DATA SECURITY, ENTERPRISE IDENTITY, ENTERPRISE SECURITY
Salt Security | October 28, 2022
Salt Security, the leading API security company, today announced additions to the leadership team to support growth in employees and customers worldwide. Salt has established two new executive leadership roles, naming Renee Hollinger as Chief People Officer and Amelia Forrest Kaye as Vice President of Customer Success. Both Hollinger and Kaye will play pivotal roles in supporting the company's operations and expanding global customer base.
Over the past 12 months, Salt Security has expanded its customer base by more than 300%. New Salt customers include Zoom Communications, Aon, New American Funding, Moneris, Riskified, Open Line NL, and many others. To support this growth, Salt has increased its customer success team six fold, including international representation in Europe, Africa, and Latin America.
"Both Renee and Amelia are accomplished leaders within the technology and security industries with deep expertise shepherding human resource functions and growing customer success teams, respectively. "As API security risks continue to rise, having their experience shaping our initiatives will ensure that Salt continues our leadership role in this market we've pioneered. Their contributions will be instrumental in how we take care of our own people and our customers as we grow worldwide."
Michael Nicosia, COO and co-founder, Salt Security
Hollinger joins Salt with more than 20 years' experience in human resources, having held leadership positions at well-known global brands such as The Gap, Urban Outfitters, Warner Brothers and Levi Strauss. Hollinger also served as Executive Vice President, Global Human Resources, at ironSource, a leading business platform for the app economy. Most recently, Hollinger was Chief Human Resource Officer at Reltio, a software management provider, where she played a key role in expanding the company's global employee footprint.
"I am excited to join Salt at such a pivotal time in the API security industry," said Hollinger. "Salt Security provides the most proven and robust API security solution available. I was drawn to the company's culture of trust and integrity, and I look forward to fostering an environment where all our employees can thrive and succeed as we rise to meet growing demand for our market-leading technology."
As an experienced global customer success leader with over 15 years' experience in customer and client success, Kaye joins Salt from Tanium, a provider of converged endpoint management, where she led the company's customer engagement function. Prior to Tanium, she held management positions at Deloitte and Reflektive.
"I am privileged to join a company that recognizes that phenomenal customer service has become a critical business differentiator," said Kaye. "As our customer base continues to grow, I look forward to working with this talented customer success team to deliver ongoing value and exceed customer expectations in every step of the API security journey."
Today's announcement follows a slew of recent strategic initiatives at Salt Security. Most recently, CrowdStrike, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, publicly announced its strategic investment in Salt Security via its investment arm, Falcon Fund. Salt has also recently expanded its channel program, making the Salt platform more broadly available to companies around the globe through an increasing network of distributors, channel partners, consultancies, and integrators.
On October 26, Salt Security will be hosting its second API Security Summit, featuring conversations with AWS, Google, CrowdStrike, MuleSoft, and other partners, customers, and industry experts. More information about the event and registration can be found here. Salt also introduced its refreshed branding in concert with the API Security Summit.
About Salt Security
Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices. Deployed in minutes and seamlessly integrated within existing systems, the Salt platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives.
DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY
Veza | December 02, 2022
Veza today announced that its Open Authorization API (OAA) is now public on GitHub for community collaboration, extending the reach of identity-first security across the enterprise. Developers can now create and share connectors to extend the Veza Authorization Graph to all sensitive data, wherever it lives, including cloud providers, SaaS apps, and custom-built internal apps, accelerating their company’s path to zero trust security.
Security professionals espouse the principle of ‘Least Privilege’ to secure enterprise data, but the rush to a multi-cloud, multi-app environment has exploded the complexity and layers of interconnection for which access must be understood, monitored, and constantly remediated to achieve and maintain least privilege. Recent attacks on Okta and Twilio demonstrate that companies are allowing overly-broad access to data via constructs of groups, roles, policies, and system specific permissions. Veza connects the dots of effective permissions across cloud providers, SaaS apps and identity platforms, making it easy to visualize who can view or delete sensitive data. OAA allows organizations and the broader community to create their own integrations with Veza, extending visibility to any resource, including SaaS apps like GitLab and Jira as well as custom-built internal apps.
“The vast majority of cybersecurity failures are rooted in issues with the gap that exists between identity, access to data, and permissions,” said Tarun Thakur, co-founder and CEO, Veza. “Since our founding, we have been committed to protecting our customers from threats like ransomware, privilege abuse, and data breaches. With Veza Open Authorization API, we are extending our identity-first security approach broadly in the market and arming organizations with the tools they need to remediate undesirable and unnecessary data access at a granular level, and meet the requirements of access governance for enterprise systems, both on-premises and in the cloud."
With Veza's Open Authorization API, customers can translate and visualize authorization metadata from any SaaS app, custom and in-house applications. Users can explore identity-to-data relationships through the Authorization Graph, monitor for least privilege misconfigurations and violations, and conduct comprehensive entitlement reviews for all of their sensitive data.
“We specifically chose Veza because their Open Authorization API allowed us to connect to our custom internal applications. We follow the principle of least privilege, but with so many systems to review, we valued Veza’s unique ability to give us a comprehensive view quickly. They made it faster and easier for our team to review all permissions with confidence.”
-Riaz Lakhani, CISO of Barracuda Networks.
As an open-source project on GitHub, Veza’s Open Authorization API allows customers and partners to learn from, and build upon, each other’s work to create a control plane that reaches all data. By bringing OAA SDK and connectors available on GitHub Community, Veza empowers customers to ingest authorization metadata previously isolated in internal systems and SaaS applications. The OAA community has already created integrations for critical SaaS apps including GitHub, GitLab, Bitbucket, Jira, Zendesk, Slack, Coupa Software, Pagerduty, and Looker. These integrations are available now to all Veza customers.
“Veza solves the problem of aligning identities to data,” said Craig Rosen, Chief Security & Trust Officer at ASAPP. “Veza’s Open Authorization Platform helped us extend that visibility to all the apps and data that matter most to us, like GitHub and Jira. Now it is easy for our security professionals to understand (and remediate) who has access to our important intellectual property.”
Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to visualize, remediate, and control who can and should take what action on what data. We empower customers to take an identity-first approach to secure data by addressing critical business needs of streamlining identity and access governance, implementing data lake security, managing cloud entitlements, and modernizing privileged access. Our Authorization Graph connects identities to data across enterprise systems, enabling analysis, monitoring, and certification of end-to-end access. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza to secure their enterprise data. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures.
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Mimecast | November 09, 2022
Mimecast Limited, an advanced email and collaboration security company, today announced a new strategic integration with Okta, Inc., one of the leading independent identity providers, designed for enterprise customers to proactively mitigate the increasing risk and complexity of insider threat attacks. Building on Mimecast’s extensive library of API integrations, the integration partnership will further enable organizations to Work Protected™ amidst the proliferation of social engineering attacks targeting their hybrid workforce, customers, and supply chain. The integration of these solutions can empower strained IT teams with an expanded arsenal of AI-enabled tools and technologies that strengthen protection at the intersection of business communications, people, and data.
The increased prevalence and damaging ramifications of insider threat attacks are well-documented. IBM’s 2022 Cost of a Data Breach Report found that stolen or compromised credentials were the most common cause of data breaches over the previous year, serving as the primary attack vector in nearly 20% of breaches. They also had the longest lifecycle of all breaches, taking approximately 243 days to identify and another 84 days to contain, and resulted in an average of $4.50 million in losses. However, according to the same study, organizations with fully deployed security AI and automation experienced breach lifecycles that were 74 days shorter, on average, and cost a median of $3.05 million less.
By integrating Mimecast’s purpose-built, cloud-native email and collaboration security with Okta’s world-renowned identity access management offerings, organizations can deploy AI-enabled automation to help mitigate the impact of compromised account activity – streamlining human workflows through real-time threat intelligence sharing and automated response actions across two best-of-breed solution architectures. Optimized for rapid deployment flexibility and simplicity of use, the integration is engineered to allow administrators to seamlessly assume granular control within minutes regardless of their level of IT expertise.
“Our integration partnership with Okta comes at a pivotal time as insider threats have emerged as a critical vulnerability for the modern hybrid enterprise. “This integration is a microcosm of the Mimecast mission to extend our services beyond email and collaboration security alone. Joining forces with a fellow industry pioneer like Okta enables us to execute a vital ‘team sport’ approach to cybersecurity, building on the existing security investments, capabilities, and tools of our customers to ensure their organizations remain safe.”
Jules Martin, Mimecast vice president of ecosystems & alliance
“With the ever-evolving nature of the cyber threat landscape, it’s imperative that we amplify our identity access management services to address new and emerging attack vectors,” said John Grundy, Okta senior strategic alliance manager. “This integration partnership with Mimecast enables us to do exactly that, creating a holistic automation framework that empowers enterprises to enhance the efficiency of their insider threat detection and response posture.”
Mimecast, a Gold Sponsor of Oktane22, will be presenting a live demo of the integration at the annual conference on November 8-10, 2022.
Mimecast: Work Protected™
Since 2003, Mimecast has stopped bad things from happening to good organizations by enabling them to Work Protected. We empower more than 40,000 customers to help mitigate risk and manage complexities across a threat landscape driven by malicious cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today. Mimecast solutions are designed to transform email and collaboration security into the eyes and ears of organizations worldwide.