Enterprise Security, Web Security Tools
PR Newswire | August 28, 2023
Netskope, today announced that it has achieved Amazon Web Services (AWS) Security Competency status in the Infrastructure Protection category. As a widely recognized industry leader in secure access service edge (SASE), Security Service Edge (SSE), and modern connectivity and performance, Netskope works with AWS and other cloud providers to secure and optimize the most demanding cloud-first environments. Achieving the AWS Security Competency differentiates Netskope as an AWS Partner Network (APN) member that meets rigorous security specifications on AWS. In addition, Netskope was recently recognized as a "finalist" for the AWS US Rising Star Partner of the Year at this year's AWS New York Partner Summit.
With the rapid migration of critical workloads to the cloud, the increase in the hybrid workforce, and today's complex cybersecurity landscape, the need for robust cloud security solutions is more critical than ever before. Netskope has helped thousands of customers, including more than 25 of the Fortune 100, improve their security posture. Netskope helps customers address AWS's shared responsibility model of cloud security for several important use cases:
Provide secure remote access to private applications on AWS - Remote and hybrid workers need to access business-critical applications from anywhere. Netskope Private Access (NPA), Netskope's zero trust network access (ZTNA) solution, provides secure, granular access based on adaptive trust principles. This means that users can only access the applications and resources they need when they need them. NPA also improves security by replacing outdated VPN gateways and concentrators that expose their IP addresses to the public internet. Private resources are not visible on the public internet and are shielded from attackers.
Discover shadow IT and block data exfiltration and threats - Netskope can act in real-time to block movement of sensitive data, threats, unauthorized users, and access to rogue accounts. Netskope Cloud Access Security Broker (CASB) Inline monitors traffic to and from AWS resources and applications to expose suspicious or malicious activity. Netskope's Zero Trust Engine decodes activities in real-time to place activity-level restrictions on users, groups, and organizational units across more than 270 AWS services. Netskope's Next Generation Secure Web Gateway (SWG) blocks malware, detects advanced threats, and controls cloud apps and services for users located anywhere, using any device.
Discover sensitive data and malware in Amazon Simple Storage Service (Amazon S3) - Netskope CASB API scans Amazon S3 buckets to identify sensitive data and protect it from misuse. It also discovers malware and generates alerts to help prevent threats from spreading.
Extensive integrations provide visibility and information sharing across cloud and hybrid environments - Netskope integrates with a variety of AWS services including AWS CloudTrail, AWS CloudTrail Lake, Amazon Security Lake, Amazon S3, and Amazon GuardDuty to share logs, alerts, events, and threat information. Netskope Cloud Exchange (CE) offers a wide variety of plug-ins and modules to facilitate exchange of information between cloud services, security tools, and data lakes, and automate remediation. CE can be deployed on Amazon Elastic Container Service (Amazon ECS) using AWS Fargate. Netskope also integrates with AWS Control Tower for customers needing automated deployment and consistent security policy across multi-account AWS customer environments.
"We are thrilled to achieve the AWS Security Competency in the Infrastructure Protection category, as it highlights our ongoing commitment to help organizations provide secure access to applications and resources, protect data, and reduce risk in the cloud," said Andy Horwitz, Vice President, Business Development and Technology Alliances, Netskope. "This achievement demonstrates our commitment to AWS customers through our team's hard work and dedication to providing cutting-edge security solutions that address the evolving challenges of secure cloud adoption."
AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise.
Netskope, a global SASE leader, helps organizations apply zero trust principles and AI/ML innovations to protect data and defend against cyber threats. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements. Learn how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.
Yahoo Finance | July 12, 2023
Menlo Security, a leader in cloud security, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced its partnership. Under the agreement, Carahsoft will serve as Menlo Security’s Public Sector distributor, making its products available to the Public Sector through Carahsoft’s reseller partners and GSA Schedule, NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), National Cooperative Purchasing Alliance (NCPA) and OMNIA Partners contracts.
“We selected Carahsoft as our partner because of their extensive experience in the Federal Government and Public Sector markets,” said Darrin Curtis, Vice President, Public Sector, Menlo Security. “Providing the products that prevent attacks before they can happen is Menlo’s priority. By working with Carahsoft and its reseller partners, we can help ensure our Federal, State, and Local Governments and agencies are secure from attack.”
Earlier this year, Menlo Security received Authorization to Operate (ATO) at the moderate level under the Federal Risk and Authorization Management Program (FedRAMP). Instead of a detect and response approach, Menlo’s FedRAMP-authorized, Isolation Platform, powered by a patented Isolation Core™ stops threats before they can happen. This means safe browsing of all content from anywhere, all the time.
According to DISA’s Requirement and Analysis office, Cloud-Based Internet Isolation (CBII) will improve cybersecurity and avoid $300 million in future spending across the Defense Department. Menlo Security’s isolation-powered platform securely connects users to websites and applications from anywhere, while scaling elastically to meet user demand without sacrificing the user experience.
Today, Menlo Security cloud security solutions are deployed by more than 100 Government agencies, including the United States Department of Defense (DoD), mission partners, international Governments, State and Local Governments, and educational institutions across the United States.
Menlo Security products are designed with a Zero Trust focus. The company’s Cloud Security platform eliminates malware threats, including ransomware. In addition to these threats, Menlo Security has identified a surge in cyberthreats termed Highly Evasive Adaptive Threats (HEAT) that bypass traditional security defenses. HEAT attacks are a very common class of cyber threats targeting the web browser as a highly vulnerable web attack vector used for 75% of the working day. HEAT attacks employ techniques to evade detection by multiple layers in the current security stack including firewalls, Secure Web Gateways, sandboxing, URL Reputation and phishing detection.
“We are pleased to add Menlo Security’s products to our solutions portfolio and offer our customers a modernized, cloud-based approach to cybersecurity,” said Troy Meraw, who leads the Menlo Security Team at Carahsoft. “Together with Menlo Security and our reseller partners, we are committed to helping the Public Sector stay ahead of evolving threats in today’s digital landscape.”
Menlo Security’s cloud-based cybersecurity offerings are now available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NCPA Contract NCPA01-86, and OMNIA Partners Contract #R191902.
The dedicated Cybersecurity team at Carahsoft specializes in providing Federal, State and Local Government agencies and Education and Healthcare organizations with security solutions to safeguard their cyber ecosystem.
About Menlo Security
Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security’s patented Isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JP Morgan Chase.
Data Security, Platform Security, Software Security
Businesswire | June 29, 2023
Skyhigh Security today announced it’s enabling organizations to adopt artificial intelligence applications in a secure manner that protects sensitive, confidential, and business critical information through its leading Security Service Edge (SSE) portfolio. Skyhigh Security’s technology protects data and stops threats in the cloud across all websites, Software-as-a-Service (SaaS) applications, Infrastructure-as-a-Service (IaaS) environments and Shadow IT, from a single, cloud-native enforcement point.
Skyhigh Security’s purpose-built SSE platform is future-proofed with advanced data protection controls that directly apply to AI apps to protect customers’ business critical data. The same controls will apply to all new and emerging cloud applications in the future to protect against the risks of data loss. Skyhigh Security also delivers the largest and most accurate cloud registry of over 40K+ cloud services, based on a detailed security assessment across more than 75 objective criteria. The Skyhigh Cloud Registry quickly identifies new generative AI apps and the corresponding risk level for each app.
According to Skyhigh Security’s global telemetry data from the first half of 2023, close to a million of its users have accessed ChatGPT through corporate infrastructures. The volume of users has increased by 1500 percent from January to June, demonstrating the unprecedented momentum and adoption of generative AI applications across organizations and industries. Because of the risks associated with ChatGPT and similar AI applications, many organizations are seeking ways to ensure data is protected while allowing for productive use of the technology.
“Securing corporate data in SaaS applications, like ChatGPT and other generative AI applications, is what Skyhigh Security was built to do,” said Anand Ramanathan, chief product officer, Skyhigh Security. “We currently track more than 500 different AI cloud service providers as part of our registry—a 130 percent increase since January. Through the Skyhigh SSE portfolio, organizations already enjoy granular visibility and control of these apps, protect sensitive data, and meet compliance regulations such as PCIDSS, HIPAA, and GDPR, all in one comprehensive solution. We ensure our customers have the appropriate guardrails in place.”
“Skyhigh Security is paving the way forward for organizations to drive productivity and innovation by adopting AI technologies, while reducing risk and protecting critical business data,” said Dan Meacham, CISO, Legendary Entertainment. “At Legendary Entertainment, we use the Skyhigh Cloud Platform to help us monitor our generative AI traffic and prevent inadvertent uploads of regulated data, such as PII or trade secrets, or downloads of fake or malicious apps. It provides crucial insight into the corresponding risk levels of workflows pertaining to different AI tools and applications, along with the amount of data being posted within them. This visibility is essential for us to accelerate business productivity, while ensuring our risk is efficiently mitigated.”
The Skyhigh SSE portfolio includes Skyhigh Cloud Access Security Broker (CASB), Skyhigh Secure Web Gateway (SWG), Skyhigh Private Access and other products, integrated into its comprehensive Skyhigh Cloud Platform, with Data Loss Prevention (DLP) as a core capability. Through its CASB for Shadow IT and SWG capabilities, it provides advanced data protection for organizations that allows the use of AI applications, including:
Visibility into AI applications in use, as well as their corresponding risk levels. With insights into usage trends, businesses can exercise greater control over their data.
Control over the amount of data uploads/in posts, lowering the risk of unintentional access to sensitive data.
Flexibility in giving access to AI applications. Block complete access to AI applications for all users or simply block just risky/specific AI applications.Restrict AI applications used within your organization by providing access only to users with a business justification.
Improved security awareness across the organization by coaching users on the risks of utilizing AI applications. Add pop ups whenever users access these sites, which direct them to not input any sensitive info in the application and note that it will be monitored by DLP.
Reduced risk by automatically disabling and deleting the conversation history within AI applications, like ChatGPT, so that corporate data cannot be used to train the system.
Prevent copy/paste of sensitive content into AI applications, like ChatGPT, by leveraging Skyhigh Security’s Web Isolation capabilities.
Protect sensitive data from being uploaded to AI applications like ChatGPT. Apply DLP policies to block sensitive data from being posted, including social security numbers, bank account numbers, proprietary IP such as source code, employee and customer names.
On July 11 and 13, Skyhigh Security will host a special webinar titled, ChatGPT and AI: Embrace It or Fear It, with Skyhigh Security’s Cloud Security Architect, Nate Brady. Register here to attend the webinar and learn more about how to harness AI and cloud services effectively and responsibly.
About Skyhigh Security
Skyhigh Security is focused on helping customers secure the world’s data. It protects organizations with cloud-native security solutions that are both data-aware and simple to use. Its market-leading Security Service Edge (SSE) Portfolio goes beyond data access and focuses on data use, allowing organizations to collaborate from any device and from anywhere without sacrificing security. For more information, visit www.skyhighsecurity.com.