DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | May 08, 2023
Immersive Labs, the leader in people-centric cyber resilience, today announced the launch of the Immersive Labs Resilience Score. The score measures an organization’s workforce preparedness for cyber attacks and breaches based on Immersive Labs’ years of benchmarking data across industry verticals. The score will help organizations identify weaknesses in their teams’ cyber capabilities, address skills gaps to prevent or mitigate damage to their revenues and brand reputations, and contribute to the factors that can lower insurance premiums.
The Immersive Labs Resilience Score addresses a major challenge facing cyber leaders around the world today: a lack of confidence in, or awareness of, their teams’ real readiness to confront threats. Alarmingly, 80% of cyber leaders don’t think, or are unsure, their teams have the capabilities to respond to future attacks, according to a new study commissioned by Immersive Labs and conducted by Forrester Consulting.*
“There is a common misconception that teams’ cyber capabilities are not measurable, but advancements in cyber exercising give us new insights to predict risk and build vital cyber capabilities across the workforce,” said Paul Bentham, Chief Product Officer, Immersive Labs. “The new Immersive Labs Resilience Score demonstrates that resilience can be assessed, benchmarked, and increased based on performance data. This is a huge leap forward in proving cyber capabilities compared to outdated, legacy cybersecurity training.”
How the Immersive Labs Resilience Score Works
The Immersive Labs platform provides realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities across the entire workforce, from executive decision makers to cyber defense, application security, IT, cloud teams and more. Now, when organizations use the platform to upskill their people, they will be able to view their overall resilience score against industry benchmarks and best practices, and see progress over time.
The Resilience Score is calculated based on several factors, including:
Executive and Crisis Management teams can effectively manage a complex crisis stemming from a cyber incident with consistent decision making and high levels of confidence
Cyber teams can work together to solve complex red-team and blue-team scenarios using real-world environments
Cyber teams are assigned to job roles and can prove their ability to carry out tasks in-line with new CVEs and capabilities
Developers are able to prove their ability to code securely and systematically reduce vulnerabilities in the SDLC
Cloud engineers are able to identify and fix common misconfigurations in real cloud environments
End users are confident in end user security outcomes including how to report an incident and spot business email compromise
The organization has proper security framework coverage, including MITRE ATT&CK
Teams and individuals are mapped to job skills and are proving their technical abilities and that their skills are being kept up to date
The Immersive Labs Resilience Score will be available to all customers beginning in late Q2 2023. To learn more about this new capability, please visit: https://www.immersivelabs.com/the-score/
*Forrester Opportunity SnapShot: “Cyber Leaders Need a More Effective Approach to Building and Proving Resilience” – A custom study commissioned by Immersive Labs, March 2023
About Immersive Labs
Immersive Labs is the leader in people-centric cyber resilience. We help organizations continuously assess, build, and prove their cyber workforce resilience for teams across the entire organization, from front-line cybersecurity and development teams to Board-level executives. We provide realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities and decision-making against the latest threats. Organizations can now prove their cyber resilience by measuring their readiness compared to industry benchmarks, building team capabilities, and demonstrating risk reduction and compliance with data-backed evidence. Immersive Labs is trusted by the world’s largest organizations and governments, including Citi, Pfizer, Humana, HSBC, the UK Ministry of Defence, and the NHS England. We are backed by Goldman Sachs Asset Management, Summit Partners, Insight Partners, Citi Ventures, Ten Eleven Ventures, and Menlo Ventures.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | March 28, 2023
AdaCore, a trusted provider of software development and verification tools, today announced the launch of its new RecordFlux technology, designed to ease the development and security of binary communication protocols. The technology comprises a Domain Specific Language (DSL) to precisely describe complex binary data formats and communication protocols, and a toolset to verify specifications and generate provable SPARK code that can be executed on a target CPU.
Through RecordFlux, users can define and implement complex communication protocols and prove security properties, such as memory safety, at much less cost and effort than would be possible with a manual approach. The precision of the RecordFlux DSL ensures that the specifications are unambiguous, the high-level nature of the DSL makes the specifications easily understandable by domain experts, and the expressive power of the DSL can capture the most complex real-world protocols. And since the RecordFlux code generator produces source code in the formal methods-based SPARK language, users can obtain automated proofs of a wide range of security properties in the resulting software. The net effect is more secure and reliable code, at lower cost.
“Interaction between software components is governed by protocol and format specifications. Unfortunately, most specification documents are complex texts written in English which need to be translated to software implementations manually, leaving room for human error,” said Alex Senier, AdaCore’s RecordFlux Team Lead. “Logic errors and critical flaws are often poorly mitigated by the widespread use of unsafe programming languages, resulting in severe security vulnerabilities. With RecordFlux, we aim to provide a solution that saves time and money by automating provable code generation while ensuring the absence of low-level vulnerabilities like buffer overflows that attackers could exploit.”
About RecordFlux
RecordFlux is a toolset for creating high-assurance implementations of binary data formats and communication protocols. The technology includes a Domain Specific Language, a comprehensive toolset, and customized expert support. By using SPARK Pro, developers can take the SPARK code generated from RecordFlux specifications and automatically prove that the code is free of run-time errors and respects the original specification.
Code generated by RecordFlux is also compatible with GNAT Pro Assurance, AdaCore’s complete solution for projects with the most stringent requirements for reliability, long-term maintenance, or certification. The compiler-hardening options provided by GNAT Pro Assurance can be used to mitigate further attacks on network-facing protocol-handling code.
About AdaCore
Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical, and security-critical systems.
Over the years, customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, defense systems, automotive, railway, space, air traffic management/control, medical devices, and financial services.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
PRWeb | May 22, 2023
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that its new SecurityCoach product integrates with Bitdefender GravityZone, a leading next-generation endpoint protection platform for threat prevention, detection and response. The new partnership and product integration between the two cybersecurity leaders will help reduce risky behavior, support real-time security coaching and help organizations become more cyber resilient.
SecurityCoach helps IT/security professionals develop a strong security culture by enabling real-time security coaching of their users in response to risky security behavior. Leveraging an organization’s existing security stack, IT/security professionals can configure their real-time coaching campaigns to immediately deliver a SecurityTip to their users related to a detected event.
“Bitdefender joins our ecosystem of technology partners, which is growing rapidly, to enrich the support we provide to our customers and fortify their organization’s human firewall,” said Stu Sjouwerman, CEO, KnowBe4. “KnowBe4 is proud to partner with Bitdefender to provide a seamless integration with our new SecurityCoach product, which aims to deliver real-time security coaching and advice to help end users enhance their cybersecurity knowledge and strengthen their role in contributing to a strong security culture. KnowBe4 is actively working with Bitdefender to provide an API-based integration to connect our platform with systems that IT/security professionals already utilize, making rolling out new products to their teams an easy and unified process.”
“We are pleased to partner with KnowBe4 to integrate Bitdefender GravityZone with SecurityCoach,” said Daniel Daraban, senior director of product management at Bitdefender Business Solutions Group. “Businesses and organizations are under constant assault from ransomware, trojans, and other malware infecting systems. This integration leverages GravityZone’s behavioral analytics, machine learning, and root cause analysis for contextualized alerts resulting in actionable SecurityTips that help minimize risky user behavior.”
KnowBe4 will provide step-by-step instructions and recommendations to help IT/security professionals achieve quick and pain-free integration and data syncing during the implementation process.
KnowBe4 now integrates or partners with over 20 of the world's top cybersecurity platforms across Endpoint, Network, Identity, Cloud and Data Security https://www.knowbe4.com/integrations.
For more information on SecurityCoach, visit http://www.knowbe4.com/securitycoach.
About Bitdefender
Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world. For more information, visit https://www.bitdefender.com.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 56,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.
Read More