DATA SECURITY, SOFTWARE SECURITY

Rubrik Surpasses $400 Million in Subscription ARR and Launches Rubrik Zero Labs, Data Threat Research Unit to Help Combat Global Cyber Events

Rubrik | September 01, 2022 | Read time : 02:50 min

Rubrik
Rubrik, the Zero Trust Data Security™ Company, today announced it surpassed $400 million in software subscription annual recurring revenue (ARR) to date, growing over 100 percent year over year. The company has achieved a net dollar retention rate greater than 140 percent based on its ability to retain customers and expand within the customer base. Today, over 4,500 customers around the world and across multiple industries rely on Rubrik to help them secure their data and keep their business running, including BMO Financial Group, Citigroup, Estee Lauder, Fiserv, The Home Depot, and many others.

The company also announced the launch of Rubrik Zero Labs, Rubrik’s new cybersecurity research unit to analyze the global threat landscape, report on emerging data security issues and give organizations research-backed insights and best practices to secure their data against the increasing threat of cyber events.

“There is no industry, government, or company that is immune to cyberattacks. These threats continue to increase in volume and sophistication and have the power to bring entire organizations to their knees. “We are striking a chord with organizations globally because they need a better strategy to protect their data. With Rubrik, they are better able to secure their business from ongoing cyber events.”

Bipul Sinha, CEO and Co-Founder of Rubrik

Cybersecurity Veteran Steven Stone Joins as Head of Rubrik Zero Labs

Today Rubrik announced it has named Steven Stone as the Head of Rubrik Zero Labs. Stone will lead Rubrik’s new data threat research unit to uncover real-world intrusions from a range of threats including espionage-based data breaches to ransomware attacks, and to inform customers and partners of the best ways to proactively address risk in their business operations. He has over 15 years of experience in threat intelligence with roles in the U.S. military, intelligence community, and private sector, including Mandiant/FireEye and IBM. Most recently, he was Vice President of Adversary Operations at Mandiant, leading global teams who were responsible for adversary hunting, attribution, and data collection efforts.

“Data and insights are critical for understanding, responding, preventing, and recovering from cyber events. In many cases, the data aspects are the least understood across the threat landscape, and we want to close this delta. Comprehensive threat intelligence will enable organizations to make informed decisions so they can be prepared for a full swath of cyber threats,” said Stone. “I’m thrilled to pioneer the data threat intelligence unit at Rubrik and help to deliver valuable insights to our customers and the cybersecurity industry so that together we can stay ahead of the evolving data threat landscape.”

Additional Milestones:

Rubrik has also achieved a number of recent industry recognitions, landmark accomplishments, and launches including:

  • Launched Rubrik Security Cloud to secure customers’ data wherever it lives across enterprise, cloud, and SaaS while delivering data resilience, data observability, and data recovery
  • Grew the leadership team by appointing Mike Mestrovich as Chief Information Security Officer (CISO), following his role as CISO at the Central Intelligence Agency (CIA). Appointed Chris Krebs — former director of the U.S. Cybersecurity and Infrastructure Agency (CISA) — as Chair of Rubrik’s new CISO Advisory Board, where he will assemble some of the nation’s top CISOs to facilitate information exchange and thought leadership in data security. Rubrik also named Ghazal Asif, who previously served as Google’s Head of Channel for EMEA, as Head of Global Partners and Alliances
  • Named a Leader in the 2022 Gartner® Magic Quadrant™ for Enterprise Backup and Recovery Software Solutions, positioned the furthest overall in Completeness of Vision for third year in a row
  • Rubrik ranked amongst highest scoring 3 vendors for all Use Cases in 2022 Gartner® Critical Capabilities™ for Enterprise Backup and Recovery Software Solutions for 2 consecutive years
  • Received numerous industry accolades, including placement on the Forbes Cloud 100 for the sixth year in a row, and distinction as winner of the Global InfoSec Awards as Hot Company in Data Security

About Rubrik
Rubrik is a cybersecurity company, and our mission is to secure the world’s data. We pioneered Zero Trust Data Security™ to help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

Spotlight

Businesses make up the core of an economy. And cyberattacks are among the topmost risks faced by any business organization irrespective of its size and domain of operation. Therefore, it is well established that cyber-attacks have a significant economic impact. Most of the attacks and breaches are financially motivated.

Spotlight

Businesses make up the core of an economy. And cyberattacks are among the topmost risks faced by any business organization irrespective of its size and domain of operation. Therefore, it is well established that cyber-attacks have a significant economic impact. Most of the attacks and breaches are financially motivated.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data

Neosec | November 16, 2022

Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity data to enable organizations to fully see and store API data, removing the possibility of keeping sensitive data at-rest. Today, many organizations are blind to the threats lurking within their API traffic. Even worse, organizations are forced to implement basic logging of its API traffic that doesn't contain the meaningful information about who accessed, what records were accessed or manipulated and how. There exists a justified fear of logging sensitive data or being out of compliance, and with the lack of technology that can perform it at scale, they prefer to log with low fidelity. Those logs tell you that "somebody modified or accessed a record" but typically don't disclose who accessed it, which record, or what action was performed. This decision also results in a downstream issue of "insufficient logging", which is noted by the Open Web Application Security Project as one of the top security problems in its 2021 OWASP API Top 10. "Insufficient logging" is poor for incident forensics and, in practice, means that you can't detect abuse or investigate a case, even if you know it happened. Tokenization is the process of substituting a sensitive data element, like a credit card number, for a non-sensitive equivalent that has no intrinsic or exploitable value or meaning. Neosec's automated tokenization is part of its 'privacy by design' philosophy and is already deployed successfully at customers around the world in financial services, insurance and hospitality companies among others. The process allows retaining tokenized API activity data for the purposes of performing true behavioral analytics over time, ensures that sensitive data is never stored at rest, and enables only the customer to de-tokenize, based on the strictest data privacy practices. "Solving API security starts with basic visibility and the ability to see how the APIs are used. The problem is that virtually every company logs API activity with low fidelity that doesn't enable this basic visibility. "In order to perform true behavioral analytics and investigate cases you must store and examine historical data. But if this analysis is performed on un-tokenized data you risk storing PII and creating compliance issues. Neosec successfully retains all API activity data, in the highest fidelity, and ensures it meets data privacy standards." Giora Engel, co-founder and chief executive officer, Neosec This focus on data and the visibility it brings is what previously defined the creation of the EDR (Endpoint Detection & Response) security space. "Trying to implement API security without enabling basic visibility of activity is like going back to the antivirus age before the advent of EDR. Visibility into API activity allows you to detect threats, understand behavior, investigate and remediate" said Engel. The Neosec API security solution discovers and maintains an up-to-date inventory of all APIs in use by an organization and then uses machine learning and behavioral analytics on tokenized data to find fraud and abuse by third parties and attackers. Neosec also enables proactive API threat hunting and investigations without storing any sensitive data. The automated API data tokenization is now a capability of the Neosec platform and is fully available. There is no extra cost for use of this unique capability. About Neosec Neosec is re-inventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities together with a team of expert threat hunters. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Swimlane Launches First Comprehensive Security Automation Ecosystem for OT Environments

Swimlane | November 15, 2022

Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments. The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure. Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role. “Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.” Cody Cornell Co-founder and Chief Strategy Officer of Swimlane Swimlane’s security automation ecosystem for OT environments currently includes the following: Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points. Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk. 1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods. “Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.” Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Searchlight Security Launches New Ransomware Group Module With Threat Intelligence from the Dark Web

Searchlight Security | December 16, 2022

Searchlight Security, the dark web intelligence company, has today launched Ransomware Search and Insights, a new strategic enhancement to its Cerberus platform. Ransomware Search and Insights automatically collates data from active ransomware groups to help organizations and law enforcement agencies to investigate, track, and gather intelligence on live ransomware activity. This curated view of ransomware groups means that patterns in tactics, incidents, and victimology can be observed in real-time, helping analysts to bolster their threat intelligence, and gain the upper hand on ransomware groups. "Although ransomware has been one of the most pressing threats for several years, it still remains persistent because security teams and law enforcement agencies have been on the back foot, playing catch-up with the ever changing tactics and profiles of ransomware groups. “With visibility into the dark web presence of active ransomware threat actors, analysts can better understand how they are currently operating, therefore gaining a critical advantage over groups.” Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security Enabling Enterprises to Pre-empt Attacks Ransomware Search and Insights allows organizations to observe the victims of threat actors, posts on leak sites, and track known group members, all in one place - significantly reducing time and resources spent individually researching each threat group. With previously unseen insight into ransomware activity as it is happening, they can also identify which ransomware groups are targeting organizations that match their profile (e.g. industry, geography, business size) and tailor their defenses with a better understanding of which group is most likely to attack them. Empowering Law Enforcement Cerberus’ Ransomware Search and Insights provides investigators with the most up-to-date intelligence for their fight back against cybercrime. Ransomware groups pose a significant risk to national security through the persistent threat to critical infrastructure. As ransomware groups use the dark web to conduct their campaigns with impunity, tracking the activity of prolific threat actors on marketplaces and forums can help law enforcement agencies’ efforts to disrupt and take down these groups. “The Ransomware Search and Insights module was born from our work with national law enforcement agencies who require real-time insights to investigate and take down ransomware groups. We have listened to and collaborated with them to address these needs and bring the next evolution of threat hunting to life,” explained Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security. “Investigators can now work smarter, not harder, with live intelligence on ransomware operators collated and delivered to them.” Ransomware Intelligence for MSSPs Dark web monitoring is emerging as one of the fastest growing offerings amongst Managed Security Service Providers (MSSPs), driven in no small part by increased customer demand to stay one step ahead of attackers and prevent disruptive ransomware incidents. Ransomware Search and Insights provides MSSPs with a valuable tool that integrates into their existing offering, with the ability to deliver easy-to-digest overviews of ransomware activity to customers, or action intelligence internally to protect their client base from emerging threats. Ransomware Search and Insights is now available on Cerberus. For more information on the threat intelligence that can be gathered from Ransomware Search and Insights, download our free report: Dark Web Profiles: The Most Prolific Ransomware Groups of 2022. About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More