DATA SECURITY

Palo Alto Networks and Deloitte Deepen Strategic Alliance

Palo Alto Networks | May 17, 2022

Palo Alto Networks
Palo Alto Networks and Deloitte announced today the advancement of their existing strategic partnership to provide managed security services to their shared U.S. clients, making Palo Alto Networks' leading cybersecurity technology portfolio accessible in Deloitte's outcome-based, managed offerings.

Many businesses are turning to managed security service providers (MSSPs) and managed detection and response (MDR) providers to run and elevate high-impact cyber defensive capabilities employing modern technologies that assist in handling continually developing cyberthreats.

"Our customers are asking for managed secure access service edge (SASE), cloud, and threat detection and response capabilities. By offering our innovative security solutions portfolio as a managed service through Deloitte, we're providing newly extended support to customers who want their cyber programs to truly enable their critical business initiatives."

Prem Iyer, vice president, Global Systems Integrator Ecosystems for Palo Alto Networks

Kieran Norton, Deloitte Risk & Financial Advisory infrastructure solution leader and principal, Deloitte & Touche LLP said that "We're advising our clients every day on how cybersecurity can help empower their strategic business priorities but building it all in-house can be challenging and costly. Together with Palo Alto Networks, we are able to advise, equip and operate security capabilities for organizations as they work to manage cyber threats with agility and resilience."

Deloitte Cyber and Palo Alto Networks first announced their strategic alliance in July 2021, with the goal of providing comprehensive cybersecurity solutions to shared customers. Managed services will feature expanded solutions such as:
  • Deloitte and Palo Alto Networks help companies move to a Zero Trust framework by combining cyber technology platforms and professional services.
  • Deloitte's Cloud Security solution includes the industry's most complete Cloud Native Security Platform, Palo Alto Networks Prisma® Cloud, and Cortex XSOAR.
  • Palo Alto Networks' Prisma Cloud and Prisma Cloud Compute are part of Deloitte's OpenCloud, which is the management plane for Deloitte's Cloud Management Platform.
  • Presently, 5G-native security from Deloitte and Palo Alto Networks includes 5G security blueprints, data, control, and cellular signaling domain integration, and network protection.

Spotlight

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business. Not only does it make you feel safer but it also protects people who visit your home, place of business, or website. It is important to understand the potential risks and then make sure you are fully protected against them. In the fast-paced world of technology, it is not always easy to stay abreast of the latest advancements. For this reason it is wise to partner with a reputable Internet security company.

Spotlight

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business. Not only does it make you feel safer but it also protects people who visit your home, place of business, or website. It is important to understand the potential risks and then make sure you are fully protected against them. In the fast-paced world of technology, it is not always easy to stay abreast of the latest advancements. For this reason it is wise to partner with a reputable Internet security company.

Related News

DATA SECURITY

Cyware Achieves SOC 2 Type 2 Compliance for Data Security

Cyware | June 24, 2022

Cyware, the industry's leading provider of the technology platform for building Cyber Fusion Centers for businesses and threat intelligence sharing for ISACs and ISAOs, announces the successful completion of the System and Organization Controls (SOC) 2 Type 2 Audit for the trust services criteria relevant to Security ("applicable trust services criteria") set forth in TSP section 100, Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Integrity, Confidentiality, and Integrity, Confident (AICPA, Trust Services Criteria). The result demonstrates the company's dedication to the highest levels of data protection. The American Institute of Certified Public Accountants (AICPA) developed SOC 2 as a reporting framework that establishes guidelines for Software-as-a-Service (SaaS) enterprises that manage customer and user data. The accreditation confirms that the organization's internal systems and controls are in ongoing conformity with the SOC 2 audit criteria. Schellman & Company, a worldwide-recognized attestation and compliance services provider, performed the audit for Cyware. “Commitment to the highest levels of data security has always been one of our foremost business priorities. The SOC 2 Type 2 certification process is not easy to achieve but our team was fully committed and prepared to ensure we check all the required boxes. The new milestone will further strengthen the confidence of our current and future customers in our robust compliance with industry benchmark data security standards including SOC 2 (Type 1 and Type 2) and ISO/IEC 27001:2013.” Anuj Goel, CEO, Cyware Cyware unifies previously compartmentalized security operations, allowing firms to more efficiently automate and exchange threat data, as well as cooperate on threat response inside their security divisions and with other enterprises within their network.

Read More

SOFTWARE SECURITY

RangeForce introduces cloud-based security team threat exercises

RangeForce | June 29, 2022

RangeForce, a provider of team cyber defense readiness at scale, announced that it has improved its platform for team threat exercises with new features that make it simpler for organizations to hasten the development of their security teams' skills through multi-user detection and response drills involving simulated attacks. Through the use of RangeForce team threat exercises, security teams can set up the security stack to be defended, select an attack scenario, carry out the threat exercise, analyze the post-exercise data, and create a customized training program. RangeForce threat exercises produce realistic digital artifacts of both signal and noise that demand teams to demonstrate their cyber preparedness. They use high-intensity, real-world assault scenarios that call security experts to work in teams to discover and neutralize cyber threats. "RangeForce threat exercises are based on years of running hundreds of live cyber events and deliver the most realistic experience for teams using headline making attack scenarios and the same security tools they use every day. They provide participants the opportunity to acquire hands-on skills so they build the muscle memory to meet threat actors head on." Ben Langrill, Senior Director of Product Engineering for RangeForce RangeForce exercises take place in a cyber-environment that goes beyond the standard tabletop exercise, forcing participants to use well-known security tools like Splunk and Fortigate to identify and address threats. Instead, events follow the NIST cybersecurity architecture and combine threat intelligence, threat hunting, digital forensics, and system hardening expertise to reduce threats depending on current malware patterns.

Read More

PLATFORM SECURITY

Uptycs consolidates cloud security with CNAPP

Uptycs | June 07, 2022

Uptycs, the first cloud-native security analytics platform that enables cloud and endpoint protection from a single solution, unveiled new capability to address critical cloud-native application protection platform (CNAPP) use cases today at the RSA Conference. In order to offer these functionalities, telemetry from the necessary attack surfaces is ingested into the Uptycs SQL-powered data lake for real-time and historical analysis. With a single data and control plane, this platform architecture allows enterprises to consolidate security tools as they progressively embrace cloud-native software development and operations. Gartner estimates that by 2025, 70% of enterprises will reduce the number of providers safeguarding the life cycle of cloud-native apps to no more than three. Gartner advises security and risk management executives implementing a consolidation approach as follows: "Evaluate security platforms where data and control planes are shared; use this consolidation to develop common rules and close gaps and vulnerabilities across legacy silos." "Security organizations face fast-changing threats while struggling to hire and retain technical talent. At the same time, organizations are accelerating digital transformation by adopting new cloud-native technologies and operations. Unlike other security vendors that take a portfolio approach—lightly integrating separately acquired products—Uptycs addresses these challenges by extending our SQL-powered analytics platform to cover key CNAPP use cases." Ganesh Pai, CEO and co-founder of Uptycs The Uptycs system generalizes telemetry at the collection point into SQL tables, allowing for real-time analysis and correlation as data flows into the cloud. This enables columnar compression as well as rapid query speeds over petabytes of data. According to Gartner: "Securing cloud-native applications offers enterprises the opportunity to redesign security approaches. Rather than treat development and runtime as separate problems—secured and scanned with a collection of separate tools—enterprises should treat security and compliance as a continuum across development and operations. They should look to consolidate tools into cloud-native application protection platforms where possible."

Read More