DATA SECURITY

Cohere Cyber Secure and SecurityScorecard Partner to Improve Cybersecurity of Financial Sector

Cohere Cyber Secure and SecurityScorecard | September 24, 2021

Cohere Cyber Secure today announced a partnership with SecurityScorecard, the global leader in cybersecurity ratings, to deliver cyber ratings to customers and jointly drive market penetration with a single integrated solution. These include the most recognized companies globally across financial services, including various groups surrounding Registered Investment Advisors of Real Estate, Private Equity, Portfolio Managers, Hedge and LBO funds. As part of the partnership, Cohere will embed SecurityScorecard's monitoring capabilities into our security operations via Cohere's SIEM technology to continuously monitor and mitigate potential cyber threats, both on-premise and in the cloud.

"Financial organizations are the biggest target for cyber criminals, and security teams need a comprehensive and compliant cybersecurity strategy that provides in-depth intelligence," says Aleksandr Yampolskiy, CEO at SecurityScorecard. "This partnership provides real actionable insights into the real-time threats facing financial organizations, and ensures that they will maintain the strongest possible security posture and conform to industry compliance standards."

The combined solution from Cohere delivers a 360-degree view and addresses critical security concerns including vulnerability assessment and risk management, threat detection with real-time monitoring, incident response, and regulatory reporting. Partnership customers can review their SecurityScorecard rating and extend this support to their portfolio and vendor firms. This complete solution allows for continuous monitoring that provides an outside-in view into security practices, ensuring that organizations can continue to provide their clients the most secure financial services. Additionally, as a tightly-coupled solution, customers can generate comprehensive monthly or on-demand Cyber health reports for governance boards and regulators.

Security organizations are often hamstrung by only looking within their cyber borders with an inside-out view into their vulnerabilities, and often have to break up monitoring tools with multiple outside vendors. Investors, customers, regulators, CISO's and compliance officers can rest easier knowing our solution keeps your company safe and secure.

Steven Francesco, Chairman and CEO at Cohere Cyber Secure

Scoring more than 11 million companies continuously and on a daily basis, SecurityScorecard provides an objective, outside-in view of cyber risk based on publicly-available data. In addition, the company's technology uses non-intrusive proprietary methods and data feeds continuously monitor covered entities based on 10 risk factors, including endpoint security, patching cadence, and network security, and ultimately delivers an "A" through "F" rating.

About Cohere Cyber Secure
Cohere Cyber Secure is a trusted, single-source provider of technology solutions including, Cybersecurity, Cloud Hosting, Managed IT and UCaaS Services. From its New York City headquarters, Cohere maintains data center facilities throughout North America and key global locations. Additionally, Cohere performs cyber protection assessments and advises companies on regulatory compliance requirements. Our clients include global enterprises that demand high availability, operating diversity and tailored IT solutions. In addition, Cohere's Consulting services provide unparalleled IT expertise that enable strategic planning in Cyber and Compliance Policies, Managed IT and Data Protection Services, Crisis Management/Incident Response, Risk Management and Business Continuity. Cohere's enhanced solutions and dedicated staff simplify the everyday challenges of complex business technologies.

About SecurityScorecard
Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 11 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 22,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Spotlight

Insights for CISO on Their ASM Journey The idea of an attack surface is not new, but how organizations and CISOs need to view their attack surfaces should be updated. Traditionally, IT has looked at an organization's attack surface from the inside out, asking questions like “What are the assets that connect to the wider internet

Spotlight

Insights for CISO on Their ASM Journey The idea of an attack surface is not new, but how organizations and CISOs need to view their attack surfaces should be updated. Traditionally, IT has looked at an organization's attack surface from the inside out, asking questions like “What are the assets that connect to the wider internet

Related News

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

SOC Prime Launches Integration with Amazon Security Lake to Supercharge Security Operations

Businesswire | May 31, 2023

SOC Prime, provider of the world’s largest and most advanced platform for collective cyber defense, today announced its integration with Amazon Security Lake, the AWS security service that enables organizations to automatically centralize security data from the cloud, on-premises, and custom data sources into a purpose-driven data lake stored in their account. SOC Prime drives a transformational change in cybersecurity relying on zero-trust & multi-cloud approach to empower smart data orchestration, dynamic attack surface visibility, and cost-efficient threat hunting. Backed by its advanced cybersecurity solutions, Uncoder AI, Attack Detective, and The Prime Hunt, SOC Prime enables organizations to boost their cyber defense capabilities at scale, unleashing the power of Amazon Security Lake. Leveraging SOC Prime’s Uncoder AI, an Augmented Intelligence framework, security teams can save development time and migration costs with re-usable threat hunting queries automatically convertible to Amazon Athena and OpenSearch in the standard Open Cybersecurity Schema Framework (OSCF) format. SOC Prime’s Attack Detective tool intelligently and automatically queries security logs in the customer's Amazon Security Lake account via Amazon Athena and Amazon OpenSearch to identify data sources and then scan them in real time with a curated set of threat hunting queries. By leveraging Attack Detective, security engineers can channel their efforts directly into incident investigation rather than analyzing overwhelming volumes of alerts and accelerate threat research by validating over 10,000 adversary behaviors against the stored log sources in a matter of hours. Attack Detective follows core Zero-Trust Architecture (ZTA) principles segregating the data plane and control plane to ensure that no SIEM or EDR access credentials are shared or inherited within the Company profile. The tool provides complete threat visibility based on the organization-specific logs by linking and correlating with SIEM and EDR on-premises data in its native location without the need to migrate it to the cloud, which contributes to significant cost savings and ensures compliance with zero-trust basic tenets. Adding to investment optimization capabilities, The Prime Hunt open-source browser extension enables security professionals to extract valuable data from large datasets at a lower cost. Users can seamlessly run threat hunting queries on security logs within the Amazon Security Lake account via a web browser in both Athena and OpenSearch and automatically identify accounts and assets affected by the suspected activity. About SOC Prime Headquartered in Boston, SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 27 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations, including 42% of Fortune 100 and 21% of Forbes Global 2000. Flexible subscriptions ensure that both organizations and individual operators can benefit from SOC Prime’s curated detection content and enhanced cyber defense capabilities. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. For more information, visit https://socprime.com or follow us on LinkedIn & Twitter.

Read More

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Vanta Expands Partnership with CrowdStrike, Announces New Integration to Secure Access for Automated Compliance

Businesswire | May 12, 2023

Vanta, a leading trust management platform, announced today that it has expanded its partnership with CrowdStrike, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, with a new integration that improves compliance and security operations for organizations of all sizes. Vanta also announced three new strategic investors in their previously announced Series B — Atlassian Ventures, HubSpot Ventures and Workday Ventures. The new integration builds on an existing partnership between Vanta and CrowdStrike. In September 2022, the companies announced that CrowdStrike had made an investment in Vanta via the CrowdStrike Falcon Fund. That investment, along with the newly announced investments today by Atlassian Ventures, HubSpot Ventures and Workday Ventures, not only enable Vanta to continue growing its go-to-market, R&D and global expansion efforts, but provide valuable partnership opportunities via aligned customer and partner bases and industry-leading product innovation. “As the market’s leading trust management platform, we’re excited to build on our industry-first partnership with CrowdStrike, bringing together our pioneering technologies to automate compliance securely across organizations—from small and midsize businesses to enterprise environments,” said Christina Cacioppo, CEO, Vanta. “As we transform the way companies demonstrate their security, and ultimately, establish and deepen trust, we’re thrilled to welcome new investments by Atlassian Ventures, HubSpot Ventures and Workday Ventures as we work to simplify and centralize security for our 5,000 global customers and beyond." With cybersecurity threats continuing to increase in volume and complexity, it’s more critical than ever for organizations to prioritize their security posture and build trust with internal and external stakeholders alike. By leveraging the CrowdStrike Falcon® platform, Vanta customers gain visibility into employee agent deployment, allowing them to seamlessly configure and manage cloud monitoring to ensure internal policies are being upheld. The integration with CrowdStrike increases automation for compliance security operations at scale within Vanta, empowering customers to: Improve security posture by actively monitoring the status of corporate employee access to the Falcon platform, as well as mitigate potential misuse and insider threats by removing access for offboarded users. Eliminate security blindspots with additional visibility into CrowdStrike agent installation coverage across relevant endpoints, and workloads for comprehensive protection and control. Meet compliance standards by certifying CrowdStrike prevention policies by actively performing the relevant checks on the required devices and cloud workloads within the Vanta platform. "Cybersecurity and compliance are both on similar trajectories of increasing complexity," said Daniel Bernard, Chief Business Officer, CrowdStrike. "Together with Vanta, CrowdStrike is automating continuous security and compliance so organizations of all sizes can elevate protection levels in an efficient manner." Over the past year, Vanta has nearly doubled its customer base to serve over 5,000 companies across 58 countries, while expanding its global footprint with offices in Australia, Ireland and the U.S. In January, Vanta announced its acquisition of Trustpage to accelerate its enterprise momentum and transform trust into a marketable advantage for companies around the world. “Developing trust and providing companies with solutions to support them as they grow is essential to our mission to help organizations grow better. Vanta enables companies to strengthen trust with customers by improving security and compliance management, making them a natural partner to HubSpot,” said Eric Richard, CISO and SVP of Engineering Operations, HubSpot. “I’m looking forward to the work Vanta and HubSpot will do together to create more secure digital experiences for companies and their customers.” To meet demand from its rapidly expanding customer base, in Q1 alone, Vanta added over 50 new integrations, for a total of 125+ across the most essential cloud applications in a company's tech stack. With Vanta’s recently launched Vendor Risk Management (VRM) solution and Questionnaire Automation, customers can evaluate security in the buying process while closing their own deals faster — all in a single platform. “Teams work in a more connected and collaborative nature than ever before. But with more apps and entry points in every organization’s tech stack, the companies of tomorrow need to ensure they’re secure today,” said Peter Lenke, Head of Atlassian Ventures. “We’re excited to invest in and partner with Vanta as they enable security teams to significantly reduce vendor risk by quickly inventorying vendors, performing security reviews, and remediating issues — all in the same platform they use for security and compliance today. Vanta closes the loop on the security lifecycle from start to finish. With our shared commitment to reimagine and deliver a more secure cloud, we couldn’t be more thrilled to join Vanta in its next phase of growth.” In addition to its product and partnership acceleration in 2023, Vanta’s innovation has been recognized across a range of rankings and awards including securing the #17 spot in CNBC’s Disruptor 50, Inc’s Best Workplaces and the Fastest Growing Cybersecurity Company by the Cybersecurity Excellence Awards. “The investment in Vanta reflects our commitment to intelligent automation and sophisticated technology that helps organizations navigate an ever-changing world,” said Michael Magaro, Senior Vice President of Corporate Growth, Workday Ventures. “As the strategic capital arm of Workday, trust and transparency are values that are ingrained in everything we do at Workday Ventures. Vanta is well-positioned to evolve the rapidly changing trust and security industry, and we look forward to partnering with them as they continue their journey to safeguard organizations and consumers everywhere.” In 2022, Vanta raised $150 million in funding from leading investors Craft Ventures, Sequoia and Y Combinator and security industry pioneers like CrowdStrike, bringing the company’s total amount raised to $203 million at a $1.65 billion valuation. About Vanta Vanta is the leading trust management platform that helps simplify and centralize security for organizations of all sizes. Over 5,000 companies including Autodesk, Chili Piper, Flo Health, and Quora rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, New York, San Francisco and Sydney. For more information, visit www.vanta.com.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Veracode Introduces Intelligent Software Security With Launch of Veracode Fix

Businesswire | April 19, 2023

Veracode, a leading provider of intelligent software security solutions, today launches Veracode Fix, a new AI-powered product. Trained on Veracode’s proprietary dataset, Veracode Fix suggests remediations for security flaws found in code and open-source dependencies. Shifting the Paradigm from Merely ‘Find’ to ‘Find and Fix’ “For far too long, organizations have had to choose between remediating software security flaws and meeting aggressive deadlines to push code into production. Veracode Fix makes it possible to deliver more secure software faster, at lower cost, and with higher confidence,” said Brian Roche, Chief Product Officer at Veracode. “Through the power of AI and machine learning, leveraging GPT (Generative Pre-trained Transformer) technology, we’ve revolutionized the way developers and security teams address software security issues. Nearly two decades ago, Veracode pioneered a new industry standard as a cloud-based SaaS security platform. Today, we set a new bar, moving beyond application security testing to intelligent software security.” Since its inception in 2006, Veracode has been committed to helping organizations find, understand, and remediate software security risk. The release of Veracode Fix brings software security to the next level by changing the scope of application security from merely ‘find’ to ‘find and fix.’ Automated Attacks Require Automated Response Traditionally, when a flaw is found, developers research and rewrite code to manually fix the security issue. This requires enormous effort when compounded across thousands of security flaws in a codebase. This approach typically delays releases into production and increases security debt. “Fixing security flaws has traditionally been a manual effort—until now,” said Roche. “With the increase in automated attacks, it’s no longer tenable to continue to remediate flaws entirely manually. Veracode Fix paves the way to a scalable mechanism to remove vulnerabilities before attackers can exploit them.” Veracode Fix will be generally available with initial support for Java and C# in June 2023. To learn more about Veracode Fix, read more here. About Veracode Veracode is intelligent software security. Powered by nearly two decades of data, securing more than 130 trillion lines of code, with the Veracode Software Security Platform, development teams continuously find and fix flaws at every stage of the modern software development life cycle. Trusted by security teams, developers, and business leaders from thousands of the world’s most innovative organizations, Veracode is the software security pioneer for integrated prevention, detection, and response. Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter. Copyright © 2023 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.

Read More