DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
GuidePoint Security | September 21, 2022
GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today that Deepwatch, the leader in advanced managed detection and response (MDR) security, has joined the Emerging Cyber Vendor Program. This GuidePoint Security Program is specifically designed to help emerging cybersecurity vendors expand their federal footprint. As part of this program, the Deepwatch MDR solution is now available under GuidePoint’s GSA Multiple Award Schedule Contract #GS-35F-508CA.
Through this partnership, Deepwatch’s MDR solution will be brought to the public sector through GuidePoint Security, which has 40+ years of collective federal expertise across sales and marketing, operations, engineering and procurement.
"We are thrilled to be partnering with Deepwatch to support its expansion into the public sector market. “Through its advanced security operations platform and dedicated squads of security experts, Deepwatch will help government agencies better detect and respond to threats.”
Jim Quarantillo, Federal Partner, GuidePoint Security
"This important partnership ultimately provides federal agencies with enhanced on-going situational awareness of their attack surface and the ability to rapidly detect and contain threats,'' said Carl Helle, chief revenue officer at Deepwatch. “We are proud to partner with GuidePoint Security, leveraging their deep cybersecurity consulting and federal expertise, to help government agencies protect against cyber threats."
Deepwatch delivers the industry’s most advanced managed detection and response security, protecting organizations from cyber threats 24/7/365. With Deepwatch, customers get a team of always-on cybersecurity experts who work with them as an extension of their team, powered by an advanced security operations platform that delivers high-fidelity alerting and automated response capabilities for rapidly containing threats.
About GuidePoint Security
GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk.
Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.
DATA SECURITY,PLATFORM SECURITY
Laminar | August 24, 2022
Laminar, a public cloud data security provider, today announced that it has been named by Gartner as a Sample Vendor for Data Security Posture Management (DSPM) in the Hype Cycle for Data Security, 2022. In addition to referencing Laminar, the Hype Cycle also gives DSPM a benefit rating of “transformational,” the highest benefit rating possible.
Laminar is a cloud data security platform that delivers autonomous, agentless, and continuous data security for everything that you build and run in the cloud. Laminar provides autonomous discovery and classification for all data across AWS, Azure, GCP, and Snowflake into a cloud data catalog, prioritization of data assets by our proprietary risk model, an agentless and asynchronous approach to DSPM to reduce the exposure surface without impacting performance, and continuous monitoring to detect data leaks in real time.
“We have consistently heard from our customers that the visibility provided by the Laminar platform is transformational and we are thrilled to see Gartner classify DSPM as such in this Hype Cycle report. “We are thrilled that Gartner and the market are recognizing the need for DSPM. We believe that this recognition validates our view that organizations must move to a data-centric security approach that enables data democratization, safely.”
Amit Shaked, co-founder and CEO, Laminar
According to Gartner, “Organizations face challenges mitigating data security and privacy risks as data rapidly proliferates across multi-cloud and hybrid IT architectures. Identifying meaningful data risk is impossible to solve without combining metrics from data sensitivity, data lineage, infrastructure configurations that create data risks and access risk into a common view. This is an urgent problem that is encouraging rapid growth in the availability and maturation of this technology.”
As Gartner explained, “DSPM provides visibility of inconsistent security posture by analyzing a data map of user access to various datasets for identifying business risks. DSPM accelerates assessments of how data security posture can be enforced through complementary data security controls to reduce business risks despite the speed, complexity, dynamics and scale of hybrid IT and multi-cloud deployments.”
The drivers of DSPM adoption according to Gartner include:
Need to create a data map of user access against specific datasets has been a complex process in the past because traditional data security and IAM products are siloed in the way they operate.
Need to map and track the evolution and data lineage across structured and unstructured formats, and across all potential data locations and shadow data, is critical to achieve consistent analysis. This is an emerging driver that is currently in evolution.
The growth of regulations that require a data risk assessment has created the need for tools that can assess DSG policies.
Need to protect data against exposure (e.g., cloud misconfigurations, excessive access privileges or data residency risks that arise due to geographic locations and access pathways to data).
Combination of data observability features, such as real-time visibility into data flows, risk and compliance with data security controls, with the objective to identify security gaps and undue exposure.
This recognition comes on the heels of growing business momentum at Laminar. The company recently doubled its total amount of funding raised in six months to a total of $67 million. Additionally, Laminar was recognized by Fortress Cyber Security Awards and the Global InfoSec awards, and was named a TAG Cyber Distinguished Vendor.
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER and Hype Cycle are registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers (AWS, Azure, and GCP) and cloud data warehouses such as Snowflake. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne.
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Security Compass | August 26, 2022
Security Compass, a leading cybersecurity solution provider, has published the results of a research study examining developer views on application security, including the challenges and opportunities they face in their secure development efforts. The report, “2022 Developer Perspectives on Application Security,” provides a deep dive into security maturity, threats, requirements, tools, resources, and training.
In order for software developers and security teams to effectively collaborate and ensure that a company’s software products are secure, developers need automated, current, relevant, and actionable JITT training embedded into their development tools and processes. Security Compass’ research found that while most developers believe their enterprise has a mature security posture, almost half find it challenging to stay up to date with current security and compliance-related activities. The “2022 Developer Perspectives on Application Security” study raises awareness about how automation can solve many challenges for developers in secure application development.
Key takeaways from the study include:
The number one most important means to thwarting security threats according to developers is automated threat modeling (46% claiming it was “mission critical” and another 36% indicating it was “quite important”).
42% of developers who have been assigned requirements related to security and compliance find it challenging to stay up to date with current security and compliance-related activities.
28% of respondents claim that scope “creep” in security compounds challenges, with another 19% believing that security processes take too much time.
Overall, developers are in favor of security training, with 32% of developers opting to pursue training on their own (63% of respondents reported being mandated to do training).
Developers from smaller companies ($10M to $100M) were more than twice as likely (31% vs. 14%) as those from the largest companies ($5B+) to use ad hoc or reactive means to “gate-keep” releases from a security perspective.
On average, 34% of software requirements are related in some way to security and compliance, yet only 25% of companies have shifted security left into the Design Stage of software development.
“When building secure software, developers must be system thinkers. Ideally, they engage secure methods early in the design process, engage with key security personnel and stakeholders and insist on automated cybersecurity tools that efficiently guide them throughout the SDLC," said Rohit Sethi, CEO of Security Compass. “Software built with the needs of software developers at the forefront is essential to the task of cybersecurity, and companies that want to attract and support developers in their efforts to build cyber-resilient software need to look to integrated cybersecurity software. This is reinforced by Security Compass’ study that software that provides just-in-time training (JITT) and guidelines for software developers is essential for accomplishing these goals.”
For more information about the adoption of security and compliance processes by developers across organizations of various sizes, download the full “2022 Developer Perspectives on Application Security” study.
About the Survey
Security Compass commissioned Golfdale Consulting to conduct this survey research project. The survey was conducted in Q2 2022 and was based on 250 respondents from the US and UK markets working in companies ranging from $10 million to $10 billion in size. Half of the developers surveyed worked for technology companies, while the other half came from enterprises ranging from manufacturing to insurance . Respondent roles included a mix of developers from software development/DevOps (62%), IT infrastructure and back office (22%) and cyber/information security (14%).
About Security Compass
Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries.