iboss, Inc. | July 29, 2022
iboss, the leading Zero Trust Edge cloud security provider, announces that it has obtained Federal Risk and Authorization Management Program (FedRAMP) Authorization. The achievement is reflective of the company’s commitment to work alongside federal agencies to protect government entities and civilians from growing and increasingly sophisticated cyberthreats.
Earlier this year, the United States Office of Management and Budget unveiled a strategy designed to prevent damaging hacks and breaches by moving federal agencies toward a zero trust cybersecurity approach. The announcement followed a 2021 Biden Administration executive order aimed at protecting federal networks by modernizing government cybersecurity, including through the implementation of zero trust security
architecture as defined in the National Institute of Standards and Technology (NIST).
The iboss platform is a purpose-built, patented, cloud delivered security solution that has been trusted by organizations worldwide to implement Zero Trust architecture as laid out specifically in the NIST 800-207 Special Publication. The company’s containerized cloud architecture makes it the only platform that can control what NIST refers to as the “Implicit Trust Zone” to ensure that all data and resources are completely private. The FedRAMP authorization now extends iboss’s leading platform to all U.S. government customers.
“Our Zero Trust Edge platform prevents breaches by making applications and data inaccessible to attackers while allowing trusted users to securely and directly connect to resources from anywhere. “In today’s work-from-anywhere world, protecting sensitive information, regardless of who is accessing it or where, is critical. We look forward to continuing to extend our platform and expertise to U.S. government agencies.”
iboss CEO Paul Martini
A Zero Trust Architecture built on iboss consolidates network security technologies (SWG, CASB, DLP, IPS, malware defense, browser isolation, firewall) into a single unified cloud platform and eliminates the need for a VPN while securing any device, regardless of location. By making all applications private, iboss eliminates the top three initial ransomware infection vectors as identified by the Cybersecurity and Infrastructure Security Agency (CISA). With applications, data and services made accessible only through the iboss Zero Trust Edge, cyber risk is greatly reduced, breaches and data loss are prevented, and visibility and security are delivered consistently throughout an organization.
FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
About iboss, Inc.
iboss is a cloud security company that enables organizations to reduce cyber risk by delivering a Zero Trust service designed to protect resources and users in the modern distributed world. Applications, data and services have moved to the cloud and are located everywhere while users needing access to those resources are working from anywhere. Built on a containerized cloud architecture, iboss delivers security capabilities such as SWG, malware defense, browser isolation, CASB and data loss prevention to protect all resources, via the cloud, instantaneously and at scale. This shifts the focus from protecting buildings to protecting people and resources wherever they are located. Leveraging a purpose-built cloud architecture backed by 230+ issued and pending patents and more than 100 points of presence globally, iboss processes over 150 billion transactions daily, blocking 4 billion threats per day. More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies. iboss was named one of the Top 25 Cybersecurity Companies by The Software Report, one of the 25 highest-rated Private Cloud Computing Companies to work for by Battery Ventures, and CRN’s Top 20 Coolest Cloud Security Companies of 2022.
DATA SECURITY,ENTERPRISE IDENTITY
Illumio | September 29, 2022
Illumio, Inc., the Zero Trust Segmentation company, today announced Illumio Endpoint®, a reimagined way to prevent breaches from spreading to clouds and data centers from laptops. Hybrid work has expanded the attack surface, introducing new threats and making organizations more vulnerable, so it’s become increasingly important for employees to have secure access to applications and data wherever they are located. Unlike other Zero Trust Segmentation solutions, Illumio Endpoint lets your policy follow your teams’ laptops wherever they work, whether at home, in the office, or at a coffee shop. With Illumio Endpoint, the first device that gets infected will also be the last.
Organizations are more interconnected and vulnerable in hybrid workplaces, and the attack surface is growing increasingly complex. Additionally, attacks on hybrid work environments are more expensive, costing an average of about $600K more than the global average. Even with endpoint detection and response tools in place, endpoints still get breached – according to ESG, 76 percent of organizations experienced a ransomware attack in the past two years alone.
Illumio Endpoint includes:
Extended visibility and segmentation policy controls for macOS and Windows devices, allowing organizations to see risk and stop attacks from spreading from laptops, workstations, and VDIs.
A single, unified console to see and manage visibility and segmentation policy across endpoints, clouds, and data centers, making Zero Trust Segmentation easier, faster, and more efficient for security teams.
Work from anywhere support with segmentation policy that follows the device, so organizations have the confidence that their networks are secure, and their employees can remain productive while working from anywhere.
The ability to control application access so users can only reach the necessary applications from their device, not the entire data center and cloud, minimizing the organization's risk from vulnerable or compromised endpoints.
"Before Illumio, we had only a slim idea of what kind of communications were running across our network. But with Illumio, we clearly see exactly what's connecting to individual endpoints.
David Ault, VP of Information Security at Telhio Credit Union
“The hybrid workforce is here to stay, which exposes organizations to a more complex attack surface and more risk, particularly on the endpoint,” said Mario Espinoza, Chief Product Officer at Illumio. “It’s important to have tools that can detect and respond to an identified breach, but unidentified attacks can spread throughout the organization to access critical data and assets when Zero Trust Segmentation is not in place to proactively contain the breach. With Illumio Endpoint, security leaders will gain the comprehensive protection needed to build resilience to attacks throughout their hybrid IT and as employees work from anywhere.”
“Ransomware and other cyberattacks often involve end user devices somewhere in the attack chain, moving laterally on to other higher-value assets,” said Dave Gruber, Principal Analyst, ESG. “Because attackers continue to find ways in and move laterally fast, prevention, detection and response mechanisms can fall short stopping these fast-moving attacks. Containment strategies such as Zero Trust Segmentation across endpoint devices can proactively stop ransomware and other fast-moving attacks from spreading to critical infrastructure and assets, reducing risk.”
Illumio, the Zero Trust Segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.
SecurityScorecard | August 10, 2022
SecurityScorecard, the global leader in cybersecurity ratings, today announced the integration of its Professional Services offering with its ratings platform to provide a single point of orchestration to manage cybersecurity risks. SecurityScorecard’s Professional Services team can help any customer manage cybersecurity risk in concert with the industry’s largest and most comprehensive global, cyber risk data set, setting the industry standard for how cyber risk is quantified, measured and reduced.
SecurityScorecard delivers strategic, proactive and acute-scenario services paired with its industry-leading ratings platform that together provide end-to-end cyber risk management from monitoring to remediation.
“CISOs are under pressure to protect their organizations, and are now accountable to the Board of Directors, but they lack a single-point of orchestration for cybersecurity workflow and to define success. “Our services and software platform provides CISOs with peace of mind that they have the broad visibility to take action quickly, hold their vendors accountable and communicate those actions promptly.”
Aleksandr Yampolskiy, co-founder and CEO, SecurityScorecard
SecurityScorecard’s Professional Services team utilizes the combined data and dynamic risk intelligence from the SecurityScorecard platform together with customized data derived from dark web mining to give each customer a holistic, full-spectrum view of their risk posture that is continuously assessed and triaged.
SecurityScorecard’s suite of Professional Services is supported by a team of 24/7 Digital Forensic Incident Response (DFIR) experts and include:
Cyber Risk Intelligence-as-a-Service provides organizations with tailored, actionable intelligence via SecurityScorecard’s threat intelligence team.
Third-Party Risk Management (TPRM) Program includes workshops and customized roadmaps to help organizations mature their programs.
Tabletop Exercises help test teams’ cyber readiness against a real-world cyber incident by practicing incident response scenarios.
Penetration Testing and Red Team Exercises engage covert teams of ethical hackers to identify weaknesses.
Digital Forensics & Incident Response (DFIR) support helps to collect, preserve and analyze digital evidence when responding to an incident, whether that be an insider threat situation or a nation state attack. SecurityScorecard’s team of experts regularly testify in court and collaborate with law enforcement. Incident Response support is also available 24/7 and onsite during a crisis, such as a ransomware incident, to help contain attacks, identify the threat actors and safely progress to the eradication phase.
SecurityScorecard’s Professional Services team also helps prevent churn across internal security and TPRM teams by giving them the expertise to maintain program integrity and business uptime, particularly for under-resourced teams, regardless of cyber or third-party risk maturity.
Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.