ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | May 10, 2023
CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced enhancements to its CyberArk Identity Flows orchestration solution, including new integrations with Gurucul, Proofpoint and SentinelOne. Part of the CyberArk Identity Security Platform, CyberArk Identity Flows automates risk response tasks and processes through no-code app integrations and workflows, and improves response times, efficiency and productivity.
CyberArk Identity Flows includes a user-friendly workflow builder with powerful integration and orchestration capabilities for identity-related business processes, data management and security event responses.
New features enable organizations to orchestrate complex responses to a potential threat or security event and act on the valuable data provided by threat monitoring and alerting systems. For example, when a security alert is triggered due to continued failed login attempts, users can be automatically moved into a “risky persons” group to restrict access to specific resources. This feature can also automatically notify relevant parties of the risk, create IT tickets, or take other actions based on security policies.
The new technology integrations, available on CyberArk Marketplace, expand these capabilities to work with the industry’s leading threat detection systems, including:
Gurucul Security Analytics and Operations Platform – detects threats and provides analytics-driven risk scoring to quickly identify and prioritize new, emerging and unknown threats. CyberArk Identity Flows can gather the risk score from Gurucul and orchestrate appropriate responses and actions to reduce the manual effort associated with threat investigation and remediation while securing the associated identity(s).
Proofpoint Targeted Attack Protection (TAP) – detects email threats and assigns a level of risk to individuals with a Very Attacked People (VAP) feature. CyberArk Identity Flows can utilize the insights provided by Proofpoint to orchestrate appropriate responses such as moving identities into different groups to change access permissions, change an authentication policy, send alerts, post notifications or create IT tickets.
SentinelOne Singularity Platform – detects and hunts for threats across user endpoints, containers, cloud workloads and IoT devices. When risks are detected, CyberArk Identity Flows leverages that context to make decisions within workflow actions that need to take place across the identity infrastructure.
With CyberArk Identity Flows, workflows can be built in minutes through a user-friendly visual editor and thousands of pre-built connectors to more than 700 applications. CyberArk Identity Flows now also integrates with CyberArk Identity Security Intelligence, a shared service of the CyberArk Identity Security Platform that leverages user behavior analytics to detect and remediate anomalous and risky activity by employees. When high-risk behavior is detected, CyberArk Identity Flows is used to orchestrate response actions to reduce response times to attacks to minimize risk.
“Flexible automation and orchestration are critical to a proactive Identity Security program and vital to improving the security posture of our clients. That’s why we’ve been so focused on delivering new CyberArk Identity Flows innovations,” said Peretz Regev, chief product officer at CyberArk. “With these enhancements and integrations, we make it simple for organizations to use CyberArk Identity Flows to reduce IT overhead, accelerate service agility and strengthen their overall security, ultimately improving operational efficiencies.”
CyberArk Identity Flows can be purchased as a standalone solution, or as part of the CyberArk Identity Security Platform. CyberArk applies intelligent privilege controls to all identities – human and machine – with continuous threat detection and prevention across the entire identity lifecycle. With the CyberArk Identity Security Platform, organizations can enable Zero Trust and least privilege with complete visibility, enabling every identity to securely access any resource, located anywhere, from everywhere.
To learn more, please register for “Better Security with Threat Response Automation,” a webinar taking place on May 18, 2023 or visit https://www.cyberark.com/products/identity-flows/.
About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Globenewswire | May 29, 2023
WinMagic Inc. (the "Company" or "WinMagic") is proud to announce that it is now a member of the Lumen Technologies (NYSE: LUMN) Channel Partner program. WinMagic offers powerfully simple and seamless authentication and encryption solutions that use the endpoint to deliver unbeatable security. This partnership will enable the Company to leverage Lumen’s extensive network and cloud and security solutions to expand capabilities to existing WinMagic customers and enter new markets through access to Lumen’s comprehensive partner program.
As a Lumen Channel Partner, WinMagic can draw on Lumen’s integrated portfolio of global solutions to enable greater product adaptability regarding network services, infrastructure and applications. Lumen’s solutions and infrastructure, combined with WinMagic’s innovative authentication and endpoint encryption products, provide customers with a complete portfolio of cybersecurity solutions.
“This is a game-changer for customers. Paired with WinMagic’s next-gen security, Lumen’s edge compute infrastructure and portfolio of advanced solutions gives customers real power,” said Sara Seegers, regional vice president of indirect channel sales at Lumen. “Customers want to scale their operations as quickly as possible. They know this is the key to increasing their efficiency and growing their business. Together, we can bring results that exceed customer expectations.”
"This partnership with Lumen brings users WinMagic’s most secure authentication technology to date with an incredible user experience," said Rahul Kumar, vice president of sales at WinMagic. "Our MagicEndpoint provides real-time, continuous authentication of the user plus endpoint device without requiring any user action. This strategy delivers the ‘always verify’ element of zero-trust security. We're excited to extend our next-gen security solutions to the Lumen network."
WinMagic’s MagicEndpoint passwordless authentication solution delivers preboot authentication, Windows login and passwordless authentication to online services and applications. The software’s zero-trust security design complements government and commercial environments while delivering an end-to-end secure user experience. SecureDoc endpoint encryption enables organizations to secure all their data at the same time, keeping it safe from cyberattacks without disrupting productivity.
About Lumen Technologies
Lumen connects the world. We are dedicated to furthering human progress through technology by connecting people, data and applications — quickly, securely and effortlessly. Everything we do at Lumen takes advantage of our network strength. From metro connectivity to long-haul data transport to our edge cloud, security and managed service capabilities, we meet our customers' needs today and as they build for tomorrow. For more information, visit www.lumen.com.
About WinMagic
WinMagic is a leading developer of cybersecurity solutions that, for 25 years, has raised the bar for endpoint encryption. Over 2,500 businesses and government agencies trust the company with over 3 million active licenses globally. The WinMagic authentication and encryption suite protects your company's data, on-premises or in the cloud. WinMagic delivers a seamless authentication and encryption experience that increases productivity while protecting users and data. For more information, visit www.winmagic.com.
Read More
PLATFORM SECURITY, SOFTWARE SECURITY, API SECURITY
Businesswire | June 06, 2023
Traceable AI, the industry's leading API security company, today announced the release of the industry's first API Security Reference Architecture for Zero Trust. This groundbreaking reference architecture serves as a guide for security leaders as the industry addresses the urgency of integrating API Security into Zero Trust Security initiatives.
Zero Trust, a cybersecurity framework that emphasizes continuous verification and helps to minimize the attack surface, has proven effective in enhancing security for many organizations, from large enterprises, to the US Government. However, traditional Zero Trust approaches have primarily focused on network-level controls and identity access management, neglecting the critical API layer.
Traceable’s API Security Reference Architecture is aligned with the NIST Zero Trust Architecture, a publicly available, vendor-neutral framework widely adopted by government entities such as CISA, DoD, DISA, NSA, GSA and NCCoE, as well as by many leading cybersecurity vendors. By leveraging the NIST framework, Traceable ensures compatibility, interoperability, and adherence to industry standards, making it a reliable and trusted guide for organizations implementing Zero Trust for their APIs.
The extensive reference architecture provides organizations with a prescriptive methodology to operationalize Zero Trust for APIs:
Advanced API Security: The reference architecture gives organizations a way to implement robust security measures specifically designed for APIs, including eliminating implied or persistent trust for APIs, thereby minimizing the risk of API-related vulnerabilities, attacks, and data breaches.
Comprehensive Risk Management: The reference architecture recommends incorporating automatic user authentication and authorization, granular data access policies, and asset risk assessments, can organizations can effectively manage and mitigate risks associated with API access and usage.
Increased Visibility and Control: The architecture explains why organizations should obtain granular visibility, which allows organizations to monitor and record all API transactions, enabling better analysis, threat detection, and incident response capabilities.
Improved Compliance and Data Protection: The automatic identification and classification of sensitive data sets ensure compliance with data protection regulations such as HIPAA, GDPR, and PCI-DSS, reducing the risk of regulatory penalties and reputational damage.
Seamless Automation and Orchestration: The reference architecture recommends integration with XDR, SIEM, and SOAR solutions, so organizations can enhance their overall security posture, automate response actions, and streamline security operations.
Scalability and Flexibility: The architecture offers a flexible distribution model for PEPs and data collection points, allowing organizations to scale their API security infrastructure based on their unique requirements and architecture.
Future-Proofing: By aligning with the NIST Zero Trust Architecture and industry standards, organizations adopting the API Security Reference Architecture can ensure compatibility, interoperability, and the ability to evolve alongside emerging technologies and security best practices.
Traceable’s API Security Reference Architecture for Zero Trust introduces a new approach to secure APIs using Zero Trust concepts, acknowledging their unique security requirements. It provides organizations with a comprehensive framework to implement Zero Trust controls specifically tailored to APIs, ensuring the protection of digital assets and mitigating the risk of data breaches.
Dr. Chase Cunningham weighs in on Traceable’s approach: "APIs provide a new means of applying controls across enterprise applications, " says Dr. Cunningham, “However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with Zero Trust principles. By combining Zero Trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively."
Throughout the past year, Traceable has continued to reaffirm its commitment to extending Zero Trust methodologies to API Security. With the addition of Zero Trust creator John Kindervag and Dr. Zero Trust, Chase Cunningham as Traceable advisors, Traceable continues to strengthen its expertise in this space. To date, Traceable has become a valuable partner to a number of large enterprises as the industry turns its eyes toward the importance of API security. With the rollout of their Zero Trust API Access solution alongside this reference architecture, Traceable continues to lead the industry toward the advancement of API security.
This reference architecture is now available for organizations to explore and implement, empowering them to achieve complete API security in a Zero Trust world.
About Traceable
Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.
Read More