SOFTWARE SECURITY

CyCognito and Carahsoft Partner to Deliver Attack Surface Management and Protection Solutions to the Public Sector

CyCognito | December 29, 2021

CyCognito, the leader in external attack surface management and protection, today announced a strategic go-to-market alliance with Carahsoft Technology Corp., the Trusted Government IT Solutions Provider. Under the agreement, Carahsoft will serve as CyCognito’s first Public Sector Distributor. The new relationship expands and deepens CyCognito’s reach across and within the Public Sector through Carahsoft’s NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), OMNIA Partners, National Association of State Procurement Officials (NASPO) ValuePoint, and National Cooperative Purchasing Alliance (NCPA), as well as through Carahsoft’s reseller partners.

“Together with our channel partners, CyCognito is using its platform, program and best practices to help the Public Sector establish a stronger security posture and proactively identify, protect and prevent cyberattacks from happening,” says Channel Chief and CyCognito’s Worldwide Sales Leader Lori Cornmesser.

Most of today’s cyberattacks continue to intrude through external attack vectors. CyCognito’s innovative platform automates the discovery, multi-factor security testing and risk prioritization of all externally-exposed assets in an organization’s extended IT ecosystem. Once cyber threats are identified, CyCognito orchestrates data sharing to automatically start the remediation process by creating an incident response ticket. The platform integrates its findings and intelligence into existing vulnerability lifecycle management processes through channels such as Slack, PagerDuty, ServiceNow, and several additional platforms. This proven and proactive layer of automated security ensures an organization’s entire attack surface is protected quickly and efficiently when risks are detected.

“Empowering organizations to find and eliminate the paths attackers easily exploit is a vital tactic within any surface management and protection strategy,Prevention and remediation must remain top of mind for channel partners and IT decision makers, especially those working within the Public Sector where the stakes are high and the impact of a single breach has the potential to span states, the nation and even the globe.”

Rob Gurzeev, Founder and CEO, CyCognito

CyCognito and Carahsoft are enabling forward-thinking security value-added resellers (VARs), managed service providers (MSPs), global systems integrators (GSIs) and managed security services providers (MSSPs) with a new and enhanced lineup of SLED and Federal-focused sales and marketing assets. Offered at no charge, these business-building assets are readily available within CyCognito’s partner portal and include how to market, how to pitch and position, and how to demo the technology.

“Agencies today are under tremendous pressure to protect their customers from cybercrime,” said Michael Shrader, Vice President of Intelligence and Innovative Solutions at Carahsoft. “CyCognito’s leading platform preempts attacks and helps businesses satisfy key elements of most common security frameworks and regulatory compliance standards. We look forward to working with CyCognito and our reseller partners to help educate and better enable the Public Sector with the knowledge, specialization and technology needed to properly assess their cyber risk and eliminate exposure.”


About CyCognito
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure. Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. The Palo Alto-based company is funded by leading Silicon Valley venture capitalists, and its mission is to help organizations protect themselves from even the most sophisticated attackers. It does this with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers.

About Carahsoft
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and Engagement, and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles.

Spotlight

The National Institute of Standards and Technology (NIST) Cybersecurity Framework impacts all public and private organizations that manage critical infrastructures in the United States. The Framework encourages network equipment manufacturers, enterprises, service providers, government agencies and federal integrators to take an active role in risk management with the goal of improving the security posture of critical infrastructures.

Spotlight

The National Institute of Standards and Technology (NIST) Cybersecurity Framework impacts all public and private organizations that manage critical infrastructures in the United States. The Framework encourages network equipment manufacturers, enterprises, service providers, government agencies and federal integrators to take an active role in risk management with the goal of improving the security posture of critical infrastructures.

Related News

DATA SECURITY

GetApp Annual Data Security Report Reveals Information Security a Top Concern for Businesses

GetApp | September 29, 2021

GetApp, a recommendation engine that helps SMBs make informed software purchasing decisions, released findings from its 2021 Data Security Report. The results reveal that, regardless of industry, information security incidents have become more of a targeted threat for businesses, increasing in amount and efficacy. Of all the security incidents identified by over 900 surveyed employees at U.S. businesses, the three most threatening incidents were: increasingly severe ransomware attacks, more effective phishing schemes, and rampant reusing of passwords. Respondents reported phishing emails have nearly tripled in effectiveness over the past two years. Phishing emails are rapidly becoming more difficult to spot and thus far more destructive. Over the past year, ransomware attacks have increased by 25%. Ransom demands were significantly higher than average for businesses in specific industries, such as banking and financial services and construction, with higher payouts. The report found that password reuse is strongly associated with higher incidences of security breaches. Reported account takeovers were three times as common among people who reuse passwords as those who don’t. Data security threats are becoming more targeted to individual victims, whether that’s a phishing scheme aimed at a specific person or ransomware attacks on a particular company.Companies must redouble security training efforts and fortify their networks to protect against today’s increasingly sophisticated cybercriminals. Zach Capers, senior analyst at GetApp. Alarmingly, 23% of the IT security managers surveyed say their company doesn’t have protocols in place to report a suspected cyberattack and 33% don’t have a formal cybersecurity incident response plan. Read the in-depth report for further insight regarding sensitive data, cyberattacks, and how your industry is keeping up with data security needs. About GetApp GetApp is the recommendation engine SMBs need to make the right software choice. GetApp enables SMBs to achieve their mission by delivering the tailored, data-driven recommendations and insights needed to make informed software purchasing decisions. GetApp is a Gartner company. For more information, visit www.getapp.com. Survey methodology GetApp’s 2021 Data Security Survey was conducted from August 20 to August 24 among 973 respondents to learn more about data security at U.S. businesses. Respondents were screened for full-time employment and 90 identified as their organization’s IT security manager.

Read More

DATA SECURITY

Salt Security to Launch Salt Labs to Increase Global Awareness of API Security Threats

Salt Security | July 16, 2021

The leading API security company, Salt Security, has announced today the launch of a now-public forum for publishing research on API vulnerabilities, Salt Labs. It will be a resource for enterprises looking to harden infrastructure against API risk through its vulnerability and threat research and industry reports. In addition, advancing the operation of Salt Security to offer complete API security and accelerate business improvement by making APIs attack-proof will also be a basis of more widespread public consciousness of API safety threats. API security concerns are a significant inhibitor of business modernization. For example, 66% of establishments have delayed the placement of a new application because of API security anxieties, according to the Salt Security State of API Security Report. To counter these concerns, Salt Labs will provide research and reports that organizations can use to progress their API security pose and alleviate threats affecting API-centric businesses. Several API security gaps are highlighted in today's inaugural vulnerability research at a large financial institution. Salt Labs researchers identified inadequate authorization for function access, susceptibility to parameter tampering, insufficient data access, and improper input filtering across the financial platform used by thousands of financial partners and customers. The Salt Labs researchers exploit these vulnerabilities to demonstrate that: 1. Any user could launch an application-level denial of service attack that would render entire applications unavailable. 2. Any user could read any financial records of any customer, despite lacking the proper authorization. 3. Any user could tamper with authentication parameters and take over any account. 4. Any user could delete any customer's user accounts across the financial platform. About Salt Security Salt Security was originated in 2016 by alumni of the Israeli Defense Forces (IDF) and serial businessperson executives in the cybersecurity field and is based in Silicon Valley and Israel. Salt Security protects the APIs that form the core of every new application. Its API Security Platform is the industry's first patented solution to stop the next generation of API attacks, using machine learning and AI to mechanically and unceasingly recognize and protect APIs.

Read More

DATA SECURITY

NPCore forms global partnership with Viet Cyber Security towards expansion into SE Asian IT security market

NPCore | November 26, 2021

NPCore, a joint venture member of Born2Global Centre, has its sights set on a greater share of the IT security market in Southeast Asia, recently joining forces with Vietnamese IT security service provider Viet Cyber Security. Together, the two companies set up NPCore Vietnam Joint Stock Company, a joint venture which will see them coordinate efforts in the IT security industry. NPCore is an AI-based new variant malware (APT) response solution provider offering optimal security solutions. NPCore has provided cyber security solutions and since 2021, it has participated in a project for supporting overseas expansion of D.N.A (Data, Network, AI) convergence products led by Born2Global Centre. The joint enterprise will see the two partners collaborate in technology and, more importantly, concerted sales and marketing activities in the Southeast Asian IT security market. The goal is to lay the foundation for a stable supply of IT security services in local markets to obtain market trust and continue expanding the business at an increasing pace. NPCore has confirmed that it is ready to aggressively engage Viet Cyber Security's local networks and customers towards expanding its market presence. NPCore's solution (Zombie Zero) can defend against any path through which malicious code can flow from the network to the endpoint. It currently holds 12 patents as well as the International Common Criteria (CC) certification for its proprietary security technologies and has more than 100 global references. "The local joint enterprise was established in Vietnam as it is a market with active investment taking place in national security, corporate IT security, and other fields. It will be a local platform for entry into the Southeast Asian markets Vietnam included and will put us on the map as an IT security service provider in the region." NPCore CEO Han Seung-cheol Furthermore, the joint venture between NPCore and Viet Cyber Security was established as part of the Born2Global Centre's partnership program. Through its support of DNA-convergence products and services, Born2Global Centre serves as a launchpad for innovative startups to enter global markets. Born2Global Centre provides startups with different levels of consulting services, from partnership exploration & creation to business establishment, operations, joint R&D projects, and market expansion.

Read More