DATA SECURITY

ProtectedBy.AI to Launch a unique Defence system Against Cyberattacks

ProtectedBy.A | June 09, 2021

A world leader in artificial intelligence driven solutions, ProtectedBy.AI, is launching CodeLock. This has been designed as its patented revolutionary approach to prevent insertion attacks that may occur in a software supply chain.

The recent cyberattacks with Colonial Pipeline, with SolarWinds, and JBS have destroyed many organizations globally. Globally, including the attacks on multiple U.S. government agencies could have prevented by using CodeLock™.

CodeLock™ has the competence to stop the most dangerous and latest criminal malware. CodeLock's™ revolutionary approach creates an inviolable network of security sensors that can be embedded into any software running on an organization's servers and systems.

CodeLock™ perfectly protects each line of produced code. From minor utility functions to multi-million-character functioning systems, CodeLock™ can save any software from attacks and threats. The two primary dimensions of CodeLock™ are a Developer Interface and an Alert Monitor.

According to president and co-founder of ProtectedBy.AI, Brian Gallagher, creative new forms of cyberattacks, ransomware, and malware are becoming more and more common globally. He also said that they have created a defence technology for automating detecting process of an attack. CodeLock™ is becoming a critical component in making all the organizations cyber safe.

About ProtectedBy.AI

ProtectedBy.AI makes solutions that protect and advance the security and economic objectives of countries and companies incorporating human intelligence in it. ProtectedBy.AI is well known in providing effective solutions and has served a wide range of organizations such as Central Intelligence Agency (CIA), Department of Homeland Security, and United States Department of Defence.

Spotlight

Data! Yes that’s the big talk of the decade. In this TEDx Talk we gain a new perspectives on data awareness with Frank. Why it matters, and the direct and indirect reasons linking to that. Frank is the co-founder and Chief Technology Officer of AEGIS Solutions Group. He is based in the United States and Hong Kong and focuses on global cybersecurity and other complex and high priority systems and integration problems. He brings a wide range of experience and insights on the security challenges facing connected businesses worldwide. His current client base includes Fortune 500 companies, government agencies and fast growing technology companies in the United States and Asia.

Spotlight

Data! Yes that’s the big talk of the decade. In this TEDx Talk we gain a new perspectives on data awareness with Frank. Why it matters, and the direct and indirect reasons linking to that. Frank is the co-founder and Chief Technology Officer of AEGIS Solutions Group. He is based in the United States and Hong Kong and focuses on global cybersecurity and other complex and high priority systems and integration problems. He brings a wide range of experience and insights on the security challenges facing connected businesses worldwide. His current client base includes Fortune 500 companies, government agencies and fast growing technology companies in the United States and Asia.

Related News

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Wiz Launches Free Cloud Framework to Drive Community-Backed Security

Wiz | December 15, 2022

Wiz, the leading cloud security platform that rapidly enables customers to find and remove critical cloud risks, today announced its newest project, The PEACH framework, a tenant isolation framework for cloud applications. This framework will enable industry-wide collaboration and provide cloud customers and cloud application developers with the necessary guidance to build cloud services securely and prevent critical risks in the implementation process. "Over the past year and a half, Wiz researchers and other members of the cloud security community discovered several cross-tenant vulnerabilities in various multi-tenant cloud applications. "Although these issues have been reported extensively and were dealt with appropriately by the relevant vendors, we've seen little public discussion on how to mitigate such vulnerabilities across the entire industry. This is where we see an opportunity to strengthen the collaboration between members of the security community." Wiz CEO Assaf Rappaport Beyond offering a guideline for organizations, PEACH is a starting point for empowering security teams to work together to establish standard transparency and common language when it comes to mitigating cloud threats. Serving as a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, PEACH manages the attack surface exposed by user interfaces and provides a clear standard for transparency on tenant isolation assurance. Wiz developed the following parameters based on lessons learned to address the rising cross-tenant vulnerabilities, lack of a standard for transparency, and missing common langue among vendors: Privilege hardening – ensure tenants and hosts have minimal permissions in the service environment. Encryption hardening – confirm the data belonging to each tenant is encrypted with a unique key, regardless of where the information is stored. Authentication hardening – validate that communication between each tenant and the control plane use authentication with a validated key unique to each tenant. Connectivity hardening – establish that all inter-host connectivity is blocked by default unless explicitly approved by the tenants involved. Hygiene – verify that unnecessary secrets, software and logs scattered throughout the environment are purged to avoid leaving clues or enabling quick wins for malicious actors. The second part of the security review process consists of remediation steps to manage the risk of cross-tenant vulnerabilities and improve isolation as necessary. These include reducing interface complexity, enhancing tenant separation, and increasing interface duplication -- all while accounting for operational context such as budget constraints, compliance requirements, and expected use-case characteristics of the service. This framework was reviewed and collaborated on with cloud security industry experts from AWS, Google, IBM, Netflix and Cisco. Instead of commercializing PEACH though, Wiz will be offering the framework for free. About Wiz Wiz secures everything organizations build and run in the cloud. Founded in 2020, Wiz is the fastest-growing software company in the world, scaling from $1M to $100M ARR in 18 months. Wiz enables hundreds of organizations worldwide, including 30 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman & Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks and Aglaé.

Read More

PLATFORM SECURITY

Picus Security brings automated security validation to businesses of all sizes

Picus Security | November 10, 2022

Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced the availability of its next-generation security validation technology. The new Picus Complete Security Validation Platform levels up the company's attack simulation capabilities to remove barriers of entry for security teams. It enables any size organization to automatically validate the performance of security controls, discover high-risk attack paths to critical assets and optimize SOC effectiveness. "Picus helped create the attack simulation market, and now we're taking it to the next level, By pushing the boundaries of automated security validation and making it simpler to perform, our new platform enables organizations even without large in-house security teams to identify and address security gaps continuously." -H. Alper Memis, Picus Security CEO and Co-Founder The all-new-and-improved Picus platform extends Picus's capabilities beyond security control validation to provide a more holistic view of security risks inside and outside corporate networks. It consists of three individually licensable products: Security Control Validation - simulates ransomware and other real-world cyber threats to help measure and optimize the effectiveness of security controls to prevent and detect attacks. Attack Path Validation - assesses an organization's security posture from an 'assume breach' perspective by performing lateral movement and other evasive actions to identify high-risk attack paths to critical systems and users. Detection Rule Validation - analyzes the health and performance of SIEM detection rules to ensure that SOC teams are reliably alerted to threats and can eliminate false positives. A global cybersecurity workforce gap of 3.4 million professionals∗ means automated security validation is now essential to reduce manual workloads and help security teams respond to threats sooner. Recently, the US's Cybersecurity and Infrastructure Security Agency (CISA) and UK's National Cyber Security Centre (NCSC) published a joint advisory recommending organizations test their defenses continually and at scale against the latest techniques used by attackers. Insights from point-in-time testing are quickly outdated and do not give security teams a complete view of their security posture, With the Picus platform, security teams benefit from actionable insights to optimize security effectiveness whenever new threats arise, not once a quarter. With our new capabilities, these insights are now deeper and cover even more aspects of organizations' controls and critical infrastructure,said Volkan Erturk, Picus Security CTO and Co-Founder. About Picus Security Picus Security is the pioneer of Breach and Attack Simulation (BAS). The Picus Complete Security Validation Platform is trusted by leading organizations worldwide to continuously validate security effectiveness and deliver actionable insights to strengthen resilience 24/7. Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners. Picus has been named a 'Cool Vendor' by Gartner and is cited by Frost & Sullivan as one of the most innovative players in the BAS market.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Filecloud Introduces the Industry First Zero Trust File Sharing℠

FileCloud | January 11, 2023

On January 10, 2023, FileCloud announced the addition of Zero Trust File Sharing, bringing another layer of hyper-security to the market's most robust content collaboration platform. The latest, Zero Trust File Sharing, enables users to collaborate securely with employees along with other personnel, including external partners, vendors and clients. This functionality extends beyond modulating share permissions or setting Data Loss Prevention (DLP) policies. Zero Trust File Sharing will become increasingly crucial for enterprises and organizations that handle sensitive or protected data, such as Personally Identifiable Information (PII) and Confidential Unclassified Information (CUI). The emergence of cloud service technologies, remote access applications, and disappearing network edges have revealed multiple vulnerabilities in perimeter-based IT security models. The Zero Trust framework, built on a system of least privilege, provides a more resilient and adaptable approach that imposes identity authentication, regardless of where or how the request for access gets derived. The U.S. Department of Defense has recently come up with a Zero Trust Strategy and Roadmap to eventually cover all U.S. government departments, which is likely to be adopted by the private sector. As a result, critical infrastructure sectors are ideal candidates for integrating Zero Trust File Sharing to protect their information systems from increasingly sophisticated cyberattacks launched by nation-states. FileCloud's Zero Trust support enables enterprises to have an added layer of security on top of FileCloud's built-in access controls. The data within the environment is secured using a Zip file structure and password protection. The user can also set a Zero Trust password and create a sharing link to a file or folder. The data remains inaccessible without this password, even with a shared direct link or in case of a data breach. Furthermore, the data remains protected by password-based encryption even if the Zero Trust protected folder is accessed via unauthorized means, including social engineering techniques. Users who access the data with the Zero Trust password will also be restricted in their ability to edit or manipulate the data contained within the Zero Trust folder based on the share permissions. About FileCloud Headquartered in Austin, Texas, FileCloud is a leading hyper-secure content collaboration platform (CCP) providing data governance, industry-leading compliance, data leak protection, data retention and digital rights management capabilities to millions of users worldwide. Its complete CCP stack includes workflow automation and granular control of content sharing across most enterprise platforms. The platform offers powerful file sharing, mobile access and synchronization capabilities on public, private, and hybrid clouds to customers, including top Global 1000 enterprises, government organizations, educational institutions and managed service providers.

Read More