DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Varonis | January 27, 2023
On January 26, 2023, Varonis Systems, Inc., a leader in data security and analytics, announced the availability of automated posture management to assist clients in resolving security and compliance gaps spanning their SaaS and IaaS systems.
Varonis continuously scans, identifies, and ranks cloud security threats, providing CISOs and compliance officers with real-time insight into their data security posture. With this new automation option, users can fix misconfigurations in applications such as Salesforce and AWS with a single click from a unified interface.
According to Gartner, through 2025, 99% of cloud security breaches will be the customer's fault. CIOs can counter this by adopting and enforcing rules for cloud ownership, accountability, and risk acceptance.
Varonis Field CTO, Brian Vecci, said, “Automated posture management takes the burden of understanding and remediating cloud misconfigurations off the customer.” He also said, “We stay on top of the latest configuration risks and best practices, so you don’t have to. Now, we can not only show you exactly how to improve your security posture, but we can also automatically mitigate risk on your behalf.”
(Source – GlobeNewswire)
This release marks a significant advancement in cloud data security. Passive data security posture management (DSPM) solutions need manual operations to generate help desk tickets for a person to review and fix in every cloud application manually. Varonis offers a uniform and automated method for minimizing the attack surface of multi-cloud environments.
Automated posture management is the most recent tool introduced by Varonis to simplify data security outcomes. Varonis introduced least privilege automation for Google Drive, Microsoft 365, and Box, as well as a new data security posture management (DSPM) dashboard early this month.
About Varonis
Varonis is a leader in data security and analytics, waging war differently from typical cybersecurity corporations. Instead, Varonis focuses on protecting business data like:
Sensitive files and emails
Strategic and product plans
Financial records
Confidential customer, patient, and employee data
In addition to data protection, Zero Trust, data governance, compliance, categorization, data privacy, and threat detection and response, Varonis solutions handle various other critical use cases. The company began operations in 2005 and has clients in the financial services, healthcare, industrial, energy and utilities, insurance, technology, media and entertainment, consumer and retail, and education industries, among others.
Read More
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Swimlane | November 15, 2022
Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments.
The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure.
Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role.
“Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.”
Cody Cornell Co-founder and Chief Strategy Officer of Swimlane
Swimlane’s security automation ecosystem for OT environments currently includes the following:
Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points.
Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk.
1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods.
“Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.”
Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment.
About Swimlane
Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Immuta | January 20, 2023
On January 19, 2023, Immuta, a leading data security firm, announced the launch of its latest product, Immuta Detect. Immuta Detect notifies data and security teams about unsafe data access behavior with its continuous data security monitoring capabilities, therby enabling faster and more accurate risk response and improved data security posture management across advanced and modern cloud data platforms.
The product is the new vital component of Immuta's comprehensive Data Security Platform that offers security and access control, data activity monitoring and sensitive data discovery. The platform uniquely integrates with the leading cloud data platforms along with existing SIEM and Managed Detection and Response (MDR) tools.
As data sources and users in modern cloud settings increase, monitoring data usage and responding to threats becomes more challenging. This is critical for safeguarding against insider threats and adhering to rules and regulations. Existing strategies to solve these problems include manual and time-consuming audits of millions of log data records housed in disparate data sources. To stay up with business demands, data and security teams need improved ways for monitoring data access, address issues precisely, and quickly adjust to shifting risk appetites.
With Immuta Detect, customers can swiftly surface and prioritize data usage risks, decrease time to risk mitigation, and maintain data security by utilizing the following new features:
Advanced access behavior analytics - Immuta Detect consolidates data access logs, allowing data and security teams to continuously monitor and evaluate changes in user behavior and data access entitlements by source, user activity or query, as well as get insight into changes in data classification and security configuration.
Sensitive data views and indicators – The company offers a detailed analysis of each user and data activity in depth, summarizing activity across multiple criteria such as time frame, data access event categorization, sensitive data indicators, and most active data sources.
Risk severity detection and scoring - It automatically scores data based on its sensitivity and security, thereby enabling data and security teams to prioritize risks and receive real-time notifications about potential security incidents.
About Immuta
Founded in 2015 and headquartered in Boston, MA, Immuta is a leading cloud data access control provider. It offers data engineering and operations teams a unified platform for controlling access to analytical data sets in the cloud. Additionally, it helps businesses extract value from their cloud data by securing it and giving secure access. It automates access control for any type of data on any cloud service and across any computing infrastructure. The company is now trusted for data security by Fortune 500 organizations and government agencies all around the world.
Read More