SOFTWARE SECURITY

Licel introduces Alice, a telemetry system that reveals the cyber threats facing apps in real time.

prnewswire | December 03, 2020

The worldwide application security organization, Licel, reported the appearance of their most recent item this week. In a universe of ever-changing dangers to application security, Alice portrays the everyday security chances that applications face.

One of the results of COVID-19 has been a climb in the quantity of modern digital assaults. Programmers have hoped to misuse individuals' dependence on direction from specialists.

Furthermore, 2020 has additionally observed applications take on much more noteworthy significance in an undeniably far off world. The blend of these two patterns implies that vigorous application security is as imperative as it's consistently been. However, as Licel CEO Ivan Kinash clarifies, there's additionally a developing craving from organizations to comprehend what the most hazardous digital dangers are.

"App protection products such as our own, DexProtector, do a fine job of protecting apps from bad actors. But this year we've also seen an increase in demand for a sophisticated, real-time platform that allows businesses to respond to attacks quickly. For some companies, their app is now their most important asset. And as such, it's crucial for them to know how the threat landscape around that app is evolving."

Spotlight

The incidence and cost of cyber crime is escalating, and no business is immune. Attacks are more sophisticated and more successful, because hackers collaborate and share tools and techniques. So we must collaborate, too. In 2014, we sponsored a series of chief information security officer (CISO) roundtables, where participants shared experiences and enterprise security best practices. Through this paper, they are sharing them with you. The number of successful cyber attacks in the U.S. has grown 144 percent in the past four years,1 and the rest of the world is close behind. In that same time, the cost to the average company has almost doubled.

Spotlight

The incidence and cost of cyber crime is escalating, and no business is immune. Attacks are more sophisticated and more successful, because hackers collaborate and share tools and techniques. So we must collaborate, too. In 2014, we sponsored a series of chief information security officer (CISO) roundtables, where participants shared experiences and enterprise security best practices. Through this paper, they are sharing them with you. The number of successful cyber attacks in the U.S. has grown 144 percent in the past four years,1 and the rest of the world is close behind. In that same time, the cost to the average company has almost doubled.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Information Management Leader Archive360 Launches Developer Program to Extend Business Users’ Access to Archived Data with Zero-Trust APIs

Archive360 | August 29, 2022

Archive360™, the archiving and information management leader trusted by enterprises and government agencies worldwide, today announced its Archive360 Extend developer program, giving customers and partners access to the company’s unique APIs (application programming interfaces) so they can leverage the market-leading information governance capabilities of the Archive360 Open Archiving Platform, extending capabilities of customer in-house developed applications as well as third party applications. As the only true Platform-as-a-Service (PaaS) solution provider, Archive360 enables organizations to migrate and onboard massive volumes of data to the cloud, with full control over data security, privacy, access, and compliance. With Archive360 Extend, users can now benefit from one search to directly access, manage and extract relevant data from the Archive360 archive in the comfort and familiarity of their preferred applications, while professionals in the legal, IT and compliance units are assured that all data is being appropriately managed. “Companies offering vital services such as eDiscovery, internal and external audits and core business applications are not in the business of archiving and managing information - that’s our specialty,” said Robert DeSteno, co-founder and CEO of Archive360. “In today’s operating environment, skilled professionals prioritize working from the applications they access daily. Archive360 now makes it possible for these users to access and leverage data in Archive360’s repository from those apps with one search - in most cases, they won’t even know where the data is, only that their access is fully authorized and secure. More than a dozen partners have already joined this program, and over the next few weeks we’ll be announcing key partnerships with specific companies. Archive360 Extend represents a new advance in archiving and information management, and we’re just getting started.” The new program enables a seamless, secure and compliant connection between two complementary forces: the Archive360 information management platform’s ability to onboard, manage and store massive volumes of business data - including files, videos, audio, CRM, ERP, emails/electronic communication, social media and more - and companies specializing in complex disciplines such as eDiscovery and data analytics, serving business users who need immediate, authorized, and secure access to all relevant data resources without having to switch between applications. Archive360 enables participating companies to promote their offerings to a much broader market, including large and heavily regulated enterprises with massive amounts of data that need to be retained and managed securely in compliance with internal and external mandates. One Search User Access Archive360 APIs enable end users, with one search, to quickly, easily, and cost-effectively access, review and act on data from any system across their organization. And while the company leads the market with a unified platform - massive data volumes offering enhanced flexibility for easy and secure access - its APIs also come with major advantages. The collective benefits include: One Search: Greater visibility into any data source connected to the Archive360 archive, and greater control over that data: how it’s processed, stored, protected and managed, with performance tailored to meet specific business needs Scalability: Process and manage petabytes of data, rapidly, cost-effectively and dynamically scale horizontally and vertically to meet any workload Security: True Zero Trust data security with unparalleled PII protection - even system administrators can’t access the data without explicit approval Defensible Compliance: Ensuring data accuracy, compliance and reliability through immutable storage, data localization, and an audit trail to capture the complete chain of custody. Separate micro-APIs run in the right place across on-premises, in-country or overseas cloud infrastructures ensuring compliance with data localization requirements Risk Management: eliminating redundant, obsolete and trivial (ROT) information; replacing legacy systems; and optimizing storage Comprehensive Functionality: There’s one front-end API for ingestion, operations, monitoring, admin, records, discovery, machine learning and analytics, along with micro-APIs Open Framework: The APIs are extensible - for example, Archive360’s archive functionality can be seamlessly embedded into independent software vendors’ applications and customer portals Archive360 APIs are managed with a Zero-Trust framework that encompasses data threat surfaces, lifecycles, governance and more - a critical advantage in today’s operating environment. The company also adheres to an API-first philosophy: The APIs are consistent and reusable across the Archive360 platform and applications or portals accessing the data. Customers and partners can learn more about the Archive360 Extend developer program by speaking with their account representative or registering to become an Archive360 partner. About Archive360 Archive360 is the enterprise information archiving company that businesses and government agencies worldwide trust to securely migrate their digital data to the cloud, and responsibly manage it for today’s regulatory, legal and business intelligence obligations. This is accomplished by applying context around the search, classification, security, retention, disposition and indexing of data including files, videos, and emails—all while allowing organizations to maintain full control over privacy, access, and compliance. Archive360 is a global organization that delivers its solutions both directly and through a worldwide network of partners. Archive360 is a Microsoft Cloud Solution Provider, and the Archive2AzureTM solution is Microsoft Azure Certified.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Keeper Security Launches Upgraded MSP Platform

Keeper Security | September 09, 2022

Keeper Security, the leading provider of zero-trust, zero-knowledge and FedRAMP Authorized cybersecurity software, today released an upgraded KeeperMSP platform that offers robust security and compliance solutions through an expanded portfolio of Keeper zero-trust security capabilities. These new market-leading features will help Managed Service Provider (MSP) partners oversee security and compliance for their customer base in an increasingly challenging threat landscape. The platform enhancements include powerful add-on features and products that offer a broad range of new solutions for MSPs, including: Advanced Reporting & Alerts (ARAM) Module; BreachWatch®; Compliance Reporting; KeeperChat®; Secure File Storage; Keeper Secrets Manager and Keeper Connection Manager. "At Keeper Security, we are committed to providing our MSP partners with the cutting-edge tools they need to achieve robust security and compliance for their internal users and the customers they support. "With the upgrades to KeeperMSP, we are equipping partners with powerful new features that support a zero-trust security model for maximum protection. MSPs can now offer even more Keeper features to their users and managed companies to help detect threats and prevent attacks." Darren Guccione, CEO and co-founder of Keeper Security Security and compliance capabilities included in Keeper's upgraded MSP platform include: Advanced Reporting & Alerts (ARAM) Module, which empowers InfoSec administrators to monitor more than 100 different security and activity-related event types via customizable reports, real-time notifications and seamless integration into any third-party SIEM solution. BreachWatch®, which continuously scans the dark web and receives alerts on compromised passwords to take immediate action for preventing an account takeover attack. Compliance Reporting that provides on-demand visibility of access permissions for the organization's credentials and secrets, and supports audits for Sarbanes Oxley (SOX) and other industry regulations that require access-control monitoring and event auditing. KeeperChat®, which enables secure, ephemeral messaging across employee devices with the world's most secure messaging solution, protecting communications with end-to-end encryption. Secure File Storage that taps into Keeper's zero-knowledge encryption to put secure file storage, retrieval and decryption privileges in the hands of approved users only. Keeper Secrets Manager, which secures your environment and eliminates secrets sprawl by removing hard-coded credentials from your source code, config files and CI/CD systems. Keeper Connection Manager, which provides DevOps and IT teams with effortless access to RDP, SSH and Kubernetes endpoints through a web browser. The upgraded Keeper MSP platform offers new revenue opportunities and competitive differentiation for users. The market-leading, differentiated features and bundling options will help MSPs keep pace in the ever-changing cybersecurity industry. About Keeper Security Keeper Security, Inc. ("Keeper") is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity security-related cyberattacks, while gaining visibility and control. Keeper is the leading provider of zero-trust and zero-knowledge security cloud services trusted by millions of people and thousands of organizations for password management, secrets management, privileged access, secure remote infrastructure access and encrypted messaging.

Read More

DATA SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

At-Bay Selects Guidewire Cyence to Enhance Cyber Portfolio Accumulation Risk Management and Further Propel Market Growth

At-Bay, Inc. | September 17, 2022

At-Bay, the insurance provider for the digital age, and Guidewire today announced that At-Bay has chosen Guidewire’s cyber risk modeling and analytics product, Cyence, to further bolster its view, and management of, aggregation risk, within its growing cyber insurance portfolio. “Cyber risk aggregation is an important area of risk that every insurer should be actively monitoring and managing within their cyber portfolio. Investing in the right data capabilities, tools, and mechanisms for monitoring and sizing aggregation risk exposure is critical to managing cyber insurance risk in today’s fast changing threat landscape,” said Roman Itskovich, At-Bay’s Chief Risk Officer and Co-Founder. “With At-Bay’s steadfast focus on proactive risk management, Guidewire’s solution will help us to expand our data capabilities and toolkit for proactive risk management, so that we can continue to deliver great loss results,” Itskovich added. By combining world-class technology with industry-leading insurance expertise, At-Bay aims to provide the clarity and confidence that businesses need to address digital risk head on. Founded in 2016, At-Bay protects tens of thousands of business customers from today’s ever growing cyber threat landscape. With its in-house data collection capabilities aimed at addressing attritional risk in the selection, pricing, and active risk management of its portfolio, At-Bay will now expand its focus to aggregated risk exposures. “We selected Guidewire because it has a strong reputation for being one of the top cyber risk vendors, especially for transparency, in-house data collection, and market validation. “By applying Cyence’s advanced risk models and detailed aggregated risk scenarios to our own active risk monitoring capabilities and claims experience, we believe that we will be able to further enhance our underwriting and portfolio risk management decisions, and maintain a strong loss performance as our book grows.” Yoshifumi Yamamoto, Director of Cyber Risk Modeling, At-Bay Commenting on the news, Charles Clarke, Group Vice President, Analytics Sales & Advisory, Guidewire, said, “We admire At-Bay’s use of Cyence to expand its modeling capabilities to account for aggregated risk. We are pleased by their vote of confidence in our cyber capabilities and look forward to infusing data analytics to help At-Bay’s clients meet digital risk head-on.” About At-Bay, Inc. At-Bay is the insurance provider for the digital age. By combining world-class technology with industry-leading insurance expertise, At-Bay was designed from the ground up to empower businesses to thrive in the digital world. At-Bay is backed by Acrew Capital, Glilot Capital, the HSB fund of Munich Re Ventures, Icon Ventures, ION Crossover Partners, Khosla Ventures, Lightspeed Venture Partners, M12, entrepreneur Shlomo Kramer, and Qumra Capital. www.at-bay.com About Guidewire Software Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. ​We combine digital, core, analytics, and AI to deliver our platform as a cloud service. Approximately 520 insurers in 38 countries, from new ventures to the largest and most complex in the world, run on Guidewire.

Read More