Software Security
Okta | October 09, 2023
Okta, Inc. announces Identity Threat Protection with Okta AI, a new product for Okta Workforce Identity Cloud.
It enables security teams and admins to constantly evaluate user risk during active sessions and respond automatically to Identity threats across the entire ecosystem.
Identity Threat Protection enables organizations to mitigate risk with enhanced threat detection and response capabilities.
Okta, Inc., the leading independent Identity partner, has introduced Identity Threat Protection with Okta AI, a revolutionary product within the Okta Workforce Identity Cloud. This innovative solution provides identity-based threat detection and mitigation in real-time. Identity Threat Protection goes beyond initial authentication by employing Okta AI and security infrastructure insights. It assures continuous user risk assessment during active sessions and enables automatic responses to Identity threats across the entire ecosystem.
Organizations are increasingly adopting diverse cybersecurity tools to counter evolving threats. However, this leads to a flood of detailed security data, making it daunting for administrators to set up efficient policies and identify crucial threats. This fragmentation makes it challenging to track the risk of any specific user session over time and requires navigating various consoles.
Okta stands out with its unified Identity deployment, offering a unique ability to evaluate risks across security domains and active user sessions. This innovative strategy solves a crucial business challenge as, according to Gartner, "By 2025, organizations that adopt a continuous adaptive trust strategy will reduce [account takeover] along with other identity risks by 30%..."
President and CDO of Workforce Identity Cloud at Okta, Sagnik Nandy, said,
Organizations need the ability to not only bring together risk insights at the point of login, but also to re-evaluate at any point in a user’s session. Identity Threat Protection extends Okta’s adaptive risk analysis and delivers automatic remediation and response, assisting businesses stop potential threats in real-time.
[Source – Business Wire]
Multi-factor authentication (MFA) is a vital tool in combating identity-based attacks. However, its effectiveness typically extends only to the login stage. Using shared signals throughout a user's active session, Identity Threat Protection equips organizations with enhanced threat detection and response capabilities, thereby mitigating risk. Initial launch capabilities include:
Continuous Risk Evaluation
Shared Signals Pipeline
Adaptive Actions
CIO at Palo Alto Networks, Meerah Rajavel, said,
Our world-class threat intelligence innovations assist secure enterprises against evolving attack methods. Partnering with Okta’s Identity Threat Protection is a great opportunity to further empower enterprises with security signal sharing, assisting them to better detect changes in user risk across their tech stack.
[Source – Business Wire]
Read More
Cloud Security
IBM | September 08, 2023
IBM has announced the expansion of its Cloud Security and Compliance Center to help enterprises protect data and mitigate risk across their hybrid, multi-cloud environments and workloads.
With the addition of the latest solutions, IBM's solution suite now goes beyond compliance posture management and workload protection. It now includes application-level security capabilities.
IBM Cloud Security and Compliance Center suite offers benefits, including intelligent automation technology, expanded compliance, and visibility into third- and fourth-party risk posture, among others.
IBM, a global technology innovator at the forefront of automation, AI, and hybrid cloud solutions, has unveiled the expansion of the IBM Cloud Security and Compliance Center. This suite offers a range of updated cloud security and compliance solutions carefully designed to aid enterprises in mitigating risk and safeguarding data within their hybrid, multi-cloud environments and workloads.
As organizations grapple with emerging threats along the supply chain and navigate evolving global regulations, this solution suite stands as a pillar of support for their resilience, performance, security, and compliance requirements, all while aiding in the reduction of operational costs.
IBM's newly introduced Cloud Security and Compliance Center Data Security Broker solution offers a transparent data encryption layer. It utilizes format-preserving encryption and anonymization technology to safeguard sensitive data used in business applications and AI workloads.
Rohit Badlaney, General Manager at IBM Cloud Product and Industry Platform, said,
The expansion of the IBM Cloud Security and Compliance Center displays our continued focus on industry-specific capabilities that assist in addressing real world business challenges for our clients. For ex., clients have the ability to employ the IBM Cloud Framework for Financial Services, which can enable them to address evolving rules, laws and regulations surrounding cloud risk. The new capabilities demonstrate our commitment to supporting clients on their hybrid cloud modernization journeys, designed for security, privacy, compliance, and trust at the forefront of our product roadmap.
[Source – Cision PR Newswire]
IBM Cloud has a long history of working with client companies in financial services and other highly regulated sectors, especially when it comes to assisting them to drive innovation while securing their sensitive data, added Badlaney.
In combination with the IBM Cloud Security and Compliance Center Data Security Broker, the upgraded suite of the IBM Cloud Security and Compliance Center will introduce a number of new features. These additions are intended to aid clients, especially those operating in regulated industries, in meeting security, compliance, and data residency requirements specific to their industry.
Key features due to the expansion of IBM Cloud Security and Compliance Center:
Intelligent automation technology
Expanded compliance
Enhanced Cloud Security Posture Management (CSPM)
Optimized Cloud Workload Protection Platform (CWPP)
Improved Cloud Infrastructure Entitlements Management (CIEM)
Enhanced visibility into third- and fourth-party risk posture
Frank Dickson, VP of Security and Trust at IDC, said,
As more companies adopt a hybrid, multi-cloud approach to managing applications of all sorts across PaaS, SaaS, IaaS and on-premises, centrally automated and managed technologies that can execute security and compliance capabilities at scale are required. The IBM Security and Compliance Center addresses this requirement for holistic protection – which is especially crucial for organizations in highly regulated sectors that manage sensitive data, such as financial services – regardless of the application within which the data may live.
[Source – Cision PR Newswire]
Read More
Platform Security
Verizon | October 13, 2023
Verizon Business has announces hosting a special cybersecurity event on October 18, 2023, marking two decades of cybersecurity consulting services at its New Jersey Executive Business Center.
Participants will gain valuable insights into how Verizon is empowering companies to harness the potential of 5G network solutions.
Alongside the cybersecurity panel discussion, attendees can expect live demonstrations highlighting Verizon's proficiency in developing exceptionally secure solutions.
Verizon Business will host a special media event on October 18, 2023, marking two decades of cybersecurity consulting services and honoring Cybersecurity Awareness Month. The event will feature a panel discussion led by industry experts, including Chris Novak, Managing Director of Verizon Cyber Security Consulting; Sean Atkinson, Chief Information Security Officer at the Center for Internet Security; and Krista Valenzuela, Cyber Threat Outreach and Partnerships at The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC).
The panel promises an engaging dialogue encompassing critical themes such as data privacy, AI's influence on cybersecurity, the emergence of voice security, evolving security controls, and other pertinent subjects. Furthermore, the discussion will shed light on the strategies employed by local New Jersey organizations to counteract emerging cyber threats. Attendees will also gain insights into Verizon's role in empowering businesses through innovative 5G network solutions, enhancing security measures, and elevating their overall operations.
Managing Director of Verizon Cyber Security Consulting, Chris Novak, said,
Raising greater awareness about cybersecurity is the first step in assisting organizations defend against these cyber threats.
[Source – Globe Newswire]
Novak mentioned that Verizon is utilizing its network's extensive visibility to collect, report, and disseminate actionable insights. These insights can be used by customers and other businesses to tackle advanced cyber threats related to vulnerability exploitation and social engineering.
Furthermore, demonstrations highlighting Verizon's proficiency in developing highly secure solutions will be presented in addition to the cybersecurity panel. They include:
Coach-to-Coach Communications: Introducing a dependable and secure wireless network solution tailored for NFL coaches, enabling confidential communication on the field.
Cashierless Checkout: Utilizing advanced machine learning and computer vision technologies, this innovative solution facilitates autonomous stores at any location. Integrated with 5G UWB and 5G Edge, it redefines the retail experience.
Private Wireless Networks: Explore the benefits of premise-based equipment, highlighting the significance of private dedicated networks in enhancing business connectivity and security.
Cyber Threat Outreach and Partnerships, NJCCIC, Krista Valenzuela, mentioned,
One of the ways we’re harnessing the power of AI in New Jersey is in identifying suspicious and malicious websites to help the State and its critical infrastructure in better defending against these cyber threats.
[Source – Globe Newswire]
Read More