Enterprise Security, Platform Security, Software Security
Business Wire | August 01, 2023
Conceal, the leader in browser security for managed service providers, today announced the launch of its Conceal MSP Community Program. A significant highlight of this initiative is the offer of a free NFR license for Managed Service Providers (MSPs), demonstrating Conceal's commitment to strengthening its partnerships within the MSP community.
Conceal continues to build on its significant traction within the MSP ecosystem, always responsive to partner feedback and striving to simplify and enhance the effectiveness of its deployment process. The Conceal MSP Community Program marks a new chapter in this ongoing dialogue, with the free NFR license aimed at enabling MSPs to fully experience and understand the power of the ConcealBrowse solution, thus facilitating its integration into their service offerings.
“Our partnership with Conceal has empowered us to offer a comprehensive cybersecurity package that's second to none," declared Dave Thompson of TeamLogic IT of San Ramon, CA. "Their ConcealBrowse solution, with its cutting-edge isolation technology, has been instrumental in defending our clients against malware and ransomware. The fact that it can be easily integrated into our existing security offerings has enhanced the overall value we deliver to our clients. We're proud to work with a partner who shares our commitment to cybersecurity resilience.”
Furthermore, Conceal recognizes the cybersecurity challenges small to mid-sized companies face, notably ransomware and credential theft. Through the Conceal MSP Community Program, MSPs will be in a stronger position to offer innovative solutions to these threats. ConcealBrowse can easily be integrated into existing security packages or function as a standalone solution for companies lacking protection, thereby increasing overall cybersecurity resilience within limited budgets.
About Conceal
Conceal’s primary offering, ConcealBrowse, harnesses a sophisticated intelligence engine that works at machine speed with near-zero latency. It dynamically and transparently pre-processes and analyzes code, migrating suspicious, unknown, and risky browser activity to a secure cloud-based isolation environment.
Conceal enables organizations to protect users from malware and ransomware at the edge. The Conceal Platform employs Zero Trust isolation technology to defend against sophisticated cyber threats. Globally, organizations of all sizes depend on Conceal to ensure their users and IT operations remain secure and isolated from potential attacks. For more information, visit https://conceal.io/.
About TeamLogic IT
TeamLogic IT is a national provider of advanced technology solutions for companies of all sizes. Local offices provide clients with the IT support they need to run their businesses more efficiently by leveraging the latest technology solutions, including managed IT services, cybersecurity, business continuity, cloud services, mobility solutions, unified communications, and consulting and support. With more than 150 independently owned and operated locations across North America, TeamLogic IT helps companies minimize downtime and improve productivity.
Read More
Platform Security, Software Security, API Security
Businesswire | June 28, 2023
Cequence Security, the leader in API Protection, today announced new updates to the Unified API Protection (UAP) platform that strengthen customers’ ability to discover, manage risk and protect APIs. With the latest capabilities, organizations can rapidly deploy API Security Testing with built-in generative AI automation, protect users from online fraud and operationalize security findings with low-code/no-code workflows.
“We are always exploring ways to further automate and improve our UAP solution and help our customers consolidate the tools required to stay ahead of the threat actors,” said Ameya Talwalkar, founder and CEO. “The updates to our platform continue to set us apart from other point solution vendors in the API security space as we are providing our customers with the only integrated best-of-suite approach to discover, comply, test and protect their APIs.”
“Today, we are also excited to share we are the first API security vendor to take advantage of the game-changing Generative AI and no-code security automation within our UAP solution to better protect users from online fraud and simplify security findings,” continued Talwalkar.
Enhance API Security Testing with Generative AI
With the enormous potential of generative AI tools like ChatGPT and Google Bard, Cequence is one of the first cybersecurity companies and the first API Protection company to leverage its power to protect data and users from bad actors. Cequence has added several new capabilities to API Security Testing, including Test Plan generation using a new feature called Intelligent Mode that helps automate the generation of API Security Test Plans using plain English, extending the low-code/no-code approach to test case generation. Cequence UAP's Intelligent Mode automatically associates the appropriate APIs with the right test cases, given the functionality of that API. This not only drastically reduces the time needed to create a test plan to minutes, as compared to months with other solutions, it also ensures consistent experience across a customer's entire applications and environments.
Several other enhancements include detailed insights and remediation workflows into test failures. The test catalog now has test cases for the latest OWASP API Top 10 2023. Cequence also empowers InfoSec teams to run API tests outside of CI/CD pipelines, and instead, point attack test suites directly against staging or even production servers.
New Fraud Prevention Capabilities
To enable organizations to protect their APIs from online fraud, Cequence has introduced the Fraud Prevention module in API Spartan. The new module enables organizations to protect their end-customers from online fraud and instantly take action, including blocking transactions and generating enterprise-grade notifications to relevant teams.
Protecting applications and users against online fraud complements the existing capabilities of Cequence to detect and block business logic abuse, account takeover (ATO) attempts, common OWASP API Top 10 security risks and automated malicious traffic.
Operationalize API Protection with Low-Code/No-Code Security Automation
Cequence has introduced out-of-the-box integrations with over 300 third-party apps, including ServiceNow, PagerDuty, JIRA and Slack. Using off-the-shelf connections to these apps, security analysts can ensure security risks or threats are routed promptly to their business teams for remediation.
Security analysts can use a low-code/no-code approach within Cequence to implement the equivalent of an API Security Orchestration and Response (SOAR) workflow, wiring together multiple third-party connections to achieve their desired outcomes. Using this approach, analysts can operationalize workflows that promptly remediate critical API security risks, such as the discovery of shadow APIs that have access to sensitive data and new security risks of weak authentication or non-conformance to OpenAPI specifications in newly built pre-production CI/CD pipelines.
Enhanced Visibility of External Facing APIs with API Spyder
New enhancements to API Spyder enable customers to easily identify APIs that are externally accessible, but not entirely protected by Cloud Security Posture Management (CSPM) infrastructure. Additionally, this approach offers a seamless complement to API Sentinel's deep insights into runtime API inventory and compliance checking using the OWASP API Security Top 10 and other custom risk categories.
With the latest Unified API Protection platform updates, organizations can now protect their users from online fraud, operationalize security findings with low-code/no-code API SOAR-like workflows and rapidly deploy API Security Testing with built-in Generative AI automation. These capabilities continue to set Cequence apart from other point API security, bot management, anti-fraud and WAF vendors by having the industry’s first and only Unified API Protection platform that covers the entire API lifecycle. With UAP, customers can discover with API Spyder, comply with API Sentinel and protect with API Spartan.
About Cequence Security
Cequence Security, the pioneer of Unified API Protection, is the only solution that unifies API discovery, inventory, compliance, dynamic testing with real-time detection and native mitigation to defend against fraud, business logic attacks, exploits and unintended data leakage. Cequence Security secures more than 6 billion API transactions a day and protects more than 2 billion user accounts across our Fortune 500 customers. Learn more at www.cequence.ai.
Read More
Web Security Tools, Cloud Security
GlobeNewswire | September 01, 2023
Tenable®, the Exposure Management company, today announced web application and API scanning in Tenable Nessus Expert, new features that provide simple and comprehensive vulnerability scanning for modern web applications and APIs.
Web application and API scanning in Nessus Expert are dynamic application security testing (DAST) features that enable security practitioners to proactively identify and assess web applications and APIs for known vulnerabilities. This includes OWASP Top 10 vulnerabilities in custom application code and known vulnerabilities found in third-party components.
Backed by Tenable Research, Nessus provides broad and accurate vulnerability coverage for web applications and APIs – spanning web application servers, content management systems, web frameworks, programming languages and JavaScript libraries. The result is fewer false positives and negatives, ensuring security practitioners know the true risks in their applications.
“Web applications are under siege and the security practitioners in charge of protecting them face numerous challenges,” said Glen Pendley, chief technology officer, Tenable. “With Nessus Expert – the gold standard in vulnerability assessment – we’re tackling the crux of these challenges head on by widening visibility into web applications and APIs. Whether the apps are running on-prem or in the public cloud, Nessus Expert assesses their exposures and provides security practitioners, consultants and pentesters with actionable results quickly.”
Nessus Expert is the industry’s first vulnerability assessment solution that spans traditional IT assets and the dynamic modern attack surface, including the external attack surface, cloud infrastructure and now, web applications and APIs. This new feature and functionality enables security practitioners to:
Set-up new web app and API scans and easily generate comprehensive results
Rapidly discover known vulnerabilities and cyber hygiene issues using predefined scan templates for SSL/TLS certificates and HTTP header misconfigurations
Identify all web applications, APIs and underlying components owned by a given organization
Confidently and safely scan environments without disruptions or delays
About Tenable
Tenable® is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies. Learn more at tenable.com.
Read More