Veza | July 20, 2022
Veza, the data security platform built on the power of authorization, announces today that the company has entered a partnership with Google Cloud, including product integration that enables Google Cloud customers to harness the capabilities of Veza’s data security platform across their multi-cloud ecosystem.
Veza, which recently launched in April 2022 after two years of building in stealth, makes it easy to understand, manage, and control who can and should take what action on what data. With this new integration, Google Cloud customers can now directly access the capabilities of Veza’s authorization-based data security platform integrated with Google Cloud Policy Analyzer to identify, manage, and control external identities and service accounts to Google Cloud services (Looker, BigQuery, and more). This partnership furthers the relationship between Google and Veza, which began in 2021 when GV led the Series B investment in Veza and GV Partner Karim Faris joined Veza Board of Directors.
“The cloud is quickly becoming the primary footprint for organizations. By prioritizing and investing in security, Google Cloud has earned a differentiated position in the market,” said Tarun Thakur, Co-founder and CEO, Veza. “The initial product integration between Veza and Google Cloud, publicly demonstrated at the Google Cloud Security Summit in May this year, is a powerful example of how intelligence from Veza’s Authorization Graph can bolster the data security of Google Cloud customers. It shows how identity-to-data relationship insights from the Veza platform can be pulled directly into the Google Cloud Policy Analyzer, allowing customers to secure both Google Cloud data (Looker, BigQuery, Google Storage Buckets, etc.) to which multi-cloud identities (AD, Azure AD, Okta, etc.) have permissions and multi-cloud data (AWS, Snowflake, etc.) that is being accessed by Google Cloud identities.”
“Securing cloud environments and data from cybercrime and threats is a key priority of organizations across the globe. “With Veza’s platform now available alongside Google Cloud’s secure and global infrastructure, customers will be able to quickly deploy the solutions they need to better understand, control, and securely take action on their data across their multi-cloud environments.”
Sunil Potti, General Manager and Vice President, Cloud Security, Google Cloud
Veza’s data security platform aggregates identity information from humans, service accounts, and cloud IAM entities, and authorization data from apps and data systems, giving organizations a centralized, SaaS-based control plane to visualize, manage, and control data access controls through Veza’s Authorization Graph. Veza integrates with cloud identity providers, SaaS and custom apps, and data systems, and translates system-specific entitlements and permissions into a common, human-understandable business language, visualized in the platform as effective permissions. The platform brings a novel approach to data security by enabling organizations to address key data security use cases across access reviews and certifications for SaaS apps and data systems, privileged access management to data and apps, data lake security and governance, management of cloud entitlements, and much more. It delivers prioritized insights, provides access workflows, and actionable recommendations for remediation of over-privileged accounts, enabling security and IT teams to correct anomalies and right-size their organization’s permissions to protect against ransomware and other data breaches.
As organizations continue to adapt to the evolving demands of hybrid remote and in-office work, multi-cloud and hybrid-cloud environments — those with multiple providers of disparate data, app, compute, and infrastructure systems — are becoming the norm. According to the Flexera 2022 State of the Cloud Report, 89% of companies surveyed are multi-cloud, with only 2% operating in single private clouds and 9% in single public clouds. This trend is leading to a distributed web of data, relationships, and access points that are changing and difficult to track and secure.
Veza and Google Cloud already have a number of joint customers deployed across the industries of SaaS software, marketing technology, and media, including Vox Media.
“To support Vox Media’s growth and increasing M&A activity without compromising security, we need to ensure that across all of our brands, the right users have access only to the data they need access to, and that we have full visibility over what they can do with that data,” says Ateeb Ahmad, Senior Director, IT Infrastructure, Vox Media. With Veza and Google Cloud working together, we’ve been able to seamlessly manage access controls over our data for our largest merger to date, and tightly scope identity-to-data permissions even as our footprint with Google Cloud and other technologies grows.”
“The greatest gifts of the multi-cloud and the generational architectural shift of the modern data systems are also its greatest risks: securing data, scalability, flexibility, and seamless collaboration,” says Thakur. “When organizations enable workers to reach from one cloud to another to leverage data across their entire multi-cloud ecosystem, they foster growth, enable more intelligence, and promote agility. However, such apps and data systems are also more porous and are at increased risk of cybercrime and ransomware. We purpose-built Veza’s Core Authorization Platform for the multi-cloud so that organizations can implement strong access governance policies - Veza continuously evaluates these policies and enables both automated workflows for access reviews, automated access removal for toxic and stale combinations, and facilitates access grant and request for any app, data, and service.”
Veza is the data security platform built on the power of authorization. Our platform is purpose-built for hybrid multi-cloud environments to help you use and share your data safely. Veza makes it easy to understand, manage, and control who can and should take what action on what data. We organize authorization metadata across identity providers, data systems, cloud service providers, and SaaS applications — all to address the toughest data security challenges of the modern era. Founded in 2020, the company is funded by top-tier investors including Accel, Bain Capital, Ballistic Ventures, Blackstone, GV, Norwest Venture Partners, and True Ventures
BlueVoyant | July 05, 2022
BlueVoyant, a rock-solid cyber defense platform company converging internal and external security, today announced it has won the 2022 Microsoft Security U.S. (MSUS) Partner of the Year award.
The Microsoft Partner of the Year Awards recognize Microsoft partners who have developed and delivered outstanding Microsoft-based applications, services, and devices during the past year. The MSUS Partner Awards were created to supplement Microsoft's Partner of the Year program, both of which recognize outstanding work by Microsoft partners. The MSUS awards highlight US-specific partner impact.
"BlueVoyant and Microsoft both recognize that cybersecurity is a team sport. "BlueVoyant has developed enablement technologies and scalable services to help customers maximize their Microsoft Security investments — bringing together the very best of both companies to drive the outcomes our customers demand. We are honored that Microsoft named BlueVoyant its prestigious U.S. Security Partner of the Year, among other recent accolades. We look forward to continuing to work closely with Microsoft to deliver the very best in cybersecurity to our joint customers."
Milan Patel, global head of managed security services (MSS) at BlueVoyant
The MSUS Partner of the Year Award recognizes BlueVoyant's commitment and trust that stands behind the company's cloud-native and outcomes-based platform, BlueVoyant Elements™. The platform helps companies across a variety of industries improve their cyber defense posture. Elements not only continuously monitors for problems, but also takes action against any vulnerabilities, risks, or threats, usually in a matter of minutes. The platform is based on three key pillars that help give clients the advantage over attackers — technology, telemetry, and talent. BlueVoyant has more than 700 customers, and 650 employees across five continents, with a proven track record of sustained high growth.
The U.S. Security Partner of the Year award is the latest in a long list of accolades BlueVoyant has won from Microsoft. In 2021, BlueVoyant was named a Microsoft Security 20/20 Partner Awards Winner for Top MDR (Managed Detection and Response) Team. BlueVoyant was a 2022 finalist in the Microsoft Security Excellence Awards for Security MSSP (Managed Security Service Provider) of the Year. In addition, the company is a finalist for the Microsoft Canada 2022 Impact Awards in two categories — Healthcare Impact Award and Security Impact Award. BlueVoyant was also named as one of Microsoft's top 150 managed security partners.
In May, BlueVoyant announced that the company was a key design partner for Microsoft's three new security services, including Microsoft Security Experts for hunting, a proactive threat hunting expert service; Microsoft Security Experts for XDR, a new hunting service that extends beyond endpoint hunting; and Microsoft Enterprise Security Services for customers looking for more tailored, hands-on help with security posture management, modernization and proactive hunting.
BlueVoyant converges internal and external cyber defense capabilities into an outcomes-based, cloud-native platform called BlueVoyant Elements™. Elements continuously monitors your network, endpoints, attack surface, and supply chain as well as the open, deep, and dark web for vulnerabilities, risks, and threats; and takes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independent solutions or together as a full-spectrum cyber defense platform. BlueVoyant's approach to cyber defense revolves around three key pillars — technology, telemetry, and talent — that deliver rock-solid cyber defense capabilities to more than 700 customers across the globe.
Cerberus Sentinel | July 07, 2022
Cerberus Cyber Sentinel Corporation (NASDAQ: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., announced that it has completed the acquisition of CyberViking, a cybersecurity company based in Georgia and Oregon. Upon the closing of the transaction, CyberViking became a wholly owned subsidiary of Cerberus Sentinel.
CyberViking founder and cyber lead for the company is Carric Dooley. CyberViking specializes in application security services, incident response and threat hunting, and the creation and management of security operations centers. They have advised many Fortune 100 companies worldwide.
"With the addition of CyberViking, we take a next step in expanding our international reach as well as broadening our expertise for our cybersecurity healthcare and industrial controls systems customers. "Carric is an innovative thinker who is well respected by customers for solving and preparing for challenging cybersecurity threats. The team is the very embodiment of our commitment to a culture of security."
David Jemmett, founder and CEO, Cerberus Sentinel
"We are looking forward to helping shape a global strategy for incident response, as well as driving new capabilities in application security," said Dooley. "We believe in the development of the cybersecurity community and have actively participated as trainers and presenters at global conferences. Our two organizations share a vision in helping our customers rise above the cybersecurity challenges inherent in threats today and in the future, and to get them to a place where they can concentrate on growing their business."
About Cerberus Sentinel
Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.