DATA SECURITY

Datadog Launches Application Security Monitoring

Datadog | April 29, 2022

Datadog
Datadog, Inc., a cloud application monitoring and security platform, today announced the official release of its Application Security Monitoring (ASM) solution. ASM utilizes distributed tracing to assist security, development, and operations teams in precisely detecting code-level vulnerabilities like server-side request forgeries (SSRFs), SQL injections, cross-site scripting (XSS) assaults, and others.

Today, applications are a frequent cause of data breaches. According to Forrester's The State of Application Security, 2021, "applications continue to be a leading cause of external breaches, and the presence of open source, APIs, and containers further adds complexity to the security team."

Security risks are increasingly focusing on gaining access to data via an organization's apps by detecting and exploiting code-level flaws. These attacks get through outdated, perimeter-based security systems, which can't tell the difference between a legitimate application request and one that presents a security risk. As software architectures become more sophisticated, there is an increasing need for application security solutions that break through barriers between security, development, and operations teams.

Datadog ASM employs distributed tracing to give end-to-end context, allowing enterprises to identify threats more precisely and react more quickly. This comprehensive view, when combined with the Datadog Cloud Security Platform's additional features such as Cloud Security Posture Management (CSPM), Cloud Workload Security (CWS), and Cloud SIEM, offers teams with actionable insights that speed up remediation and increase collaboration.

"Applications are frequent sources of data breaches because security solutions have not kept pace with modern attacks, which focus on exploiting software code vulnerabilities. Legacy, perimeter-based security solutions cannot adequately address the complexity of today's advanced software architectures, which greatly increase the number of applications, APIs and services that must be monitored. We believe the answer is to use distributed tracing to more accurately detect attacks that expose organizations to risk. This approach helps teams get visibility on authenticated attacks and those that trigger code-level anomalies, ultimately helping them collaborate and respond to threats more quickly."

Pierre Betouin, VP of Product, Cloud Security Platform at Datadog

Application Security Monitoring expands on Datadog's acquisition of Sqreen in April 2021, which has been completely integrated into the Datadog Cloud Security Platform to give a uniform user experience and expanded capabilities. Customers may get their hands on the goods right now.

Spotlight

We hear about hacking, malware attacks and cyber threats almost every day. But how concerned are people about them, and how do they think such attacks will affect them?  We asked over 1,000 office workers in the USA about their worries and perceptions. The results were very interesting.

Spotlight

We hear about hacking, malware attacks and cyber threats almost every day. But how concerned are people about them, and how do they think such attacks will affect them?  We asked over 1,000 office workers in the USA about their worries and perceptions. The results were very interesting.

Related News

PLATFORM SECURITY

SilverSky and NRTC Announce Cybersecurity Partnership

SilverSky | June 03, 2022

SilverSky, a cybersecurity innovation that provides advanced managed detection and response (MDR) services, and NRTC, a member-driven and technology-focused organization located in Herndon, Virginia, announced today an agreement to provide cybersecurity services to NRTC members. NRTC, which already offers a wide range of managed services to its energy and telecom members will now add SilverSky's award-winning MDR services to its portfolio, allowing the cooperative to offer its members the most up-to-date managed cybersecurity services. Managed endpoint protection, multi-factor authentication, and security awareness training are among the services provided, as are vulnerability assessments, penetration testing, and email security. "Accompanying our ongoing emphasis on serving frequently underserved healthcare organizations and educational institutions, this partnership with NRTC helps expand that effort with a distinct focus on the needs of our nation's rural communities. SilverSky's MDR services are powerful, yet easy to deploy and affordable – offering an appealing mix for NRTC's members. We look forward to working with the NRTC Managed Services team to provide these valuable services." Jason McGinnis, President and COO at SilverSky Jon Bartleson, President of NRTC's Managed Services division said that "Our members provide essential electric and telecommunications services to rural America and thus are obvious targets for hackers. It is vital we arm them with comprehensive cybersecurity tools and resources. Cybersecurity is a top priority for our members and staffing for these types of roles is a major challenge. We chose to partner with SilverSky to make sure we could offer comprehensive, affordable managed cybersecurity to our members." On June 7 at 2 p.m. Eastern, SilverSky and NRTC will offer a webinar for NRTC members. On the NRTC website, members can subscribe for Managed Cybersecurity Made Simple, Affordable, and Accessible for Telcos and Electric Cooperatives.

Read More

PLATFORM SECURITY

SecurityScorecard Helps CISOs See, Resolve and Communicate Cyber Risks Clearly with Integration of Ratings Platform and Suite of Professional Services

SecurityScorecard | August 10, 2022

SecurityScorecard, the global leader in cybersecurity ratings, today announced the integration of its Professional Services offering with its ratings platform to provide a single point of orchestration to manage cybersecurity risks. SecurityScorecard’s Professional Services team can help any customer manage cybersecurity risk in concert with the industry’s largest and most comprehensive global, cyber risk data set, setting the industry standard for how cyber risk is quantified, measured and reduced. SecurityScorecard delivers strategic, proactive and acute-scenario services paired with its industry-leading ratings platform that together provide end-to-end cyber risk management from monitoring to remediation. “CISOs are under pressure to protect their organizations, and are now accountable to the Board of Directors, but they lack a single-point of orchestration for cybersecurity workflow and to define success. “Our services and software platform provides CISOs with peace of mind that they have the broad visibility to take action quickly, hold their vendors accountable and communicate those actions promptly.” Aleksandr Yampolskiy, co-founder and CEO, SecurityScorecard SecurityScorecard’s Professional Services team utilizes the combined data and dynamic risk intelligence from the SecurityScorecard platform together with customized data derived from dark web mining to give each customer a holistic, full-spectrum view of their risk posture that is continuously assessed and triaged. SecurityScorecard’s suite of Professional Services is supported by a team of 24/7 Digital Forensic Incident Response (DFIR) experts and include: Cyber Risk Intelligence-as-a-Service provides organizations with tailored, actionable intelligence via SecurityScorecard’s threat intelligence team. Third-Party Risk Management (TPRM) Program includes workshops and customized roadmaps to help organizations mature their programs. Tabletop Exercises help test teams’ cyber readiness against a real-world cyber incident by practicing incident response scenarios. Penetration Testing and Red Team Exercises engage covert teams of ethical hackers to identify weaknesses. Digital Forensics & Incident Response (DFIR) support helps to collect, preserve and analyze digital evidence when responding to an incident, whether that be an insider threat situation or a nation state attack. SecurityScorecard’s team of experts regularly testify in court and collaborate with law enforcement. Incident Response support is also available 24/7 and onsite during a crisis, such as a ransomware incident, to help contain attacks, identify the threat actors and safely progress to the eradication phase. SecurityScorecard’s Professional Services team also helps prevent churn across internal security and TPRM teams by giving them the expertise to maintain program integrity and business uptime, particularly for under-resourced teams, regardless of cyber or third-party risk maturity. About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More

DATA SECURITY,NETWORK THREAT DETECTION,PLATFORM SECURITY

NetSPI Launches Partner Program to Broaden Delivery of Offensive Security Services

NetSPI | August 18, 2022

NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the launch of the NetSPI Partner Program which empowers its global channel and technology partners to deliver offensive security services during a time when it's needed most. Partners within the program can offer end users NetSPI's proven vulnerability management technologies and human-delivered offensive security services, allowing both the partner and NetSPI to expand product and service offerings, further develop customer relationships, and enter new markets. Additionally, last month NetSPI joined the AWS Marketplace, simplifying the procurement process for enterprise organizations with existing AWS relationships by allowing them to purchase NetSPI's offerings directly via the marketplace. The program is led by NetSPI's Vice President of Business Development and Strategic Alliances, Lauren Gimmillaro. Gimmillaro has a track record of launching four successful partner programs, consisting of working with channel, referral, reseller, and technology partners. "As today's global attack surface evolves and cybercriminals become more sophisticated in nature, it's critical to provide end users with the tools, services, and skill sets they need to take an offensive approach to security," said Gimmillaro. "Centered around our customer-first approach, the NetSPI Partner Program will allow our team to extend our world-class pentesting capabilities to a variety of diverse and trusted partners, strengthening organizations' cyber security efforts across the globe." The NetSPI Partner Program encompasses the following partnership types: Channel Partners: NetSPI provides its full suite of security services and products through a global channel network of referral and reseller partners. To meet partners' requirements, the programs include a tier-based model consisting of referral fees, preferred client pricing, and reseller discounts. Technology Partners: Security and third-party software companies help build meaningful integrations with NetSPI to improve overall customer experiences. For both, NetSPI offers technical and sales support to help partners achieve their business and go-to-market goals. "Through the NetSPI Partner Program, SecureLink has been able to provide enterprises in the Middle East and Africa region access to NetSPI's continuous and scalable suite of offensive security solutions. "With NetSPI, we are proud to offer unmatched sophistication, methodology, and value to our global customer base." Manish Pardeshi, director of cybersecurity practices at SecureLink "Apiiro is proud to be part of the NetSPI Partner Program. The partnership has provided our customers with next-gen, context aware pentesting capabilities and NetSPI customers with our ability to detect and fix critical risks in cloud-native applications," said John Leon, vice president of business development at Apiiro. "Being a member of the NetSPI Partner Program allows us to achieve our sales goals while providing mutual customers with industry leading services and expertise." About NetSPI NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world's five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ penetration testing and vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over 1 million assets to find 4 million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Read More