Software Security

Camera Cyber Security Specification and Alliance Council for App Developers are announced by the Open Security & Safety Alliance.

Open Security & Safety Alliance | March 03, 2021

The Open Security and Safety Alliance, an industry body contained partners from all aspects of the security, wellbeing and building mechanization space, today declared two significant advancements as a component of its main goal to clear the street towards dependable and imaginative security and wellbeing arrangements. Initial, another particular is currently accessible to individuals that centers around camera network protection measures. OSSA likewise presents another App Developer Council intended to pull in and include application designers in the Alliance's steadily developing environment of security and wellbeing industry players.

Executing Trustworthiness Thresholds

The most current specialized particular – the OSSA Camera Cyber Security Specification – contains definitions and rules in regards to obligatory and discretionary security judgments for cameras. It is to a great extent dependent on a current norm by the International Electrotechnical Commission (IEC), with an extra clear spotlight on the security market and OSSA reasoning by straightforwardly splitting the jobs and duties between camera producers, the working framework (OS) supplier and the framework on-chip (SoC) merchant, specifically. The determination additionally endorses duty changes in case of individual OS alterations by camera producers. The compulsory piece of these rules will be utilized as contribution for the impending OSSA certificate system.

The OSSA-coordinated environment is intended to improve trust, empower development past the constraints of a solitary association, and fuel opportunity for industry partners and clients.

Spotlight

VMware, a global leader in cloud computing and virtualization technology uses MetaAccess from OPSWAT to ensure tens of thousands of remote users can access VMware's Horizon cloud software with devices that meet strict security standards. MetaAccess provides a zero trust access solution

Kristina de Nike, Director of Product Management, Horizon, discusses how OPSWAT's MetaAccess is able to detect and remediate endpoints at scale.

Spotlight

VMware, a global leader in cloud computing and virtualization technology uses MetaAccess from OPSWAT to ensure tens of thousands of remote users can access VMware's Horizon cloud software with devices that meet strict security standards. MetaAccess provides a zero trust access solution

Kristina de Nike, Director of Product Management, Horizon, discusses how OPSWAT's MetaAccess is able to detect and remediate endpoints at scale.

Related News

Web Security Tools

Laminar Launches Two New Solutions to Become First Full Data Security Platform for Multi-Cloud and SaaS Environments

Businesswire | July 13, 2023

Laminar, the leading agile data security platform provider, today announced new data access governance (DAG) and data detection and response (DDR) functions to its Laminar Data Security Platform, making it the first solution on the market to deliver complete identify, protect, detect, and respond capabilities for multi-cloud and SaaS data security. Laminar is now the only data security provider to integrate all critical data security functions – data landscape intelligence, data security posture management (DSPM), DAG, DDR, and privacy and compliance – in a single, integrated platform. Data security and governance professionals need agile data security solutions that automatically scale with the business to combat the growing divergence between the dynamic and ever-growing activities that contribute to innovation while also fighting the lagging data security efforts intended to protect the business — that are becoming increasingly insufficient. The foundation of agile data security begins with cloud-native data discovery and classification which detects all known and unknown, or “shadow,” data to help organizations understand what data resides where, how sensitive the data is, and who or what has access to it. With this context, security posture can be assessed and appropriately enforced. From there, it's critical to have the ability to continually monitor and protect against emerging threats. The addition of DAG and DDR to the Laminar Data Security Platform provides the following benefits to organizations: Data Access Governance (DAG) reduces exposure and minimizes the blast radius from data leaks by controlling user and machine access to sensitive data and ensuring least privilege. Data Detection and Response (DDR) alerts on data breaches and other anomalies as they occur to quickly contain any active threats and minimize the potential damage for businesses. The new DAG and DDR services complement the following capabilities already existing in the Laminar Data Security Platform: Data Landscape Intelligence: Provides a holistic view of asset and data inventory with contextual intelligence from autonomous discovery and classification of all known and unknown cloud data. Data Security Posture Management (DSPM): Enforces policies and safeguards sensitive data with risk-based prioritization, enabling organizations to focus on what matters most. Privacy & Compliance: Ensures data security practices align with regulations and standards to streamline audits, avoid fines and reduce audit costs. Laminar is the only data security provider to now integrate all five elements of an agile platform architecture for a complete data security solution. This integrated design provides more accurate detection, comprehensively protects data, and streamlines remediation. “Security-in-depth best practices have historically needed the ability to identify, protect, detect, and respond to threats. Cloud data security is no different,” said Amit Shaked, CEO and co-founder, Laminar. “Our new DAG and DDR features make our platform the reference model for achieving agile data security in the cloud. All five components work in conjunction to deliver a unified, streamlined experience.” “Protecting data in the cloud requires different tools than are used to protect on-premises data, and organizations need a purpose-built cloud data security solution. Enterprise Strategy Group recommends organizations explore solutions like Laminar that provide a holistic approach to the entire process of securing data in the cloud and provide unified and integrated data security across multiple clouds,” said Jack Poller, Senior Analyst, Enterprise Strategy Group. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Enterprise Security, Platform Security, Software Security

BigID Unveils Industry-First AI as a Copilot to Navigate and Adapt to the World of Generative AI

PR Newswire | August 09, 2023

BigID, the leading platform for data security, privacy, compliance, and governance, today announced native AI support to copilot organizations' innovation and adoption of generative AI: revolutionizing data management and security. With BigID's AI, organizations can now achieve better data visibility, clarity, and organization to accelerate their ability to improve their data security posture, wherever their data lives. To effectively safeguard critical data, security teams need comprehensive visibility and understanding of their data assets, relying on an updated and comprehensive data inventory. Legacy tools leave organizations with fragmented perspectives, lacking the context needed to identify data requiring protection. BigID accelerates organizations of all sizes to get the most out of AI - and adapt & innovate while they're doing it. Benefits at a Glance: Get Better Data Clarity: Automatically assign easy-to-understand names and business terms to data tables and columns for better insight into sensitivity and business value. Intelligently Organize Your Data: Quickly group similar types of documents and apply human readable titles and descriptions. Accelerate Risk Reduction: Generate summaries of data security posture management, automate risk assessments, and get recommended actions based on the data itself. Govern large language models (LLMs) securely: Reduce risk of adapting AI by flag, tag, and labelling LLM data as safe for use - ensuring these models aren't being trained on personal, sensitive, regulated, or private information. "With BigID's AI-driven automation, customers can now effortlessly navigate their data landscape, prioritize security efforts, and gain a level of clarity that was previously unattainable," said Tyler Young, CISO of BigID. "The world of generative AI brings risk and uncertainty around security - BigID makes it easy to innovate and adapt AI - all while decreasing the attack surface." About BigID BigID enables organizations to know their enterprise data and take action for data-centric security, privacy, compliance, and governance. Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. BigID has been recognized for its data intelligence innovation as a 2019 World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, the 2021 Inc 5000 as the #19th fastest growing company and #1 in Security, the 2021 and 2022 Deloitte 500, and an RSA Innovation Sandbox winner. Find out more at https://bigid.com.

Read More

Enterprise Security, Web Security Tools

Netskope Achieves AWS Security Competency Status for Infrastructure Protection

PR Newswire | August 28, 2023

Netskope, today announced that it has achieved Amazon Web Services (AWS) Security Competency status in the Infrastructure Protection category. As a widely recognized industry leader in secure access service edge (SASE), Security Service Edge (SSE), and modern connectivity and performance, Netskope works with AWS and other cloud providers to secure and optimize the most demanding cloud-first environments. Achieving the AWS Security Competency differentiates Netskope as an AWS Partner Network (APN) member that meets rigorous security specifications on AWS. In addition, Netskope was recently recognized as a "finalist" for the AWS US Rising Star Partner of the Year at this year's AWS New York Partner Summit. With the rapid migration of critical workloads to the cloud, the increase in the hybrid workforce, and today's complex cybersecurity landscape, the need for robust cloud security solutions is more critical than ever before. Netskope has helped thousands of customers, including more than 25 of the Fortune 100, improve their security posture. Netskope helps customers address AWS's shared responsibility model of cloud security for several important use cases: Provide secure remote access to private applications on AWS - Remote and hybrid workers need to access business-critical applications from anywhere. Netskope Private Access (NPA), Netskope's zero trust network access (ZTNA) solution, provides secure, granular access based on adaptive trust principles. This means that users can only access the applications and resources they need when they need them. NPA also improves security by replacing outdated VPN gateways and concentrators that expose their IP addresses to the public internet. Private resources are not visible on the public internet and are shielded from attackers. Discover shadow IT and block data exfiltration and threats - Netskope can act in real-time to block movement of sensitive data, threats, unauthorized users, and access to rogue accounts. Netskope Cloud Access Security Broker (CASB) Inline monitors traffic to and from AWS resources and applications to expose suspicious or malicious activity. Netskope's Zero Trust Engine decodes activities in real-time to place activity-level restrictions on users, groups, and organizational units across more than 270 AWS services. Netskope's Next Generation Secure Web Gateway (SWG) blocks malware, detects advanced threats, and controls cloud apps and services for users located anywhere, using any device. Discover sensitive data and malware in Amazon Simple Storage Service (Amazon S3) - Netskope CASB API scans Amazon S3 buckets to identify sensitive data and protect it from misuse. It also discovers malware and generates alerts to help prevent threats from spreading. Extensive integrations provide visibility and information sharing across cloud and hybrid environments - Netskope integrates with a variety of AWS services including AWS CloudTrail, AWS CloudTrail Lake, Amazon Security Lake, Amazon S3, and Amazon GuardDuty to share logs, alerts, events, and threat information. Netskope Cloud Exchange (CE) offers a wide variety of plug-ins and modules to facilitate exchange of information between cloud services, security tools, and data lakes, and automate remediation. CE can be deployed on Amazon Elastic Container Service (Amazon ECS) using AWS Fargate. Netskope also integrates with AWS Control Tower for customers needing automated deployment and consistent security policy across multi-account AWS customer environments. "We are thrilled to achieve the AWS Security Competency in the Infrastructure Protection category, as it highlights our ongoing commitment to help organizations provide secure access to applications and resources, protect data, and reduce risk in the cloud," said Andy Horwitz, Vice President, Business Development and Technology Alliances, Netskope. "This achievement demonstrates our commitment to AWS customers through our team's hard work and dedication to providing cutting-edge security solutions that address the evolving challenges of secure cloud adoption." AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise. About Netskope Netskope, a global SASE leader, helps organizations apply zero trust principles and AI/ML innovations to protect data and defend against cyber threats. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements. Learn how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.

Read More