Home > News > featured news > iboss Achieves FedRAMP Authorization for its Zero Trust Edge Cloud Security Solution

Software Security

iboss Achieves FedRAMP Authorization for its Zero Trust Edge Cloud Security Solution

iboss, Inc. | July 29, 2022 | Read time : 03:00 min

iboss, Inc.
iboss, the leading Zero Trust Edge cloud security provider, announces that it has obtained Federal Risk and Authorization Management Program (FedRAMP) Authorization. The achievement is reflective of the company’s commitment to work alongside federal agencies to protect government entities and civilians from growing and increasingly sophisticated cyberthreats.

Earlier this year, the United States Office of Management and Budget unveiled a strategy designed to prevent damaging hacks and breaches by moving federal agencies toward a zero trust cybersecurity approach. The announcement followed a 2021 Biden Administration executive order aimed at protecting federal networks by modernizing government cybersecurity, including through the implementation of zero trust security
architecture as defined in the National Institute of Standards and Technology (NIST).

The iboss platform is a purpose-built, patented, cloud delivered security solution that has been trusted by organizations worldwide to implement Zero Trust architecture as laid out specifically in the NIST 800-207 Special Publication. The company’s containerized cloud architecture makes it the only platform that can control what NIST refers to as the “Implicit Trust Zone” to ensure that all data and resources are completely private. The FedRAMP authorization now extends iboss’s leading platform to all U.S. government customers.

“Our Zero Trust Edge platform prevents breaches by making applications and data inaccessible to attackers while allowing trusted users to securely and directly connect to resources from anywhere. “In today’s work-from-anywhere world, protecting sensitive information, regardless of who is accessing it or where, is critical. We look forward to continuing to extend our platform and expertise to U.S. government agencies.”

iboss CEO Paul Martini

A Zero Trust Architecture built on iboss consolidates network security technologies (SWG, CASB, DLP, IPS, malware defense, browser isolation, firewall) into a single unified cloud platform and eliminates the need for a VPN while securing any device, regardless of location. By making all applications private, iboss eliminates the top three initial ransomware infection vectors as identified by the Cybersecurity and Infrastructure Security Agency (CISA). With applications, data and services made accessible only through the iboss Zero Trust Edge, cyber risk is greatly reduced, breaches and data loss are prevented, and visibility and security are delivered consistently throughout an organization.

FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

About iboss, Inc.
iboss is a cloud security company that enables organizations to reduce cyber risk by delivering a Zero Trust service designed to protect resources and users in the modern distributed world. Applications, data and services have moved to the cloud and are located everywhere while users needing access to those resources are working from anywhere. Built on a containerized cloud architecture, iboss delivers security capabilities such as SWG, malware defense, browser isolation, CASB and data loss prevention to protect all resources, via the cloud, instantaneously and at scale. This shifts the focus from protecting buildings to protecting people and resources wherever they are located. Leveraging a purpose-built cloud architecture backed by 230+ issued and pending patents and more than 100 points of presence globally, iboss processes over 150 billion transactions daily, blocking 4 billion threats per day. More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies. iboss was named one of the Top 25 Cybersecurity Companies by The Software Report, one of the 25 highest-rated Private Cloud Computing Companies to work for by Battery Ventures, and CRN’s Top 20 Coolest Cloud Security Companies of 2022.

Spotlight

Navigating Social Media Threats: A Digital Risk Protection Playbook

Threat actors are using social media to target enterprises and their customers with fraudulent accounts. The nature of instant sharing on social media means organizations can face swift reputation damage or financial loss if they fall victim to one of the many threat types used on these platforms. In order to effectively protect

More featured news

Spotlight

Navigating Social Media Threats: A Digital Risk Protection Playbook

Threat actors are using social media to target enterprises and their customers with fraudulent accounts. The nature of instant sharing on social media means organizations can face swift reputation damage or financial loss if they fall victim to one of the many threat types used on these platforms. In order to effectively protect

Related News

Data Security, Platform Security, Software Security

Laminar Adds SaaS and Deepens Data Warehouse Support for its Data Security Platform

Businesswire | July 20, 2023

Laminar, the leading agile data security platform provider, today announced it has added Microsoft SharePoint Online and Google BigQuery to its existing support for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Snowflake. The additions make the Laminar Data Security Platform the first and only cloud-native data security solution to support all major cloud service providers (CSPs), leading data warehouses, and common software-as-a-service (SaaS) applications used by today’s top enterprises. The cloud’s limitless potential is rooted in the data that an organization has, and what they do with it. To power innovation, 94% of enterprises use cloud services and applications. Microsoft SharePoint is the third most popular enterprise application, with 65% of its users adopting the cloud version, SharePoint Online. Employees routinely collaborate on shared content, and developers work with it as well to automate business processes, track progress, and share information across departments or with partners. Similarly, Google BigQuery is one of the top three data warehouse solutions. It is a powerful analytics platform that excels at processing and analyzing massive volumes of data quickly and efficiently. With its scalable architecture and advanced querying capabilities, BigQuery enables organizations to gain valuable insights from their data in real time, empowering data-driven decision-making and accelerating business growth. Both solutions enable developers, data scientists, and other innovators to be creative and extract the maximum value from their operational data. For instance, business intelligence staff may use these tools to analyze customer purchase patterns or sales trends, while data scientists may look out for hidden associations within the data to inform new strategies. Unfortunately, these same activities also open organizations up to significant risk by generating unknown or “shadow” data — a top concern for 93% of data security and governance professionals. Data security needs to be agnostic to the infrastructure in which data resides. Security posture must also travel with the data, as it moves through the cloud and the related data warehouses and applications. By adding support for Microsoft SharePoint Online and Google BigQuery, customers using the Laminar Data Security Platform can now discover, classify, and secure data in even more environments. Thus, data security and governance teams can see and secure their organizations’ data consistently across the entire digital landscape. "Data security is different, and more challenging in the cloud. Shadow data is everywhere and data security pros want to know where their sensitive data is, how it is accessed, used, and protected. Whether its structured, unstructured, managed, in SaaS, data warehouse, or embedded database” said Amit Shaked, CEO and Co-Founder, Laminar. “They are not experts in SaaS/PaaS/IaaS and certainly not individual data storage services. They want visibility into all their cloud data from a single source. Our continued support for the diversity of cloud environments, including now SaaS, means customers can have a unified, consistent approach to data security.” The news continues Laminar’s ongoing product innovation, following the announcement of support for GCP and Snowflake, as well as data detection and response (DDR) and data access governance (DAG) capabilities. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

Platform Security, Software Security, Cloud Security

Uptycs Continues Momentum in Helping Customers Achieve Security Operations Excellence with AWS

Globenewswire | July 28, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced it’s now part of the Amazon Web Services (AWS) Public Sector Partner (PSP) Program. The AWS PSP Program helps AWS Partners grow their public sector business through alignment with AWS public sector sales, marketing, funding, capture, and proposal terms. “We are delighted to be working with AWS to solve customers’ cloud security challenges, increase security operations efficiency, and protect developer environments as they move code from their workspaces into AWS production environments,” said Ganesh Pai, CEO and co-founder of Uptycs. Uptycs has built an integration with AWS Control Tower, which simplifies AWS experiences by orchestrating multiple AWS services on a customer’s behalf while maintaining the security and compliance needs of their organization. Leveraging the workflow with AWS Control Tower, Uptycs' deep integration with AWS Systems Manager allows organizations to achieve comprehensive security controls while reducing operational overhead in their Uptycs deployment. “Many organizations, especially in the public sector, are looking for ways to cost-effectively scale their cloud security program. Our integration with AWS Control Tower and AWS Systems Manager, along with our more unified shift up approach, delivers a more efficient way to improve customers’ security posture across cloud environments,” Pai said. Additionally, Uptycs also recently announced the achievement of AWS Security Competency Status, and an integration with the Amazon Security Lake. “Our model is proven to better support cybersecurity teams thanks to what we’ve already achieved for our public sector customers, as well as enterprise and commercial organizations,” Pai said. “Now, we’re even better at helping our customers reduce operational burden, and strengthen their threat detection, remediation, and forensic capabilities.” About Uptycs Uptycs, the first unified CNAPP and XDR platform, reduces risk by prioritizing responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across clouds, containers, servers, and endpoints—all from a single UI. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture. Get started with agentless coverage, then add runtime protection, and advanced remediation and forensics.

Read More

Data Security, Platform Security, Software Security

Laminar Adds SaaS and Deepens Data Warehouse Support for its Data Security Platform

Businesswire | July 20, 2023

Laminar, the leading agile data security platform provider, today announced it has added Microsoft SharePoint Online and Google BigQuery to its existing support for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Snowflake. The additions make the Laminar Data Security Platform the first and only cloud-native data security solution to support all major cloud service providers (CSPs), leading data warehouses, and common software-as-a-service (SaaS) applications used by today’s top enterprises. The cloud’s limitless potential is rooted in the data that an organization has, and what they do with it. To power innovation, 94% of enterprises use cloud services and applications. Microsoft SharePoint is the third most popular enterprise application, with 65% of its users adopting the cloud version, SharePoint Online. Employees routinely collaborate on shared content, and developers work with it as well to automate business processes, track progress, and share information across departments or with partners. Similarly, Google BigQuery is one of the top three data warehouse solutions. It is a powerful analytics platform that excels at processing and analyzing massive volumes of data quickly and efficiently. With its scalable architecture and advanced querying capabilities, BigQuery enables organizations to gain valuable insights from their data in real time, empowering data-driven decision-making and accelerating business growth. Both solutions enable developers, data scientists, and other innovators to be creative and extract the maximum value from their operational data. For instance, business intelligence staff may use these tools to analyze customer purchase patterns or sales trends, while data scientists may look out for hidden associations within the data to inform new strategies. Unfortunately, these same activities also open organizations up to significant risk by generating unknown or “shadow” data — a top concern for 93% of data security and governance professionals. Data security needs to be agnostic to the infrastructure in which data resides. Security posture must also travel with the data, as it moves through the cloud and the related data warehouses and applications. By adding support for Microsoft SharePoint Online and Google BigQuery, customers using the Laminar Data Security Platform can now discover, classify, and secure data in even more environments. Thus, data security and governance teams can see and secure their organizations’ data consistently across the entire digital landscape. "Data security is different, and more challenging in the cloud. Shadow data is everywhere and data security pros want to know where their sensitive data is, how it is accessed, used, and protected. Whether its structured, unstructured, managed, in SaaS, data warehouse, or embedded database” said Amit Shaked, CEO and Co-Founder, Laminar. “They are not experts in SaaS/PaaS/IaaS and certainly not individual data storage services. They want visibility into all their cloud data from a single source. Our continued support for the diversity of cloud environments, including now SaaS, means customers can have a unified, consistent approach to data security.” The news continues Laminar’s ongoing product innovation, following the announcement of support for GCP and Snowflake, as well as data detection and response (DDR) and data access governance (DAG) capabilities. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

Platform Security, Software Security, Cloud Security

Uptycs Continues Momentum in Helping Customers Achieve Security Operations Excellence with AWS

Globenewswire | July 28, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced it’s now part of the Amazon Web Services (AWS) Public Sector Partner (PSP) Program. The AWS PSP Program helps AWS Partners grow their public sector business through alignment with AWS public sector sales, marketing, funding, capture, and proposal terms. “We are delighted to be working with AWS to solve customers’ cloud security challenges, increase security operations efficiency, and protect developer environments as they move code from their workspaces into AWS production environments,” said Ganesh Pai, CEO and co-founder of Uptycs. Uptycs has built an integration with AWS Control Tower, which simplifies AWS experiences by orchestrating multiple AWS services on a customer’s behalf while maintaining the security and compliance needs of their organization. Leveraging the workflow with AWS Control Tower, Uptycs' deep integration with AWS Systems Manager allows organizations to achieve comprehensive security controls while reducing operational overhead in their Uptycs deployment. “Many organizations, especially in the public sector, are looking for ways to cost-effectively scale their cloud security program. Our integration with AWS Control Tower and AWS Systems Manager, along with our more unified shift up approach, delivers a more efficient way to improve customers’ security posture across cloud environments,” Pai said. Additionally, Uptycs also recently announced the achievement of AWS Security Competency Status, and an integration with the Amazon Security Lake. “Our model is proven to better support cybersecurity teams thanks to what we’ve already achieved for our public sector customers, as well as enterprise and commercial organizations,” Pai said. “Now, we’re even better at helping our customers reduce operational burden, and strengthen their threat detection, remediation, and forensic capabilities.” About Uptycs Uptycs, the first unified CNAPP and XDR platform, reduces risk by prioritizing responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across clouds, containers, servers, and endpoints—all from a single UI. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture. Get started with agentless coverage, then add runtime protection, and advanced remediation and forensics.

Read More

More featured news