DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
SentinelOne | September 22, 2022
SentinelOne, an autonomous cybersecurity platform company, today launched the inaugural LABScon, a conference dedicated to advancing cybersecurity research for the benefit of collective digital defense. The event features novel findings from sought-after voices in cybersecurity and groundbreaking research by leading research teams.
“The goal of LABScon is to provide a venue for advanced security collaboration and community building,” said Migo Kedem, VP Growth and Head of SentinelLabs, SentinelOne. “We are pleased to unite the cybersecurity community - researchers, vendors, and practitioners - to strengthen collective understanding of the security landscape. Only through shared knowledge and collaboration will cybersecurity evolve.”
The conference lineup features prominent speakers and world-class researchers presenting on today's most important cyber security topics. Conference highlights include:
Mark Russinovich, Microsoft Azure CTO, presents the story of his seminal malware analysis toolkit, which transformed malware analysis and forensic investigation
Dmitri Alperovitch, Executive Chairman of the Silverado Policy Accelerator and CrowdStrike Co-Founder and former CTO, discusses cyberwarfare and effective policies
Morgan Adamski, Director of NSA's Cyber Collaboration Center, keynotes “Operational Collaboration: The Realities of Success”
Chris Krebs, the first director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and Partner of the Krebs Stamos Group, shares in-the-trenches perspectives on cybersecurity and government
M.J. Emanuel, CISA Incident Response Analyst, delves into recent cyberattacks targeting satellite communications and critical infrastructure
Mauro Vignati, International Red Cross, discusses the line between combatants and digital collaborators in war
Thomas Rid, Professor of Strategic Studies and founding director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins SAIS, debuts cybersecurity discoveries
Kim Zetter, world-renowned cybersecurity author, facilitates fireside chats and shares perspectives on cyberwar
Kris McConkey, PwC’s Global Cyber Threat Intelligence Practice Lead, releases research detailing new activity emanating from Chinese advanced persistent threat (APT) groups
Mandiant, Sophos, Volexity, BlackLotus, PwC, and Binarly drops new APT research and vulnerabilities
SentinelLabs releases “Metador,” our most ambitious APT research to date
LABScon is hosted by SentinelLabs, a world-class team of security researchers that identifies critical vulnerabilities, new attack vectors, malware strains, and threat actors. The event is sponsored by Stairwell, Luta Security, Cisco Talos, GreyNoise, HP Wolf Security, Aesir, Binarly, Team Cymru, and ReversingLabs.
To stay updated with groundbreaking threat research and cybersecurity discoveries, visit https://www.sentinelone.com/labs/
About SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.
Read More
PLATFORM SECURITY
Zscaler | August 02, 2022
Zscaler, Inc., the leader in cloud security, today announced that Zscaler Internet Access™ (ZIA™) achieved Federal Risk and Authorization Management Program (FedRAMP) High Authority to Operate from the FedRAMP Joint Authorization Board (JAB). This federal government certification enables ZIA to meet civilian agencies’ high security requirements, as well as those of the Department of Defense (DoD) and other intelligence organizations. ZIA is currently the only Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution that has achieved FedRAMP’s highest authorization.
FedRAMP High authorization indicates to federal decision-makers that ZIA and ZPA have undergone rigorous audits of critical security controls to protect the government’s most sensitive unclassified data in remote cloud computing environments.
The company’s Zscaler Private Access™ (ZPA™), the other key component of the Zscaler Zero Trust Exchange platform, is also JAB High authorized, and along with ZIA, comprise the JAB High authorized Zscaler Zero Trust Exchange™ for federal customers.
The certification confirms that ZIA can securely connect government users to external applications, including SaaS applications and internet destinations, regardless of device, location, or network, providing superior cyber and data protection for mission-critical government information. With both ZIA and ZPA now JAB-High authorized, agencies can resolve ongoing user experience and cost challenges associated with securing the explosive use of cloud-based applications. These challenges include continued poor user experience through VPNs, security risks from users who bypass VPNs leading to a lack of visibility and protection, and increased network usage costs associated with backhauling the growing volume of internet traffic flowing through the government's TIC.
Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE) – a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the Moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including zero trust, as well as met TIC 3.0 use cases.
"This FedRAMP High authorization elevates Zscaler and our support of the US government as currently the only cloud security company with two FedRAMP High JAB authorizations in the market," said Drew Schnabel, Vice President of Federal at Zscaler.
Federal agencies, DoD commands, and federal contractors can now take full advantage of the Zero Trust Exchange at the JAB High or Moderate level. Customers can align their security posture with their workload requirements and meet Executive Order 14028 zero trust goals at all levels available under the FedRAMP program.
“Delivering zero trust and SASE through FedRAMP authorized platforms at the highest impact levels is crucial for the security of our nation's future. “Zscaler committed to our customers that we would deliver a comprehensive zero trust and SASE platform at the High and Moderate baseline levels. Today, we are proud to announce we have met that commitment. The Zscaler team continues to follow the guidance of Executive Order 14028, CISA’s TIC 3.0 and zero trust use cases, DOD/DISA’s National Defense Authorization Act, and our customers and partners. We are delivering FedRAMP High authorized cloud platforms, while helping agencies modernize and transform their legacy cybersecurity environments to cloud-based SASE and zero trust solutions.”
Stephen Kovac, Chief Compliance Officer at Zscaler
“FedRAMP High is a must-have for many federal agency deployments,” said Zeus Kerravala, Founder and Principal Analyst at ZK Research. “We see more and more CISOs and CIOs across state and local government, education, and the private sector recognizing the value of a third-party validated security assessment.”
The Zero Trust Exchange is a cloud-native security platform that securely connects any user, device, and application, regardless of location. Following the principle of least-privileged access, the platform establishes trust through user identity and context – including location, device, application, and content – and then creates secure, direct connections based on policy enforcement. The platform supports IT federal mission transformation by reducing costs, eliminating the internet attack surface, and preventing lateral movement of threats while providing an excellent user experience.
The Zscaler Zero Trust Exchange is powered by the world’s largest security cloud, with more than 10 years of operational excellence enabling the processing of more than 240 billion daily transactions and stopping over seven billion threats and policy violations per day for the largest, most demanding organizations around the globe. Today’s news builds on recent announcements including:
Zscaler Private Access Achieves DoD Impact Level 5 (IL5)
Zscaler is chosen to run a pilot program in support of Executive Order 14028 by the National Institute of Standards and Technology (NIST)
Zscaler is First Zero Trust Remote Access Cloud Service to Achieve FedRAMP-High JAB Authorization
ZIA™ receives Authorization to Operate (ATO) at the Moderate Impact level
Zscaler is a Leader in the 2022 Gartner Magic Quadrant for Security Service Edge (SSE), following up 10 consecutive years as a Leader in the Gartner Magic Quadrant for Secure Web Gateway
About FedRAMP
FedRAMP is a government-wide program with input from numerous departments, agencies, and government groups. The program’s primary decision-making body is the Joint Authorization Board (JAB), comprised of the CIOs from DOD, DHS, and GSA. In addition to the JAB, other organizations such as OMB, the Federal CIO Council, NIST, DHS, and the FedRAMP Program Management Office (PMO) also play key roles in effectively running FedRAMP. Using a “do once, use many times” framework, the program ensures information systems/services used government-wide have adequate information security; eliminates duplication of effort and reduces risk management costs; and enables rapid and cost-effective procurement of information systems/services for federal agencies.
About Zscaler
Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Apiiro | September 12, 2022
Apiiro, the leader in Cloud-Native Application Security, today announced it is a platinum sponsor of Cloud Native SecurityCon, an event designed to foster collaboration, discussion and knowledge sharing of cloud native security projects to address security challenges and opportunities.
The in-person event takes place October 24-25, 2022 in Detroit, MI and will showcase breakthrough technology and advances in modern cybersecurity approaches including secure software development and supply chain security.
Cloud Native SecurityCon is co-located at KubeCon + CloudNativeCon, the Cloud Native Computing Foundation's flagship conference. Apiiro executives including VP of Security Research Moshe Zioni will be in attendance to discuss how Apiiro is accelerating secure software delivery by addressing critical risks in cloud-native applications. KubeCon attendees can also meet with Apiiro executives to learn more about the code risk platform by visiting booth SU63.
About Apiiro
Apiiro helps security and development teams proactively remediate risk before releasing to the cloud. Backed by Greylock and Kleiner Perkins.
Read More