ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | May 08, 2023
Dashlane, the security-first password manager, today introduced Passwordless Login, a technology that eliminates the need to create a master password to access Dashlane. The company was the first password manager to offer an extension that supports passkeys and this is the next step in that evolution. With Passwordless Login, users will be able to securely access their Dashlane account without having to create and remember a single password.
As digital profiles have multiplied both professionally and personally, it’s become increasingly difficult to securely manage credentials. Gartner reported that as many as 20-50% of all helpdesk calls are related to password resets. Password managers have helped simplify this process, though users have still needed to create and remember a master password to access their vaults.
By eliminating the master password, Dashlane will empower users to create new phishing-resistant, passwordless accounts that don’t suffer from the vulnerabilities of traditional passwords and multifactor authentication (MFA). Not only does this strengthen overall security posture, it removes user friction and provides a more accessible way for people to access their accounts and protect their personal information.
“Our business has long been about helping users and organizations manage their passwords and logins. But the digital password was born in the 1960s and despite technological advancements, many people still use the same username and password format for most of their online lives,” said John Bennett, CEO at Dashlane. “While our business model has relied on users having one strong, unique master password, it’s still a password that can be weak, reused, phished, or breached. Unveiling today’s passwordless technology marks a significant milestone in our journey towards a future with no passwords.”
By relying on the strength of local device security, which includes PINs and biometrics, Dashlane is able to securely authenticate and provide access to a user’s encrypted vault, which allows Dashlane to be resistant to phishing attacks. Additionally, Dashlane uses cryptographic keys generated with Elliptic-curve Diffie-Hellman (ECDH) to assist with securely exchanging secrets between devices, making setting up a new device fast and secure and regaining access simple. Dashlane is introducing a new mechanism to let users recover their data if they lose their device. This new Dashlane Account Recovery Key will also be made available to our existing users who still use a master password to log in to Dashlane.
Dashlane’s Passwordless Login is a cross-platform solution that is agnostic to the state of a user’s hardware and software. The technology also enables:
Faster device setup flow using a registered device
The ability to set up device-specific PIN codes and biometrics (like fingerprint or facial recognition) to create an account on a mobile iOS or Android device
The ability to regain access to an account with a recovery key, in the event of a total device loss
Dashlane recently became a board-level member of the FIDO Alliance, doubling down on its commitment to work with industry partners to advance the passwordless future through the widespread adoption of passkeys and phishing-resistant authentication.
New Dashlane users will be able to sign up for an account without a master password in the coming months on their mobile device, and the capability will be rolled out to existing customers later this year. For more information on Passwordless Login for Dashlane and to see a demo of how the experience will work, please visit Dashlane’s Passwordless hub.
About Dashlane
Dashlane is a password management solution that removes complexity by pairing comprehensive security with ease of use. We are closely attuned to the needs of our users, balancing simple tools with an uncompromising approach to security–a game changer for anyone, but especially for IT admins working to secure their organization. Our team in Paris, New York, and Lisbon is united by a strong sense of community and passion for improving the digital experience. Over 18 million users and 20,000 businesses globally use Dashlane for a faster, simpler, and more secure internet.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Globenewswire | April 05, 2023
Banyan Security, a leading provider of zero trust access solutions for the modern workforce, is proud to announce the launch of its innovative Device-Centric Security Service Edge (SSE) solution. Banyan’s offering delivers a comprehensive range of integrated security measures to safeguard the modern workforce – including Zero Trust Network Access (ZTNA), Virtual Private Network as a Service (VPNaaS), Cloud Access Security Broker (CASB), and Secure Web Gateway (SWG) – all in a unified product that is simple to implement and boosts employee productivity.
Unlike traditional security products focused on the network perimeter, Banyan’s device-centric SSE brings the user and device to the forefront of protection, enabling intelligent, risk-based connectivity and threat detection. Working in concert with the Banyan Cloud permits consistent policy enforcement without needing to route all enterprise traffic through vendor data centers or expensive on-premise appliances, which significantly improves the user experience. Moreover, Banyan’s device-centric approach treats clientless scenarios as first-class citizens, enabling seamless access combined with granular policy controls.
“The launch of our device-centric Security Service Edge solution marks a major milestone for our company, delivering on the idea of enabling workers to securely do their job from anywhere” said Jayanth Gummaraju, CEO and Co-founder of Banyan Security. “We saw a clear need for a new solution that does not suffer from the baggage of existing network-centric approaches. What we’ve built brings together device and network security in a unique way to secure all types of access – private or internet. This approach reduces the attack surface and provides a frictionless user experience, thus increasing employee productivity. We’re excited to see customers and industry partners embracing our approach, and are confident that our solution will exceed expectations, revolutionizing the way organizations think about workforce security."
Banyan Security’s strategic partners understand that a new approach is needed to effectively realize the promise of a zero trust framework.
“We are thrilled to partner with Banyan Security to deliver more value to our joint customers. The partnership provides a risk-based approach to security and simplifies the deployment of Zero Trust initiatives,” said Akhil Kapoor, Vice President of Business Development at SentinelOne. “Together, we can offer unparalleled protection and peace of mind to organizations as they navigate an ever-evolving threat landscape.”
The implications of a device-centric SSE product are revolutionary, providing organizations with considerable benefits including:
Improved User Experience – Localized, intelligent decision making minimizes latency and results in a better user experience. Rather than forcing organizations to ship all traffic to the cloud for inspection, each device makes the optimum access and security decisions. Coupling faster decision making with an always-on approach minimizes potential gaps for advanced threats to exploit.
Better Enterprise Security – The Banyan SSE solution includes multiple layers of security, providing least privileged access for users regardless of location. Additional security is provided by incorporating real-time, continuous authorization using advanced risk modeling based on user, device, resource, and threat profiles. Together these features provide superior threat protection and automated threat remediation.
Lower Total Cost of Ownership – a device-centric Security Service Edge is significantly easier to deploy and manage for most organizations. Rather than having to configure complex network environments to support the analysis and routing of user traffic, this happens locally on end-user devices based on intuitive selections made in the Banyan admin console. Advanced discover and publish capabilities further simplify deployments and results in much lower total cost of ownership for an organization versus legacy solutions.
Deployment Flexibility – The Banyan Security SSE solution architecture provides additional benefits for organizations that are concerned with data privacy and security. Unlike other SSE solutions, the Banyan Security Platform can be configured to route encrypted traffic through either the Banyan cloud infrastructure or directly through a service installed and maintained in the organization’s infrastructure. This capability allows the freedom to address the needs of any regulatory or security-conscious environment.
Banyan’s customers, aware that existing solutions were not addressing the rapidly changing requirements of a distributed workforce, have rallied behind the Banyan Security Platform.
“With Banyan Security’s device-centric SSE, we confidently replaced our legacy VPN and accelerated our zero trust architecture initiatives. Their robust solution empowers us to secure our cloud-first environment, seamlessly monitor security posture through efficient device checks, and ultimately enhance our primary customers’ security – our users,” said Cesar Esteban, Staff Security Engineer at Snapdocs. “Investing in Banyan Security has transformed our approach to cybersecurity and unlocked new potential for serving our users better.”
About Banyan Security
Banyan Security provides secure, zero trust “work from anywhere” access to applications and resources for employees and third parties while protecting them from being phished, straying onto malicious web sites, or being exposed to ransomware. A Flexible Edge architecture enables rapid, incremental deployment on-premises or in the cloud without compromising privacy or data sovereignty. A unique device-centric approach intelligently routes traffic for optimal performance and security delivering a great end user experience. Banyan Security protects workers across multiple industries, including finance, healthcare, manufacturing, and technology.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | April 13, 2023
DirectDefense, Inc., a leading information security services company, today announced its partnership with Claroty, the cyber-physical systems protection company. Claroty empowers organizations with unmatched visibility, protection, and threat detection to secure their Extended Internet of Things (XIoT), a vast network of cyber-physical systems across industrial, healthcare, and commercial environments.
As digital transformation efforts have intensified over the last decade, a broad range of XIoT assets – including operational technology (OT), the Internet of Medical Things (IoMT), building management systems (BMS) and enterprise IoT – are now interconnected. While this drives innovation, resilience, sustainability and numerous other business benefits, the XIoT can also increase organizations’ attack surface area and risk exposure if not properly secured, and solutions intended solely for OT, IT, or any other specific use case are insufficient. Without holistic, comprehensive visibility and security, organizations may face costly downtime, as well as negative impacts on critical outcomes such as patient care and manufacturing process integrity.
“By adding Claroty to our services offering, customers in the industrial, healthcare and commercial industries can better secure their XIoT environments,” said Jim Broome, President and CTO of DirectDefense. “Time and time again we hear the challenges these industries face with the proliferation of connected devices and the difficulty managing and securing them. The Claroty platform provides the required visibility and protection and with our 24x7 SOC managing those alerts in partnership with our Connected Systems team, customers will elevate their security posture and increase their cyber resiliency.”
Claroty tackles the risks posed by the explosion of connectivity between the cyber and physical worlds with its flagship product, the Claroty Platform. This unified XIoT cybersecurity solution is tailored to the requirements of healthcare, industrial, and public sector environments, deployable via on-premise, hybrid, or cloud/SaaS options, and integrates with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and secure remote access.
“When it comes to securing cyber-physical systems, the number one priority is cyber and operational resilience,” said CJ Radford, Global Vice President of Channel & Alliances for Claroty. “With the strength of Claroty’s technology and the support of DirectDefense’s 24x7 managed services, customers are equipped to proactively secure assets and devices, quickly respond to and recover from incidents, and preserve operational continuity and safety within their XIoT environments.”
About DirectDefense, Inc.
DirectDefense provides enterprise risk assessments, penetration testing, ICS/SCADA security services, and 24/7 managed security services for companies of all sizes. Focused on building security resiliency, the firm offers comprehensive security testing services with specialization in application security, vulnerability assessments, penetration testing, and compliance assurance testing. Its team of highly talented consultants has worked with the majority of the Fortune 100 companies, in industries such as power and utility, gaming, retail, financial, media, travel, aerospace, healthcare, and technology. More information can be found at www.directdefense.com.
About Claroty
Claroty empowers organizations to secure their Extended Internet of Things (XIoT), a vast network of cyber-physical systems across industrial, healthcare, and commercial environments. The company’s cyber-physical systems protection platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, network segmentation, threat detection, and secure remote access. Backed by the world’s largest investment firms and industrial automation vendors, Claroty is deployed by hundreds of organizations at thousands of sites globally. The company is headquartered in New York City and has a presence in Europe, Asia-Pacific, and Latin America. To find out more about Claroty, visit claroty.com.
Read More