Enterprise Security, Platform Security, Software Security
PR Newswire | August 09, 2023
BigID, the leading platform for data security, privacy, compliance, and governance, today announced native AI support to copilot organizations' innovation and adoption of generative AI: revolutionizing data management and security. With BigID's AI, organizations can now achieve better data visibility, clarity, and organization to accelerate their ability to improve their data security posture, wherever their data lives.
To effectively safeguard critical data, security teams need comprehensive visibility and understanding of their data assets, relying on an updated and comprehensive data inventory. Legacy tools leave organizations with fragmented perspectives, lacking the context needed to identify data requiring protection.
BigID accelerates organizations of all sizes to get the most out of AI - and adapt & innovate while they're doing it.
Benefits at a Glance:
Get Better Data Clarity: Automatically assign easy-to-understand names and business terms to data tables and columns for better insight into sensitivity and business value.
Intelligently Organize Your Data: Quickly group similar types of documents and apply human readable titles and descriptions.
Accelerate Risk Reduction: Generate summaries of data security posture management, automate risk assessments, and get recommended actions based on the data itself.
Govern large language models (LLMs) securely: Reduce risk of adapting AI by flag, tag, and labelling LLM data as safe for use - ensuring these models aren't being trained on personal, sensitive, regulated, or private information.
"With BigID's AI-driven automation, customers can now effortlessly navigate their data landscape, prioritize security efforts, and gain a level of clarity that was previously unattainable," said Tyler Young, CISO of BigID. "The world of generative AI brings risk and uncertainty around security - BigID makes it easy to innovate and adapt AI - all while decreasing the attack surface."
About BigID
BigID enables organizations to know their enterprise data and take action for data-centric security, privacy, compliance, and governance. Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. BigID has been recognized for its data intelligence innovation as a 2019 World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, the 2021 Inc 5000 as the #19th fastest growing company and #1 in Security, the 2021 and 2022 Deloitte 500, and an RSA Innovation Sandbox winner. Find out more at https://bigid.com.
Read More
Enterprise Security, Platform Security, Software Security
Prnewswire | July 24, 2023
Checkmarx, the global leader in application security solutions, has introduced Codebashing 2.0, its latest developer AppSec learning solution, equipping development teams with all the right skills to write secure code based on their roles and needs. Now offering an enhanced integration within the Checkmarx One™ Application Security Platform, Codebashing makes learning and developer adoption of application security (AppSec) frictionless and fully integrated into the development life cycle.
With digital transformation increasing demands on software development teams, AppSec has become a critical area for large enterprises to reduce business risk even as less time is available for finding and fixing vulnerabilities in applications. In the interest of productivity and speed, most development teams work within integrated development environments (IDEs) and require security teams to prioritize and focus them on fixing key vulnerabilities.
"The competing pressures of application time-to-deployment and AppSec risk reduction have long plagued and challenged development teams and CISOs," said Sandeep Johri, CEO at Checkmarx. "This new version of Codebashing is a game-changer for security teams to enable and provide knowledge and trust in handling vulnerabilities fixes. Its updated integration to the Checkmarx One platform solves some of the main challenges we constantly hear from CISOs and security teams seeking to improve the developer experience while also ensuring a secure and rapid pipeline of applications. These are critical elements of a successful digital transformation as enterprises continue their migration to the cloud."
Learning key concepts within their familiar workspaces and applying those concepts from the first line of code to the last across all applications can significantly lower AppSec risk while boosting productivity.
Codebashing 2.0 integrates fluidly into a developer's daily routine and workflow by offering "bite-sized" learning modules through Checkmarx One plugins within the developer's IDE. Designed by some of the industry's leading AppSec security researchers and engineers, Codebashing modules upskill developers' ability to write secure code from the very first line.
Codebashing 2.0 offers a new way for security teams to better engage developers for AppSec adoption through a whole new experience and new gamified user interface. It includes a new Learning Path, which is a tailored professional skill tree that enables developers to continuously cultivate their expertise, stepping beyond the confines of one-time training sessions. The Learning Path is designed to be adaptive and personalized. Developers can select their unique path based on their specializations: Back-end, Front-end, or DevOps. This custom-tailored approach ensures that each developer is guided through the secure coding learning most pertinent to their specific role and responsibilities.
Security Champion Program
With Codebashing 2.0, Checkmarx has introduced the first in-market program to allow large enterprises to scale its AppSec program by training and certifying personnel from the engineering team as security champions. This certificate is backed by almost 20 years of AppSec expertise and includes a predefined training and certification including:
Hours of gamified and comprehensive content such as quizzes and assessments to obtain and measure knowledge transfer
Best practices critically needed by Security Champions.
"The CISOs of global enterprise companies among our clients have repeatedly told us that two things are critical to building trust and collaboration between security and development teams: implementation of a proper framework of AppSec skills and methodologies and creating security champions among their developers. This is why we developed the first Security Champion Program in the market," said Ramon Herzlinger, General Manager of Codebashing at Checkmarx. "We invested extensively to ensure that all the relevant aspects are taught, including front-end, back-end, and DevOps-related knowledge and certification and based on feedbacks with customers who trailed it already, we are confident it is a major breakthrough in generating trust between security and development teams."
Codebashing 2.0 includes a completely revamped user experience, new learning paths, and the most up to date AppSec learning content on the market covering the latest challenges and needs of development and security teams. With Codebashing 2.0, CISOs can identify gaps in knowledge about secure code capabilities fixes within their developers and help drive secure code awareness. For more information and to request the latest Codebashing 2.0 demo, visit this page.
About Checkmarx
Checkmarx is the leading application security provider, offering the industry's most comprehensive and innovative cloud-native platform, Checkmarx One™. Fueled by intelligence from our industry leading AppSec security research team, our products and services enable enterprises to shift everywhere in order to secure every phase of development for every application while simultaneously balancing the dynamic needs of CISOs, security teams, and development teams. We are honored to serve more than 1,800 customers, including 60 percent of Fortune 100 organizations, and are committed to moving forward with an unwavering dedication to the safety and security of our customers and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.
Read More
Cloud Security
Cisco | September 15, 2023
Cisco Secure Application, new to the Cisco Full-Stack Observability Platform, brings application and security teams together to secure cloud-native application development and deployment.
The platform integrates Cisco's industry-leading security products' security intelligence with application performance data to provide business context with security findings.
Cisco-exclusive business risk observability enables IT professionals to identify, assess, and prioritize risk and fix application security concerns based on potential business impact.
Cisco, a worldwide technology leader that offers innovative software-defined networking, cloud, and security solutions, has unveiled the availability of the Cisco Secure Application, formerly known as Security Insights for Cloud Native Application Observability, on the Cisco Full-Stack Observability platform. This integration empowers organizations to seamlessly unite their application and security teams, facilitating the secure development and deployment of modern applications. The latest release of Cisco Secure Application extends its capabilities to securely manage both cloud-native and hybrid applications.
In an effort to assist organizations in bolstering their cloud-native applications security, Cisco has introduced the new Cisco Secure Application offering, which is available on Cisco's recently introduced Full-Stack Observability platform. This solution equips customers with enhanced visibility and intelligent insights regarding business risk in various cloud environments.
As a result, businesses gain the ability to more effectively prioritize and respond to security risks that could impact revenue and reputation in real time, leading to a reduction in overall organizational risk profiles.
As organizations strive to provide smooth digital experiences, IT teams have faced growing demands to transition to modern, distributed applications.
According to a recent study by Cisco, 92% of global technologists acknowledge that the urgency to innovate and adapt to evolving customer needs has often resulted in compromised application security during software development.
As a consequence, organizations have become susceptible to security vulnerabilities and threats. They face broader attack surfaces and gaps in their application security layer due to the isolation of teams. These teams face challenges in obtaining adequate visibility and the necessary business context for prioritizing vulnerabilities. Consequently, organizations are witnessing a surge in security incidents within the modern environment, thereby jeopardizing customer data and the reputation of their businesses.
Mark Leary, Research Director, IDC, stated,
Cisco's extensive domain experience across multi-cloud and hybrid environments and comprehensive full tech stack oversight positions the company well to assist customers bring business risk observability, application observability, and security intelligence data together. Combined, they give customers access to the critical information they need to make smarter decisions about their application security
[Source – Cision PR Newswire]
Senior VP and General Manager of Cisco Full-Stack Observability and AppDynamics, Ronak Desai, said,
An organization's ability to swiftly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they’ll be exploited, and the risk to the business of each issue. This business risk observability can enable IT professionals understand and prioritize those risks and is uniquely delivered by Cisco. The availability of Cisco Secure Application on the Cisco Full-Stack Observability platform is a crucial next step in our commitment to providing customers with the tools they need to provide unmatched and secure digital experiences across multi-cloud and hybrid environments.
[Source – Cision PR Newswire]
Read More