DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | April 19, 2023
Global security leader Forcepoint today introduced its best-in-class Managed Security Service Provider (MSSP) program for service providers, distribution partners and other resellers.
With managed services based on the Forcepoint ONE Security Service Edge (SSE) platform, Forcepoint partners can simplify Zero Trust security and gain predictable, repeatable revenue streams through cloud-first, hybrid-ready security. Forcepoint ONE also allows partners to quickly differentiate their security offerings with Data-first SASE, integrating SSE with connectivity through FlexEdge Secure SD-WAN solutions. Forcepoint MSSP partners can help enterprises and government agencies turn security into a competitive advantage by increasing productivity, streamlining costs and simplifying regulatory compliance.
“As more and more organizations look to MSSPs for their cybersecurity solutions, the opportunity for partners is absolutely massive with market growth to $53.22B expected in the next several years. And every customer we speak to is on a path to SASE, with many looking to MSSPs for pay-as-you-go solutions that stop threats and data loss while letting users access information and apps securely on any device,” said Myles Bray, Chief Revenue Officer at Forcepoint. “Forcepoint ONE allows MSSP partners to fast forward their journey to Data-first SASE through the delivery of security convergence, subscription model and business tools that enable partners to reduce complexity for mutual customers, drive recurring revenue, and quickly scale their service offerings.”
“Forcepoint’s data-centric focus on security aligns with our vision for proactive protection, detection and remediation,” said Raluca Saceanu, CEO of Smarttech247, a Forcepoint partner. “Smarttech247’s hosted and managed services centered on Forcepoint ONE SSE cloud-native and Forcepoint enterprise data security solutions allow today’s enterprises to manage risk holistically and simplify security operations. This is a game-changer when adversaries are constantly finding new ways to steal confidential data.”
As a channel-first company, Forcepoint will help partners quickly incorporate SASE into their services through its MSSP program. Using the Forcepoint management portal, partners can update customer configurations and offer multi-tenant services with a few clicks. Subscriptions with simple billing help providers scale their profitability when end-user licensing needs change. With no significant up-front expenses, partners can offer Forcepoint ONE and Secure SD-WAN solutions quickly over the internet and customers can add more services anytime.
Forcepoint also provides enablement and training support, including channel managers dedicated to building business plans with MSSPs and distribution partners. Additional Forcepoint MSSP benefits to partners include:
Unified Management: the Forcepoint ONE all-in-one console offers a single set of policies for securing remote, hybrid, and office workers.
Modern: strong Zero Trust data security delivered with a cloud-native SASE architecture.
Global: available everywhere, with 300+ points of presence for managed devices and agentless support for BYOD.
Reliable: 99.99% uptime since 2015.
Profitable: cost competitive, higher margin services.
Forcepoint simplifies security for global businesses and governments. Forcepoint’s all-in-one, truly cloud-native platform makes it easy to adopt Zero Trust and prevent the theft or loss of sensitive data and intellectual property no matter where people are working. Based in Austin, Texas, Forcepoint creates safe, trusted environments for customers and their employees in more than 150 countries. Engage with Forcepoint on www.forcepoint.com, Twitter and LinkedIn.
Smarttech247 is a multi-award-winning cybersecurity company that helps organizations reduce their risk. Trusted by global customers, our platform provides threat intelligence with managed detection and response to provide actionable insights, 24/7 threat detection, investigation, and response. Our service is geared towards proactive prevention and we do this by utilizing the latest in cloud, big data analytics and machine learning, along with our industry leading governance, risk and compliance team.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
PRWeb | May 23, 2023
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced the launch of its new QR Code Phishing Security Test (QR Code PST) tool. The no-charge tool assists organizations in identifying users that are most susceptible to scanning malicious QR codes.
Many organizations are aware of the typical social engineering techniques used by bad actors such as phishing, spear phishing and impersonation, to manipulate employees and infiltrate systems. However, bad actors are now taking advantage of the rise in popularity of QR codes and are using them to launch targeted phishing attacks.
QR code phishing is a social engineering attack that includes a malicious link within a QR code that users are prompted to scan with their smartphones. According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022 and scans quadrupled in 2022 alone.
The malicious links in QR Codes take users to risky websites, execute malware or ransomware on their devices or steal information. In fact, last year the FBI released a warning that QR codes may be tampered with by cybercriminals to direct victims to malicious sites. This is also sometimes referred to as QRLjacking.
KnowBe4’s new QR Code PST helps manage the threat of malicious QR codes by identifying users who may scan these codes and expose an organization to vulnerabilities that have the potential to cause significant downtime and security breach risks. The new, complementary tool is available for immediate use for up to 100 users in 35 languages with additional feature options. Additionally, after being used the tool calculates an organization’s Phish-prone™ Percentage (PPP) — the number of end users who are prone to being phished.
“QR codes pose a unique cybersecurity threat because unlike traditional phishing, there is no URL to verify or way to confirm its legitimacy before scanning the code,” said Stu Sjouwerman, CEO, KnowBe4. “As bad actors diversify their social engineering techniques, it is imperative that organizations educate their employees on the potential danger of QR codes. KnowBe4’s new QR Code Phishing Security Test is a great tool to use as a first step in determining how vulnerable an organization is to the threat of malicious QR codes. Training employees to be alert and to think twice before scanning, contributes towards strengthening an organization’s security culture and encourages a healthy level of skepticism.”
To begin using the new, complementary QR Phishing Security Test, visit: https://info.knowbe4.com/qr-code-phishing-security-test.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 60,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | March 28, 2023
AdaCore, a trusted provider of software development and verification tools, today announced the launch of its new RecordFlux technology, designed to ease the development and security of binary communication protocols. The technology comprises a Domain Specific Language (DSL) to precisely describe complex binary data formats and communication protocols, and a toolset to verify specifications and generate provable SPARK code that can be executed on a target CPU.
Through RecordFlux, users can define and implement complex communication protocols and prove security properties, such as memory safety, at much less cost and effort than would be possible with a manual approach. The precision of the RecordFlux DSL ensures that the specifications are unambiguous, the high-level nature of the DSL makes the specifications easily understandable by domain experts, and the expressive power of the DSL can capture the most complex real-world protocols. And since the RecordFlux code generator produces source code in the formal methods-based SPARK language, users can obtain automated proofs of a wide range of security properties in the resulting software. The net effect is more secure and reliable code, at lower cost.
“Interaction between software components is governed by protocol and format specifications. Unfortunately, most specification documents are complex texts written in English which need to be translated to software implementations manually, leaving room for human error,” said Alex Senier, AdaCore’s RecordFlux Team Lead. “Logic errors and critical flaws are often poorly mitigated by the widespread use of unsafe programming languages, resulting in severe security vulnerabilities. With RecordFlux, we aim to provide a solution that saves time and money by automating provable code generation while ensuring the absence of low-level vulnerabilities like buffer overflows that attackers could exploit.”
RecordFlux is a toolset for creating high-assurance implementations of binary data formats and communication protocols. The technology includes a Domain Specific Language, a comprehensive toolset, and customized expert support. By using SPARK Pro, developers can take the SPARK code generated from RecordFlux specifications and automatically prove that the code is free of run-time errors and respects the original specification.
Code generated by RecordFlux is also compatible with GNAT Pro Assurance, AdaCore’s complete solution for projects with the most stringent requirements for reliability, long-term maintenance, or certification. The compiler-hardening options provided by GNAT Pro Assurance can be used to mitigate further attacks on network-facing protocol-handling code.
Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical, and security-critical systems.
Over the years, customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, defense systems, automotive, railway, space, air traffic management/control, medical devices, and financial services.