Developer-Centric Application Security Company StackHawk announces its launch of its General Accessibility

prnewswire | September 01, 2020

StackHawk, the software-as-a-service startup that empowers software engineers to easily find and fix application security bugs before they hit production, today announced it is launching into general availability. Over the past year, the product has built a strong base of Early Access customers who have automated their AppSec testing in the CI pipeline, checking for vulnerabilities on every merge. With great feedback from these early customers, StackHawk is now available to any company that wants to deliver secure software.

Spotlight

MX’s approach to security includes a defense-in-depth strategy. This strategy is supported by an established, operational MX Security Program, with a robust suite of governing policies, processes, security controls, and procedures to achieve MX’s security strategy. MX enacts defense in depth by hardening each layer of MX’s infrastructure and supporting processes.

Spotlight

MX’s approach to security includes a defense-in-depth strategy. This strategy is supported by an established, operational MX Security Program, with a robust suite of governing policies, processes, security controls, and procedures to achieve MX’s security strategy. MX enacts defense in depth by hardening each layer of MX’s infrastructure and supporting processes.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Mimecast Partners With Okta to Safeguard Enterprises from Insider Threat Attacks

Mimecast | November 09, 2022

Mimecast Limited, an advanced email and collaboration security company, today announced a new strategic integration with Okta, Inc., one of the leading independent identity providers, designed for enterprise customers to proactively mitigate the increasing risk and complexity of insider threat attacks. Building on Mimecast’s extensive library of API integrations, the integration partnership will further enable organizations to Work Protected™ amidst the proliferation of social engineering attacks targeting their hybrid workforce, customers, and supply chain. The integration of these solutions can empower strained IT teams with an expanded arsenal of AI-enabled tools and technologies that strengthen protection at the intersection of business communications, people, and data. The increased prevalence and damaging ramifications of insider threat attacks are well-documented. IBM’s 2022 Cost of a Data Breach Report found that stolen or compromised credentials were the most common cause of data breaches over the previous year, serving as the primary attack vector in nearly 20% of breaches. They also had the longest lifecycle of all breaches, taking approximately 243 days to identify and another 84 days to contain, and resulted in an average of $4.50 million in losses. However, according to the same study, organizations with fully deployed security AI and automation experienced breach lifecycles that were 74 days shorter, on average, and cost a median of $3.05 million less. By integrating Mimecast’s purpose-built, cloud-native email and collaboration security with Okta’s world-renowned identity access management offerings, organizations can deploy AI-enabled automation to help mitigate the impact of compromised account activity – streamlining human workflows through real-time threat intelligence sharing and automated response actions across two best-of-breed solution architectures. Optimized for rapid deployment flexibility and simplicity of use, the integration is engineered to allow administrators to seamlessly assume granular control within minutes regardless of their level of IT expertise. “Our integration partnership with Okta comes at a pivotal time as insider threats have emerged as a critical vulnerability for the modern hybrid enterprise. “This integration is a microcosm of the Mimecast mission to extend our services beyond email and collaboration security alone. Joining forces with a fellow industry pioneer like Okta enables us to execute a vital ‘team sport’ approach to cybersecurity, building on the existing security investments, capabilities, and tools of our customers to ensure their organizations remain safe.” Jules Martin, Mimecast vice president of ecosystems & alliance “With the ever-evolving nature of the cyber threat landscape, it’s imperative that we amplify our identity access management services to address new and emerging attack vectors,” said John Grundy, Okta senior strategic alliance manager. “This integration partnership with Mimecast enables us to do exactly that, creating a holistic automation framework that empowers enterprises to enhance the efficiency of their insider threat detection and response posture.” Mimecast, a Gold Sponsor of Oktane22, will be presenting a live demo of the integration at the annual conference on November 8-10, 2022. Mimecast: Work Protected™ Since 2003, Mimecast has stopped bad things from happening to good organizations by enabling them to Work Protected. We empower more than 40,000 customers to help mitigate risk and manage complexities across a threat landscape driven by malicious cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today. Mimecast solutions are designed to transform email and collaboration security into the eyes and ears of organizations worldwide.

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Qualys Introduces TotalCloud with FlexScan Delivering Cloud-Native VMDR

Qualys | November 02, 2022

Qualys, Inc., a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, is announcing TotalCloud with FlexScan delivering cloud-native VMDR with Six Sigma Accuracy via agent and agent-less scanning for comprehensive coverage of cloud-native posture management and workload security across multi-cloud and hybrid environments. As business applications and on-premises infrastructure migrate to the cloud, security teams struggle with managing cyber risk across cloud workloads, services, resources, users, and applications. Additionally, teams must deal with a plethora of industry acronym-driven point solutions that provide a fragmented view of risk without context. This approach increases security costs and complexity while leaving cloud applications vulnerable to attacks. "Qualys is enhancing its widely used platform to deliver visibility, context, speed, automation, and orchestration in a comprehensive solution to help organizations scale their security and compliance programs for modern software development. "Qualys TotalCloud incorporates security into development workflows, enabling them to release secure, reliable code while giving security teams the control and visibility they need to manage risk by reducing their attack exposure and rapidly responding to threats." Melinda Marks, senior analyst at ESG "As a finance organization, we need a continuous view of the security and compliance posture across our cloud applications, with clear insights into risk," said Prabhuram Rajarathinam, CISO at Cholamandalam Investment and Finance Company. "Qualys TotalCloud with FlexScan will enable our cloud security and DevOps teams to use the multiple assessments to further strengthen the security of our cloud applications." With more than 31 million workloads already secured by Qualys, Qualys TotalCloud extends the industry-leading accuracy of VMDR with cloud-native FlexScan assessments to unify Cloud Posture Management and Cloud Workload Security in a single view with risk insights. TotalCloud automates inventory, assessment, prioritization and risk remediation via an easy-to-use drag-and-drop workflow engine for continuous and zero-touch security from code to production cloud applications. Qualys FlexScan Qualys TotalCloud introduces FlexScan a comprehensive cloud-native assessment solution that allows organizations to combine multiple cloud scanning options for the most accurate security assessment of their cloud environment. Security teams will have multiple hybrid assessment capabilities to secure the entire cloud attack surface including: Zero-touch, agent-less, cloud service provider API-based scanning for fast analysis. Virtual appliance-based scanning to assess unknown workloads over the network for open ports and remotely exploitable vulnerability detection. Snapshot assessment that mounts the workload snapshot for periodic offline scanning including vulnerabilities and OSS scanning. Qualys Cloud Agents in the workload for comprehensive, real-time vulnerability, configuration and security assessment. Qualys TotalCloud provides security teams with: Immediate multi-cloud posture insights - The unified cloud posture dashboard provides inventory, security and compliance posture insights across multi-cloud environments in minutes. Teams can easily identify and prioritize the misconfigurations that cause the highest risk with additional context on workload vulnerability and security posture. Unified security view to prioritize cloud risk with TruRisk - A single view of cloud security insights across cloud workloads, services and resources is provided via the console. Additionally, Qualys TruRisk quantifies security risk by workload criticality and vulnerability detections and correlates it with ransomware, malware and exploitation threat intelligence to prioritize, trace and reduce risk. Fast remediation with no code, drag-and-drop workflows - The integration of QFlow technology into TotalCloud saves security and DevOps teams valuable time and resources. Automation and no-code, drag-and-drop workflows help simplify the time-consuming operational tasks of assessing vulnerabilities on ephemeral cloud assets, alerting on high-profile threats, remediating misconfigurations, and quarantining high-risk assets. Shift-left security to catch issues early– TotalCloud provides shift-left security integrated into developers existing CI/CD tools to continuously assess cloud workloads, containers and Infrastructure as Code (IaC) artifacts. This allows for the rapid identification of security exposures and remediation steps during the development, build and pre-deployment stages while providing support for the major cloud providers including AWS, Azure and Google Cloud. "Cloud security is getting very fragmented with too many point solutions, which brings more complexity," said Sumedh Thakar, president and CEO of Qualys. "Our customers want seamless, comprehensive insight into cyber risk across their multi-cloud and non-cloud assets. With our innovative TotalCloud offering, we bring flexible, high-quality cloud-native risk assessment to our customer base as they look to expand into the cloud with Qualys." About Qualys Qualys, Inc. is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Armorblox to Enhance its NLU-based Data Protection Platform

Armorblox | December 26, 2022

Contents 1. Enhancement in the Company’s Email Security Solutions 2. How is Enhancements in the Solution Benefiting the Customers? Armorblox, anemerging email security solutions provider, recently announced the inclusion of Custom Role-Based Access Controls to its innovative cloud-delivered email security platform for enhancing the maintenance of data compliance and reducing data blindspots for individuals across the organization. Not every email is the same. When it comes to incoming threats, attackers tend to focus on emails that involve sensitive credentials or valuable data. According to the Armorblox Email Security Threat Report, in 2022, 87% of credential phishing attacks looked like common corporate workflows to trick victims, and 70% of spoofing attacks got past native email security layers. Thus, Armorblox has made improvements to Armorblox Advanced Data Loss Prevention and added Custom Role-Based Access Controls to make it safer from insider threats (RBAC). 1. Enhancement in the Company’s Email Security Solutions "According to a recent Market Research Future study, the demand for email security is anticipated to exceed US$ 11 billion by 2030." Armorblox has always been committed to putting security first, and this dedication goes beyond offering a best-in-class email security solution. Armorblox Advanced Data Loss Prevention's enhanced capabilities ensure that customers' most sensitive information is reliably protected across all content types and storage mediums. Coupled with its Armorblox Custom DLP Policies, companies are now able to set automated encryption actions and exceptions for sensitive data and confidential content per department or per user. Armorblox Custom Role-Based Access Controls provide fine-grained controls to security teams, which are necessary to set restriction levels and access for individuals, teams, and groups across the organization. 2. How is Enhancements in the Solution Benefiting the Customers? Through the enhancements to the Advanced DLP solution and the addition of Custom Role-Based Access Controls to the Armorblox platform, Armorblox is supporting the security-first approach that companies require. Customers will benefit in a variety of ways, including: Custom Access Controls: Create and assign custom roles with granular permissions to groups or individuals across security teams based on their job responsibilities. Sensitive Data Encryption: Prevent unauthorized disclosure of PII, PCI, and PHI by identifying and encrypting sensitive data across emails, attachments, and documents automatically. Reduce Data Blindspots: Ensure the implementation of appropriate restrictions and access levels for employee, organization, and third-party data. About Armorblox Founded in 2017, Armorblox is an email security solutions company headquartered in California, U.S., backed by Next47 and General Catalyst. The company provides technology that secures enterprise communications over email and other cloud office applications by leveraging deep learning and natural language technologies. The Armorblox platforms connect via APIs and analyze millions of signals to comprehend the context of communications in order to safeguard individuals and data from compromise. Over 58,000 enterprises use Armorblox to prevent BEC and targeted phishing attacks, protect critical PII and PCI, and automate the repair of user-reported email threats.

Read More