DATA SECURITY

Code42 and Okta Collaborate to speed up the Right Response During insider Risk Investigations.

Code42 | April 07, 2021

Code42, the pioneer in Insider Risk Management, today reported that its IncydrTM data risk detection and response product has been integrated with Okta Identity Cloud, the leading user identity management solution. The integration combines Code42's unique data-centric approach to insider risk with Okta's leading approach to identity and access, making it easier for security buyers to build Zero Trust data security environments. Since the integration automates access controls, provides additional user context, and automates response workflows for departing or high-risk users, security teams can execute smoother, more effective investigations.

Today's distributed and remote workforces, enabled by the advancement of collaboration technology, have generated an exponential risk of data leakage by shifting the perimeter from the network to the endpoint,” said Ananth Appathurai, senior vice president of strategic partnerships and ecosystem at Code42. “The Code42-Okta integration is a powerful way to pair access controls with best practices for insider threats to enhance security postures.”

Without proper access controls, data can be deliberately or accidentally exfiltrated. Users that exhibit potentially risky file behavior will have their permissions lowered so they no longer have access to confidential files thanks to the integration. Around the same time as permissions are restricted, a security investigation is conducted to review suspicious file movements so that effective response measures can be taken. Okta administrators and information security teams will use this mechanism to accelerate and coordinate cross-functional initiatives to reduce insider risk in their organizations.

“Identity is crucial in KNOWING who is accessing data and where they are accessing it,” said Stephen Lee, vice president, technical strategy and partnerships at Okta, Inc. “Okta's goal is to enable everyone to use any technology safely. This integration begins in that direction, enabling enterprises to use access controls as an important tool for protecting data through their distributed workforces.”

Using the Code42-Okta integration, security teams will use user identity to track high-risk users and optimize insider risk management platforms, as well as:

• Reduce the risk of insider threats by automating and applying conditional user access controls based on predefined risk tolerance.

• To identify behavior risk factors such as remote operation, off-hour file events, and attempts to hide exfiltration, provide additional useful information by provisioning role-based user attributes.

• To accelerate investigations and efficiently mitigate insider threats, streamline and simplify response workflows for departing and high-risk employees.

About Code42

Code42 is the market leader in Insider Risk Management. The Code42 Incydr solution, which is cloud-native, detects data loss, leaks, and theft quickly and speeds incident response – all without involving extensive implementations, complex policy management, or interfering with employee efficiency. Security experts will use Code42 to secure organizational data and reduce insider risks, all while fostering an open and inclusive atmosphere among employees. Code42's Insider Risk solution is FedRAMP authorized and can be configured for GDPR, HIPAA, PCI, and other regulatory frameworks. It is backed by security best practices and control requirements.

Spotlight

Remote-Access-VPN ist nicht sicher Anwendungen laufen heute in der Cloud, und User greifen von überall auf sie zu. Dadurch verlieren Unternehmen die Kontrolle über das Netzwerk – und die über 25 Jahre entwickelten Remote Access-Technologien ihre Wirksamkeit zur Gewährleistung der Netzwerksicherheit. Die digitale Transformation

Spotlight

Remote-Access-VPN ist nicht sicher Anwendungen laufen heute in der Cloud, und User greifen von überall auf sie zu. Dadurch verlieren Unternehmen die Kontrolle über das Netzwerk – und die über 25 Jahre entwickelten Remote Access-Technologien ihre Wirksamkeit zur Gewährleistung der Netzwerksicherheit. Die digitale Transformation

Related News

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Swimlane Launches First Comprehensive Security Automation Ecosystem for OT Environments

Swimlane | November 15, 2022

Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments. The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure. Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role. “Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.” Cody Cornell Co-founder and Chief Strategy Officer of Swimlane Swimlane’s security automation ecosystem for OT environments currently includes the following: Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points. Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk. 1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods. “Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.” Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Living Security Announces Partnership Agreement with GuidePoint Security

Living Security | January 02, 2023

Living Security, the pioneer in human risk management, announced entering into a strategic partnership with GuidePoint Security, a renowned value-added reseller (VAR) that enables enterprises to make more informed cybersecurity decisions and reduce their risk exposure. The partnership will combine GuidePoint Security's ecosystem with Living Security's industry-leading human risk management products and security awareness training. "According to the Computer Emergency Response, cyberattacks have been ranked as the fifth most significant danger for the year 2020 and have become the standard in both the public and private sectors." Each day, the number of cybersecurity events continues to rise, and the vast majority of these problems can be traced back to human action. Using a data-driven methodology, Living Security enables security directors to identify the most vulnerable elements of their workforce in order to decrease human risk exposure, control the contribution to overall risk over time, and alter organizational behavior. About Living Security Living Security's objective is to transform human risk in order to generate a dramatic increase in human behavior, organizational security culture, and information security program efficacy. With the company's Human Risk Management platform, Living Security connects each employee with creative and pertinent context and content while simultaneously enabling management to recognize, report on, and proactively mitigate the risk posed by human behavior. Living Security is trusted by security-conscious firms such as MasterCard, MassMutual, Verizon, Biogen, Hewlett Packard, AmerisourceBergen, and Target. About GuidePoint Security GuidePoint Security offers dependable cybersecurity insights, solutions, and services that enable businesses to make risk-averse decisions. The company's specialists serve as trusted advisors by evaluating the cybersecurity posture and ecosystem in order to identify risks, maximize resources, and deploy the most appropriate solutions. GuidePoint's unparalleled knowledge has enabled a third of Fortune 500 organizations and over half of U.S. cabinet-level agencies to enhance their security posture and decrease risk.

Read More