CyCraft JP Releases AI-Driven Detection & Response Security Platform, MRI and INES Set to Distribute

prnewswire | October 18, 2020

CyCraft Japan announces Mitsubishi Research Institute, Inc. (MRI) and MRI Group's INES (Information Network Engineering & Solutions) Inc. as authorized distributors of the CyCraft AIR Platform security solutions suite. Japan is pushing to raise its cyber resilience in an effort to rapidly raise the resilience of Japanese enterprises in the coming year. CyCraft AIR uniquely provides the AI-driven technology, intuitive UI, and actionable intelligence required to provide large-scale Japanese enterprises with comprehensive endpoint and network security from beginning to end.

Spotlight

Das ThreatLabz-Team von Zscaler hat für den Zeitraum zwischen Februar 2021 und März 2022 einen Anstieg bei der Anzahl der Ransomware-Angriffe gegenüber dem Vorjahr um weitere 80 % festgestellt – ein trauriger Rekord, der zudem nie dagewesene Schäden mit sich brachte. In diesem Ransomware-Report von 2022 wertet das ThreatLabz-Tea

Spotlight

Das ThreatLabz-Team von Zscaler hat für den Zeitraum zwischen Februar 2021 und März 2022 einen Anstieg bei der Anzahl der Ransomware-Angriffe gegenüber dem Vorjahr um weitere 80 % festgestellt – ein trauriger Rekord, der zudem nie dagewesene Schäden mit sich brachte. In diesem Ransomware-Report von 2022 wertet das ThreatLabz-Tea

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Qumulo Helps Customers Avoid the Complexity of Protecting Unstructured Data with its Comprehensive Approach to Data Security

Qumulo, Inc. | November 11, 2022

Qumulo, the radically simple way to manage petabyte-scale data anywhere, today announced the launch of the company’s new corporate security initiative “Simply Secure,” a multi-layered approach designed to protect data across multiple points of vulnerability. Qumulo’s “Simply Secure” initiative is meant to help organizations minimize the risk of business disruption and protect their data from theft or loss with a complete suite of security features that continue to harden over time, all-inclusive with their Qumulo® subscription, without additional cost for future releases. The unprecedented rise in cyber threats in recent years is creating dire consequences for businesses: multi-million dollar ransom payments, days or weeks in disruption of operations, and potential loss of valuable data sets. Not only that, cyber attacks which become public often leave behind permanent reputational damage. While most organizations understand and respect the risk of poor security posture, many are strapped for cycles, time, and expertise to build adequate defenses around their unstructured data. Qumulo is meeting its customers anywhere – edge, core, and in the cloud – with a holistic approach to security, making it simple for customers to protect their data from ransomware attacks, data theft, and data destruction. Qumulo not only helps customers ensure lighting-fast recovery but also helps proactively detect and prevent anomalies, so organizations and end users can simply secure their sensitive data. Customers are granted access to each new security feature every two weeks, which is available through non-disruptive software upgrades, increasing the value of Qumulo clusters over time. “Qumulo’s focus on radical simplicity means it's taken an approach to security that makes it as easy as possible for customers to protect their data everywhere it’s stored.” Kiran Bhageshpur, Chief Technology Officer at Qumulo Qumulo is constantly developing new and enhancing existing features to provide the most robust security possible. The most recent releases add five new layers to storage security for greater data protection, including: Multi-tenancy VLAN Isolation: Organizations can now use virtual local area networks (VLANs) to isolate administrative interfaces from their file system clients, such that the general network population cannot reach the interfaces. This adds an additional guarantee of network protection, while helping consolidate multiple use cases on a single cluster, resulting in potential cost savings. Single sign-on & Access Tokens: Cluster administrators can now eliminate the need for sensitive user passwords when logging into the Qumulo administrator UI or API since user credentials are prime targets for theft by cyber attackers. NFSv4.1 Kerberos Authentication & Encryption: All data is encrypted before transmitting across networks, preventing any bad actor that intercepts the data from understanding it in plain text. Federal Information Processing Standards (FIPS) 140-2 certification of Qumulo encryption: Now, customers with FIPS requirements can maintain compliance and independently verify that Qumulo’s data-at-rest encryption meets the standards set by the National Institute of Standards and Technology (NIST). Customers who don’t require FIPS certification can rest assured their data is protected by the highest standards. OpenMetrics API provides telemetry data to 3rd party monitoring and alerting systems, so organizations can proactively detect and quickly respond to anomalies at risk of disrupting operations such as an attack-in-progress. “Trust is mission critical when it comes to security,” said Kathy Ahuja, VP of Information Security at Qumulo. “That’s why we’ve built a security posture with FIPS 140-2 accreditation and enhanced encryption that provides the greatest level of protection for our cryptographic modules. Our customers know they can trust Qumulo with their data. And as cybercriminals continue to advance their own breach strategies, we’re well prepared to continue to improve our security measures to match and defeat the complexities of these attacks.” About Qumulo, Inc. Qumulo is the radically simple way to manage petabyte-scale data anywhere – edge, core or cloud – on the platform of your choice. In a world with trillions of files and objects comprising 100+ Zettabytes worldwide, companies need a solution that combines the ability to run anywhere with simplicity. This is precisely what Qumulo was founded to accomplish.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Legit Security Discovers New Class of Development Pipeline Vulnerabilities; Open-Source Rust Programming Language Found Vulnerable

Legit Security | December 12, 2022

Legit Security, a cyber security company with an enterprise platform that protects an organization's software supply chain from attack and ensures secure application delivery, today announced that it discovered a new class of software supply chain vulnerabilities that leverage artifact poisoning to attack underlying software development pipelines. The vulnerability was found in GitHub Actions, a platform for orchestrating and automating software development pipelines, and the vulnerability was identified in the highly popular programming language Rust. Many other GitHub Action projects remain potentially vulnerable and a technical disclosure blog including information to protect organizations from attack is available on Legit Security’s website. The discovered pipeline vulnerability could allow any GitHub user to replace legitimate development artifacts with malicious ones, enabling attackers to modify source code, steal secrets and create CodeCov-like wide-reaching software supply chain attacks. Rust, an extremely popular programming language used by millions of developers, acknowledged and fixed the vulnerability after initial disclosure by the Legit Security Research Team. GitHub Actions is part of the extremely popular GitHub source code management system at the heart of many organization’s software supply chains and used by software developers globally. The vulnerability affects the GitHub Actions artifacts storage mechanism, which is used to store and transfer build artifacts between software development build jobs. Due to a limitation in the cross-workflow artifact communication mechanism, vulnerable workflows cannot distinguish between legitimate project artifacts and artifacts that were created by the project’s forks or copies, allowing any user to create a fork, and then craft a malicious artifact that will be treated as a legitimate one. “This is a different class of vulnerability that can lead to attacks and modification of the development pipeline itself, not just modification of the code. “A simple analogy could be made to a car assembly line. This is an attack on the assembly line itself that could include stealing sensitive parts, turning off certain steps, or substituting any valid part for a malicious one. It’s a powerful attack vector that gives cyber criminals a lot of options to inflict damage. In this case, the vulnerable targets are software supply chains that use GitHub Action.” Liav Caspi, co-founder and CTO, Legit Security The Legit Security Research Team also disclosed the security issue to the GitHub security team. GitHub responded by simply updating their API to include information that could help prevent this vulnerability. It should be noted that GitHub didn’t address the root cause of the issue, thus leaving many other GitHub Action projects vulnerable to the aforementioned software supply chain attacks. Legit Security’s technical disclosure blog includes important information on how to protect organizations from this type of attack. More information about general GitHub security best practices can also be found here. Legit Security Legit Security protects an organization's software supply chain from attack and ensures secure application delivery, governance and risk management from code to cloud. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments, and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

AWS Clients Globally Can Now Use Apiiro Cloud Application Security Platform

Apiiro | January 04, 2023

Apiiro, the market leader in Cloud-Native Application Security, announced that its award-winning security platform is now accessible on AWS Marketplace. Apiiro's solution intends to assist developers and security engineers in resolving significant risks across the software supply chain before launching apps to the cloud. Instead of a single vulnerability or misconfiguration, multiple isolated and unconnected findings are scattered throughout the source code, configurations, open-source packages, and cloud infrastructure that, when combined with appropriate context, form a Risk Story that attackers can exploit. Its Risk Graph technology integrates these endless elements with actionable information to provide developers and security teams with an entirely new way to fix problems. Apiiro has introduced a whole new approach to application security by offering complete visibility into code bases, analyzing risks from design to code to the cloud, and proactively addressing actual vulnerabilities that attackers can exploit before they even get released to the cloud. By connecting to their source control managers via API, Fortune 500 businesses can cut operational costs and risks at scale while ensuring seamless deployment. Now that it is accessible in the AWS marketplace, customers may deploy Apiiro's Cloud Application Security Platform through their AWS Marketplace accounts, enabling them to quickly secure everything they develop and deliver to the cloud by proactively resolving risks with actionable context. About Apiiro Apiiro is a Cloud Application Security Platform that provides comprehensive insight and actionable context to security and development teams to proactively fix risks before releasing them to the cloud. It also assists them in addressing threats throughout the software supply chain. Since its inception, the Apiiro Cloud-Native Application Security Platform has been deployed by developers and security experts in the world's biggest organizations to handle critical threats across more than 1 million code repositories, CI/CD pipelines, and cloud infrastructures.

Read More