Software Security

DigitSec and UST Announce Partnership to Offer Continuous Application Security Testing for Salesforce DevSecOps

DigitSec, provider of the most comprehensive AppSec testing platform purpose-built for Salesforce, and UST, a leading digital transformation solutions company, today announced a partnership to provide full-spectrum application security testing as part of a comprehensive Salesforce portfolio for enterprise customers.

UST will offer its clients the DigitSec SaaS Security Scanner™- S4 for Salesforce��� as part of its plan to deliver more secure and resilient solutions for testing and remediation.

DigitSec S4 is a continuous application security testing platform for Salesforce DevSecOps that integrates multiple security tools, empowering developers and administrators to accurately identify security issues faster and with far fewer false positives than traditional AppSec testing solutions. It offers an automated penetration testing solution combining static source code analysis (SAST), interactive runtime testing (IAST), software composition analysis (SCA), and cloud security configuration review for a truly comprehensive Salesforce security assessment.

Commenting on the partnership, Prasan Vyas, General Manager and Global Head of SFDC Practice, UST, said, "At UST, we are constantly improving our value proposition for our Global 2000 and Fortune 500 customers by leveraging our platform expertise and working together with best-of-breed partners to help build secure and robust solutions. For our Salesforce customers, DigitSec presents a digital-age tool to secure applications against potential security threats early on in the build process. The partnership underwrites UST's deep commitment to the Salesforce platform and helping our customers identify and remediate security risks in their Salesforce orgs."

"Given the mission-critical and sensitive nature of customer personally identifiable information (PII) and other data, it's critical that developers consider security first in their Salesforce projects. Our S4 platform provides a continuous and automated 360-degree view of potential threats and now is available to UST clients as they create and update their Salesforce applications," said DigitSec CEO Waqas Nazir.   

S4 for Salesforce can quickly and accurately identify thousands of potential security vulnerabilities with the lowest rate of false positives in the industry. The DigitSec platform also supports compliance framework requirements including GDPR, HIPAA, ISO-27001, SOX, PCI DSS, CCPA, and APPI.

About DigitSec
DigitSec provides the most comprehensive application security testing platform purpose-built for Salesforce, including automated penetration testing. Its patented SaaS Security Scanner, S4, quickly assesses Salesforce security posture, allowing developers to easily identify potential issues before deployment while supporting compliance requirements.

About UST
For more than 20 years, UST has worked side by side with the world's best companies to make a real impact through transformation.  Powered by technology, inspired by people, and led by our purpose, we partner with our clients from design to operation. Through our nimble approach, we identify their core challenges and craft disruptive solutions that bring their vision to life. With deep domain expertise and a future-proof philosophy, we embed innovation and agility into our clients' organizations—delivering measurable value and lasting change across industries and around the world. Together, with over 26,000 employees in 25 countries, we build for boundless impact—touching billions of lives in the process.

Spotlight

Spotlight

Related News

Software Security

Okta Unveils Identity Threat Protection with Okta AI for Its Cloud

Okta | October 09, 2023

Okta, Inc. announces Identity Threat Protection with Okta AI, a new product for Okta Workforce Identity Cloud. It enables security teams and admins to constantly evaluate user risk during active sessions and respond automatically to Identity threats across the entire ecosystem. Identity Threat Protection enables organizations to mitigate risk with enhanced threat detection and response capabilities. Okta, Inc., the leading independent Identity partner, has introduced Identity Threat Protection with Okta AI, a revolutionary product within the Okta Workforce Identity Cloud. This innovative solution provides identity-based threat detection and mitigation in real-time. Identity Threat Protection goes beyond initial authentication by employing Okta AI and security infrastructure insights. It assures continuous user risk assessment during active sessions and enables automatic responses to Identity threats across the entire ecosystem. Organizations are increasingly adopting diverse cybersecurity tools to counter evolving threats. However, this leads to a flood of detailed security data, making it daunting for administrators to set up efficient policies and identify crucial threats. This fragmentation makes it challenging to track the risk of any specific user session over time and requires navigating various consoles. Okta stands out with its unified Identity deployment, offering a unique ability to evaluate risks across security domains and active user sessions. This innovative strategy solves a crucial business challenge as, according to Gartner, "By 2025, organizations that adopt a continuous adaptive trust strategy will reduce [account takeover] along with other identity risks by 30%..." President and CDO of Workforce Identity Cloud at Okta, Sagnik Nandy, said, Organizations need the ability to not only bring together risk insights at the point of login, but also to re-evaluate at any point in a user’s session. Identity Threat Protection extends Okta’s adaptive risk analysis and delivers automatic remediation and response, assisting businesses stop potential threats in real-time. [Source – Business Wire] Multi-factor authentication (MFA) is a vital tool in combating identity-based attacks. However, its effectiveness typically extends only to the login stage. Using shared signals throughout a user's active session, Identity Threat Protection equips organizations with enhanced threat detection and response capabilities, thereby mitigating risk. Initial launch capabilities include: Continuous Risk Evaluation Shared Signals Pipeline Adaptive Actions CIO at Palo Alto Networks, Meerah Rajavel, said, Our world-class threat intelligence innovations assist secure enterprises against evolving attack methods. Partnering with Okta’s Identity Threat Protection is a great opportunity to further empower enterprises with security signal sharing, assisting them to better detect changes in user risk across their tech stack. [Source – Business Wire]

Read More

Cloud Security

IBM Broadens its Cloud Security Services and Compliance Center

IBM | September 08, 2023

IBM has announced the expansion of its Cloud Security and Compliance Center to help enterprises protect data and mitigate risk across their hybrid, multi-cloud environments and workloads. With the addition of the latest solutions, IBM's solution suite now goes beyond compliance posture management and workload protection. It now includes application-level security capabilities. IBM Cloud Security and Compliance Center suite offers benefits, including intelligent automation technology, expanded compliance, and visibility into third- and fourth-party risk posture, among others. IBM, a global technology innovator at the forefront of automation, AI, and hybrid cloud solutions, has unveiled the expansion of the IBM Cloud Security and Compliance Center. This suite offers a range of updated cloud security and compliance solutions carefully designed to aid enterprises in mitigating risk and safeguarding data within their hybrid, multi-cloud environments and workloads. As organizations grapple with emerging threats along the supply chain and navigate evolving global regulations, this solution suite stands as a pillar of support for their resilience, performance, security, and compliance requirements, all while aiding in the reduction of operational costs. IBM's newly introduced Cloud Security and Compliance Center Data Security Broker solution offers a transparent data encryption layer. It utilizes format-preserving encryption and anonymization technology to safeguard sensitive data used in business applications and AI workloads. Rohit Badlaney, General Manager at IBM Cloud Product and Industry Platform, said, The expansion of the IBM Cloud Security and Compliance Center displays our continued focus on industry-specific capabilities that assist in addressing real world business challenges for our clients. For ex., clients have the ability to employ the IBM Cloud Framework for Financial Services, which can enable them to address evolving rules, laws and regulations surrounding cloud risk. The new capabilities demonstrate our commitment to supporting clients on their hybrid cloud modernization journeys, designed for security, privacy, compliance, and trust at the forefront of our product roadmap. [Source – Cision PR Newswire] IBM Cloud has a long history of working with client companies in financial services and other highly regulated sectors, especially when it comes to assisting them to drive innovation while securing their sensitive data, added Badlaney. In combination with the IBM Cloud Security and Compliance Center Data Security Broker, the upgraded suite of the IBM Cloud Security and Compliance Center will introduce a number of new features. These additions are intended to aid clients, especially those operating in regulated industries, in meeting security, compliance, and data residency requirements specific to their industry. Key features due to the expansion of IBM Cloud Security and Compliance Center: Intelligent automation technology Expanded compliance Enhanced Cloud Security Posture Management (CSPM) Optimized Cloud Workload Protection Platform (CWPP) Improved Cloud Infrastructure Entitlements Management (CIEM) Enhanced visibility into third- and fourth-party risk posture Frank Dickson, VP of Security and Trust at IDC, said, As more companies adopt a hybrid, multi-cloud approach to managing applications of all sorts across PaaS, SaaS, IaaS and on-premises, centrally automated and managed technologies that can execute security and compliance capabilities at scale are required. The IBM Security and Compliance Center addresses this requirement for holistic protection – which is especially crucial for organizations in highly regulated sectors that manage sensitive data, such as financial services – regardless of the application within which the data may live. [Source – Cision PR Newswire]

Read More

Platform Security

Verizon Holds Cybersecurity Event at NJ Executive Business Center

Verizon | October 13, 2023

Verizon Business has announces hosting a special cybersecurity event on October 18, 2023, marking two decades of cybersecurity consulting services at its New Jersey Executive Business Center. Participants will gain valuable insights into how Verizon is empowering companies to harness the potential of 5G network solutions. Alongside the cybersecurity panel discussion, attendees can expect live demonstrations highlighting Verizon's proficiency in developing exceptionally secure solutions. Verizon Business will host a special media event on October 18, 2023, marking two decades of cybersecurity consulting services and honoring Cybersecurity Awareness Month. The event will feature a panel discussion led by industry experts, including Chris Novak, Managing Director of Verizon Cyber Security Consulting; Sean Atkinson, Chief Information Security Officer at the Center for Internet Security; and Krista Valenzuela, Cyber Threat Outreach and Partnerships at The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC). The panel promises an engaging dialogue encompassing critical themes such as data privacy, AI's influence on cybersecurity, the emergence of voice security, evolving security controls, and other pertinent subjects. Furthermore, the discussion will shed light on the strategies employed by local New Jersey organizations to counteract emerging cyber threats. Attendees will also gain insights into Verizon's role in empowering businesses through innovative 5G network solutions, enhancing security measures, and elevating their overall operations. Managing Director of Verizon Cyber Security Consulting, Chris Novak, said, Raising greater awareness about cybersecurity is the first step in assisting organizations defend against these cyber threats. [Source – Globe Newswire] Novak mentioned that Verizon is utilizing its network's extensive visibility to collect, report, and disseminate actionable insights. These insights can be used by customers and other businesses to tackle advanced cyber threats related to vulnerability exploitation and social engineering. Furthermore, demonstrations highlighting Verizon's proficiency in developing highly secure solutions will be presented in addition to the cybersecurity panel. They include: Coach-to-Coach Communications: Introducing a dependable and secure wireless network solution tailored for NFL coaches, enabling confidential communication on the field. Cashierless Checkout: Utilizing advanced machine learning and computer vision technologies, this innovative solution facilitates autonomous stores at any location. Integrated with 5G UWB and 5G Edge, it redefines the retail experience. Private Wireless Networks: Explore the benefits of premise-based equipment, highlighting the significance of private dedicated networks in enhancing business connectivity and security. Cyber Threat Outreach and Partnerships, NJCCIC, Krista Valenzuela, mentioned, One of the ways we’re harnessing the power of AI in New Jersey is in identifying suspicious and malicious websites to help the State and its critical infrastructure in better defending against these cyber threats. [Source – Globe Newswire]

Read More