Vulcan Cyber | June 19, 2021
The only risk remediation platform of developers of the industry, Vulcan Cyber®, has announced a new for IT security organizations to measure risk compliance through IT asset health scores across logical business groupings. For the first time, this enables enterprise cybersecurity teams to track remediation progress against prioritized risks to measure business risk against customizable security compliance KPIs. This will help businesses protect themselves from various exploits such as ransomware attacks and data breaches.
Other approaches lack many aspects in vulnerability risk prioritization and often only the risks at the individual, atomic, and asset levels. Customers of Vulcan Cyber now benefit from the ability to control custom risk parameters and improved vulnerability prioritizing scores weighted with industry asset data. These newest additions to the Vulcan Cyber risk model improve the industry's only threat remediation orchestration platform and are an indispensable second step after susceptibility scanning.
Practically all subjugated vulnerabilities are known by IT and security teams in advance; they are exploited at the occurrence. As a result, the windows for vulnerability remediation presently span much time giving bad actors an intolerable amount of time to abuse businesses with significantly less capacity to protect themselves.
Vulcan Cyber helps get the proper remedies to the right people, prioritize vulnerabilities, automate remediation tasks at scale, integrate with dozens of best-of-breed tools, and measure risk across the complete process to get it fixed finally.
About Vulcan Cyber
Vulcan Cyber developed the industry's first vulnerability remediation orchestration platform, which was built to help various businesses reduce the online threat risks using application security and measurable cloud. By curating and delivering the best remedies, prioritizing vulnerabilities, and automating processes and fixes via the last mile of remediation, the platform of Vulcan orchestrates and tracks the remediation lifespan from scan to fix. Vulcan Cyber platform’s unique capability has garnered Vulcan Cyber recognitions.
NowSecure | March 24, 2022
NowSecure, the industry's leading provider of standards-based mobile app security and privacy software, today announced the launch of the world's largest mobile app pen testing service for the OWASP Mobile Application Security Verification Standard (MASVS) and the addition of automated MASVS testing to the NowSecure Platform. Presently, mobile enterprises, application developers, and security teams can rely on NowSecure specialists for the gold standard of mobile app testing to assure OWASP MASVS compliance.
In 2021, 200 billion installed mobile applications produced over $170 billion in revenue, indicating that mobile applications are driving the global economy. Customers and staff alike prefer mobile applications over online apps, with over 70% of all digital time spent in mobile apps vs. web apps. However, assaults and breaches have increased significantly in the last year, with major mobile app security problems affecting Amazon Ring, Apple iMessage, Park Mobile, Slack, and US Customs and Border Protection. According to the NowSecure MobileRiskTracker, 85% of evaluated applications contain security flaws, and 70% leak sensitive data. Companies must be careful in incorporating security into their mobile applications and extensively testing them to assure their safety.
Since its inception in 2013, the OWASP mobile project has pushed for standards-based security criteria and testing methodologies. The OWASP mobile project, which is used by mobile app developers, architects, security teams, and security researchers, contains three essential resources, the most recent of which was updated in January 2022, to give the best risk reduction method for mobile app teams:
The OWASP Mobile Application Security Verification Standard (MASVS) establishes a standard for mobile app security.
The OWASP Mobile Security Testing Guide (MSTG) describes how to put the MASVS criteria to the test.
The OWASP Mobile App Security Checklist keeps track of security assessment tasks for mobile apps.
NowSecure practitioners have collaborated on spec evolution and tools with the OWASP mobile project from its inception, and the firm acts as an OWASP "god mode" sponsor for the OWASP MASVS.
"The OWASP MASVS and MSTG are the foundation of a mobile appsec program. The MASVS guides developers and security analysts on architecture, threat modeling and proper techniques to secure mobile data. The MSTG has hundreds of tests you should perform and there are many nuances and edge cases to consider. Without the right expertise it can be tough to effectively achieve full MASVS compliance. The MSTG encourages the use of automated tools to leverage static and dynamic analysis but also emphasizes that having security professionals you can trust is essential."
Carlos Holguera, OWASP project lead and NowSecure Security Researcher
NowSecure CEO Alan Snyder said that "NowSecure is the recognized expert for standards-based testing software and services, partnering with organizations to safeguard trust in their mobile app initiatives. As an OWASP contributor and sponsor for years, we are committed to the evolution of the specifications. Today we are adding these products and services to help customers ensure the security and privacy of their mobile apps leveraging the gold standard of OWASP MASVS."
prnewswire | January 06, 2021
SecurityScorecard, the worldwide pioneer in network protection evaluations, today reported it has incorporated with Coupa Software (NASDAQ: COUP) to offer its Security Ratings information in the Coupa Business Spend Management (BSM) Platform. Coupa ensured SecurityScorecard's Security Ratings for use inside its cloud-based stage that engages organizations around the globe with the perceivability and control they need to settle on more brilliant spending choices.
The coordination makes SecurityScorecard's information accessible in the Coupa BSM Platform, empowering clients to effectively comprehend and quantify the online protection stance of any association. With the reconciliation, obtainment experts can:
Survey Vendor Cybersecurity Posture: View the general evaluation, the 10 factor evaluations of information that include a merchant's SecurityScorecard Security Rating, alongside discoveries related with each factor
Assess a Vendor's Historical Performance: With admittance to a half year of a sellers' score history, Coupa clients can comprehend an organization's recorded exhibition
Organize Vendors for Review: Use SecurityScorecard Security Ratings to figure out which merchants to organize for more profound surveys dependent on their online protection hazard act
Build up Required Minimum Scores: Determine gauge SecurityScorecard grades for sellers and afterward influence nonstop observing to guarantee merchants stay on target
Draw in Vendors: Invite sellers to join SecurityScorecard for nothing so they can improve scores by following up on issue-level remediation direction
"As more organizations work with an increased number of third parties and expand their own digital footprint, the need for measuring the cybersecurity risk at scale is imperative now," said Roger Goulart, senior vice president of Business Development and Alliances at Coupa. "We're proud to integrate with SecurityScorecard to give our customers even greater cybersecurity risk insights and enable our customers to instantly rate, benchmark, and monitor the cybersecurity posture of their vendors."
As an affirmed CoupaLink arrangement, the SecurityScorecard coordination for Coupa meets the prerequisites set up by Coupa through its CoupaLink Certified Technology program. The CoupaLink program empowers programming accomplices to fabricate correlative arrangements that effectively interface into the Coupa stage. Clients advantage by improving their business spend and diminishing business hazard while decreasing the expense of outsider programming incorporation.
"Connecting SecurityScorecard Security Ratings into the Coupa Business Spend Management Platform provides our joint customers with a streamlined way to increase their visibility into vendor risk and decrease their overall risk exposure," said Randy Streu, Vice President of Strategic Alliances at SecurityScorecard. "We look forward to our relationship with Coupa to further help customers transform the way they assess vendor cyber health as a critical part of managing their business spend."
SecurityScorecard is the global leader in cybersecurity ratings and the only service with over a million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 1,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.