Home > News > featured news > New White Paper to be Released by Bluefin and Alpine Security Consulting on Payment and Data Security

DATA SECURITY

New White Paper to be Released by Bluefin and Alpine Security Consulting on Payment and Data Security

Alpine Security Consulting | July 12, 2021

A new white paperon “Formulating a Complete Payment Data and Security Approach, ”authored by Alpine Security Consulting, has releasedby the recognized leader inand tokenization and encryption technologies for payment and data security, Bluefin.

The main points covered and discussed in the whitepaper are considerations when choosing a data protection approach, rules and regulations governing sensitive data and payment, Protected Health Information (PHI) and ACH account data, Personally Identifiable Information (PII), and how tokenization can be combined with encryption to provide a single solution for securing cardholder data (CHD).


Topics covered in the white paper are:

• Payment and Privacy Data – History and Trends
• Data Breaches, the Pandemic Effect, and the Shift to Online Commerce
• Protecting Privacy Data – HIPAA, GDPR, and Privacy Acts
• Protecting Financial Data – PCI DSS and Nacha
• Bluefin's Payment and Data Security Suite: PCI-validated P2PE and ShieldConex® Data Security
• The Roles of Encryption, Tokenization and Authentication in Protecting Data

Bluefin specializes in data security solutions and omnichannel payment. With the company’s PCI-validated point-to-point encryption (P2PE)solutions, it is specialized in protecting all data. It is for ShieldConex data security platform and point-of-sale (POS) payments for the encrypted tokenization of PHI,PII, ACH and CHD account data.


About Bluefin

For payment and data security, Bluefin is the renowned leader in antokenization and encryption technologies. Our security suite includes call center, mobile and unattended payments, PCI-validated point-to-point encryption (P2PE) for contactless face-to-face, and our ShieldConex® data security platform for the protection of Personal Health Information (PHI),Personal Health Information (PHI), personally Identifiable Information (PII), and payment data entered online.

About Alpine Security Consulting

Alpine was founded to fulfill a passion to help businesses. With an experience of over 20 years in security, technology, and compliance, Alpines skill set can support virtually any business learn how to control ground-breaking security technologies with the outcome of translating security savings into tangible business worth.

Spotlight

THE IMPORTANCE OF CYBERSECURITY IN 2019

Cybersecurity is becoming a big problem for many companies in all industries, as an attack can permanently damage a business or even a person’s life. As the cybersecurity industry continues to grow at a rapid pace, the amount of malware continues to grow each year as well. To highlight the importance of cybersecurity, we compiled a list of cybersecurity stats for 2019.a

More featured news

Spotlight

THE IMPORTANCE OF CYBERSECURITY IN 2019

Cybersecurity is becoming a big problem for many companies in all industries, as an attack can permanently damage a business or even a person’s life. As the cybersecurity industry continues to grow at a rapid pace, the amount of malware continues to grow each year as well. To highlight the importance of cybersecurity, we compiled a list of cybersecurity stats for 2019.a

Related News

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

AWS Clients Globally Can Now Use Apiiro Cloud Application Security Platform

Apiiro | January 04, 2023

Apiiro, the market leader in Cloud-Native Application Security, announced that its award-winning security platform is now accessible on AWS Marketplace. Apiiro's solution intends to assist developers and security engineers in resolving significant risks across the software supply chain before launching apps to the cloud. Instead of a single vulnerability or misconfiguration, multiple isolated and unconnected findings are scattered throughout the source code, configurations, open-source packages, and cloud infrastructure that, when combined with appropriate context, form a Risk Story that attackers can exploit. Its Risk Graph technology integrates these endless elements with actionable information to provide developers and security teams with an entirely new way to fix problems. Apiiro has introduced a whole new approach to application security by offering complete visibility into code bases, analyzing risks from design to code to the cloud, and proactively addressing actual vulnerabilities that attackers can exploit before they even get released to the cloud. By connecting to their source control managers via API, Fortune 500 businesses can cut operational costs and risks at scale while ensuring seamless deployment. Now that it is accessible in the AWS marketplace, customers may deploy Apiiro's Cloud Application Security Platform through their AWS Marketplace accounts, enabling them to quickly secure everything they develop and deliver to the cloud by proactively resolving risks with actionable context. About Apiiro Apiiro is a Cloud Application Security Platform that provides comprehensive insight and actionable context to security and development teams to proactively fix risks before releasing them to the cloud. It also assists them in addressing threats throughout the software supply chain. Since its inception, the Apiiro Cloud-Native Application Security Platform has been deployed by developers and security experts in the world's biggest organizations to handle critical threats across more than 1 million code repositories, CI/CD pipelines, and cloud infrastructures.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Swimlane Launches First Comprehensive Security Automation Ecosystem for OT Environments

Swimlane | November 15, 2022

Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments. The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure. Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role. “Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.” Cody Cornell Co-founder and Chief Strategy Officer of Swimlane Swimlane’s security automation ecosystem for OT environments currently includes the following: Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points. Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk. 1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods. “Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.” Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

IronNet Enhances Network Detection and Response Solution, IronDefense

IronNet, Inc. | January 05, 2023

IronNet, Inc., a pioneer in transforming cybersecurity through collective defenseSM, has announced that its network detection and response (NDR) solution, IronDefense, now has more features. IronDefense, awarded the best possible grade by SE Labs for Enterprise Advanced Security NDR Detection, enables advanced and early visibility of unidentified cybersecurity threats that have evaded endpoint and firewall detection and infiltrated the network, regardless of whether it is on-premises or in the cloud. With IronNet's most recent NDR enhancements, Security Operations Center (SOC) analysts can use IronDefense to identify VPN misuse, including high abnormal login times, password spraying, and unsuccessful logins, all of which may be suggestive of brute force attacks or unauthorized access attempts. Additional analytics enhancements enable the identification of ongoing patterns of both randomized-timing and fixed-interval beacon activity, as well as the detection of DNS tunnels utilizing innovative encoding techniques employed by cybercriminals. The IronNet product development team has also improved IronDefense's usability. Specifically, new sensors can now be automatically commissioned and upgraded without the intervention of SOC personnel. IronDefense allows customers utilizing SentinelOne endpoint detection and response (EDR) to remotely establish and update network inventory and isolate a device in a SentinelOne-deployed network through the Entity page of the IronDefense user interface. CarbonBlack and Crowdstrike endpoints offer equivalent capabilities. About IronNet, Inc. IronNet, Inc., founded in 2014 by GEN (Ret.) Keith Alexander, is a global leader in cybersecurity that is revolutionizing how enterprises safeguard their networks by providing the first-ever Collective Defense technology operating at scale. IronNet, which employs a number of ex-NSA cybersecurity operators with both offensive and defensive cyber experience, incorporates extensive tradecraft knowledge into its industry-leading technologies to address the world's most difficult cyber problems.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

AWS Clients Globally Can Now Use Apiiro Cloud Application Security Platform

Apiiro | January 04, 2023

Apiiro, the market leader in Cloud-Native Application Security, announced that its award-winning security platform is now accessible on AWS Marketplace. Apiiro's solution intends to assist developers and security engineers in resolving significant risks across the software supply chain before launching apps to the cloud. Instead of a single vulnerability or misconfiguration, multiple isolated and unconnected findings are scattered throughout the source code, configurations, open-source packages, and cloud infrastructure that, when combined with appropriate context, form a Risk Story that attackers can exploit. Its Risk Graph technology integrates these endless elements with actionable information to provide developers and security teams with an entirely new way to fix problems. Apiiro has introduced a whole new approach to application security by offering complete visibility into code bases, analyzing risks from design to code to the cloud, and proactively addressing actual vulnerabilities that attackers can exploit before they even get released to the cloud. By connecting to their source control managers via API, Fortune 500 businesses can cut operational costs and risks at scale while ensuring seamless deployment. Now that it is accessible in the AWS marketplace, customers may deploy Apiiro's Cloud Application Security Platform through their AWS Marketplace accounts, enabling them to quickly secure everything they develop and deliver to the cloud by proactively resolving risks with actionable context. About Apiiro Apiiro is a Cloud Application Security Platform that provides comprehensive insight and actionable context to security and development teams to proactively fix risks before releasing them to the cloud. It also assists them in addressing threats throughout the software supply chain. Since its inception, the Apiiro Cloud-Native Application Security Platform has been deployed by developers and security experts in the world's biggest organizations to handle critical threats across more than 1 million code repositories, CI/CD pipelines, and cloud infrastructures.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Swimlane Launches First Comprehensive Security Automation Ecosystem for OT Environments

Swimlane | November 15, 2022

Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments. The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure. Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role. “Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.” Cody Cornell Co-founder and Chief Strategy Officer of Swimlane Swimlane’s security automation ecosystem for OT environments currently includes the following: Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points. Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk. 1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods. “Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.” Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

IronNet Enhances Network Detection and Response Solution, IronDefense

IronNet, Inc. | January 05, 2023

IronNet, Inc., a pioneer in transforming cybersecurity through collective defenseSM, has announced that its network detection and response (NDR) solution, IronDefense, now has more features. IronDefense, awarded the best possible grade by SE Labs for Enterprise Advanced Security NDR Detection, enables advanced and early visibility of unidentified cybersecurity threats that have evaded endpoint and firewall detection and infiltrated the network, regardless of whether it is on-premises or in the cloud. With IronNet's most recent NDR enhancements, Security Operations Center (SOC) analysts can use IronDefense to identify VPN misuse, including high abnormal login times, password spraying, and unsuccessful logins, all of which may be suggestive of brute force attacks or unauthorized access attempts. Additional analytics enhancements enable the identification of ongoing patterns of both randomized-timing and fixed-interval beacon activity, as well as the detection of DNS tunnels utilizing innovative encoding techniques employed by cybercriminals. The IronNet product development team has also improved IronDefense's usability. Specifically, new sensors can now be automatically commissioned and upgraded without the intervention of SOC personnel. IronDefense allows customers utilizing SentinelOne endpoint detection and response (EDR) to remotely establish and update network inventory and isolate a device in a SentinelOne-deployed network through the Entity page of the IronDefense user interface. CarbonBlack and Crowdstrike endpoints offer equivalent capabilities. About IronNet, Inc. IronNet, Inc., founded in 2014 by GEN (Ret.) Keith Alexander, is a global leader in cybersecurity that is revolutionizing how enterprises safeguard their networks by providing the first-ever Collective Defense technology operating at scale. IronNet, which employs a number of ex-NSA cybersecurity operators with both offensive and defensive cyber experience, incorporates extensive tradecraft knowledge into its industry-leading technologies to address the world's most difficult cyber problems.

Read More

More featured news