DATA SECURITY, ENTERPRISE IDENTITY

Cybeats Announces Partnership with Veracode, an Industry-Leading Application Security Firm

Cybeats | September 29, 2022 | Read time : 02:50 min

Cybeats Announces Partnership with Veracode
Cybeats Technologies Inc., a leading software supply chain risk and security technology provider announces a strategic partnership with Veracode, a leading global provider of application security testing solutions.

The partnership will leverage complementary expertise to ensure customers receive the highest standard of cybersecurity solutions. Cybeats' software supply chain security product, SBOM Studio, will be available to customers through Veracode Partners, and the companies will explore joint commercial opportunities. Once generated within the Veracode Continuous Software Security Platform, a Software Bill of Materials (SBOM) can enable greater software security by offering a full inventory of the third-party components used within an application. Cybeats SBOM Studio is an enterprise-class solution that helps companies understand and track third-party components that are an integral part of their own software.

Veracode will provide advice and guidance around the commercial deployment of SBOM Studio within its existing customer base. The partnership aims to enable both companies to continue to expand their existing presence in the global cybersecurity market. Through this alliance, the companies' joint customers will be able to maximize their technology investments and procure, develop, and deploy secure software, while reducing the risk of a security breach resulting from weak links in their software supply chain.

"As a Veracode Elite Technology Alliance Partner, Cybeats brings additional expert solutions to the frictionless developer experience already offered by our Continuous Software Security Platform," said Laurie Haley, Vice President of Strategic Alliances at Veracode. "By complementing our existing software composition analysis capability, Cybeats' integrated solutions will allow customers to maximize SBOM (Software Bill of Materials) utility and simplify their workflow for greater ROI."

"We are honoured to partner with Veracode to expand each other's presence in the global cybersecurity market. As the cyber risk related to software supply chain attacks continues to mount, deep visibility and universal transparency using SBOMS is necessary for resilient cybersecurity defense."

Yoav Raiter, CEO, Cybeats

"In this modern era of rapid development, the importance of time to market and automation is paramount. Together, Veracode and Cybeats offer a substantial contribution to enabling our customers to align with the SBOM market needs and seamlessly support practices mentioned in SSDF NIST 800-218 framework without increasing the overhead on their development and product security teams," said Dmitry Raidman, CTO, Cybeats

Through a single, centralized platform offering comprehensive visibility into vulnerabilities using all software security testing types, Veracode delivers one of the industry's only cloud-native solutions that allows partners to onboard quickly and seamlessly, so companies can securely move AppSec to the cloud. As a result of this partnership, Veracode can easily integrate the full breadth of Cybeats' software solutions into their customers' environments. The partner program provides market-leading solutions and services to get partners up and running straight away, with minimal impact to their existing business.

Cybeats SBOM Studio
SBOM Studio provides organizations with the capability to efficiently manage SBOM and software vulnerabilities, and provides proactive mitigation of risks to their software supply chain. Key product features include robust software supply chain intelligence, universal SBOM document management and repository, continuous vulnerability, threat insights, precise risk management, open source software license infringement and utilization, and secure SBOM exchange with regulatory authorities, customers and vendors, at reduced cost.

About Cybeats
Cybeats is a leading software supply chain intelligence technology provider, helping organizations manage risk, meet compliance and secure software from procurement, development through operation.  Our platform provides customers with deep visibility and universal transparency into their software supply chain, as a result enables them to increase operational efficiencies and revenue.  Cybeats. Software Made Certain.

Spotlight

SonicWALL TZ Series firewalls provide broad protection from compromise by combining advanced security services consisting of on-box and cloudbased anti-malware, anti-spyware, intrusion prevention system (IPS), and content/URL filtering.

Spotlight

SonicWALL TZ Series firewalls provide broad protection from compromise by combining advanced security services consisting of on-box and cloudbased anti-malware, anti-spyware, intrusion prevention system (IPS), and content/URL filtering.

Related News

DATA SECURITY, ENTERPRISE IDENTITY, ENTERPRISE SECURITY

Salt Security Strengthens Executive Leadership Team as Demand for API Security Accelerates

Salt Security | October 28, 2022

Salt Security, the leading API security company, today announced additions to the leadership team to support growth in employees and customers worldwide. Salt has established two new executive leadership roles, naming Renee Hollinger as Chief People Officer and Amelia Forrest Kaye as Vice President of Customer Success. Both Hollinger and Kaye will play pivotal roles in supporting the company's operations and expanding global customer base. Over the past 12 months, Salt Security has expanded its customer base by more than 300%. New Salt customers include Zoom Communications, Aon, New American Funding, Moneris, Riskified, Open Line NL, and many others. To support this growth, Salt has increased its customer success team six fold, including international representation in Europe, Africa, and Latin America. "Both Renee and Amelia are accomplished leaders within the technology and security industries with deep expertise shepherding human resource functions and growing customer success teams, respectively. "As API security risks continue to rise, having their experience shaping our initiatives will ensure that Salt continues our leadership role in this market we've pioneered. Their contributions will be instrumental in how we take care of our own people and our customers as we grow worldwide." Michael Nicosia, COO and co-founder, Salt Security Hollinger joins Salt with more than 20 years' experience in human resources, having held leadership positions at well-known global brands such as The Gap, Urban Outfitters, Warner Brothers and Levi Strauss. Hollinger also served as Executive Vice President, Global Human Resources, at ironSource, a leading business platform for the app economy. Most recently, Hollinger was Chief Human Resource Officer at Reltio, a software management provider, where she played a key role in expanding the company's global employee footprint. "I am excited to join Salt at such a pivotal time in the API security industry," said Hollinger. "Salt Security provides the most proven and robust API security solution available. I was drawn to the company's culture of trust and integrity, and I look forward to fostering an environment where all our employees can thrive and succeed as we rise to meet growing demand for our market-leading technology." As an experienced global customer success leader with over 15 years' experience in customer and client success, Kaye joins Salt from Tanium, a provider of converged endpoint management, where she led the company's customer engagement function. Prior to Tanium, she held management positions at Deloitte and Reflektive. "I am privileged to join a company that recognizes that phenomenal customer service has become a critical business differentiator," said Kaye. "As our customer base continues to grow, I look forward to working with this talented customer success team to deliver ongoing value and exceed customer expectations in every step of the API security journey." Today's announcement follows a slew of recent strategic initiatives at Salt Security. Most recently, CrowdStrike, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, publicly announced its strategic investment in Salt Security via its investment arm, Falcon Fund. Salt has also recently expanded its channel program, making the Salt platform more broadly available to companies around the globe through an increasing network of distributors, channel partners, consultancies, and integrators. On October 26, Salt Security will be hosting its second API Security Summit, featuring conversations with AWS, Google, CrowdStrike, MuleSoft, and other partners, customers, and industry experts. More information about the event and registration can be found here. Salt also introduced its refreshed branding in concert with the API Security Summit. About Salt Security Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices. Deployed in minutes and seamlessly integrated within existing systems, the Salt platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives.

Read More

DATA SECURITY, ENTERPRISE IDENTITY, SOFTWARE SECURITY

Tanium Unveils Groundbreaking Integration with Microsoft Sentinel

Tanium | September 16, 2022

Tanium, the industry’s only provider of converged endpoint management (XEM), today announced the first of several powerful integrations between Microsoft and the Tanium XEM platform. The integration marks the latest expansion in a relationship that includes Tanium’s membership in the Microsoft Intelligent Security Association (MISA) and its availability in the Microsoft Azure Marketplace. By making Tanium’s rich, real-time endpoint data accessible directly from the Sentinel console, the integration enables IT organizations to comprehensively detect, investigate, triage, prioritize, and remediate threats automatically, extending Sentinel’s advanced security and analytics capabilities, reducing the number of false positives that require disposition, and allowing security practitioners to better identify threats that might otherwise be missed. “Environments like ours are complex — there’s a great diversity of the types of devices and a large number of users accessing sensitive information,” said Mark Wantling, CIO the University of Salford. “It‘s a lot for my relatively small InfoSec team to manage, so I'm very excited about Tanium's integration with Microsoft Sentinel. Now my team can investigate, identify, triage, and remediate threats quickly without even leaving the Sentinel console, and that's a gamechanger.” The Tanium integration with Sentinel also enables active threat hunting. With Tanium’s detailed real-time data taken directly from the endpoint, security practitioners are better able to contextualize and correlate alerts sourced from both Microsoft and Tanium with almost no delay across an entire IT environment. They get accurate real-time data rather than information that may no longer be correct as a result of inherent latency. Additionally, Tanium gives incident responders the ability to take immediate action on alerts as they happen including quarantining a device, deploying a patch, or updating software, all from the Sentinel console. Customers benefit from proactive, predictive, automated management of their entire IT stack. Tanium + Sentinel gives Microsoft customers the ability to monitor and ensure their Microsoft’s solutions are highly available and operate at optimal health. With its real-time distributed architecture, Tanium can independently verify that all Microsoft services are deployed and up-to-date and validate that it is fully performant on every endpoint. If needed, customers can easily deploy a patch or quarantine a device in seconds to ensure they get the most out of their Microsoft investments. “We’re excited to continue to expand our relationship with Microsoft. “Already we work together to make Microsoft environments healthier and more secure by reducing risks for customers and protecting their investments in Azure, and soon we’ll be releasing a series of powerful integrations with Microsoft tools in addition to our Sentinel Integration.” Rob Jenks, SVP of corporate strategy at Tanium In addition to joining MISA, Tanium is available in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. Customers can purchase and provision Tanium directly from the marketplace and apply the purchase to their Microsoft Azure Consumption Commitments (MACC). Tune in now to hear Tanium CEO Orion Hindawi and Microsoft Corporate VP of Cybersecurity Ann Johnson discuss the vision for the partnership and how Tanium’s real-time data and control can enhance security, performance, and automation for today’s growing enterprises. You can also visit www.youtube.com/watch?v=S-gZC9M3lkE. About Tanium Tanium, the industry’s only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for seven consecutive years and ranks on Fortune’s list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That’s the power of certainty.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Security Compass Releases New Developer-Centric Threat Modeling Capabilities in SD Elements in Support of New Secure Software Development Guidelines

Security Compass | October 19, 2022

Security Compass, a leading cybersecurity solution provider, today announced the release of SD Elements 2022.3, which offers new capabilities that make it easier for software developers to identify software application security threats and exactly where to implement countermeasures to mitigate the risks. The latest version of SD Elements also includes new security content that allows software development organizations to demonstrate compliance with the latest threat modeling and secure development best practices from the National Institute of Standards and Technology (NIST) referenced in Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” The new SD Elements capabilities help organizations comply with the latest NIST software threat modeling and secure development standards, even when security knowledge and availability of security experts is limited. Other benefits include improved collaboration among security, software development, hardware engineering, and DevOps teams, and reduced time and costs associated with software threat modeling and demonstrating compliance with multiple security standards and regulations such as EO 14028 as well as with more than 80 other secure development industry regulations and guidelines. Key updates to SD Elements 2022.3 include: Developer-centric threat modeling diagram enhancements: Surfacing threats is important, but knowing where threats are and how to prioritize and mitigate them is even more important. New threat modeling diagram enhancements help software development and application security teams better understand where the threat exists, which threats to prioritize for remediation first, and exactly where countermeasures should be applied. New customizable dashboards in Advanced Reporting: New dashboards enable application security teams to identify the most prevalent threats and weaknesses across the organization’s software portfolio, as well as perform in-depth analyses of their software security and compliance posture on both a per-project basis, as well as across their entire software portfolio. New security content: New security content helps organizations meet U.S. federal government security requirements in accordance with Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity;” new Ansible infrastructure as code (IaC) and automotive supply chain (UNECE WP.29 / R155) security content helps ensure software development teams have the guidance they need to ensure the code they write complies with secure development best practices. New integrations: The extensive SD Elements integration ecosystem now includes a new integration for Micro Focus Fortify on Demand. New just-in-time training content: 34 new Terraform Infrastructure as Code (IaC) and Payment Card Industry (PCI) Software Security Framework (SSF) just-in-time training micro-modules have been added to the existing library of over 800 just-in-time training micromodules already included in SD Elements. New developer-centric eLearning courses: New eLearning courses for Terraform, PCI SSF, the OWASP top 10, and OAuth Security Fundamentals have been added to the existing library of more than 40 Security Compass eLearning courses focused on application security, operational security, compliance, and secure coding best practices. “The importance of software threat modeling continues to grow. “NIST now recommends that software developers follow secure software development best practices and perform software threat modeling multiple times during development, especially when developing new capabilities. All companies that sell (or want to sell) software to the U.S. federal government, whether directly or through resellers or other channels, must comply with EO 14028 by September 15, 2023, and should therefore quickly begin assessing their compliance with the latest NIST guidance and develop action plans to address any gaps.” Trevor Young, Chief Product Officer, Security Compass For more details about the latest capabilities in SD Elements, click here, or register to attend the upcoming webinar, “How to Speed Up Software Threat Modeling, Threat Remediation, and NIST Software Supply Chain Security Compliance” on Nov. 16, 2022 at 1:00pm ET. About Security Compass Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries.

Read More