Software Security

Lookout and CipherCloud Together are Ready to Redefine Security from Endpoint to Cloud

In the current event, Lookout, Inc announced that it had acquired CipherCloud. Lookout, Inc is a leading cybersecurity company. It is now joining hands with CipherCloud, a leading cloud-native security company, operates in the emerging Secure Access Service Edge (SASE) market. They both blaze a new path together to combine and create an integrated endpoint-to-cloud security solution. By this combination, Lookout will be in a unique position to deliver the industry's first end-to-end platform that will secure an organization's entire data path from an endpoint to the cloud. This will later empower customers with a single source of unified policies and provide end-to-end security to accelerate their digital transformation.

CipherCloud solutions are related to several developing SASE categories. This includes Secure Web Gateway (SWG), Zero-Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), and Data Loss Prevention (DLP). Together these solutions will deliver data security, comprehensive visibility, threat protection, and compliance for cloud-based applications. Familiar to this, CipherCloud has already been providing services to many of the world's largest global enterprises and government institutions seeking protection and security through cloud technology.

The purpose of this integrated endpoint-to-cloud security solution is accelerated by the adoption of cloud applications, proliferation of remote users, data transitioning of the corporate data center into the cloud, and more network traffic flowing to public cloud services. To tackle the security challenges caused by the above trends, businesses in this industry need a cohesive platform that can track activity and enforce policies from the endpoint device to cloud-based applications. And the need to stop zero-day attacks on data information across the entire end-to-end path, this integrated solution can fill the gaps immediately, keeping all information secured in one place.

Jim Dolce, CEO of Lookout, highlights this acquisition. Gartner forecasts that the SASE market will nurture at a CAGR of 42% over the next five years and would reach almost $11 billion by 2024. With the acquisition of CipherCloud, Lookout is head-on with the transformation to cloud infrastructure and is in a unique position to deliver value to its customers.

Besides all, the integration of CipherCloud and Lookout technologies will also remove friction, augment usability and convenience, enable user freedom and reduce operational costs compared to a collection of siloed point products. The integrated Lookout platform will authorize a growing number of businesses to deliver critical applications to users working anywhere securely.

Jim Dolce, CEO, Lookout, puts his words expressing his version about this acquisition. He says that "We couldn't be more excited to welcome the CipherCloud team to Lookout. Our two organizations share a common passion for accelerating cloud adoption with cloud-native solutions that secure critical data." Joining hands with CipherCloud is the next phase of our enterprise market expansion. By this, we will be extending our reach from endpoint into cloud, where the applications and data reside. Through this combination, we will deliver endpoint-to-cloud security by keeping elements of our solutions together into a single cloud-delivered offering."

Apart from this, Pravin Kothari, Founder, and CEO, CipherCloud, also speaks, "as a pioneer of the Cloud Access Security Broker market, CipherCloud has allowed organizations worldwide to achieve their digital transformation. Today, we take the exciting next step on the road to SASE by integrating our strengths with Lookout to deliver endpoint-to-cloud security for the modern workforce."

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Related News

Cloud Security

Cisco Secure Application to Provide Business Risk Observability

Cisco | September 15, 2023

Cisco Secure Application, new to the Cisco Full-Stack Observability Platform, brings application and security teams together to secure cloud-native application development and deployment. The platform integrates Cisco's industry-leading security products' security intelligence with application performance data to provide business context with security findings. Cisco-exclusive business risk observability enables IT professionals to identify, assess, and prioritize risk and fix application security concerns based on potential business impact. Cisco, a worldwide technology leader that offers innovative software-defined networking, cloud, and security solutions, has unveiled the availability of the Cisco Secure Application, formerly known as Security Insights for Cloud Native Application Observability, on the Cisco Full-Stack Observability platform. This integration empowers organizations to seamlessly unite their application and security teams, facilitating the secure development and deployment of modern applications. The latest release of Cisco Secure Application extends its capabilities to securely manage both cloud-native and hybrid applications. In an effort to assist organizations in bolstering their cloud-native applications security, Cisco has introduced the new Cisco Secure Application offering, which is available on Cisco's recently introduced Full-Stack Observability platform. This solution equips customers with enhanced visibility and intelligent insights regarding business risk in various cloud environments. As a result, businesses gain the ability to more effectively prioritize and respond to security risks that could impact revenue and reputation in real time, leading to a reduction in overall organizational risk profiles. As organizations strive to provide smooth digital experiences, IT teams have faced growing demands to transition to modern, distributed applications. According to a recent study by Cisco, 92% of global technologists acknowledge that the urgency to innovate and adapt to evolving customer needs has often resulted in compromised application security during software development. As a consequence, organizations have become susceptible to security vulnerabilities and threats. They face broader attack surfaces and gaps in their application security layer due to the isolation of teams. These teams face challenges in obtaining adequate visibility and the necessary business context for prioritizing vulnerabilities. Consequently, organizations are witnessing a surge in security incidents within the modern environment, thereby jeopardizing customer data and the reputation of their businesses. Mark Leary, Research Director, IDC, stated, Cisco's extensive domain experience across multi-cloud and hybrid environments and comprehensive full tech stack oversight positions the company well to assist customers bring business risk observability, application observability, and security intelligence data together. Combined, they give customers access to the critical information they need to make smarter decisions about their application security [Source – Cision PR Newswire] Senior VP and General Manager of Cisco Full-Stack Observability and AppDynamics, Ronak Desai, said, An organization's ability to swiftly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they’ll be exploited, and the risk to the business of each issue. This business risk observability can enable IT professionals understand and prioritize those risks and is uniquely delivered by Cisco. The availability of Cisco Secure Application on the Cisco Full-Stack Observability platform is a crucial next step in our commitment to providing customers with the tools they need to provide unmatched and secure digital experiences across multi-cloud and hybrid environments. [Source – Cision PR Newswire]

Read More

Software Security

Okta Unveils Identity Threat Protection with Okta AI for Its Cloud

Okta | October 09, 2023

Okta, Inc. announces Identity Threat Protection with Okta AI, a new product for Okta Workforce Identity Cloud. It enables security teams and admins to constantly evaluate user risk during active sessions and respond automatically to Identity threats across the entire ecosystem. Identity Threat Protection enables organizations to mitigate risk with enhanced threat detection and response capabilities. Okta, Inc., the leading independent Identity partner, has introduced Identity Threat Protection with Okta AI, a revolutionary product within the Okta Workforce Identity Cloud. This innovative solution provides identity-based threat detection and mitigation in real-time. Identity Threat Protection goes beyond initial authentication by employing Okta AI and security infrastructure insights. It assures continuous user risk assessment during active sessions and enables automatic responses to Identity threats across the entire ecosystem. Organizations are increasingly adopting diverse cybersecurity tools to counter evolving threats. However, this leads to a flood of detailed security data, making it daunting for administrators to set up efficient policies and identify crucial threats. This fragmentation makes it challenging to track the risk of any specific user session over time and requires navigating various consoles. Okta stands out with its unified Identity deployment, offering a unique ability to evaluate risks across security domains and active user sessions. This innovative strategy solves a crucial business challenge as, according to Gartner, "By 2025, organizations that adopt a continuous adaptive trust strategy will reduce [account takeover] along with other identity risks by 30%..." President and CDO of Workforce Identity Cloud at Okta, Sagnik Nandy, said, Organizations need the ability to not only bring together risk insights at the point of login, but also to re-evaluate at any point in a user’s session. Identity Threat Protection extends Okta’s adaptive risk analysis and delivers automatic remediation and response, assisting businesses stop potential threats in real-time. [Source – Business Wire] Multi-factor authentication (MFA) is a vital tool in combating identity-based attacks. However, its effectiveness typically extends only to the login stage. Using shared signals throughout a user's active session, Identity Threat Protection equips organizations with enhanced threat detection and response capabilities, thereby mitigating risk. Initial launch capabilities include: Continuous Risk Evaluation Shared Signals Pipeline Adaptive Actions CIO at Palo Alto Networks, Meerah Rajavel, said, Our world-class threat intelligence innovations assist secure enterprises against evolving attack methods. Partnering with Okta’s Identity Threat Protection is a great opportunity to further empower enterprises with security signal sharing, assisting them to better detect changes in user risk across their tech stack. [Source – Business Wire]

Read More

Web Security Tools, Cloud Security

Tenable Unveils Comprehensive Web Application and API Scanning Capabilities for Nessus Expert

GlobeNewswire | September 01, 2023

Tenable®, the Exposure Management company, today announced web application and API scanning in Tenable Nessus Expert, new features that provide simple and comprehensive vulnerability scanning for modern web applications and APIs. Web application and API scanning in Nessus Expert are dynamic application security testing (DAST) features that enable security practitioners to proactively identify and assess web applications and APIs for known vulnerabilities. This includes OWASP Top 10 vulnerabilities in custom application code and known vulnerabilities found in third-party components. Backed by Tenable Research, Nessus provides broad and accurate vulnerability coverage for web applications and APIs – spanning web application servers, content management systems, web frameworks, programming languages and JavaScript libraries. The result is fewer false positives and negatives, ensuring security practitioners know the true risks in their applications. “Web applications are under siege and the security practitioners in charge of protecting them face numerous challenges,” said Glen Pendley, chief technology officer, Tenable. “With Nessus Expert – the gold standard in vulnerability assessment – we’re tackling the crux of these challenges head on by widening visibility into web applications and APIs. Whether the apps are running on-prem or in the public cloud, Nessus Expert assesses their exposures and provides security practitioners, consultants and pentesters with actionable results quickly.” Nessus Expert is the industry’s first vulnerability assessment solution that spans traditional IT assets and the dynamic modern attack surface, including the external attack surface, cloud infrastructure and now, web applications and APIs. This new feature and functionality enables security practitioners to: Set-up new web app and API scans and easily generate comprehensive results Rapidly discover known vulnerabilities and cyber hygiene issues using predefined scan templates for SSL/TLS certificates and HTTP header misconfigurations Identify all web applications, APIs and underlying components owned by a given organization Confidently and safely scan environments without disruptions or delays About Tenable Tenable® is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies. Learn more at tenable.com.

Read More