Home > News > featured news > Red Hat Unveils New Levels of Security from the Software Supply Chain to the Edge

DATA SECURITY

Red Hat Unveils New Levels of Security from the Software Supply Chain to the Edge

Red Hat | May 11, 2022

Red Hat
Red Hat, Inc., the world's leading provider of open source solutions, today announced new security innovations and capabilities across its portfolio of open hybrid cloud technologies. Designed to help organizations mitigate risks and meet compliance requirements across increasingly complex IT environments that mix cloud services, traditional systems and edge devices, these enhancements are intended to minimize complexity, while helping customers improve their security posture and enable DevSecOps.

According to Red Hat’s 2021 Global Tech Outlook report, 45% of respondents put IT Security as their top funding priority. IT security, however, is not a static demand - regulatory controls, compliance demands and threat actors shift on an almost daily basis, requiring almost constant vigilance from IT security teams.

Red Hat has long been a leader in security for enterprise open source solutions, beginning with Red Hat Enterprise Linux, viewing security as a fundamental component and not an add-on. KuppingerCole Analysts recently recognized Red Hat as the Overall Leader in its Leadership Compass for Container Security. According to KuppingerCole’s evaluation, “With a massive market presence and proven expertise in container management, enhanced by the recent acquisition and integration of StackRox, a leading container security company, Red Hat is recognized as the Overall Leader in this Leadership Compass.”

With today’s news, Red Hat continues a relentless march of innovation to advance security across hybrid cloud environments—from on-premises to multi-cloud to the edge—across the entire technology lifecycle and software stack.

Enhancing software supply chain security
Securing applications from development through the entire lifecycle can be complex and frequently requires multiple components to work together. To help simplify the process of implementing security features throughout the complete build, deploy and run process, Red Hat is introducing a software supply chain security pattern.

Delivered via Red Hat OpenShift, patterns deliver complete stacks as code and define, build and test the necessary software configurations. Available as a preview, the software supply chain security pattern will bring together the necessary components to architect cloud-native applications from trusted components.

The pattern uses a Kubernetes-native, continuously-integrated pipeline through Red Hat OpenShift Pipelines and Red Hat OpenShift GitOps for version control, helping to reduce complexity and save time. Additionally, through Tekton Chains, the pattern will incorporate Sigstore, an open source project aimed at making cryptographic signing of code more accessible. This addition makes it easier for artifacts to be signed in the pipeline itself rather than after application creation.

In addition, in Red Hat Ansible Automation Platform 2.2, Red Hat is introducing a technical preview of Ansible content signing technology. The new capability helps with software supply chain security by enabling automation teams to validate that the automation content being executed in their enterprise is verified and trusted.

Enhancing application security lifecycle from the datacenter to the edge
As organizations adopt cloud-native architectures, the core enterprise needs for hardened environments, lowered attack surfaces and faster detection and response to threats remain. Applications running outside of traditional IT environments, including at the edge, introduce further security requirements that compound these already complex challenges.

Beyond the physical security requirements of edge devices, CIOs and IT decision-makers are increasingly seeing a need to protect the container workloads running on these devices. An example could be implementing strategies and capabilities to prevent the lateral movement of potential attacks or breaches across edge deployments. Red Hat Advanced Cluster Security for Kubernetes brings a deployment-ready answer to these concerns, with key capabilities to protect edge workloads, including:

  • Automated DevSecOps in the CI/CD pipeline to help protect the software supply chain for edge environments through vulnerability management, application configuration analysis and CI/CD integration
  • Threat protection provides threat detection and incident response capabilities at runtime for common threats
  • Network segmentation to enforce workload isolation, analyze container communication and detect risky network communication paths

Integrated security starts with the operating system
In the 2022 Gartner® Board of Directors Survey, 88% of board members classified cybersecurity as a business risk; just 12% called it a technology risk.1 The broad ramifications of a cyber attack or data breach have led to increased scrutiny across IT environments by investors and regulators alike. Fortifying IT environments against these potentially damaging incidents is critical, and Red Hat believes that this effort starts at the foundation, at the operating system level, with Red Hat Enterprise Linux.

Red Hat Enterprise Linux 9 lays the foundation for runtime integrity verification of the operating system and application files by providing file digital signatures within RPM packages. The platform uses integrity measurement architecture (IMA) at the kernel level to verify individual files and their provenance. IMA file verification specifically helps to detect accidental and malicious modifications to systems, providing more remediation capabilities for security teams in addressing potential issues or breaches.

Additional key security features in Red Hat Enterprise Linux 9 include:

  • Enhanced security around root privileges by disabling root login via SSH by default. This helps to prevent the discovery of root passwords through brute force attacks and improving baseline security postures of an operating environment.
  • Support for latest cryptographic frameworks with the integration of OpenSSL 3. This enables IT teams to enact new ciphers for encrypting and protecting sensitive information.
  • Bolstered security best practices by disabling the cryptographically-broken SHA-1 hash function by default for digital signature, driving improved security hygiene.

Additionally, Red Hat and IBM Research are collaborating around expanding the core security aspects of the Linux kernel, such as through support for signing and verifying elliptic curve digital signatures. This work expands the algorithms supported and reduces the size of digital signatures used throughout the Linux kernel.

About Red Hat, Inc.
Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.

Spotlight

Zero Trust Maturity Model

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

More featured news

Spotlight

Zero Trust Maturity Model

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Logically Announces New SaaS Security Solution

Prnewswire | May 02, 2023

Logically, one of the nation's leading managed security and IT service providers, today announced a partnership with SaaS Alerts and the launch of the specialized solution providing customers with constant, real-time monitoring of their Software-as-a-Service applications. SaaS Alerts monitors tools like Microsoft Office, Salesforce, Dropbox, and Google Workspaces to detect potential threats in cloud applications. The automation tool identifies ongoing security threats and provides comprehensive alerting and responses across all applications. The result is a lowered risk of data breaches and customizable reporting that offers customers insights into security threats and patterns. "As cyber threats continue to mount in today's digital age, the importance of application security cannot be overstated," said Buddy Pitt, Virtual Chief Security Officer at Logically. "SaaS applications carry a substantial risk due to the sensitive data they often contain, and ensuring that the flexibility and scalability they offer is paired with enhanced security, is paramount. SaaS Alerts offers threat detection, intelligent automation, and comprehensive alerting to do just that." In addition, the data reports that SaaS Alerts provides are calibrated to empower organizations to gain insights into not only security threats but their patterns too. This, in turn, allows business leaders to take proactive measures against future disruptive incidents. "We're thrilled to partner with Logically to help protect their customers' critical SaaS business applications," said Jim Lippie, CEO of SaaS Alerts. "Given the current threat landscape, it's more important than ever to ensure customers are protected from evolving security threats. We're excited to see how our partnership continues to evolve in the years to come." To further underscore Logically's commitment to application security in today's digital landscape, Buddy Pitt, along with Logically's Chief Operating Officer Keith Johnson, hosted a webinar titled, "Fortify Your Defenses: Why Application Security is Crucial in Today's Digital Landscape," on April 26, which discussed data and business application security and how SaaS Alerts are a valuable weapon in the ongoing battle against data breaches. "We're proud to launch SaaS Alerts at this critical moment where rapid risk mitigation matters most. It's yet another tool in our arsenal of products that ensures our customers receive best-in-class safety and security," said Johnson. About Logically Logically is a leading national managed security and IT solution provider that helps organizations secure and support their businesses today, solve for tomorrow, and strategize for the future with cyber-first solutions. Our team of experts, including cybersecurity, engineering, networking, and cloud specialists, collaborate with customers to implement solutions that protect their assets, reduce risk, and optimize performance, end to end. Since 1999, we have made long-term relationships, customer service excellence, and purposeful innovation guiding principles to ensure customers have a trusted advisor at their side, helping them focus on their business, not the technology behind it.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Databricks Ventures Invests in Data Security Leader Immuta

Businesswire | May 05, 2023

Immuta, a leader in data security, today announced a new strategic investment from Databricks Ventures, the investment arm of the data and AI company and pioneer of the lakehouse. The investment builds on a longstanding partnership between the two companies and positions Immuta as one of Databricks’ trusted partners of choice for data security and access control. The investment will go towards product innovation to strengthen the integration between both platforms and new go-to-market initiatives to increase enterprise adoption. “Immuta is a trusted data security partner,” said Ali Ghodsi, CEO and Co-founder of Databricks. “Over the last six years, we've been successfully collaborating to serve global enterprise customers like ADP, Swedbank, and many others. By integrating directly with Databricks Unity Catalog, Immuta provides a seamless way for our joint customers to protect their data in the Databricks Lakehouse.” “Through our joint partnership with Databricks, Immuta is now embedded in some of the largest and most complex cloud data projects across industries," said Matt Carroll, CEO of Immuta. "With this new investment, we're going to make our tight integration with Databricks Unity Catalog even better so that our customers can take data security to a new level and continue to unlock more value from their data.” This investment comes after a year of immense growth for Immuta during which the company reported a 200% increase in Annual Recurring Revenue (ARR) for its Data Security Platform SaaS offering as it expanded globally into EMEA and APAC. This strong and consistent growth has been fueled by an equally strong track record of funding that includes investments from ServiceNow and NightDragon to support the growing demand for data security from customers around the globe. “As a company with over a million clients doing payroll for millions of people, ADP processes a large amount of data,” said Jack Berkowitz, Chief Data Officer at ADP. “Databricks helps us to manage that data and Immuta plays an important role in administering security and access control. As we look to innovate with new products and implement a multi-cloud strategy, we must treat the data properly – it must be governed.” “Swedbank needed to build an enterprise-scale advanced analytics platform that would also enforce trust in our security, management, and access to data internally, while protecting our customers’ assets and data,” said Vineeth Menon, Head of Data Lake Engineering at Swedbank. “Immuta and Databricks have been instrumental in helping us build that vision and we are excited to see their partnership go to the next level.” Forrester Consulting recently conducted a Total Economic ImpactTM study that found Immuta provided benefits totaling $6.08M and an ROI of 175% over three years for a composite organization, which was based on interviews with six Immuta customers. According to the commissioned Forrester study, “The efficiencies the organizations experienced with Immuta coupled with the ability to meet stricter compliance standards enabled them to scale data access across the organizations to better serve internal innovation efforts and, thereby, better meet external customer needs.” For more information about Immuta’s partnership with Databricks and the new integration between Immuta and Databricks Unity Catalog, please visit https://www.immuta.com/partners/databricks/. About Immuta Immuta enables organizations to unlock value from their cloud data by protecting it and providing secure access. The Immuta Data Security Platform provides sensitive data discovery, security and access control, data activity monitoring, and has deep integrations with the leading cloud data platforms. Immuta is now trusted by Fortune 500 companies and government agencies around the world to secure their data. Founded in 2015, Immuta is headquartered in Boston, MA. To learn more about Immuta, click here. About Databricks Ventures Databricks Ventures is the strategic investment arm of Databricks, the data and AI company. Databricks Ventures invests in innovative companies that align with our view of the future for data, analytics and AI; and are committed to extending the lakehouse ecosystem or using the lakehouse architecture to create the next generation of data and AI-powered companies.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Banyan Security Introduces World’s First Device-Centric Security Service Edge (SSE) Solution

Globenewswire | April 05, 2023

Banyan Security, a leading provider of zero trust access solutions for the modern workforce, is proud to announce the launch of its innovative Device-Centric Security Service Edge (SSE) solution. Banyan’s offering delivers a comprehensive range of integrated security measures to safeguard the modern workforce – including Zero Trust Network Access (ZTNA), Virtual Private Network as a Service (VPNaaS), Cloud Access Security Broker (CASB), and Secure Web Gateway (SWG) – all in a unified product that is simple to implement and boosts employee productivity. Unlike traditional security products focused on the network perimeter, Banyan’s device-centric SSE brings the user and device to the forefront of protection, enabling intelligent, risk-based connectivity and threat detection. Working in concert with the Banyan Cloud permits consistent policy enforcement without needing to route all enterprise traffic through vendor data centers or expensive on-premise appliances, which significantly improves the user experience. Moreover, Banyan’s device-centric approach treats clientless scenarios as first-class citizens, enabling seamless access combined with granular policy controls. “The launch of our device-centric Security Service Edge solution marks a major milestone for our company, delivering on the idea of enabling workers to securely do their job from anywhere” said Jayanth Gummaraju, CEO and Co-founder of Banyan Security. “We saw a clear need for a new solution that does not suffer from the baggage of existing network-centric approaches. What we’ve built brings together device and network security in a unique way to secure all types of access – private or internet. This approach reduces the attack surface and provides a frictionless user experience, thus increasing employee productivity. We’re excited to see customers and industry partners embracing our approach, and are confident that our solution will exceed expectations, revolutionizing the way organizations think about workforce security." Banyan Security’s strategic partners understand that a new approach is needed to effectively realize the promise of a zero trust framework. “We are thrilled to partner with Banyan Security to deliver more value to our joint customers. The partnership provides a risk-based approach to security and simplifies the deployment of Zero Trust initiatives,” said Akhil Kapoor, Vice President of Business Development at SentinelOne. “Together, we can offer unparalleled protection and peace of mind to organizations as they navigate an ever-evolving threat landscape.” The implications of a device-centric SSE product are revolutionary, providing organizations with considerable benefits including: Improved User Experience – Localized, intelligent decision making minimizes latency and results in a better user experience. Rather than forcing organizations to ship all traffic to the cloud for inspection, each device makes the optimum access and security decisions. Coupling faster decision making with an always-on approach minimizes potential gaps for advanced threats to exploit. Better Enterprise Security – The Banyan SSE solution includes multiple layers of security, providing least privileged access for users regardless of location. Additional security is provided by incorporating real-time, continuous authorization using advanced risk modeling based on user, device, resource, and threat profiles. Together these features provide superior threat protection and automated threat remediation. Lower Total Cost of Ownership – a device-centric Security Service Edge is significantly easier to deploy and manage for most organizations. Rather than having to configure complex network environments to support the analysis and routing of user traffic, this happens locally on end-user devices based on intuitive selections made in the Banyan admin console. Advanced discover and publish capabilities further simplify deployments and results in much lower total cost of ownership for an organization versus legacy solutions. Deployment Flexibility – The Banyan Security SSE solution architecture provides additional benefits for organizations that are concerned with data privacy and security. Unlike other SSE solutions, the Banyan Security Platform can be configured to route encrypted traffic through either the Banyan cloud infrastructure or directly through a service installed and maintained in the organization’s infrastructure. This capability allows the freedom to address the needs of any regulatory or security-conscious environment. Banyan’s customers, aware that existing solutions were not addressing the rapidly changing requirements of a distributed workforce, have rallied behind the Banyan Security Platform. “With Banyan Security’s device-centric SSE, we confidently replaced our legacy VPN and accelerated our zero trust architecture initiatives. Their robust solution empowers us to secure our cloud-first environment, seamlessly monitor security posture through efficient device checks, and ultimately enhance our primary customers’ security – our users,” said Cesar Esteban, Staff Security Engineer at Snapdocs. “Investing in Banyan Security has transformed our approach to cybersecurity and unlocked new potential for serving our users better.” About Banyan Security Banyan Security provides secure, zero trust “work from anywhere” access to applications and resources for employees and third parties while protecting them from being phished, straying onto malicious web sites, or being exposed to ransomware. A Flexible Edge architecture enables rapid, incremental deployment on-premises or in the cloud without compromising privacy or data sovereignty. A unique device-centric approach intelligently routes traffic for optimal performance and security delivering a great end user experience. Banyan Security protects workers across multiple industries, including finance, healthcare, manufacturing, and technology.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Logically Announces New SaaS Security Solution

Prnewswire | May 02, 2023

Logically, one of the nation's leading managed security and IT service providers, today announced a partnership with SaaS Alerts and the launch of the specialized solution providing customers with constant, real-time monitoring of their Software-as-a-Service applications. SaaS Alerts monitors tools like Microsoft Office, Salesforce, Dropbox, and Google Workspaces to detect potential threats in cloud applications. The automation tool identifies ongoing security threats and provides comprehensive alerting and responses across all applications. The result is a lowered risk of data breaches and customizable reporting that offers customers insights into security threats and patterns. "As cyber threats continue to mount in today's digital age, the importance of application security cannot be overstated," said Buddy Pitt, Virtual Chief Security Officer at Logically. "SaaS applications carry a substantial risk due to the sensitive data they often contain, and ensuring that the flexibility and scalability they offer is paired with enhanced security, is paramount. SaaS Alerts offers threat detection, intelligent automation, and comprehensive alerting to do just that." In addition, the data reports that SaaS Alerts provides are calibrated to empower organizations to gain insights into not only security threats but their patterns too. This, in turn, allows business leaders to take proactive measures against future disruptive incidents. "We're thrilled to partner with Logically to help protect their customers' critical SaaS business applications," said Jim Lippie, CEO of SaaS Alerts. "Given the current threat landscape, it's more important than ever to ensure customers are protected from evolving security threats. We're excited to see how our partnership continues to evolve in the years to come." To further underscore Logically's commitment to application security in today's digital landscape, Buddy Pitt, along with Logically's Chief Operating Officer Keith Johnson, hosted a webinar titled, "Fortify Your Defenses: Why Application Security is Crucial in Today's Digital Landscape," on April 26, which discussed data and business application security and how SaaS Alerts are a valuable weapon in the ongoing battle against data breaches. "We're proud to launch SaaS Alerts at this critical moment where rapid risk mitigation matters most. It's yet another tool in our arsenal of products that ensures our customers receive best-in-class safety and security," said Johnson. About Logically Logically is a leading national managed security and IT solution provider that helps organizations secure and support their businesses today, solve for tomorrow, and strategize for the future with cyber-first solutions. Our team of experts, including cybersecurity, engineering, networking, and cloud specialists, collaborate with customers to implement solutions that protect their assets, reduce risk, and optimize performance, end to end. Since 1999, we have made long-term relationships, customer service excellence, and purposeful innovation guiding principles to ensure customers have a trusted advisor at their side, helping them focus on their business, not the technology behind it.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Databricks Ventures Invests in Data Security Leader Immuta

Businesswire | May 05, 2023

Immuta, a leader in data security, today announced a new strategic investment from Databricks Ventures, the investment arm of the data and AI company and pioneer of the lakehouse. The investment builds on a longstanding partnership between the two companies and positions Immuta as one of Databricks’ trusted partners of choice for data security and access control. The investment will go towards product innovation to strengthen the integration between both platforms and new go-to-market initiatives to increase enterprise adoption. “Immuta is a trusted data security partner,” said Ali Ghodsi, CEO and Co-founder of Databricks. “Over the last six years, we've been successfully collaborating to serve global enterprise customers like ADP, Swedbank, and many others. By integrating directly with Databricks Unity Catalog, Immuta provides a seamless way for our joint customers to protect their data in the Databricks Lakehouse.” “Through our joint partnership with Databricks, Immuta is now embedded in some of the largest and most complex cloud data projects across industries," said Matt Carroll, CEO of Immuta. "With this new investment, we're going to make our tight integration with Databricks Unity Catalog even better so that our customers can take data security to a new level and continue to unlock more value from their data.” This investment comes after a year of immense growth for Immuta during which the company reported a 200% increase in Annual Recurring Revenue (ARR) for its Data Security Platform SaaS offering as it expanded globally into EMEA and APAC. This strong and consistent growth has been fueled by an equally strong track record of funding that includes investments from ServiceNow and NightDragon to support the growing demand for data security from customers around the globe. “As a company with over a million clients doing payroll for millions of people, ADP processes a large amount of data,” said Jack Berkowitz, Chief Data Officer at ADP. “Databricks helps us to manage that data and Immuta plays an important role in administering security and access control. As we look to innovate with new products and implement a multi-cloud strategy, we must treat the data properly – it must be governed.” “Swedbank needed to build an enterprise-scale advanced analytics platform that would also enforce trust in our security, management, and access to data internally, while protecting our customers’ assets and data,” said Vineeth Menon, Head of Data Lake Engineering at Swedbank. “Immuta and Databricks have been instrumental in helping us build that vision and we are excited to see their partnership go to the next level.” Forrester Consulting recently conducted a Total Economic ImpactTM study that found Immuta provided benefits totaling $6.08M and an ROI of 175% over three years for a composite organization, which was based on interviews with six Immuta customers. According to the commissioned Forrester study, “The efficiencies the organizations experienced with Immuta coupled with the ability to meet stricter compliance standards enabled them to scale data access across the organizations to better serve internal innovation efforts and, thereby, better meet external customer needs.” For more information about Immuta’s partnership with Databricks and the new integration between Immuta and Databricks Unity Catalog, please visit https://www.immuta.com/partners/databricks/. About Immuta Immuta enables organizations to unlock value from their cloud data by protecting it and providing secure access. The Immuta Data Security Platform provides sensitive data discovery, security and access control, data activity monitoring, and has deep integrations with the leading cloud data platforms. Immuta is now trusted by Fortune 500 companies and government agencies around the world to secure their data. Founded in 2015, Immuta is headquartered in Boston, MA. To learn more about Immuta, click here. About Databricks Ventures Databricks Ventures is the strategic investment arm of Databricks, the data and AI company. Databricks Ventures invests in innovative companies that align with our view of the future for data, analytics and AI; and are committed to extending the lakehouse ecosystem or using the lakehouse architecture to create the next generation of data and AI-powered companies.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Banyan Security Introduces World’s First Device-Centric Security Service Edge (SSE) Solution

Globenewswire | April 05, 2023

Banyan Security, a leading provider of zero trust access solutions for the modern workforce, is proud to announce the launch of its innovative Device-Centric Security Service Edge (SSE) solution. Banyan’s offering delivers a comprehensive range of integrated security measures to safeguard the modern workforce – including Zero Trust Network Access (ZTNA), Virtual Private Network as a Service (VPNaaS), Cloud Access Security Broker (CASB), and Secure Web Gateway (SWG) – all in a unified product that is simple to implement and boosts employee productivity. Unlike traditional security products focused on the network perimeter, Banyan’s device-centric SSE brings the user and device to the forefront of protection, enabling intelligent, risk-based connectivity and threat detection. Working in concert with the Banyan Cloud permits consistent policy enforcement without needing to route all enterprise traffic through vendor data centers or expensive on-premise appliances, which significantly improves the user experience. Moreover, Banyan’s device-centric approach treats clientless scenarios as first-class citizens, enabling seamless access combined with granular policy controls. “The launch of our device-centric Security Service Edge solution marks a major milestone for our company, delivering on the idea of enabling workers to securely do their job from anywhere” said Jayanth Gummaraju, CEO and Co-founder of Banyan Security. “We saw a clear need for a new solution that does not suffer from the baggage of existing network-centric approaches. What we’ve built brings together device and network security in a unique way to secure all types of access – private or internet. This approach reduces the attack surface and provides a frictionless user experience, thus increasing employee productivity. We’re excited to see customers and industry partners embracing our approach, and are confident that our solution will exceed expectations, revolutionizing the way organizations think about workforce security." Banyan Security’s strategic partners understand that a new approach is needed to effectively realize the promise of a zero trust framework. “We are thrilled to partner with Banyan Security to deliver more value to our joint customers. The partnership provides a risk-based approach to security and simplifies the deployment of Zero Trust initiatives,” said Akhil Kapoor, Vice President of Business Development at SentinelOne. “Together, we can offer unparalleled protection and peace of mind to organizations as they navigate an ever-evolving threat landscape.” The implications of a device-centric SSE product are revolutionary, providing organizations with considerable benefits including: Improved User Experience – Localized, intelligent decision making minimizes latency and results in a better user experience. Rather than forcing organizations to ship all traffic to the cloud for inspection, each device makes the optimum access and security decisions. Coupling faster decision making with an always-on approach minimizes potential gaps for advanced threats to exploit. Better Enterprise Security – The Banyan SSE solution includes multiple layers of security, providing least privileged access for users regardless of location. Additional security is provided by incorporating real-time, continuous authorization using advanced risk modeling based on user, device, resource, and threat profiles. Together these features provide superior threat protection and automated threat remediation. Lower Total Cost of Ownership – a device-centric Security Service Edge is significantly easier to deploy and manage for most organizations. Rather than having to configure complex network environments to support the analysis and routing of user traffic, this happens locally on end-user devices based on intuitive selections made in the Banyan admin console. Advanced discover and publish capabilities further simplify deployments and results in much lower total cost of ownership for an organization versus legacy solutions. Deployment Flexibility – The Banyan Security SSE solution architecture provides additional benefits for organizations that are concerned with data privacy and security. Unlike other SSE solutions, the Banyan Security Platform can be configured to route encrypted traffic through either the Banyan cloud infrastructure or directly through a service installed and maintained in the organization’s infrastructure. This capability allows the freedom to address the needs of any regulatory or security-conscious environment. Banyan’s customers, aware that existing solutions were not addressing the rapidly changing requirements of a distributed workforce, have rallied behind the Banyan Security Platform. “With Banyan Security’s device-centric SSE, we confidently replaced our legacy VPN and accelerated our zero trust architecture initiatives. Their robust solution empowers us to secure our cloud-first environment, seamlessly monitor security posture through efficient device checks, and ultimately enhance our primary customers’ security – our users,” said Cesar Esteban, Staff Security Engineer at Snapdocs. “Investing in Banyan Security has transformed our approach to cybersecurity and unlocked new potential for serving our users better.” About Banyan Security Banyan Security provides secure, zero trust “work from anywhere” access to applications and resources for employees and third parties while protecting them from being phished, straying onto malicious web sites, or being exposed to ransomware. A Flexible Edge architecture enables rapid, incremental deployment on-premises or in the cloud without compromising privacy or data sovereignty. A unique device-centric approach intelligently routes traffic for optimal performance and security delivering a great end user experience. Banyan Security protects workers across multiple industries, including finance, healthcare, manufacturing, and technology.

Read More

More featured news