DATA SECURITY
Paubox | July 01, 2021
Zero Trust Email, a new feature to the Paubox Email Suite, is announced by the leader in HIPAA compliant email, Paubox. Zero Trust Email, the only technology of its kind, has the purpose of protecting the sensitive data and information of healthcare organizations from cybersecurity attackers.
A solution for protecting the data and information of healthcare organizations was necessary as at least 93% of healthcare organizations reported one cybersecurity breach during the last three years. Various accounts on servers run by American infrastructure companies such as AWS, GoDaddy, and Mailgun, are being set up by bad actors. This lets cybercriminals to pass virus checks and industry standard spam. Paubox has rolled out Zero Trust Email in response to it.
According to Founder CEO of Paubox, Hoala Greevy, A core tenet of Zero Trust security is multi-factor authentication (MFA). Zero Trust Email needs an additional piece of evidence from the sender’s mail server to pass our Inbound Security checks. This additional layer of verification is critical to keeping bad actors away and under control.
According to Cost of Data Breach report of IBM, in 2019, healthcare industry had almost lost $7 billion USD due to damages from data breaches caused by cyberattacks. Extra network admittance points created by a rising remote work force only open healthcare organizations to more cybersecurity susceptibilities and attacks. Zero Trust Email can minimize the damage due to both internal and external attacks in healthcare organizations.
Read More
DATA SECURITY
Detectify | May 19, 2021
Ugly Duckling, a stand-alone application security tool specially designed for ethical hackers to make it easier for them to share their discoveries, is now available from Detectify, the SaaS security company powered by ethical hackers.
To keep on top of web application security, it's important to find web vulnerabilities as soon as they appear - before attackers exploit them. By offering ethical hackers the tools to build further test modules independently, Ugly Duckling speeds up the integration of vulnerabilities discovered by ethical hackers into automatic security tests on Detectify's platform.
When an ethical hacker discovers a loophole, he or she will create a module as a JSON file and test it in Ugly Duckling to ensure that it works. The JSON file is then implemented on Detectify's platform, allowing thousands of app owners and security teams to access the quality-checked findings. Vulnerability reports submitted to Ugly Duckling can be run live as security checks within 5-10 minutes of submission. It's a win-win situation: security and engineering teams can keep up with the latest exploitable vulnerabilities discovered in the wild, while ethical hackers can get paid more quickly.
To define the vulnerabilities, Ugly Duckling uses a custom JSON-based template format. It detects "stateless" vulnerabilities, i.e., vulnerabilities that can be discovered by analyzing the response to a single HTTP request.
Detectify crowdsources the most latest security research from ethical hackers and distributes it as payload-based tests to security engineers and application owners, allowing them to regularly check their applications for vulnerabilities.
On Github, you can find the Ugly Duckling vulnerability scanning tool, which is open-source and MIT-licensed. The Ugly Duckling web scanner is not limited to ethical hackers in Detectify's Crowdsourced network, but is open for all to use for bug bounty hunting, security research, or penetration testing, in keeping with the company's belief in a collective approach to security.
About Detectify
Detectify believes that everybody should have access to world-class cybersecurity knowledge. Detectify automates the most latest security findings from the world's top ethical hackers and delivers them to security defenders and web application teams. Detectify's security tools, which are driven by a network of hand-picked ethical hackers, check your application outside the OWASP Top 10 and help you keep on top of cloud threats.
Read More
prnewswire | September 14, 2020
MCPc, a leading data protection and security risk management firm has launched Cybersecurity as a Service (CYBaaS), a unique, tailored security service to help companies clearly understand and identify their security vulnerabilities and protect their business from cyber risk."The threat landscape is very real and on the rise, significantly increasing the probability of a cyber incident taking place - particularly now with a distributed workforce," says MCPc's Chief Information Security Officer Ronnie Munn. "Having a clear and thoroughly-outlined Incident Response program and plan helps organizations dramatically reduce their chances of an attack and helps them 'keep their calm' in moments of crisis."
Read More