SOFTWARE SECURITY

Exabeam Partners with Google Cloud

Exabeam | June 09, 2022

Exabeam
Exabeam, a pioneer in Next-Generation SIEM and XDR, announced today its intention to construct and evolve its modern cloud-native security information and event management (SIEM) and cybersecurity analytics solutions on Google Cloud. The move provides global security teams with endless data ingestion, speed, and scale options in their continuous battle against more sophisticated cybersecurity threats over an ever-expanding attack surface.

“Exabeam is unlike any other SIEM vendor in that we leverage our machine learning-based, cyber analytics product to help security teams be more efficient. With this next version of our product, we will now become completely cloud-native offering unparalleled performance, scale, and cost efficiency. Exabeam is built by security people for security people.”

Michael DeCesare, CEO and president, Exabeam

Gerrit Kazmaier, Vice President and General Manager, Data Analytics and Business Intelligence at Google Cloud said that “Addressing and protecting data from security threats and attacks is a business-critical focus that is constantly evolving. We look forward to continuing our work together to create products that help companies securely leverage their data at cloud scale.”

Adam Geller, chief product officer, Exabeam said that “After looking at several cloud players in the market, we selected Google Cloud, specifically the Data Analytics family of products including BigQuery, Dataflow, and Looker, because of its hyperscale, speed, and ability to support the type of technically advanced products we build at Exabeam. Google Cloud has enabled us to greatly accelerate our own security platform and product innovation resulting in state-of-the-art features and capabilities that can finally overcome the data proliferation and threat detection, investigation, and response (TDIR) challenges faced by security operations teams today.”

Exabeam has been named a Leader with the highest ability to execute in the 2021 Gartner Magic Quadrant for SIEM for the third time in a row, joining a rapidly growing list of technology companies that power their products and businesses with Google data cloud products like BigQuery, Looker, Spanner, and Vertex AI.

Spotlight

National governments are enacting new, stringent data privacy laws to protect citizen data, guard national security interests, and potentially provide a boost to local industries. This rush to protect sensitive and personally identifiable information threatens current business strategies, practices, and processes widely used by organizations that operate internationally. Data privacy regulations are not going away. Organizations need a way to cut through the red tape and develop a compliance strategy which includes people, processes and technology. This Ovum report details key recommendations on how to protect, control and locate sensitive information so your business can meet these emerging demands.

Spotlight

National governments are enacting new, stringent data privacy laws to protect citizen data, guard national security interests, and potentially provide a boost to local industries. This rush to protect sensitive and personally identifiable information threatens current business strategies, practices, and processes widely used by organizations that operate internationally. Data privacy regulations are not going away. Organizations need a way to cut through the red tape and develop a compliance strategy which includes people, processes and technology. This Ovum report details key recommendations on how to protect, control and locate sensitive information so your business can meet these emerging demands.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

GuidePoint Security Launches Industrial Control Systems (ICS) Security Service Offerings

GuidePoint Security | September 28, 2022

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its ICS Security Services. These service offerings include a Security Program Review, Security Architecture Review and ICS Penetration Testing that collectively are designed to provide an organization with a holistic view of their entire ICS security posture. Traditionally, Operational Technology (OT) environments were kept separate and isolated from the traditional IT infrastructure. Today, ICS environments have emerged from the combination of IT and OT (Industry 4.0), introducing new features and easier management, but also creating new vulnerabilities and attack vectors. For example, an OT environment can be breached by an attack that comes through the IT environment. With GuidePoint’s ICS Security Services, organizations can ensure they have visibility across not only their OT environment, but also their broader organization. “The convergence of OT and traditional IT infrastructure into ICS environments has led to easier operational oversight, but it also introduces new avenues for attackers to exploit,” said Pascal Ackerman, Sr. Security Consultant - Operational Technology. “Through the combined expertise of our Governance, Risk and Compliance, Security Architecture, and ICS penetration testing practices, we can provide customers with an assessment of their entire ICS security posture, evaluating every angle of their environment.” GuidePoint’s ICS Security Service offerings include: Security Program Review (SPR): The SPR evaluates and measures an organization’s security program maturity and is based on the framework chosen by the customer, including, but not limited to: NIST Cybersecurity Framework (CSF), NIST 800 82, CIS Controls, ISO/IEC 62443, ISO 27001, C2M2, FERC/NERC-CIP, CISA TSS and ITU CIIP. With GuidePoint’s SPR offering, organizations can better assess their security program and its maturity level, and build or enhance their existing program to ensure it is right-sized to their unique requirements. ICS Security Architecture Review (SAR): The SAR evaluates an organization’s security capabilities to ensure deployed technologies are aligned with relevant compliance requirements. GuidePoint’s team of experts provides industry-recommended enhancements to an organization’s existing solutions as well as recommendations for new controls to augment and further mature security practices. ICS Penetration Testing: This service goes beyond a typical OT pentest by combining best-in-class IT and OT pentesting methodologies to form a holistic offering that will assess all security aspects of the production environment. Organizations gain real-life, actionable results based on proven ICS (IT and OT) penetration testing methods and techniques. These ICS Security Services round out a complete portfolio of cyber-focused Governance, Risk and Compliance offerings, Security Architecture Reviews, as well as Threat and Attack Simulation Services, to ensure the security of customers’ environments. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Apiiro to Sponsor Cloud Native SecurityCon and KubeCon + CloudNativeCon North America

Apiiro | September 12, 2022

Apiiro, the leader in Cloud-Native Application Security, today announced it is a platinum sponsor of Cloud Native SecurityCon, an event designed to foster collaboration, discussion and knowledge sharing of cloud native security projects to address security challenges and opportunities. The in-person event takes place October 24-25, 2022 in Detroit, MI and will showcase breakthrough technology and advances in modern cybersecurity approaches including secure software development and supply chain security. Cloud Native SecurityCon is co-located at KubeCon + CloudNativeCon, the Cloud Native Computing Foundation's flagship conference. Apiiro executives including VP of Security Research Moshe Zioni will be in attendance to discuss how Apiiro is accelerating secure software delivery by addressing critical risks in cloud-native applications. KubeCon attendees can also meet with Apiiro executives to learn more about the code risk platform by visiting booth SU63. About Apiiro Apiiro helps security and development teams proactively remediate risk before releasing to the cloud. Backed by Greylock and Kleiner Perkins.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

ISG Partners With cyberconIQ on Human Side of Cybersecurity

ISG | September 20, 2022

Information Services Group, a leading global technology research and advisory firm, said today it is has formed a partnership with cyberconIQ, a cybersecurity platform and advisory company, to address the human side of cybersecurity. Under the new partnership, ISG Cybersecurity will be able to offer its clients the capabilities of cyberconIQ’s Human Defense Platform, a SaaS-based solution that helps mitigate the human factors that create cyber risk, while cyberconIQ will be able to offer its customers access to the full range of ISG Cybersecurity services. “People are one of the biggest risks to enterprise cybersecurity,” said Doug Saylors, partner and co-leader of ISG Cybersecurity. “Some 85 percent of breaches today involve human error, with breaches caused by phishing attempts up 25 percent in the last year alone. To combat this problem, enterprises need to strengthen their cybersecurity culture and help people become their own—and their employers’—best protection against cyber threats.” Saylors said the partnership with cyberconIQ will enable ISG Cybersecurity to offer its clients a platform-based approach to identify individual risk styles among employees, increase overall security awareness, and actively monitor, measure, model and manage people-related cyber risk. “The solution set of cyberconIQ is a welcome addition to ISG Cybersecurity’s market-leading portfolio of advisory, benchmarking, sourcing, organizational change management and third-party risk management capabilities,” Saylors said. CyberconIQ’s Human Defense Platform is proven to reduce people-related cyber risk by up to 95 percent, said the company’s CEO and Founder Dr. James Norrie. “We are able to substantially reduce cyber risk by leveraging our CYBERology™ approach – the intersection of cybersecurity and psychology,” said Norrie. “We embed behavioral science methods targeting changes in on-the-job behavior into all of our cybersecurity solutions.” The cyberconIQ offering includes the patented myQ Risk-Style Questionnaire, unIQue Security Awareness Education modules, cybermetrIQs Cyber Risk Dashboard, phishFixIQ Phishing Simulation and Remediation solution, and leaderIQ adaptive learning approach to creating a risk-aware and compliant culture. “We are excited to be working with ISG and its blue-chip client roster to bring the benefits of our human-centered approach to cybersecurity to more organizations,” Norrie said. “Working together, our combination of technology and people-based approaches will help companies significantly improve their cyber defenses and risk awareness.” ISG Cybersecurity is a unit of ISG that helps enterprise clients increase their cybersecurity maturity in line with their overall digital transformations. The unit helps clients assess and benchmark their cybersecurity programs, develop a cybersecurity strategy, design and implement their cybersecurity operating model, design overall solutions and select appropriate vendors, manage third-party risk and create and execute cybersecurity awareness and training programs. About cyberconIQ Headquartered in York, Penn., cyberconIQ was founded with the knowledge that technical approaches to cybersecurity alone do not address the prevalent issues we face today. With years of research and development with financial industry leaders, Dr. James Norrie discovered that our foundational CYBERology™ approach – the intersection of cybersecurity and psychology – would improve security outcomes and would advance the risk and compliance culture within organizations world-wide. With proven results that are 8 - 10x more effective than generic training alternatives, cyberconIQ's platform measurably reduces the risk of a human-factors cybersecurity breach or data leak. About ISG ISG is a leading global technology research and advisory firm. A trusted business partner to more than 800 clients, including more than 75 of the world’s top 100 enterprises, ISG is committed to helping corporations, public sector organizations, and service and technology providers achieve operational excellence and faster growth. The firm specializes in digital transformation services, including automation, cloud and data analytics; sourcing advisory; managed governance and risk services; network carrier services; strategy and operations design; change management; market intelligence and technology research and analysis. Founded in 2006, and based in Stamford, Conn., ISG employs more than 1,300 digital-ready professionals operating in more than 20 countries—a global team known for its innovative thinking, market influence, deep industry and technology expertise, and world-class research and analytical capabilities based on the industry’s most comprehensive marketplace data.

Read More