ENTERPRISE SECURITY

M.C. Dean launches Enterprise Security SaaS

M.C. Dean | March 25, 2022

M.C. Dean, a leader in cyber-physical solutions and systems integrator for enterprise-class security systems, today announced the launch of its Enterprise Security software as a service (SaaS) on AWS commercial and GovCloud.

"Our Enterprise Security SaaS offering provides integrated access control, intrusion detection, and video surveillance managed services with the ease, flexibility, and resiliency of the cloud."

Eric Dean, M.C. Dean chief technology officer

M.C. Dean's fully managed Enterprise Security SaaS runs on high availability AWS Cloud with leading commercial-off-the-shelf security systems combined with 24x7x365 service monitoring and customer support. The service supports web-based and client software access with enterprise-level system integrations such as single sign-on and standard or custom options.

  • Flexible & Resilient: Benefit from cloud-enabled system self-restoration and managed database capabilities. Automated deployments can build and rebuild systems within seconds. Active directory integrations provide secure, seamless access. Take advantage of centralized support for low-cost, high-performance nationwide installation and maintenance.
  • Highly Secure: Enterprise Security SaaS is designed to meet FedRAMP, FICAM, and other industry requirements. Keep application data separate and secure while accelerating cybersecurity authorizations for commercial and government clients.
  • Time & Cost Effective: Replace costly CapEx with utility-based pricing and immediate availability. Streamline setup costs and timelines, while reducing the price per site and device.

About M.C. Dean
M.C. Dean is Building Intelligence®. We design, build, operate, and maintain cyber-physical solutions for the nation's most recognizable mission-critical facilities, secure environments, complex infrastructure, and global enterprises. The company's capabilities include electrical, electronic security, telecommunications, life safety, automation and controls, audio visual, and IT systems. M.C. Dean is headquartered in Tysons, Virginia and employs more than 5,100 professionals who engineer and deploy automated, secure, and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability.

Spotlight

The insider threat to AD is real, pervasive and costly. The predominance of AD in enterprises around the globe makes it an appealing target for adversaries who can exploit technical limitations and human factors to launch data breaches from the inside out.

Spotlight

The insider threat to AD is real, pervasive and costly. The predominance of AD in enterprises around the globe makes it an appealing target for adversaries who can exploit technical limitations and human factors to launch data breaches from the inside out.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Tanium Expands Collaboration with Microsoft as It Joins the Microsoft Intelligent Security Association (MISA)

Tanium | August 17, 2022

Tanium, the industry’s first provider of converged endpoint management (XEM), today announced that it has been nominated to join the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers (MSSPs) that have integrated their solutions with Microsoft security technology to help customers better defend themselves against increasingly sophisticated cyber threats. “I believe that Microsoft and Tanium's partnership is going to transform the future of IT security and operations for my organization,” said Mark Wantling, CIO at the University of Salford. “By combining Tanium's real-time visibility and control with Microsoft's advanced threat intelligence, orchestration, and analytics services, I can quickly and easily identify and address vulnerabilities, remediate threats, and manage my estate across a multitude of platforms — and I don't need dozens of point solutions to do it.” As hybrid work and other digital transformations expand organizations’ IT assets and attack surfaces, customers benefit by consolidating security platforms to more seamlessly deliver security, performance, and automation, without needless complexity and alert fatigue. “I am excited to see that Tanium and Microsoft are working together,” said Andy Lawrence, cyber security improvements manager, Willis Towers Watson. “Combining Tanium’s real-time data and control with Microsoft’s services will allow my team to more effectively manage and secure my entire IT estate.” Tanium was nominated for MISA membership in part as a result of an integration with Microsoft Sentinel, soon to be available via the Sentinel Content Hub. Currently, Tanium is available in the Microsoft Commercial Marketplace, an online store providing applications and services for use on Azure. Customers can purchase and provision Tanium directly from the marketplace and apply the purchase to their Microsoft Azure Consumption Commitments (MACC). Every day, Tanium customers around the world take advantage of the Azure cloud platform, including streamlined deployment and provisioning, to accelerate their security strategies. “The largest and most sophisticated organizations trust Tanium to manage and secure their digital estates. “Combining Microsoft's security solutions with Tanium's real-time data, distribution, and control not only enables effective automation and resilient security, but it also creates accelerated savings for customers converging multiple point solutions into fewer, more comprehensive, and robust solutions.” Rob Jenks, senior vice president of corporate strategy at Tanium Together, Tanium’s integrations with Microsoft’s technology deliver the capabilities customers need to manage and secure IT estate from cloud to the edge, including active threat hunting, faster remediation, real-time patching, and the automated delivery of detailed real-time data. “Members of the Microsoft Intelligent Security Association – like Tanium – integrate their security solutions with Microsoft’s technology to gain more signal, increase visibility and better protect against threats. By extending Microsoft’s security capabilities across the ecosystem, we help our shared customers to succeed.” – Maria Thomson, Microsoft Intelligent Security Association Lead. About Tanium Tanium, the industry’s only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune’s list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere.

Read More

DATA SECURITY

Veza, the Data Security Platform Built on the Power of Authorization, Announces Partnership with Google Cloud

Veza | July 20, 2022

Veza, the data security platform built on the power of authorization, announces today that the company has entered a partnership with Google Cloud, including product integration that enables Google Cloud customers to harness the capabilities of Veza’s data security platform across their multi-cloud ecosystem. Veza, which recently launched in April 2022 after two years of building in stealth, makes it easy to understand, manage, and control who can and should take what action on what data. With this new integration, Google Cloud customers can now directly access the capabilities of Veza’s authorization-based data security platform integrated with Google Cloud Policy Analyzer to identify, manage, and control external identities and service accounts to Google Cloud services (Looker, BigQuery, and more). This partnership furthers the relationship between Google and Veza, which began in 2021 when GV led the Series B investment in Veza and GV Partner Karim Faris joined Veza Board of Directors. “The cloud is quickly becoming the primary footprint for organizations. By prioritizing and investing in security, Google Cloud has earned a differentiated position in the market,” said Tarun Thakur, Co-founder and CEO, Veza. “The initial product integration between Veza and Google Cloud, publicly demonstrated at the Google Cloud Security Summit in May this year, is a powerful example of how intelligence from Veza’s Authorization Graph can bolster the data security of Google Cloud customers. It shows how identity-to-data relationship insights from the Veza platform can be pulled directly into the Google Cloud Policy Analyzer, allowing customers to secure both Google Cloud data (Looker, BigQuery, Google Storage Buckets, etc.) to which multi-cloud identities (AD, Azure AD, Okta, etc.) have permissions and multi-cloud data (AWS, Snowflake, etc.) that is being accessed by Google Cloud identities.” “Securing cloud environments and data from cybercrime and threats is a key priority of organizations across the globe. “With Veza’s platform now available alongside Google Cloud’s secure and global infrastructure, customers will be able to quickly deploy the solutions they need to better understand, control, and securely take action on their data across their multi-cloud environments.” Sunil Potti, General Manager and Vice President, Cloud Security, Google Cloud Veza’s data security platform aggregates identity information from humans, service accounts, and cloud IAM entities, and authorization data from apps and data systems, giving organizations a centralized, SaaS-based control plane to visualize, manage, and control data access controls through Veza’s Authorization Graph. Veza integrates with cloud identity providers, SaaS and custom apps, and data systems, and translates system-specific entitlements and permissions into a common, human-understandable business language, visualized in the platform as effective permissions. The platform brings a novel approach to data security by enabling organizations to address key data security use cases across access reviews and certifications for SaaS apps and data systems, privileged access management to data and apps, data lake security and governance, management of cloud entitlements, and much more. It delivers prioritized insights, provides access workflows, and actionable recommendations for remediation of over-privileged accounts, enabling security and IT teams to correct anomalies and right-size their organization’s permissions to protect against ransomware and other data breaches. As organizations continue to adapt to the evolving demands of hybrid remote and in-office work, multi-cloud and hybrid-cloud environments — those with multiple providers of disparate data, app, compute, and infrastructure systems — are becoming the norm. According to the Flexera 2022 State of the Cloud Report, 89% of companies surveyed are multi-cloud, with only 2% operating in single private clouds and 9% in single public clouds. This trend is leading to a distributed web of data, relationships, and access points that are changing and difficult to track and secure. Veza and Google Cloud already have a number of joint customers deployed across the industries of SaaS software, marketing technology, and media, including Vox Media. “To support Vox Media’s growth and increasing M&A activity without compromising security, we need to ensure that across all of our brands, the right users have access only to the data they need access to, and that we have full visibility over what they can do with that data,” says Ateeb Ahmad, Senior Director, IT Infrastructure, Vox Media. With Veza and Google Cloud working together, we’ve been able to seamlessly manage access controls over our data for our largest merger to date, and tightly scope identity-to-data permissions even as our footprint with Google Cloud and other technologies grows.” “The greatest gifts of the multi-cloud and the generational architectural shift of the modern data systems are also its greatest risks: securing data, scalability, flexibility, and seamless collaboration,” says Thakur. “When organizations enable workers to reach from one cloud to another to leverage data across their entire multi-cloud ecosystem, they foster growth, enable more intelligence, and promote agility. However, such apps and data systems are also more porous and are at increased risk of cybercrime and ransomware. We purpose-built Veza’s Core Authorization Platform for the multi-cloud so that organizations can implement strong access governance policies - Veza continuously evaluates these policies and enables both automated workflows for access reviews, automated access removal for toxic and stale combinations, and facilitates access grant and request for any app, data, and service.” About Veza Veza is the data security platform built on the power of authorization. Our platform is purpose-built for hybrid multi-cloud environments to help you use and share your data safely. Veza makes it easy to understand, manage, and control who can and should take what action on what data. We organize authorization metadata across identity providers, data systems, cloud service providers, and SaaS applications — all to address the toughest data security challenges of the modern era. Founded in 2020, the company is funded by top-tier investors including Accel, Bain Capital, Ballistic Ventures, Blackstone, GV, Norwest Venture Partners, and True Ventures

Read More

SOFTWARE SECURITY

Sternum Offers NXP Marketplace Real-time IoT Security and Observability Solution

Sternum | June 21, 2022

Sternum, a pioneer in autonomous IoT security and observability, has joined NXP Semiconductors' software partner community, one of the world's top makers of embedded controllers and largest marketplaces. As a result, IoT manufacturers that rely on NXP for their controller supply will be able to effortlessly integrate Sternum's proprietary security and visibility capabilities into their products as a result of this agreement. With a CPU overhead of less than 3% during the DD process, Sternum's Embedded Integrity Verification was able to disarm the threats evaluated by NXP researchers. The sternum is a great addition to NXP products since it successfully handles increased remote runtime assaults against linked devices. According to P&S Intelligence, the embedded security business will be worth more than $10 billion by the end of the decade. The graph depicts a growing need to secure more ubiquitous linked gadgets and cyber-physical systems, which are expanding in both consumer and corporate sectors, against exploitation. IoT devices, which are frequently weak in both security and visibility, are transforming whole industries—and have surfaced as a critical security breach in enterprises' security perimeters. Without proactive security measures, businesses are forced to rely on costly and time-consuming vulnerability patching, prompting them to look for other options. "NXP's microcontrollers power devices that will work as the mission-critical backbone of entire industries and cities. We are thrilled to be collaborating with NXP to secure the future of digital transformation and ensure zero-trust from device to cloud. Our products offer companies a unique degree of protection against the most dangerous attack types, and significantly reduce the cost of security-related maintenance, and we are excited to see them used to promote innovation on a global scale." Natali Tshuva, CEO and Co-Founder of Sternum Sternum's universal IoT platform ushers in a new era in which whole fleets of connected devices may be fully secure and viewable at the edge in a simple, seamless, and self-contained manner. The patented technology is designed to detect the general fingerprints of different attack exploitations, including command injection and buffer overflow attacks, and neutralize them in real-time, preserving the device's runtime integrity against zero-day and one-day attacks. This method provides total protection against a wide range of CWEs (Common Weakness Enumeration) and promotes a proactive IoT security paradigm that eliminates the need to play catch-up with hackers through expensive reactive patching.

Read More