Platform Security, Software Security, Cloud Security
Businesswire | July 25, 2023
Stellar Cyber, the innovator of Open XDR technology, announced today that all Stellar Cyber Open XDR Platform users can now secure their OT environments on the same platform with the same license they use to secure their IT environments. Combining IT and OT security in a single platform gives security teams a permanent advantage over attackers who frequently attempt to exploit weaknesses and vulnerabilities identified in an IT environment to move laterally into an OT environment to carry out an attack, and vice versa.
Recent studies found that in 2021, over 90% of manufacturers had their production or energy supply impacted by a cyberattack. “With attacks so prevalent, you would think most security vendors would attempt to provide an easy-to-implement OT security solution, but that is not the case,” said Sam Jones, VP of Product Management at Stellar Cyber. “We found that with our open data architecture and built-in network security (NDR) capabilities, we can detect the most common OT environment cyber-attacks without burdening the security team to create OT-specific detection content.”
OT environments require different deployment models based on their OT architecture. Stellar Cyber’s agentless deployment and its partnership with Garland Technology (a leading provider of network visibility products), make it easy for customers to incorporate their OT environment assets into the Stellar Cyber platform.
With Stellar Cyber, security teams can now automatically detect the following:
Many flavors of SCADA protocols
SCADA network segmentation violations
Malicious or suspicious file transfers
Several existing Stellar Cyber customers are already incorporating their OT environment assets into the Stellar Cyber Platform and gaining never-before-seen insights into the attacks targeting their OT environments. “Securing my OT environment seemed unrealistic given my resources and budget, but now that I can use the Stellar Cyber Platform for both my IT and OT environments, my security team is delivering better security outcomes across the entire organization, protecting our bottom line,” said a SOC manager for a mid-sized manufacturing organization.
“Securing an OT environment should not be exclusively available to organizations that have embedded OT expertise in their security teams,” said Sam Jones, VP of Product Management of Stellar Cyber. “With our platform, all customers can now reduce the risk of a widespread breach that might bring the shop floor, a utility turbine, or a critical manufactory line offline.”
About Stellar Cyber
Stellar Cyber’s Open XDR Platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill level to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR.
Enterprise Security, Platform Security, Software Security
Prnewswire | July 24, 2023
Checkmarx, the global leader in application security solutions, has introduced Codebashing 2.0, its latest developer AppSec learning solution, equipping development teams with all the right skills to write secure code based on their roles and needs. Now offering an enhanced integration within the Checkmarx One™ Application Security Platform, Codebashing makes learning and developer adoption of application security (AppSec) frictionless and fully integrated into the development life cycle.
With digital transformation increasing demands on software development teams, AppSec has become a critical area for large enterprises to reduce business risk even as less time is available for finding and fixing vulnerabilities in applications. In the interest of productivity and speed, most development teams work within integrated development environments (IDEs) and require security teams to prioritize and focus them on fixing key vulnerabilities.
"The competing pressures of application time-to-deployment and AppSec risk reduction have long plagued and challenged development teams and CISOs," said Sandeep Johri, CEO at Checkmarx. "This new version of Codebashing is a game-changer for security teams to enable and provide knowledge and trust in handling vulnerabilities fixes. Its updated integration to the Checkmarx One platform solves some of the main challenges we constantly hear from CISOs and security teams seeking to improve the developer experience while also ensuring a secure and rapid pipeline of applications. These are critical elements of a successful digital transformation as enterprises continue their migration to the cloud."
Learning key concepts within their familiar workspaces and applying those concepts from the first line of code to the last across all applications can significantly lower AppSec risk while boosting productivity.
Codebashing 2.0 integrates fluidly into a developer's daily routine and workflow by offering "bite-sized" learning modules through Checkmarx One plugins within the developer's IDE. Designed by some of the industry's leading AppSec security researchers and engineers, Codebashing modules upskill developers' ability to write secure code from the very first line.
Codebashing 2.0 offers a new way for security teams to better engage developers for AppSec adoption through a whole new experience and new gamified user interface. It includes a new Learning Path, which is a tailored professional skill tree that enables developers to continuously cultivate their expertise, stepping beyond the confines of one-time training sessions. The Learning Path is designed to be adaptive and personalized. Developers can select their unique path based on their specializations: Back-end, Front-end, or DevOps. This custom-tailored approach ensures that each developer is guided through the secure coding learning most pertinent to their specific role and responsibilities.
Security Champion Program
With Codebashing 2.0, Checkmarx has introduced the first in-market program to allow large enterprises to scale its AppSec program by training and certifying personnel from the engineering team as security champions. This certificate is backed by almost 20 years of AppSec expertise and includes a predefined training and certification including:
Hours of gamified and comprehensive content such as quizzes and assessments to obtain and measure knowledge transfer
Best practices critically needed by Security Champions.
"The CISOs of global enterprise companies among our clients have repeatedly told us that two things are critical to building trust and collaboration between security and development teams: implementation of a proper framework of AppSec skills and methodologies and creating security champions among their developers. This is why we developed the first Security Champion Program in the market," said Ramon Herzlinger, General Manager of Codebashing at Checkmarx. "We invested extensively to ensure that all the relevant aspects are taught, including front-end, back-end, and DevOps-related knowledge and certification and based on feedbacks with customers who trailed it already, we are confident it is a major breakthrough in generating trust between security and development teams."
Codebashing 2.0 includes a completely revamped user experience, new learning paths, and the most up to date AppSec learning content on the market covering the latest challenges and needs of development and security teams. With Codebashing 2.0, CISOs can identify gaps in knowledge about secure code capabilities fixes within their developers and help drive secure code awareness. For more information and to request the latest Codebashing 2.0 demo, visit this page.
Checkmarx is the leading application security provider, offering the industry's most comprehensive and innovative cloud-native platform, Checkmarx One™. Fueled by intelligence from our industry leading AppSec security research team, our products and services enable enterprises to shift everywhere in order to secure every phase of development for every application while simultaneously balancing the dynamic needs of CISOs, security teams, and development teams. We are honored to serve more than 1,800 customers, including 60 percent of Fortune 100 organizations, and are committed to moving forward with an unwavering dedication to the safety and security of our customers and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.
Globenewswire | July 17, 2023
Xage Security, the leader in zero trust cybersecurity solutions for the real world, today announced that it has been recognized as a Representative Vendor in the 2023 Gartner Market Guide for Cyber-Physical Systems Protection Platforms. This is the inaugural Gartner Market Guide to focus on Cyber-Physical Systems (CPS) Protection Platforms, which are emerging as a leading cybersecurity market segment for protecting operations and mission-critical environments.
Gartner defines the Cyber-Physical Systems (CPS) Protection Platforms Market as “products and services that use knowledge of industrial protocols, operational/production network packets or traffic metadata, and physical process asset behavior to discover, categorize, map and protect CPS in production or mission-critical environments outside of enterprise IT environments.” This report indicates a shift in the OT security market, which is moving beyond the use of segregated network architectures as the principal form of OT cybersecurity and into asset-centric approaches that protect at the level of individual users, applications and systems.
“With the changing threat landscape, an asset-centric approach to securing operations is an essential step to effectively protect against today’s advanced cyberattacks,” said Duncan Greatwood, CEO of Xage Security. “We believe this recognition of the market signals a new stage in critical infrastructure protection as more and more organizations are adopting CPS asset-centric security to prevent, contain and respond to cyber attacks.”
Operational Security Evolving to an Asset-Centric Security Model
Gartner states that “As the complexity and variety of old and new assets have become a reality for most organizations, so has the recognition that a new approach to security is needed.”Xage is pioneering a new approach to infrastructure cybersecurity providing operators with capabilities from asset discovery to identity-based cyber hardening in a converged solution that protects access to assets, data, and applications even if attackers gain access to the operational network.Last year, Xage was also recognized as a Representative Vendor among CPS Protection Platforms in the Gartner 2022 Innovation Insight for Cyber-Physical Systems Protection Platforms report and also named in the Gartner 2022 Market Guide for Operational Technology Security report.Xage helps operators protect their systems using an identity-based asset-centric zero trust architecture. Xage’s capabilities include identity-based access management and privilege enforcement, zero trust remote access, multi-layer multi-factor authentication (MFA), and zero trust data exchange that protects access to sensitive operational data.Gartner Market Guide for Cyber-Physical Systems Protection Platforms, Katell Thielemann and Wam Voster, 29th June 2023.
GARTNER is registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Xage Security
Xage is the first and only zero trust real-world security company. Xage’s solutions and services accelerate and simplify the way enterprises secure, manage and transform digital operations across OT, IT, and cloud. Xage products include Identity-based access management, remote access, and zero trust data exchange, all powered by the Xage Fabric. Xage also offers Cybersecurity Services, which deliver expert design, implementation, and support services to accelerate the adoption of proactive cyber-defense and underpin secure digital transformation.