DATA SECURITY

NTT DATA Selects Swimlane to Deliver Low-Code Security Automation in EMEA

NTT DATA | June 01, 2022

NTT DATA
Swimlane, the leader in low-code security automation, today announced its partnership with NTT DATA, a global leader in IT services and cybersecurity, to reduce risk for shared customers via Swimlane’s award-winning low-code automation platform. The partnership will help organizations in the Europe, the Middle East and Africa (EMEA) region address compliance and regulatory requirements and tackle the challenges associated with managing big data. In addition to extending low-code security automation to its customers, NTT Data has also chosen Swimlane to scale its own security operations.

In a recent study, 55% of European enterprises reported struggling to recruit IT talent, citing a lack of advanced skills in job candidates. As the global cybersecurity talent shortage prevails, security administrators in the EMEA region are increasingly overburdened with manually performed repetitive and time-consuming tasks needed to track, mitigate and resolve security events across multiple security platforms.

Without automation, security teams cannot realistically analyze and adequately prioritize security alerts at the rate necessary to protect networks while also ensuring their organization remains compliant with regulatory standards across countries operated in. Now, joint customers can leverage the power of Swimlane’s platform to respond quickly, innovatively, and effectively to today's complex challenges. They will gain visibility into the performance, capacity, and value of their security strategy with self-service dashboards, granular reporting, and extensive visualization capabilities.

“We are excited to expand our investment in the EMEA market by partnering with a true leader in the region that carries immense credibility in the security space. “This partnership will enable enterprises across highly-targeted industries like financial services, critical infrastructure, healthcare and retail to harness their institutional knowledge to leverage security automation and build a system of record that transcends the entire security organization.”

Toby Van de Grift, Vice President of EMEA for Swimlane

Together, Swimlane’s low-code automation platform and NTT Data’s deep industry expertise deliver an offering that enables continuous compliance and prevents data breaches while helping security teams more efficiently manage the growing volume of alerts and complexity of processes. NTT Data will also create its own unique applications of the Swimlane platform to deliver continued value to customers.

“The flexibility of the Swimlane platform makes it the ideal solution for both our company and our customers to harness the power of low-code security automation, allowing every team member to create response processes that align with unique business processes,” said Patrick Schraut, SVP CyberSecurity at NTT DATA. “This partnership will allow our customers to receive more value from their existing technology investments while making it easier for them to utilize automation to alleviate the stress security teams face today.”

NTT DATA joins partners like Elastic, Guidepoint, Optiv, and Pareto Cyber, in Swimlane’s Medley Global Partner Program. Its addition reflects the program’s continued global expansion to meet the growing need for low-code security automation in the EMEA region.

About Swimlane
Swimlane is the leader in cloud-scale, low-code security automation. Supporting use cases beyond SOAR, Swimlane improves the ease with which security teams can overcome process and data fatigue, as well as chronic staffing shortages. Swimlane unlocks the potential of automation beyond the SOC by delivering a low-code platform that serves as the system-of-record for the entire security organization and enables anyone within the organization to contribute their knowledge and expertise to the protection of the organization.

About NTT DATA
NTT DATA – a part of NTT Group – is a trusted global innovator of IT and business services headquartered in Tokyo. We help clients transform through consulting, industry solutions, business process services, IT modernization and managed services. NTT DATA enables clients, as well as society, to move confidently into the digital future. We are committed to our clients' long-term success and combine global reach with local client attention to serve them in over 50 countries.

Spotlight

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Spotlight

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Related News

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Aqua Security Launches Industry First Real-Time CSPM

Globenewswire | May 17, 2023

Aqua Security, the pioneer in cloud native security, today announced the launch of Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, offering the best visibility and context in the industry. Real-Time CSPM provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and dramatically reduces noise so security practitioners can rapidly identify, prioritize, and remediate the most important cloud security risks, saving time and money. “Customers have told us that they are bogged down by too much noise from current CSPM offerings,” said Amir Jerbi, CTO and co-founder, Aqua Security. “They receive too many findings yet lack complete visibility and therefore the ability to properly prioritize. Simply put, they fix the wrong things and end up compromised. This is where Aqua comes in. We are introducing Real-Time CSPM so security practitioners can pinpoint the most significant cloud risks and remediate them quickly.” With Real-Time CSPM, teams have a complete view of cloud security risk and surface the most critical findings. This includes the ability to match correlated findings across multi-cloud environments, deduplicate findings and focus on identifying real cloud risks with smarter insights. Instead of wasting time on issues with low effective risk, customers can focus on what truly matters most and provide the context needed for resource owners to remediate quickly and secure their cloud applications. “One of the world’s largest telcos turned to Aqua to provide better visibility and context. They went from 120M risk findings to 50k and they saw a reduction in their attack surface by 99% in just months. If everything is a priority, then nothing is – that’s why they chose Aqua,” said Jerbi. Detailed context also allows teams to connect issues found in their cloud to their respective code repositories. With better prioritization and the ability to identify risk ownership, Real-Time CSPM then allows for rapid remediation of those most critical issues. Security professionals can focus their limited resources to manage, investigate and respond faster. Identify Attacks That Agentless Solutions Cannot See Point-in-time scanning opens the door for increased attacks. According to the IDC report, “The State of Cybersecurity Maturity in Vulnerability Management Among U.S. Organizations,” 74% of organizations scan less than 85% of their IT assets when they do scan, leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them. By then it is too late. Aqua Real-Time CSPM eliminates that risk and delivers real-time visibility and risk prioritization in a single, unified platform for faster, more effective risk management. Unlike point-in-time scanning solutions, Aqua Real-Time CSPM provides a deeper layer of visibility for better context, leading to the ability to prioritize the most critical cloud security risks. “Other CSPM solutions give you a false sense of security. Whether you scan daily or monthly, you’re only seeing a portion of the risks with a point-in-time scan. And that’s not true security,” said Jerbi. Further data from Aqua Nautilus, Aqua’s cloud security research team, supports the need for real-time scanning. Nautilus uses an extensive honeypot network to detect and analyze over 80,000 attacks a month. Of those attacks, one in three do not leave a footprint and would be missed by point-in-time scanning solutions. Similarly, zero-day attacks are missed, whilst other standard operating procedures like ephemeral containers and transient attacks raise that number to 50%. Real-Time CSPM is part of the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP). The Aqua Platform is composed of a fully integrated set of security and compliance capabilities to discover, prioritize, and eliminate risk in minutes across the full software development life cycle. Aqua improves operational efficiency by connecting cloud to code and tracing runtime risks to the code and developer who can fix them. By connecting CSPM to runtime, it shields risks that cannot be immediately addressed with a code fix. For more information on Aqua’s Real-Time CSPM, visit the blog. About Aqua Security Aqua Security stops cloud native attacks and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

ActZero Teams with UScellular to Secure Mobile Devices from Ransomware Attacks

Prnewswire | May 18, 2023

ActZero®, a leading cybersecurity provider for small and mid-sized enterprises, announced it is teaming with UScellular, making it the first and only wireless carrier to offer the ActZero Managed Detection and Response (MDR) service. Together the two organizations make it easier for businesses to secure mobile devices from ransomware and phishing attacks. UScellular Business Ultimate and Business Premium unlimited handset plans now include ActZero MDR for Mobile. "UScellular and ActZero share a common goal: to bring better performance and better security to businesses at a fair price," said Sameer Bhalotra, chief executive officer for ActZero. "With ActZero's on-device cyberdefense technology plus 24x7 security operations staff, UScellular business customers can stop mobile threats quickly, before they spread into the corporate network." With 24/7 threat coverage, ActZero stops breaches on mobile devices and networks, with a 90% block rate and response time of 15 minutes for critical alerts. Customers can easily deploy ActZero MDR for Mobile within minutes to their employees' iOS, Android, or Chrome mobile phones, tablets, and laptops. On-device protection and real-time notifications eliminate delays if a mobile device is compromised. ActZero's patent-pending AI means better cyberdefense and fewer false alarms. "ActZero delivers a powerful and affordable cybersecurity service businesses need to prioritize threat and vulnerability management," said Kim Kerr, senior vice president, enterprise sales and operations for UScellular. "Our customers often don't have the IT resources to ensure they are protecting their network and devices from malware, phishing, and ransomware attacks. The unique artificial intelligence and machine learning from ActZero intelligently pinpoints threats so less time is spent filtering noise and more time is focused on the action that should be taken, when it's truly important." About ActZero ActZero is a Gartner-recognized provider of Managed Detection and Response (MDR) services that delivers a powerful and affordable cybersecurity service to protect small and mid-sized enterprises against ransomware attacks. By continuously testing defenses against the latest attack techniques and variants, ActZero ensures AI detections and human threat hunters quickly stop threats. The company brings deep roots and expertise in cybersecurity to deliver measurable ransomware defense, reducing false alerts and responding quickly on a customer's behalf. Combined with exceptional service, ActZero empowers businesses with confidence that the company and customers are protected. For more information, please visit actzero.com. About UScellular Business UScellular is the fourth-largest full-service wireless carrier in the United States, providing national network coverage and industry-leading innovations designed to elevate the customer experience. The Chicago-based carrier provides a strong, reliable network supported by the latest technology and plays a critical role in helping businesses of all sizes navigate the wireless ecosystem, delivering advanced technology, increased network security and reliability. To learn more about UScellular's business solutions, visit one of its retail stores or uscellular.com/business.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Contrast Security Positioned as a Visionary in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

Prnewswire | May 30, 2023

Contrast Security (Contrast), the code security platform built for developers and trusted by security, today announced it has been recognized as a Visionary by Gartner in the new "Magic Quadrant for Application Security Testing" for 2023. We believe the recognition further validates that the Contrast Secure Code Platform is a strong fit for organizations looking to improve their application security posture. "The application security testing market continues to be saturated with solutions that lack context and overwhelm DevSecOps teams with false positives," said Steven Phillips, Vice President of Product Marketing at Contrast Security. "We've listened to feedback from our customers and have put a focus on delivering a comprehensive platform that helps overcome these challenges. It's encouraging to see our position within the Magic Quadrant due to our Ability to Execute and the Completeness of our Vision. We provide customers with the tools they need to deploy real-time security tools accurately." The Contrast Secure Code Platform provides customers the ability to "Shift Smart" allowing DevSecOps teams to apply security testing throughout the development process across the entire software development lifecycle. As the only unified code security platform on the market, Contrast leverages the power of instrumentation to embed security within the application's runtime. This solves the challenges of legacy application security tools present in modern software environments. Furthermore, this inside-outside approach allows organizations to very cleanly combine results from the various tools, coordinate actions between them and write and execute complex security and testing policies with very little overhead visible to developers. Those are the features that more complex offerings often fail to achieve. A full, complimentary copy of the Gartner "Magic Quadrant for Application Security Testing" for 2023 can be downloaded here. About Gartner Magic Quadrant Gartner evaluates companies based on completeness of vision and ability to execute criteria. Evaluation criteria for completeness of vision include market understanding, market strategy, sales strategy, offering (product) strategy, business model, vertical/industry strategy, innovation, and geographic strategy. Criteria for a vendor's ability to execute include product or service, overall viability, sales execution/pricing, market responsiveness/record, marketing execution, customer experience, and operations. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. About Contrast Security (Contrast) A world-leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete Software Development Life Cycle (SDLC) with Contrast to protect against today's targeted Application Security (AppSec) attacks. Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today's pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of Common Vulnerabilities and Exposure (CVEs). This allows security teams to avoid spending time focusing on false positives so as to remediate true vulnerabilities faster. Contrast's platform solutions for code assessment, testing, protection, serverless, supply chain, application programming interfaces (APIs) and languages help enterprises achieve true DevSecOps transformation and compliance. Contrast protects against major cybersecurity attacks for its customer base, which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, Sompo Japan and The American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM, GuidePoint Security, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers. The growing demand for the world's only platform for code security has landed the company on some of the most prestigious lists, including the Inc. 5000 List of America's Fastest-Growing Companies and the Deloitte Technology Fast 500 List of fastest-growing companies.

Read More