent risk profile data to assure accuracy.

Read More

PLATFORM SECURITY

SilverSky and NRTC Announce Cybersecurity Partnership

SilverSky | June 03, 2022

SilverSky, a cybersecurity innovation that provides advanced managed detection and response (MDR) services, and NRTC, a member-driven and technology-focused organization located in Herndon, Virginia, announced today an agreement to provide cybersecurity services to NRTC members. NRTC, which already offers a wide range of managed services to its energy and telecom members will now add SilverSky's award-winning MDR services to its portfolio, allowing the cooperative to offer its members the most up-to-date managed cybersecurity services. Managed endpoint protection, multi-factor authentication, and security awareness training are among the services provided, as are vulnerability assessments, penetration testing, and email security. "Accompanying our ongoing emphasis on serving frequently underserved healthcare organizations and educational institutions, this partnership with NRTC helps expand that effort with a distinct focus on the needs of our nation's rural communities. SilverSky's MDR services are powerful, yet easy to deploy and affordable – offering an appealing mix for NRTC's members. We look forward to working with the NRTC Managed Services team to provide these valuable services." Jason McGinnis, President and COO at SilverSky Jon Bartleson, President of NRTC's Managed Services division said that "Our members provide essential electric and telecommunications services to rural America and thus are obvious targets for hackers. It is vital we arm them with comprehensive cybersecurity tools and resources. Cybersecurity is a top priority for our members and staffing for these types of roles is a major challenge. We chose to partner with SilverSky to make sure we could offer comprehensive, affordable managed cybersecurity to our members." On June 7 at 2 p.m. Eastern, SilverSky and NRTC will offer a webinar for NRTC members. On the NRTC website, members can subscribe for Managed Cybersecurity Made Simple, Affordable, and Accessible for Telcos and Electric Cooperatives.

Read More