DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
1Password | March 09, 2023
1Password, the frontrunner in human-centric security and privacy, recently announced the launch of Unlock with Single Sign-On (SSO). Now, enterprise customers can unlock their 1Password accounts using Okta with Duo and Azure AD to follow in the coming months. With deeper integrations into existing IT workflows, Unlock with SSO enables IT teams to improve their security posture while minimizing the everyday difficulties and stress associated with employee logins.
Steve Won, Chief Product Officer at 1Password, said, "Securing employees at scale is no small task. At 1Password, we believe that the foundation of enterprise security is secure employees, and we're driven by the principle that the safe thing must be easy by default." He added, "SSO plays a central role in enterprise security. Unlock with SSO was designed with a trusted device model, so that even if a user's identity provider credentials are compromised, 1Password ensures attackers won't be able to access customers' vault."
(Source – Cision PR Newswrie)
In a Total Economic Impact (TEI) study commissioned and published by 1Password, Forrester Consulting revealed that a composite organization comprised of companies with experience using 1Password experienced a 206% return on investment (ROI) and a benefit of $1.3 million over three years. Unlock with SSO enhances employee and IT efficiency and productivity, where the return on investment is most evident.
Unlock with SSO is intended to integrate with existing workflows and assist organizations in securing their employees across any authentication process of their choosing. Fully integrated solutions, such as 1Password, consolidate authentication in a single location to complete the security architecture of a company.
Founded in 2005, 1Password is the market leader in human-centric security and privacy to keep people safe at work and at home. Its solution is designed from the ground up to enable everyone, regardless of their degree of technical expertise, to traverse the digital world without fear or difficulty. 1Password safeguards the most sensitive data of millions of individuals and families worldwide, enabling consumers and companies to accomplish more in less time – with security and privacy as a guarantee. The company's award-winning credentials management security technology is reshaping the face of authentication and is trusted by over 100,000 organizations, including IBM, Slack, Shopify, Snowflake, and Under Armour.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Contrast Security | February 24, 2023
On February 23, 2023, Contrast Security, a leading code security platform, announced the expansion of its contrast serverless application security tool, Contrast Serverless, to support Microsoft Azure Functions and allow customers to quickly scan for security vulnerabilities across multi-cloud environments.
While serverless and cloud-native development gains popularity, organizations struggle to determine which applications are fully secured due to the 'shared responsibility security model' of public cloud providers, particularly in the case of multi-cloud IT strategies.
Contrast Serverless addresses the needs of such organizations by providing a new security tool that is specifically designed to evaluate serverless risks while identifying common vulnerabilities (CVEs), detecting misconfigurations, and revealing user privilege issues, all within a single interface.
"Data shows 74% of infrastructure decision-makers at firms that are adopting public cloud use two or more public clouds and 17% are using five or more. Therefore, it's no surprise that 82% of cloud users have experienced security events due to confusion over shared responsibility security models."
(Avoid the Security Inconsistency Pitfalls Transitioning to Serverless 2022 Report)
The addition of Microsoft Azure Functions support to the Contrast Serverless platform allows organizations to evaluate the risk of their serverless applications across Microsoft and Amazon Web Services (AWS) from a single offering.
The tool provides complete visibility of cloud-native serverless functions, allowing the AppSec team to continuously monitor the organization's serverless posture. It also allows organizations to scan open source dependencies for vulnerabilities in applications and custom code, detect misconfigurations, and identify the least privilege issues based on Microsoft Azure function policy roles and active directory configurations.
Additionally, the tool can generate a contextual Microsoft Azure Functions risk score based on the abovementioned methods, enabling teams to address the most significant risk issues first. It also has the ability to apply remediation on function code in both AWS and Microsoft Azure environments.
About Contrast Security
Contrast Security is a renowned platform for code security, purposefully designed for developers to ensure swift and secure code movement while being trusted by security teams to safeguard business applications. It allows developers, security, and operations teams can quickly secure code across the entire Software Development Life Cycle (SDLC) and protect against targeted Application Security (AppSec) attacks. The company was founded in 2014 by cybersecurity industry veterans with the aim of replacing legacy AppSec solutions that cannot protect modern enterprises. The company's clientele includes some of the most prominent brands, such as BMW, Sompo Japan, DocuSign, AXA, Zurich, American Red Cross, and numerous other Fortune 500 enterprises globally.
DATA SECURITY, ENTERPRISE SECURITY
IronNet | February 13, 2023
IronNet, Inc. (IronNet), a pioneer in transforming cybersecurity through collective defense℠, recently announced the execution of an initial federal contract to deliver cybersecurity services to the United States Navy's Naval Sea Systems Command (NAVSEA), the largest of the Navy's five "systems commands." The agreement was entered following the successful completion of a pilot program that provided NAVSEA with the IronNet Collective Defense Platform.
As nation-state cyber threats against the Defense Industrial Base (DIB) program of the Department of Defense (DoD) continue to increase, IronNet strengthens the DIB's cybersecurity prevention and protection of third-party and supply chain cyber risk. This support corresponds with the DoD's initiatives to encourage DIB entities to provide information and share anonymized cyber threat indicators that they deem helpful for notifying the government and others in order to counter threat actor activities more effectively. The IronNet Collective Defense Platform will allow each contractor in the NAVSEA DIB program to boost its network threat visibility while also integrating them in real-time through a private IronNet Collective Defense Community for NAVSEA.
Through linked alerts, automated triage, and extended hunt assistance, the IronNet Collective Defense Platform acts as an early warning system for all participating corporations and organizations, increasing network security. In addition, IronNet's platform was recently updated to increase alert fidelity and analyst workflow by strengthening embedded risk scoring for more accessible alert prioritizing. These improvements result in much lower alert loads, false positives, and a shorter time to investigate.
NAVSEA will have enhanced visibility of the current threat landscape, with situational context, thanks to the IronNet Collective Defense Platform, and will be able to increase the effectiveness of existing defenses and cybersecurity solutions used by its DIB contractors. Continuous monitoring of known and undiscovered threats contributes to meeting Cybersecurity Maturity Model Certification (CMMC) parameters.
The IronNet Collective Defense Platform offers timely actionable, and relevant cyber attack intelligence earlier in case of an incursion before a threat can have a substantial impact, allowing DIB firms and the Navy to defend US Naval intellectual property better.
IronNet, founded in 2014, is a leading cybersecurity company transforming how businesses, industries, and governments safeguard their networks. It leverages the abilities of its top-tier cybersecurity operators' real-world, public and private sector, offensive and defensive cyber expertise and integrates their deep tradecraft knowledge into its industry-leading solutions to address the most complex cyber challenges affecting business today. The company's solutions use behavioral analytics, artificial intelligence and machine learning techniques to assist private and public companies in discovering unexpected risks across critical infrastructure.