ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | March 29, 2023
BreachLock officially launched its API Penetration Testing Service today, making API security testing faster, more scalable, and more affordable compared to alternative pentesting providers. The company is best known for its human-led, AI-enabled Pen Testing as a Service (PTaaS) solution delivered via its award-winning client portal. API penetration testing will help organizations prevent cybercriminals from exploiting unpatched API vulnerabilities to perpetrate cybercrimes.
BreachLock is known for its innovative pentesting approach as a leader in the emerging PTaaS market. With a global reputation for delivering enterprise-grade penetration testing services, Breachlock leverages automation to ensure affordability and speed for clients held back by alternative pentesting options. With integrated remediation, companies can decrease their window of exposure to critical API vulnerabilities fast. Clients receive evidence-backed pentest reports with guided remediation on critical vulnerabilities, along with 12 months of access to retest, generate reports, and run scans inside the client portal.
Regarding its new security testing offering, BreachLock's Founder & CEO, Seemant Sehgal, comments, "With the rise in security breaches involving insecure APIs, it's our responsibility to enable clients to prevent similar incidents." Sehgal adds, "Staying ahead of cyber adversaries is the name of the game. With today's threat landscape, agile pentesting is the key to combatting security breaches, especially when done regularly."
BreachLock's API pentesting service is conducted by 100% in-house, certified expert pentesters (e.g., CREST, OSCE, OSCP, CISSP, CEH) that leverage AI and automation to accelerate the process and deliver more accurate results that closely correlate with OWASP best practices. Its security experts apply maximum business logic to every API pentest during a manual deep dive and ensure zero false positives by validating automated findings.
BreachLock® is a global leader in cybersecurity and Penetration Testing services combining the power of human hackers, artificial intelligence, and automation. Engineered for agility and scalability for digital environments of any scale, on its cloud-native platform, BreachLock delivers full-stack, Human-led, AI-enabled, Pen Testing as a Service (PTaaS), enabling organizations to accelerate pentesting by 50% and reduce TCO by 50% in comparison to alternative penetration testing companies. BreachLock helps clients accelerate their security maturity, meet compliance requirements (i.e., PCI DSS, ISO 27001, HIPAA, GDPR, SOC 2), and conduct third party security vendor assessments.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
PRWeb | May 23, 2023
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced the launch of its new QR Code Phishing Security Test (QR Code PST) tool. The no-charge tool assists organizations in identifying users that are most susceptible to scanning malicious QR codes.
Many organizations are aware of the typical social engineering techniques used by bad actors such as phishing, spear phishing and impersonation, to manipulate employees and infiltrate systems. However, bad actors are now taking advantage of the rise in popularity of QR codes and are using them to launch targeted phishing attacks.
QR code phishing is a social engineering attack that includes a malicious link within a QR code that users are prompted to scan with their smartphones. According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022 and scans quadrupled in 2022 alone.
The malicious links in QR Codes take users to risky websites, execute malware or ransomware on their devices or steal information. In fact, last year the FBI released a warning that QR codes may be tampered with by cybercriminals to direct victims to malicious sites. This is also sometimes referred to as QRLjacking.
KnowBe4’s new QR Code PST helps manage the threat of malicious QR codes by identifying users who may scan these codes and expose an organization to vulnerabilities that have the potential to cause significant downtime and security breach risks. The new, complementary tool is available for immediate use for up to 100 users in 35 languages with additional feature options. Additionally, after being used the tool calculates an organization’s Phish-prone™ Percentage (PPP) — the number of end users who are prone to being phished.
“QR codes pose a unique cybersecurity threat because unlike traditional phishing, there is no URL to verify or way to confirm its legitimacy before scanning the code,” said Stu Sjouwerman, CEO, KnowBe4. “As bad actors diversify their social engineering techniques, it is imperative that organizations educate their employees on the potential danger of QR codes. KnowBe4’s new QR Code Phishing Security Test is a great tool to use as a first step in determining how vulnerable an organization is to the threat of malicious QR codes. Training employees to be alert and to think twice before scanning, contributes towards strengthening an organization’s security culture and encourages a healthy level of skepticism.”
To begin using the new, complementary QR Phishing Security Test, visit: https://info.knowbe4.com/qr-code-phishing-security-test.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 60,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.
DATA SECURITY, ENTERPRISE SECURITY
Globenewswire | April 04, 2023
Sonatype, the pioneer of software supply chain management, today announced the launch of its Partner Acceleration Program. This new program framework delivers a wider range of benefits and increased go-to-market value for Sonatype Solution Providers, Global System Integrators and Technology Integration Alliances.
With the initial program launch, Sonatype has formalized its partner benefits for Solution Providers delivering Sonatype technology and services, ranging from design support to on-premises and cloud platform integration.
“The open source intelligence and security that Sonatype’s platform provides across the entire software development life cycle is second to none,” said Allen Talbott, Vice President of Sales at Saltworks Security. “Our long-time partnership with Sonatype has been incredibly valuable in growing our business, securing new clients, and giving our customers the information, tools, and software supply chain guidance they need to transform their development processes and build world-class application security programs.”
Ninety-one percent of organizations have adopted or have plans to adopt a digital-first business strategy. As the digital landscape becomes increasingly dangerous and complex, software supply chain management and security is critical to the digital transformation and success of today's businesses. Sonatype is on a mission to empower every engineering team with intelligence to create and maintain secure, quality and innovative software at scale. The new Sonatype Partner Acceleration Program features an ecosystem of technically certified solution providers, system integrators, and technology alliances that share this same vision, enabling organizations to scale and secure their application development processes while propelling growth.
“Software supply chain management remains a critical piece to securing the applications our customers develop and maintain over time,” said Joey Campione, President at Opticca Security. “Sonatype’s platform continues to deliver consistent results, reliability and increases overall developer productivity, providing our customers with what they need to continue to innovate at an accelerated pace. As a strategic partner, Sonatype’s solutions and support has been integral to scaling our business, and we anticipate that the new partner program will only amplify this further.”
Sonatype partners report higher win rates, increased profits, and more opportunities to build new revenue streams. With the Sonatype Partner Acceleration Program, Solution Providers receive structured tiers of benefits that support increased time to value and customer growth. As partners grow their business with Sonatype, they have access to increasing program benefits and exclusive resources, including dedicated partner managers, co-branded marketing materials, technical support, event opportunities, and more.
“This is an incredible time of growth for our Sonatype partner ecosystem. The demand for software supply chain management solutions continues to skyrocket as organizations increasingly recognize the need to understand the open source their applications depend on,” said Bruce Gordon, Senior Vice President of Global Channel Sales & Alliances at Sonatype. “We have an outstanding community of partners from across the globe providing industry-leading services and technologies. We’re excited to now provide this partner community with additional benefits designed to increase the value and delivery speed of safe and secure open source software.”
Sonatype is the software supply chain management company. We empower developers and security professionals with intelligent tools to innovate more securely at scale. Our platform addresses every element of an organization’s entire software development life cycle, including third-party open source code, first-party source code, and containerized code. Sonatype identifies critical security vulnerabilities and code quality issues and reports results directly to developers when they can most effectively fix them. This helps organizations develop consistently high-quality, secure software which fully meets their business needs and those of their end-customers and partners. More than 2,000 organizations, including 70% of the Fortune 100, and 15 million software developers already rely on our tools and guidance to help them deliver and maintain exceptional and secure software.