SOFTWARE SECURITY

Camera Cyber Security Specification and Alliance Council for App Developers are announced by the Open Security & Safety Alliance.

Open Security & Safety Alliance | March 03, 2021

The Open Security and Safety Alliance, an industry body contained partners from all aspects of the security, wellbeing and building mechanization space, today declared two significant advancements as a component of its main goal to clear the street towards dependable and imaginative security and wellbeing arrangements. Initial, another particular is currently accessible to individuals that centers around camera network protection measures. OSSA likewise presents another App Developer Council intended to pull in and include application designers in the Alliance's steadily developing environment of security and wellbeing industry players.

Executing Trustworthiness Thresholds

The most current specialized particular – the OSSA Camera Cyber Security Specification – contains definitions and rules in regards to obligatory and discretionary security judgments for cameras. It is to a great extent dependent on a current norm by the International Electrotechnical Commission (IEC), with an extra clear spotlight on the security market and OSSA reasoning by straightforwardly splitting the jobs and duties between camera producers, the working framework (OS) supplier and the framework on-chip (SoC) merchant, specifically. The determination additionally endorses duty changes in case of individual OS alterations by camera producers. The compulsory piece of these rules will be utilized as contribution for the impending OSSA certificate system.

The OSSA-coordinated environment is intended to improve trust, empower development past the constraints of a solitary association, and fuel opportunity for industry partners and clients.

Spotlight

Black Duck On-Demand’s audits of over 1,100 commercial applications in 2017 highlight the ongoing challenges organizations face in effectively identifying and securing open source. Open source components are essential to application development.

Spotlight

Black Duck On-Demand’s audits of over 1,100 commercial applications in 2017 highlight the ongoing challenges organizations face in effectively identifying and securing open source. Open source components are essential to application development.

Related News

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

At-Bay Selects Guidewire Cyence to Enhance Cyber Portfolio Accumulation Risk Management and Further Propel Market Growth

At-Bay, Inc. | September 17, 2022

At-Bay, the insurance provider for the digital age, and Guidewire today announced that At-Bay has chosen Guidewire’s cyber risk modeling and analytics product, Cyence, to further bolster its view, and management of, aggregation risk, within its growing cyber insurance portfolio. “Cyber risk aggregation is an important area of risk that every insurer should be actively monitoring and managing within their cyber portfolio. Investing in the right data capabilities, tools, and mechanisms for monitoring and sizing aggregation risk exposure is critical to managing cyber insurance risk in today’s fast changing threat landscape,” said Roman Itskovich, At-Bay’s Chief Risk Officer and Co-Founder. “With At-Bay’s steadfast focus on proactive risk management, Guidewire’s solution will help us to expand our data capabilities and toolkit for proactive risk management, so that we can continue to deliver great loss results,” Itskovich added. By combining world-class technology with industry-leading insurance expertise, At-Bay aims to provide the clarity and confidence that businesses need to address digital risk head on. Founded in 2016, At-Bay protects tens of thousands of business customers from today’s ever growing cyber threat landscape. With its in-house data collection capabilities aimed at addressing attritional risk in the selection, pricing, and active risk management of its portfolio, At-Bay will now expand its focus to aggregated risk exposures. “We selected Guidewire because it has a strong reputation for being one of the top cyber risk vendors, especially for transparency, in-house data collection, and market validation. “By applying Cyence’s advanced risk models and detailed aggregated risk scenarios to our own active risk monitoring capabilities and claims experience, we believe that we will be able to further enhance our underwriting and portfolio risk management decisions, and maintain a strong loss performance as our book grows.” Yoshifumi Yamamoto, Director of Cyber Risk Modeling, At-Bay Commenting on the news, Charles Clarke, Group Vice President, Analytics Sales & Advisory, Guidewire, said, “We admire At-Bay’s use of Cyence to expand its modeling capabilities to account for aggregated risk. We are pleased by their vote of confidence in our cyber capabilities and look forward to infusing data analytics to help At-Bay’s clients meet digital risk head-on.” About At-Bay, Inc. At-Bay is the insurance provider for the digital age. By combining world-class technology with industry-leading insurance expertise, At-Bay was designed from the ground up to empower businesses to thrive in the digital world. At-Bay is backed by Acrew Capital, Glilot Capital, the HSB fund of Munich Re Ventures, Icon Ventures, ION Crossover Partners, Khosla Ventures, Lightspeed Venture Partners, M12, entrepreneur Shlomo Kramer, and Qumra Capital. www.at-bay.com About Guidewire Software Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. ​We combine digital, core, analytics, and AI to deliver our platform as a cloud service. Approximately 520 insurers in 38 countries, from new ventures to the largest and most complex in the world, run on Guidewire.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

OpenText partners with MAD Security to improve response time to cyberthreats and shrink the attack surface

OpenText | October 20, 2022

Today, OpenText™ , a global leader in information management with an extensive security solution portfolio, announced a partnership between OpenText Network Detection & Response (NDR) technology and MAD Security. This joint solution from OpenText and MAD Security will empower customers to cut false positive security alerts significantly and protect sensitive government data against advanced cyber threats. MAD Security, a managed security service provider (MSSP) that helps contractors and other small and medium sized enterprises detect potential breaches and prevent attackers from disrupting operations or exfiltrating data, knows firsthand that government contractors are a prime target for cyber-attacks, from phishing and social engineering to malware and ransomware. To strengthen its cybersecurity capabilities, MAD Security decided to augment its offering with NDR capabilities. The aim was to continuously monitor and analyze raw enterprise network traffic, creating a baseline of network behavior that would help analysts hunt down emerging threats faster. "In the past, MAD Security has relied on an anomaly-based intrusion detection system to find indicators of compromise (IOCs). While this approach was effective for analyzing north-south traffic across small networks, it was a challenge to pinpoint IOCs across larger networks with significant volumes of east-west traffic. "If we could reduce the time our analysts spent drilling down into the data, we could accelerate our response and improve cost efficiency—ultimately providing a more competitive service. Working with OpenText, we can now detect and correlate events, investigate the data and notify the client in an average of just 6.5 minutes—less than half of SLA." Jeremy Conway, CEO at MAD Security MAD Security selected OpenText NDR because of the level of visibility it provides. The company can now look beyond individual subsets of endpoint and log data to build up a clear picture of what happened and when during an attack—even if the network traffic is encrypted. MAD Security uses OpenText NDR to make sure remediation efforts are successful, for example, by monitoring for new IOCs during its cleanup effort to detect whether the attacker is changing tactics or switching to an alternate toolset. An end-to-end network security platform, OpenText NDR simplifies network threat detection by combining smart packet capture (Smart PCAP) and rich network metadata generation, delivering a clear view of even the most complex networks. With OpenText NDR, MAD Security can gain insights faster than ever through deep packet inspection, behavioral anomaly detection, IOC matching, and AI-powered analytics. "We are thrilled to be able to count MAD Security among our many incredible customers and are proud to see not just our solutions working for the organization but also be part of its growth and success," said Muhi Majzoub, Executive Vice President and Chief Product Officer at OpenText. "By supporting MAD Security with OpenText NDR, we were able to help the company achieve its growth target while keeping its analyst team lean." About OpenText OpenText, The Information Company™, enables organizations to gain insight through market leading information management solutions, powered by OpenText Cloud Editions.

Read More

DATA SECURITY, ENTERPRISE IDENTITY, SOFTWARE SECURITY

Persistent Launches Innovative Cyber Recovery Solution with Google Cloud

Persistent | October 31, 2022

Persistent Systems, a global Digital Engineering provider, today announced the launch of a trailblazing solution that enables organizations to recover more quickly from cyber-attacks. Together with Google Cloud, the Persistent Intelligent Cyber Recovery (PiCR) solution provides a comprehensive and scalable cyber recovery approach, allowing organizations to reduce data loss and minimize the negative impact to brand reputation from prolonged downtime. Persistent Intelligent Cyber Recovery is now available on the Google Cloud Marketplace. Hackers are increasing the frequency and scale of ransomware attacks. They are using continually evolving and sophisticated techniques, which makes recovery from attacks more challenging. These attacks may lead to sensitive data leakage, loss of business, and damage to brand reputation. It is crucial for organizations to not only focus on protection against cyber-attacks but also strengthen their recovery process. Traditional backup and Disaster Recovery (DR) solutions are not designed for recovery from cyber-attacks. Persistent Intelligent Cyber Recovery includes tailored recovery plans, Persistent IP for finding and remediating malware, and the optional managed services to administer the recovery process. Persistent's solution integrates with Google Cloud to provide a secure recovery environment and Google Cloud Backup and DR for protecting the server images. Persistent Intelligent Cyber Recovery offers the following benefits: Reduction in data loss Decreased risk of recurrent attacks through the removal of malware Faster recovery from ransomware and zero-day attacks (from weeks/months to hours/days) Potential cyber insurance cost reduction Scalable solution depending on enterprise size challenges Nitha Puthran, Senior Vice President – Cloud, Infrastructure and Security, Persistent: "The digital environment today is constantly evolving and so are the risks associated with it. We are leveraging our strong relationship with Google Cloud and our product engineering expertise to create an industry-leading solution that allows enterprises to recover faster from cyber-attacks, thereby reducing the impact on their business. "Persistent Intelligent Cyber Recovery combines strategic planning and the creation of playbooks, integration with Google Cloud services and our own IP to find anomalies that indicate malware, remove the malware, and use automation to set up test and production environments to scale. It takes a services and product mindset to create a solution like Persistent Intelligent Cyber Recovery and Persistent is uniquely positioned in the market to deliver both." Dai Vu, Managing Director, Marketplace and ISV GTM Programs, Google: "As cyber threats become more prevalent, customers need solutions that can help them quickly address and recover from cyber-attacks. With the Persistent's Intelligent Cyber Recovery (PiCR) solution available on Google Cloud Marketplace, customers can quickly deploy PiCR to their Google Cloud environment and utilize it alongside Google Cloud technologies and capabilities to address cyber-attacks quickly and securely."

Read More