SOFTWARE SECURITY

iboss Achieves FedRAMP Authorization for its Zero Trust Edge Cloud Security Solution

iboss, Inc. | July 29, 2022 | Read time : 03:00 min

iboss, Inc.
iboss, the leading Zero Trust Edge cloud security provider, announces that it has obtained Federal Risk and Authorization Management Program (FedRAMP) Authorization. The achievement is reflective of the company’s commitment to work alongside federal agencies to protect government entities and civilians from growing and increasingly sophisticated cyberthreats.

Earlier this year, the United States Office of Management and Budget unveiled a strategy designed to prevent damaging hacks and breaches by moving federal agencies toward a zero trust cybersecurity approach. The announcement followed a 2021 Biden Administration executive order aimed at protecting federal networks by modernizing government cybersecurity, including through the implementation of zero trust security
architecture as defined in the National Institute of Standards and Technology (NIST).

The iboss platform is a purpose-built, patented, cloud delivered security solution that has been trusted by organizations worldwide to implement Zero Trust architecture as laid out specifically in the NIST 800-207 Special Publication. The company’s containerized cloud architecture makes it the only platform that can control what NIST refers to as the “Implicit Trust Zone” to ensure that all data and resources are completely private. The FedRAMP authorization now extends iboss’s leading platform to all U.S. government customers.

“Our Zero Trust Edge platform prevents breaches by making applications and data inaccessible to attackers while allowing trusted users to securely and directly connect to resources from anywhere. “In today’s work-from-anywhere world, protecting sensitive information, regardless of who is accessing it or where, is critical. We look forward to continuing to extend our platform and expertise to U.S. government agencies.”

iboss CEO Paul Martini

A Zero Trust Architecture built on iboss consolidates network security technologies (SWG, CASB, DLP, IPS, malware defense, browser isolation, firewall) into a single unified cloud platform and eliminates the need for a VPN while securing any device, regardless of location. By making all applications private, iboss eliminates the top three initial ransomware infection vectors as identified by the Cybersecurity and Infrastructure Security Agency (CISA). With applications, data and services made accessible only through the iboss Zero Trust Edge, cyber risk is greatly reduced, breaches and data loss are prevented, and visibility and security are delivered consistently throughout an organization.

FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

About iboss, Inc.
iboss is a cloud security company that enables organizations to reduce cyber risk by delivering a Zero Trust service designed to protect resources and users in the modern distributed world. Applications, data and services have moved to the cloud and are located everywhere while users needing access to those resources are working from anywhere. Built on a containerized cloud architecture, iboss delivers security capabilities such as SWG, malware defense, browser isolation, CASB and data loss prevention to protect all resources, via the cloud, instantaneously and at scale. This shifts the focus from protecting buildings to protecting people and resources wherever they are located. Leveraging a purpose-built cloud architecture backed by 230+ issued and pending patents and more than 100 points of presence globally, iboss processes over 150 billion transactions daily, blocking 4 billion threats per day. More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies. iboss was named one of the Top 25 Cybersecurity Companies by The Software Report, one of the 25 highest-rated Private Cloud Computing Companies to work for by Battery Ventures, and CRN’s Top 20 Coolest Cloud Security Companies of 2022.

Spotlight

This paper explores where sand boxing technology stands today, why it fails to meet the needs of organizations, and what’s needed for effective malware analysis.

Spotlight

This paper explores where sand boxing technology stands today, why it fails to meet the needs of organizations, and what’s needed for effective malware analysis.

Related News

SOFTWARE SECURITY

McGill and Partners Choose CyberCube for Cyber Risk Analytics

CyberCube | July 14, 2022

CyberCube, the provider of the world’s leading cyber risk analytics for the insurance industry, today announces that McGill and Partners, the specialist (re)insurance broker, is using its Portfolio Manager and Broking Manager cyber risk analytics platforms. Launched in 2019 by insurance veteran Steve McGill, McGill and Partners is rapidly growing to become a major force in the insurance and reinsurance market, quickly developing its offering in both cyber reinsurance and insurance. Today the firm has over 430 staff and offices in the UK, US, Bermuda and Ireland. The deal with CyberCube is part of McGill and Partners’ continued development of its cyber (re)insurance strategy. CyberCube’s Portfolio Manager is a scenario-based data-driven model that enables risk professionals to develop insights for their senior leadership and teams. Portfolio Manager stress tests portfolios of insurance and reinsurance risks against a range of systemic cyber-related scenarios including data breaches, cloud outages, global ransomware attacks and financial fraud. Broking Manager is the first software-as-a-service application CyberCube has built specifically for the insurance broking community. It offers a streamlined approach to analyzing potential financial exposure impacts arising from cyber events that helps clients make informed decisions on coverages and limits. “We are excited to be working with the team at McGill and Partners and be part of the company’s cyber (re)insurance growth strategy on both the direct insurance side via Broking Manager and on its reinsurance side via Portfolio Manager.” Alejandra Donoso, CyberCube’s Principal Client Account Manager Neil Sharma, Partner – Reinsurance at McGill and Partner, said: “We are looking to bring all stakeholders in the cyber value chain together; collaborating between our insurance and reinsurance teams and partnering with CyberCube’s platforms which help deepen our understanding of the risks allowing us to provide best-in-class solutions to our clients.” About CyberCube CyberCube delivers the world’s leading cyber risk analytics for the insurance industry. With best-in-class data access and advanced multi-disciplinary analytics, the company’s cloud-based platform helps insurance organizations make better decisions when placing insurance, underwriting cyber risk and managing cyber risk aggregation.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface

Illumio | September 29, 2022

Illumio, Inc., the Zero Trust Segmentation company, today announced Illumio Endpoint®, a reimagined way to prevent breaches from spreading to clouds and data centers from laptops. Hybrid work has expanded the attack surface, introducing new threats and making organizations more vulnerable, so it’s become increasingly important for employees to have secure access to applications and data wherever they are located. Unlike other Zero Trust Segmentation solutions, Illumio Endpoint lets your policy follow your teams’ laptops wherever they work, whether at home, in the office, or at a coffee shop. With Illumio Endpoint, the first device that gets infected will also be the last. Organizations are more interconnected and vulnerable in hybrid workplaces, and the attack surface is growing increasingly complex. Additionally, attacks on hybrid work environments are more expensive, costing an average of about $600K more than the global average. Even with endpoint detection and response tools in place, endpoints still get breached – according to ESG, 76 percent of organizations experienced a ransomware attack in the past two years alone. Illumio Endpoint includes: Extended visibility and segmentation policy controls for macOS and Windows devices, allowing organizations to see risk and stop attacks from spreading from laptops, workstations, and VDIs. A single, unified console to see and manage visibility and segmentation policy across endpoints, clouds, and data centers, making Zero Trust Segmentation easier, faster, and more efficient for security teams. Work from anywhere support with segmentation policy that follows the device, so organizations have the confidence that their networks are secure, and their employees can remain productive while working from anywhere. The ability to control application access so users can only reach the necessary applications from their device, not the entire data center and cloud, minimizing the organization's risk from vulnerable or compromised endpoints. "Before Illumio, we had only a slim idea of what kind of communications were running across our network. But with Illumio, we clearly see exactly what's connecting to individual endpoints. David Ault, VP of Information Security at Telhio Credit Union “The hybrid workforce is here to stay, which exposes organizations to a more complex attack surface and more risk, particularly on the endpoint,” said Mario Espinoza, Chief Product Officer at Illumio. “It’s important to have tools that can detect and respond to an identified breach, but unidentified attacks can spread throughout the organization to access critical data and assets when Zero Trust Segmentation is not in place to proactively contain the breach. With Illumio Endpoint, security leaders will gain the comprehensive protection needed to build resilience to attacks throughout their hybrid IT and as employees work from anywhere.” “Ransomware and other cyberattacks often involve end user devices somewhere in the attack chain, moving laterally on to other higher-value assets,” said Dave Gruber, Principal Analyst, ESG. “Because attackers continue to find ways in and move laterally fast, prevention, detection and response mechanisms can fall short stopping these fast-moving attacks. Containment strategies such as Zero Trust Segmentation across endpoint devices can proactively stop ransomware and other fast-moving attacks from spreading to critical infrastructure and assets, reducing risk.” About Illumio Illumio, the Zero Trust Segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.

Read More

SOFTWARE SECURITY

Palo Alto Networks Unit 42 Helps Customers Better Address Cybersecurity Threats Through New Managed Detection and Response Service

Palo Alto Networks | August 05, 2022

The need for managed detection and response (MDR) is soaring as attack surfaces grow, cloud usage skyrockets and the cybersecurity skills gap widens. Palo Alto Networks, the global cybersecurity leader, today introduced Unit 42 Managed Detection and Response (Unit 42 MDR) to address this need with a new service that can offer continuous 24/7 threat detection, investigation and response. This offering brings together Palo Alto Networks acclaimed Cortex XDR with Unit 42's industry-leading threat intelligence, which includes insights from incident response cases. Because Unit 42 MDR is built on Cortex XDR, it is optimized to not just prioritize alerts but also to massively reduce the number of alerts customers receive. This helps customers detect more suspicious activity than they would have otherwise. "As cyberattacks continue to rise, many organizations are being asked to handle advanced threats with limited resources and without the right expertise. This will not lead to good results. "Palo Alto Networks Unit 42 brings a unique combination of innovative cybersecurity technologies and a world-class threat intelligence team which allows us to provide customers with rapid detection and response to critical cyberthreats." Wendi Whitmore, senior vice president, Palo Alto Networks Unit 42 The new Unit 42 MDR service offers customers cybersecurity experts to help identify and respond to security alerts and potential threats in real time, enabling businesses to focus security operations (SecOps) personnel on other organizational security priorities. The service provides organizations with monitoring, threat hunting and response/remediation capabilities, including: Continuous Monitoring & Response: Security experts monitor alerts, events and indicators 24x7x365. The Unit 42 MDR team uses a mix of proprietary processes, infrastructure and enrichment to accelerate detection, response and threat hunting to help quickly stop malicious activity most likely to impact your organization. Proactive Threat Hunting: World-class threat hunters search environments for complex attacks using deep knowledge of XDR data sources and the latest threat intelligence from Palo Alto Networks. This helps organizations stay ahead of emerging attack campaigns, malware and vulnerabilities. Security Posture Optimization: Experts provide periodic health checks of an organization's posture and detailed recommendations on policy changes to help facilitate addressing risks before they become issues. "Cyberattacks are emerging and evolving faster than ever," said Tom Osteen, CIO, Enloe Medical Center. "Intervening and addressing threats at the earliest stage is crucial. With Unit 42 MDR we have confidence that we can quickly identify and stop malicious activity to help keep our organization safe and secure." In a recent report, IDC said, "It is not a surprise to state that organizations continue to struggle with persistent security talent shortages and the rising costs to retain these scarce security resources. Security teams with already limited resources are overwhelmed by the heavy workload and responsibility." The report also stated, "Organizations are analyzing their current risks and accelerating their security services investments to ease pressure on their teams and strengthen their overall security posture to meet the growing cyberthreats."* About Cortex XDR Cortex XDR® is the world's first detection and response solution that natively integrates network, endpoint and cloud data to stop sophisticated attacks. It is designed to stop attacks with the power of AI and comprehensive data. XDR is critical to effective security. The latest Palo Alto Networks 2022 Unit 42 Incident Response Report highlights that when a breach occurs, 44% of the cases involved a business that did not have or did not fully deploy an endpoint detection and response or XDR security solution. About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More