SOFTWARE SECURITY

Guidepost Solutions Acquires Significant Equity Interest in Cybersecurity Solutions Firm Truvantis, Inc.

Guidepost Solutions LLC | March 29, 2022

Guidepost Solutions LLC
Guidepost Solutions LLC, a global leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting, announced that it has acquired a significant equity stake in Truvantis, Inc., a cybersecurity company formed in 2010. Truvantis provides best-in-class cyber and privacy services to secure infrastructure, data, operations, and products. This strategic partnership allows both Guidepost and Truvantis to offer a wide-ranging suite of cybersecurity solutions and consulting services, at a time when cybersecurity risks are evolving and affecting all business operations.

Truvantis is led by its founder and CEO, Andy Cottrell. With more than 25 years of experience in IT and cybersecurity, Cottrell has designed and implemented security solutions, launched innovative security products to market, and helped countless small and large companies improve their security posture.

“I am pleased to announce this partnership with Truvantis, as part of our firm’s continued efforts to grow its capabilities and footprint in the cybersecurity arena. We are committed to providing our clients with unique solutions to defend against one of the greatest risks facing their companies – cyber threats. This partnership significantly expands our ability to fulfill that commitment.”

Julie Myers Wood, Guidepost Solutions CEO

This new alliance enables clients to leverage comprehensive threat, risk, vulnerability management, privacy, and assessment services to protect against a full spectrum of cyber and physical security issues and address a variety of regulatory and business-critical requirements. Today’s companies are faced with an increasing number of requests for independent verification of their cybersecurity and privacy policies and practices. Whether it’s an assessment against a security framework like the NIST CSF, ISO 27001, or CIS Controls, addressing compliance with privacy laws and requirements like the PCI DSS, or preparing for a SOC2 or HITRUST audit, companies are seeking help from highly qualified, credentialed consultants who can help address these complex cybersecurity and privacy challenges. The Guidepost/Truvantis team will afford clients a depth of expertise as well as a breadth of services to address a broad range of risk mitigation needs.

“Guidepost Solutions is a leader in investigations, compliance, and physical security consulting and we’re excited to bring these capabilities to our clients to provide comprehensive risk management solutions,” said Andy Cottrell, CEO, Truvantis. “As the market continues to evolve toward consolidated physical, personnel, and cybersecurity management, this partnership enables us to provide the most comprehensive solutions in the market.”

Through this investment and partnership, Guidepost Solutions and Truvantis are positioned to enhance cyber and physical security defenses for clients and provide resiliency for their critical systems. Specific security services include risk assessments, security testing, cyber investigations, cybersecurity governance, data protection, privacy consulting, operational security design and project management, vCISO, and remediation services.

About Guidepost Solutions LLC
Guidepost Solutions is a leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting. We work wherever your needs take us – whether on the ground around the globe – or from one of our offices located in Bogotá, Boston, Chicago, Dallas, Honolulu, London, Los Angeles, Miami, New York, Palm Beach, Philadelphia, Phoenix, San Francisco, Seattle, Singapore, Walnut Creek, and Washington, DC.

About Truvantis Inc.
Truvantis® is a cybersecurity consulting organization providing best-in-class privacy and cybersecurity services to secure your organization’s infrastructure, data, operations, and products. We specialize in helping our customers improve their cybersecurity posture by implementing, testing, auditing, and operating information security programs.

Spotlight

Cybersecurity is becoming a numbers game and risk measurement is now on the board as an important business decision-making metric. Here’s what you need to know to start tackling the risk measurement challenge. 5 STEPS FOR MEASURING WHAT MATTERS. Focus on five priorities to identify the best risk measurement approach for your company.

Spotlight

Cybersecurity is becoming a numbers game and risk measurement is now on the board as an important business decision-making metric. Here’s what you need to know to start tackling the risk measurement challenge. 5 STEPS FOR MEASURING WHAT MATTERS. Focus on five priorities to identify the best risk measurement approach for your company.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

BlackBerry Strengthens Cybersecurity Platform to Provide Customers with Greater Threat Identification, Remediation Capabilities, and Endpoint Support

BlackBerry | October 27, 2022

Today at the BlackBerry Security Summit, BlackBerry Limited announced powerful enhancements to its AI-based cybersecurity portfolio that will help customers strengthen their overall security posture, improve workflows, and ensure business resilience. Capabilities include enhanced data context for zero-trust network access, and faster, more efficient operations to stay one step ahead of today's and tomorrow's threats. "BlackBerry is focused on delivering solutions that help businesses safeguard their sensitive data, solve challenges and stay on top of a rapidly evolving cyber threat landscape. "These new capabilities further strengthen our end-to-end approach to cybersecurity that's deeply rooted in the advanced intelligence of our Cylance® platform, which time and again has been proven to identify and stop attacks before they can even start." Billy Ho, Executive Vice President, Security Products at BlackBerry Key enhancements include: BlackBerry® UEM BlackBerry UEM's unrivalled maturity allows customers to benefit from new APIs that offer significantly reduced administrative overhead. This is in addition to stronger integration of all Google services from ChromeOS to Android, offering unified administration and an improved user experience. BlackBerry UEM will also offer greater eSIM integration to enhance a user's digital SIM experience. CylancePROTECT®, CylanceOPTICS®, CylanceGUARD® Threat hunters now have access to a single-pane view of the most critical issues with the ability to act quickly. Significant updates across triage and analysis workflows provide a dramatically improved user experience that reduces operational burden, improves investigation speed, and lowers the total cost of ownership; critical for analysts as they investigate and respond to endpoint threats. CylanceGATEWAY™ In addition to endpoint, network, and user telemetry, BlackBerry's ZTNA offering, CylanceGATEWAY, now provides data access and leakage visibility via a newly launched data loss detection module, CylanceAVERT™. CylanceGATEWAY also receives enhanced network anomaly detection to identify threats, broadened support for cloud workspaces and more granular access control. By constantly monitoring data and application access patterns across endpoints, email, and SaaS applications, organizations are now better equipped to detect and prevent malicious activity, including compromised accounts and insider threats, which Gartner estimates are responsible for 50 to 70 percent of all security incidents and 75 percent of all security breaches. "The cybersecurity workforce shortage has elevated the need for efficiency to be as important as efficacy as security professionals aim to stay ahead of a constant barrage of complex, competing and evolving threats," said Frank Dickson, Group Vice President, Security and Trust at IDC. "Added controls, workflow improvements and contextual nuance provide organizations with the ability to act quickly in detecting and responding to endpoint threats and are in desperate need by an industry facing a critical talent gap." The UX workflow improvements and data context additions will be available later this year and early next year through CylancePROTECT, CylanceOPTICS, CylanceGUARD, CylanceGATEWAY, and BlackBerryUEM offerings. About BlackBerry BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including 215M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety, and data privacy solutions, and is a leader in the areas of endpoint security, endpoint management, encryption, and embedded systems. BlackBerry's vision is clear - to secure a connected future you can trust.

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Qualys Introduces TotalCloud with FlexScan Delivering Cloud-Native VMDR

Qualys | November 02, 2022

Qualys, Inc., a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, is announcing TotalCloud with FlexScan delivering cloud-native VMDR with Six Sigma Accuracy via agent and agent-less scanning for comprehensive coverage of cloud-native posture management and workload security across multi-cloud and hybrid environments. As business applications and on-premises infrastructure migrate to the cloud, security teams struggle with managing cyber risk across cloud workloads, services, resources, users, and applications. Additionally, teams must deal with a plethora of industry acronym-driven point solutions that provide a fragmented view of risk without context. This approach increases security costs and complexity while leaving cloud applications vulnerable to attacks. "Qualys is enhancing its widely used platform to deliver visibility, context, speed, automation, and orchestration in a comprehensive solution to help organizations scale their security and compliance programs for modern software development. "Qualys TotalCloud incorporates security into development workflows, enabling them to release secure, reliable code while giving security teams the control and visibility they need to manage risk by reducing their attack exposure and rapidly responding to threats." Melinda Marks, senior analyst at ESG "As a finance organization, we need a continuous view of the security and compliance posture across our cloud applications, with clear insights into risk," said Prabhuram Rajarathinam, CISO at Cholamandalam Investment and Finance Company. "Qualys TotalCloud with FlexScan will enable our cloud security and DevOps teams to use the multiple assessments to further strengthen the security of our cloud applications." With more than 31 million workloads already secured by Qualys, Qualys TotalCloud extends the industry-leading accuracy of VMDR with cloud-native FlexScan assessments to unify Cloud Posture Management and Cloud Workload Security in a single view with risk insights. TotalCloud automates inventory, assessment, prioritization and risk remediation via an easy-to-use drag-and-drop workflow engine for continuous and zero-touch security from code to production cloud applications. Qualys FlexScan Qualys TotalCloud introduces FlexScan a comprehensive cloud-native assessment solution that allows organizations to combine multiple cloud scanning options for the most accurate security assessment of their cloud environment. Security teams will have multiple hybrid assessment capabilities to secure the entire cloud attack surface including: Zero-touch, agent-less, cloud service provider API-based scanning for fast analysis. Virtual appliance-based scanning to assess unknown workloads over the network for open ports and remotely exploitable vulnerability detection. Snapshot assessment that mounts the workload snapshot for periodic offline scanning including vulnerabilities and OSS scanning. Qualys Cloud Agents in the workload for comprehensive, real-time vulnerability, configuration and security assessment. Qualys TotalCloud provides security teams with: Immediate multi-cloud posture insights - The unified cloud posture dashboard provides inventory, security and compliance posture insights across multi-cloud environments in minutes. Teams can easily identify and prioritize the misconfigurations that cause the highest risk with additional context on workload vulnerability and security posture. Unified security view to prioritize cloud risk with TruRisk - A single view of cloud security insights across cloud workloads, services and resources is provided via the console. Additionally, Qualys TruRisk quantifies security risk by workload criticality and vulnerability detections and correlates it with ransomware, malware and exploitation threat intelligence to prioritize, trace and reduce risk. Fast remediation with no code, drag-and-drop workflows - The integration of QFlow technology into TotalCloud saves security and DevOps teams valuable time and resources. Automation and no-code, drag-and-drop workflows help simplify the time-consuming operational tasks of assessing vulnerabilities on ephemeral cloud assets, alerting on high-profile threats, remediating misconfigurations, and quarantining high-risk assets. Shift-left security to catch issues early– TotalCloud provides shift-left security integrated into developers existing CI/CD tools to continuously assess cloud workloads, containers and Infrastructure as Code (IaC) artifacts. This allows for the rapid identification of security exposures and remediation steps during the development, build and pre-deployment stages while providing support for the major cloud providers including AWS, Azure and Google Cloud. "Cloud security is getting very fragmented with too many point solutions, which brings more complexity," said Sumedh Thakar, president and CEO of Qualys. "Our customers want seamless, comprehensive insight into cyber risk across their multi-cloud and non-cloud assets. With our innovative TotalCloud offering, we bring flexible, high-quality cloud-native risk assessment to our customer base as they look to expand into the cloud with Qualys." About Qualys Qualys, Inc. is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Aunalytics Launches Security Patching Platform as a Service

Aunalytics | September 27, 2022

Aunalytics, a leading data management and analytics company delivering managed IT and data platform services for mid-sized and enterprise businesses, today initiated its Security Patching Platform, Co-managed Patching as a Service to complement the company’s Advanced Security solution suite. Windows OS and supported 3rd party patch management allow for tighter security in the defense against cyberattacks and the new offering ensures active remediation. According to a 2022 Data Breach Investigations Report by Verizon, around 70 percent of successful cyberattacks exploited known vulnerabilities with available patches, making it important to update operating systems and applications regularly to prevent such attacks. Now, Aunalytics’ new technology as a service includes the tools, structure, strategy and intelligence for managing patch deployment and is a complete solution with best practices, templates, libraries, and built-in alert thresholds. Lack of security patching leads to vulnerabilities within an organization’s information systems, internal controls, or system processes, which can then be exploited by cybercriminals. Using a collection of tools, cyber attackers use the vulnerability to gain unauthorized access to corporate systems and data. Identifying and resolving vulnerabilities is very important since a successful exploit can lead to a full-scale system breach. Workstation and server application patching ensures that organizations have baseline protection against the latest security vulnerabilities, preventing such attacks before they occur. However, patching can be difficult to manage and update in real-time as software fixes are published on an ongoing basis. Setting up and coordinating manual patching across an organization can be extremely cumbersome, taking days to organize, schedule, and execute across an entire company. McKinsey cites good patch management as a top proactive maintenance measure that can help organizations prevent cyberattacks. However, knowing the priority level for patch installment can be confusing and lead to poor patch management as a result. Enlisting the help of a partner to employ security patching best-practices can add true value to many organizations. Aunalytics patch detection, download, and installment methods are developed considering each client's security and uptime requirements and prioritized in order of threat potential. Aunalytics’ experienced security patching team proactively monitors for updates, eliminating worry for end users and server administrators. As part of the new service, users gain access to comprehensive security solutions with customized alerting and vulnerability prioritization, leveraging proprietary solutions and processes. The platform facilitates collaboration between IT and security teams and includes the following capabilities: Inventory and performance management and proactive alerting Patch deployment control strategy, prioritization, planning Patch vetting and blacklisting intelligence Windows Operating System patch management Supported 3rd Party Patch Management Anti-Malware DNS-based Malware Protection Device Encryption Management Innovative management tool library “Security patch exploits can have extremely damaging effects on an organization, decreasing revenues or causing reputational damage, making it imperative to have security patching in place. “Aunalytics’ Security Patching Platform services allow for the rapid resolution of these concerns to maintain the highest levels of cyber-resiliency.” Chris Nicholson, Vice President of Managed IT Services About Aunalytics Aunalytics is a leading data management and analytics company delivering Insights-as-a-Service for mid-sized businesses and enterprises. Selected for the prestigious Inc. 5000 list for two consecutive years as one of the nation’s fastest growing companies, Aunalytics offers managed IT services and managed analytics services, private cloud services, and a private cloud-native data platform for data management and analytics. The platform is built for universal data access, advanced analytics and AI -- unifying distributed data silos into a single source of truth for highly accurate, actionable business information.

Read More