DATA SECURITY

GoVanguard Expands Cybersecurity Capabilities with Acquisition of Gotham Security

GoVanguard | August 11, 2021

Technology security firm GoVanguard has completed it's acquisition of boutique cybersecurity company, Gotham Security. The move positions GoVanguard to expand its leadership in the cybersecurity sector, building its team and expertise to help clients' increasing need to prevent and mitigate emergent threats, such as ransomware attacks. The move comes as a natural extension of GoVanguard's mission to advance security awareness and provide elite-level cybersecurity services to its clients.

GoVanguard services a wide range of industries looking to secure their business. Clients include Odyssey Group, nTopology, Insurance Technologies and Abacus Group, as well as several international businesses, medium sized companies and small local firms, spanning organizations across the financial, healthcare, insurance and technology industries.

GoVanguard has built its reputation through its approaches to adversary simulation, risk reduction, threat management, and information security strategy. The acquisition completes the company's suite of offerings by acquiring a five-year partner and industry leader in red-teaming and pentesting—two essential services for companies protecting against security threats and staying ahead of risks to business information.

"As threat actors become more sophisticated, it's become obvious that the best defense is to go on the offensive. Adversary simulation has become increasingly valuable for organizations looking to quickly gauge and improve their security position. Afterall, if you can't measure it, you can't improve it," said Mahdi Hedhli, GoVanguard CEO. "Gotham Security has been a close partner for years and this was a natural next step to allow our red-teaming experts to take our clients' defenses to the next level and continue our dedication to finding the security gaps before cybercriminals do."

Underscoring the commitment to quality and continuity, Blake Shalem, Gotham Security COO, will be joining GoVanguard as its Chief Customer Officer. Blake said that the move will not only enhance services and expand resources to new and existing clients, it will also provide opportunities to further develop team members in the ever-evolving space of cybersecurity.

"This move allows us to elevate what we do best, which translates to a superior class of protection for our clients," said Blake.

Recent attacks on Kaseya, thousands of Microsoft Exchange Servers, Colonial Pipeline, JBS, a nuclear contractor, and a U.S. Congressional vendor, spotlight the brazenness and sophistication of cybercriminals, who are constantly probing for new angles of attack. Meanwhile, ransomware is becoming an increasingly lucrative venture for threat actors. The institute for Security and Technology estimates that U.S. companies paid out about $350 million in 2020, a year-over-year increase of 171 percent in the average ransomware payment.

GoVanguard's acquisition of Gotham Security positions clients to remain a step ahead of the criminals, specifically in the areas of red-teaming and pentesting to help companies eliminate existing vulnerabilities before cybercriminals strike.

"We're doubling down on our commitment to improve the cybersecurity landscape by honing our focus on red teaming," Hedhli said. "We feel this is the area where GoVanguard makes the biggest impact for our clients and the industry as a whole."

About GoVanguard

GoVanguard is a cybersecurity firm based in New York City dedicated to providing world class services with actionable results. The company's innovative team of technology and cybersecurity experts specialize in emulating sophisticated cybercriminals to find gaps in business security before criminals do. Using attack simulation, risk reduction, threat management and compliance and strategy guidelines, the company has been working toward its mission of developing security awareness and protection for organizations across the financial, healthcare, insurance, technology and other business enterprises across the U.S. for nearly a decade.

Spotlight

NetWall USG provides access to real-time OT data and enables secure data transfer to the OT environment without compromising the security and integrity of your critical production systems.

Spotlight

NetWall USG provides access to real-time OT data and enables secure data transfer to the OT environment without compromising the security and integrity of your critical production systems.

Related News

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

CyberArk Workforce Password Management to Provide Advanced Protection

CyberArk | March 15, 2023

On March 14, 2023, CyberArk, the world leader in Identity Security, announced advancements to Workforce Password Management. The cloud-based business password management solution from CyberArk allows businesses to capture, store, and manage password-based apps and other secrets in a secure manner. Added features offer administrators with increased flexibility and power to minimize risk and enhance security for web-based applications. Workforce Password Management is developed for business environments and offers the privacy, availability and security organizations require, including support for current corporate directories and passwordless authentication controls, unlike personal password managers. Some of the new things are: Application Access Controls Based on Usernames Support for CAPTCHA-Enabled Web Apps Enhanced Reporting for User-Added Applications CyberArk Secure Web Sessions and Workforce Password Management can be used together to further fortify access to critical systems. With the newest release, Secure Web Sessions provides an additional layer of defense called Session Control. Session Control enables administrators to define notification and enforcement rules for specific text fields in business applications that are accessed with credentials stored in Workforce Password Management. For example, administrators can set up a rule to stop users from transferring more than pre-set threshold within their corporate banking applications and notify the IT security team of the attempt. Gil Rapaport, General Manager, Access Management at CyberArk, said, “Traditional password managers typically lack controls and functionalities that enterprises need to secure end-user credentials, which are constantly targeted by attackers.” He added, “Password management must be dynamic to evolve with attacker innovation. We are continuously investing in new features and functionalities for Workforce Password Management to deliver greater usability, security and control for all users within an organization – from developers and business users to IT administrators.” (Source – Business Wire) About CyberArk Founded in Newton, MA, CyberArk is the worldwide leader in identity security solutions. The company is the most comprehensive security solution for any identity, machine or human, across business apps, remote employees, hybrid cloud workloads, and the complete DevOps lifecycle, thanks to its emphasis on privileged access management. The world’s largest organizations entrust CyberArk to help secure their most vital assets.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Varonis Introduces Automated Posture Management to Fix Cloud Security Risks

Varonis | January 27, 2023

On January 26, 2023, Varonis Systems, Inc., a leader in data security and analytics, announced the availability of automated posture management to assist clients in resolving security and compliance gaps spanning their SaaS and IaaS systems. Varonis continuously scans, identifies, and ranks cloud security threats, providing CISOs and compliance officers with real-time insight into their data security posture. With this new automation option, users can fix misconfigurations in applications such as Salesforce and AWS with a single click from a unified interface. According to Gartner, through 2025, 99% of cloud security breaches will be the customer's fault. CIOs can counter this by adopting and enforcing rules for cloud ownership, accountability, and risk acceptance. Varonis Field CTO, Brian Vecci, said, “Automated posture management takes the burden of understanding and remediating cloud misconfigurations off the customer.” He also said, “We stay on top of the latest configuration risks and best practices, so you don’t have to. Now, we can not only show you exactly how to improve your security posture, but we can also automatically mitigate risk on your behalf.” (Source – GlobeNewswire) This release marks a significant advancement in cloud data security. Passive data security posture management (DSPM) solutions need manual operations to generate help desk tickets for a person to review and fix in every cloud application manually. Varonis offers a uniform and automated method for minimizing the attack surface of multi-cloud environments. Automated posture management is the most recent tool introduced by Varonis to simplify data security outcomes. Varonis introduced least privilege automation for Google Drive, Microsoft 365, and Box, as well as a new data security posture management (DSPM) dashboard early this month. About Varonis Varonis is a leader in data security and analytics, waging war differently from typical cybersecurity corporations. Instead, Varonis focuses on protecting business data like: Sensitive files and emails Strategic and product plans Financial records Confidential customer, patient, and employee data In addition to data protection, Zero Trust, data governance, compliance, categorization, data privacy, and threat detection and response, Varonis solutions handle various other critical use cases. The company began operations in 2005 and has clients in the financial services, healthcare, industrial, energy and utilities, insurance, technology, media and entertainment, consumer and retail, and education industries, among others.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Launch of Virtru Private Keystore Enables Heightened Privacy and Secure Collaboration in the Cloud

Globenewswire | March 24, 2023

Virtru, the global leader in data-centric security and privacy, today announced the immediate availability of the Virtru Private Keystore, allowing organizations to leverage the power of industry-leading cloud collaboration platforms with the confidence that their data is completely private and shielded from their cloud provider. The Virtru Private Keystore gives businesses a simple way to encrypt their cloud data and store the keys in an environment separate from their cloud provider. It is available for Google Workspace, Google Cloud, and all of Virtru’s products. Privacy-preserving technology has become a top priority for businesses and individuals alike, as evidenced by Google’s rapid expansion of Client-Side Encryption for Google Workspace and customer-managed encryption keys for Google Cloud. Google has undertaken these efforts to win and retain privacy- and compliance-sensitive customers. Virtru is one of a select number of Google-recommended private encryption key management partners to support these initiatives. Paris-based HR tech firm, Maki People, uses Virtru as its key management solution provider for Google Cloud, and views the Virtru Private Keystore as a way to build trust with its customers. “The Virtru Private Keystore is super seamless,” said Benjamin Chino, CPO and Co-Founder, Maki People. “Everything is running smoothly. From a customer standpoint, it really makes a difference – they now feel that they're much more in control, and that Google will not be able to access their data.” “Safeguarding data privacy and control is our top priority, and the Virtru Private Keystore plays a crucial role in helping us achieve this objective,” said Ali Umana, Network Administrator, Kulite Semiconductor Products, Inc. Around the world, regulatory requirements continue to tighten. The Virtru Private Keystore helps organizations meet compliance and data sovereignty obligations such as the International Traffic in Arms Regulations (ITAR) and the EU’s General Data Protection Regulation (GDPR). “Our customers choose Virtru because our products are easy to use, and they integrate seamlessly with the apps they work in every day,” said Bill Bauman, Product Marketing, Virtru. “The Virtru Private Keystore does that, too. It simplifies key management for our customers and runs seamlessly in the background. It does more than just key exchanges, though: It adds policies to the keys and has audit capabilities. So, everyone can collaborate more confidently in the cloud and have final decision over who can access their data.” The Virtru Private Keystore supports the full suite of Virtru products, including Virtru for Microsoft Outlook 365, Virtru for Gmail, Virtru Secure Share, and Virtru Data Protection Gateway, and is a trusted solution for Google Workspace Client-Side Encryption (or CSE, including CSE for Gmail) and Google Cloud External Key Manager (EKM). It can be deployed in a public or private cloud, or a private or co-hosted data center, and supports hardware security modules (HSM), with additional support for HSM Proxy Connector. About Virtru Virtru is a global leader in data privacy and protection. At Virtru, we equip our customers to take control of their data—everywhere it’s shared—through end-to-end encryption for Google, Microsoft, and other data sharing platforms. Our team is creative, collaborative, and passionate about creating a brighter future for data privacy. Above all, we support our colleagues and empower each other to do our best work.

Read More