Platform Security

SecurityScorecard Joins Snowflake Partner Network

SecurityScorecard
SecurityScorecard, the global leader in cybersecurity ratings announced today that it has joined Snowflake's Partner Network, enabling mutual customers to gain instant visibility into their own security posture and that of their third and fourth party software vendors.

Catching Third-Party Risks Early
Snowflake customers now have access to "call" security data within Snowflake, gaining direct access to SecurityScorecard Ratings data that can be correlated with various systems and processes including third party risk, identity and access and  IT asset management to catch potential security risks early and create a unified view.

"CISOs need to know the scale and scope of their cyber environment and that includes third and fourth-party vendors that can pose substantial risks to their organization," said Alex Rich, Vice President of Alliances at SecurityScorecard. "The insights gleaned from continuous monitoring with SecurityScorecard ratings data helps Snowflake data cloud customers get a broad view into  their Third Party Risk Management, supply chain management, and business intelligence applications with continuous cybersecurity data."

SecurityScorecard collects and analyzes global threat signals that give organizations instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture. The technology continuously monitors 10 groups of risk factors to instantly deliver an easy-to-understand A-F rating.

The Snowflake Partner Network unlocks the potential of the Data Cloud with a broad array of tools and partners. Certified partnerships and integrations enable customers to leverage Snowflake's flexibility, performance, and ease of use to deliver more meaningful data insights.

"With SecurityScorecard on the Snowflake Data Marketplace - organizations can now access and use robust vendor risk data directly in their Snowflake account. "Joint customers of Snowflake and SecurityScorecard can now easily combine, enrich, and contextualize vendor risk data with procurement, legal, IT, compliance, and security data, systems, and processes, accelerating the modern CIO and CISO's priority of data-driven, risk-based, and automated security and compliance."

Joshua McKibben, Director Security Compliance & Risk Management at Snowflake

"Our partnership with SecurityScorecard is delivering customers the detailed cybersecurity ratings data they need to refine and enrich data around numerous different use cases," said Tarik Dwiek, Head of Technology Alliances at Snowflake. "From third party risk and M&A due diligence, to cyber insurance, SecurityScorecard and Snowflake are helping global enterprises better manage their third-party risk management programs."

About SecurityScorecard
Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Related News

Software Security

Cisco to Secure Splunk for Resilience and Security in AI-Driven World

Cisco | September 25, 2023

Cisco and Splunk are joining forces to advance organizations from reactive threat handling to proactive threat anticipation and prevention. Together, they will emerge as a major global software entity, boosting Cisco's shift towards recurring revenue. This collaboration unites two esteemed workplaces with shared values, robust cultures, and skilled teams. The synergy between these pioneering companies positions them for leadership in AI-driven security and observability. Anticipated to yield positive cash flow and improved gross margins in the initial fiscal year following the merger, with non-GAAP EPS enhancement expected by year two. Cisco and Splunk, the leader in cybersecurity and observability, today announced a definitive agreement under which Cisco will acquire Splunk for $157 per share in cash, representing an equity value of approximately $28 billion. Gary Steele, president and CEO of Splunk, will join Cisco's Executive Leadership Team upon completion of the acquisition, reporting to Cisco chair and CEO Chuck Robbins. Chair and CEO of Cisco, Chuck Robbins, remarked, We're excited to bring Cisco and Splunk together. Our combined capabilities will drive the next generation of AI-enabled security and observability. From threat detection and response to threat prediction and prevention, we will help make organizations of all sizes more secure and resilient. [Source: Cision PR Newswire] Every company relies on data to operate its business and make mission-critical choices in today's hyper-connected environment. Accelerating and adopting generative AI, growing danger surfaces, and different cloud environments offer unprecedented complexity for enterprises. To be digitally resilient, organizations must better manage, preserve, and unleash data's value. Gary Steele, president and CEO of Splunk, stated that they would together form a global security and observability leader that will harness the power of data and AI to deliver outstanding customer outcomes and transform the industry. Steele added that they’re eager to join forces with a trusted and long-time partner who shares their passion for innovation and top customer experience, and they expect their community of Splunk employees to benefit from the greater opportunities as they bring together two purpose-driven and respected organizations. Cisco and Splunk will give insight across hybrid and multi-cloud systems, enabling clients to provide seamless application experiences for digital enterprises. The companies can help other organizations responsibly use AI due to their scale, data visibility, and trust. These two firms will unite to invest more in innovative products, accelerate innovation, and expand globally to serve clients of all sizes. The transaction is expected to be cash flow positive and gross margin accretive in the first fiscal year post-close, with non-GAAP EPS accretive in year two. The acquisition is subject to regulatory approval and customary closing conditions, including approval by Splunk shareholders. Advisors for the Cisco-Splunk acquisition include Tidal Partners LLC, Simpson Thacher & Bartlett LLP Cravath and Swaine & Moore LLP, among others.

Read More

Network Threat Detection

Fortinet Focuses on Business Growth to Drive Cybersecurity Innovation

Fortinet | November 06, 2023

Fortinet prioritizes secure networking, universal SASE, and security operations to expand globally and innovate in cybersecurity. Secure networking is estimated to reach $86 billion by 2027 and universal SASE $36 billion, aligning with the strategic change. Focusing on cybersecurity growth strengthens Fortinet's commitment to customer value and innovation. Fortinet, a global leader in cybersecurity, is focusing its business strategy on high-growth markets, emphasizing secure networking, universal secure access service edge (SASE), and security operations. This shift will drive innovation and reinforce its commitment to customers. Fortinet is reorganizing its research & development (R&D) and go-to-market (GTM) strategies around the three markets mentioned. They will develop integrated and advanced products to cater to these areas. Fortinet operates globally, serving hyperscale customers and promoting cybersecurity technologies. The three core markets Fortinet is concentrating on are secure networking, universal SASE, and security operations. These markets are expected to experience substantial growth, and Fortinet has a competitive advantage in them. This strategy aims to expand Fortinet's global business and provide value to its customers. The company is aligning with areas of high demand in the cybersecurity sector. Its current collection of organically developed and integrated products and services enjoys a notable competitive edge in the aforementioned three crucial markets: The market for secure networking is anticipated to reach $86 billion by 2027, expanding at a rate of nearly nine percent per year. 5G gateways, network firewalls, secure switches, and access points comprise the majority of its composition. With the expansion of its firewall business, Fortinet anticipates a corresponding increase in revenue for its FortiGuard Security Services, which are propelled by artificial intelligence (AI). Secure networking remains an integral component of Fortinet's strategy, given that it dominates both firewall revenues and units shipped in its greatest addressable market. Also, by 2027, the universal SASE market is anticipated to reach $36 billion, representing an annual expansion of nearly 20%. The system integrates various cloud-native networking and security technologies, including SD-WAN, secure web gateway (SWG), cloud access security broker (CASB), data loss prevention (DLP), zero-trust network access (ZTNA), SASE, and others. Its purpose is to streamline the process of implementing a zero-trust strategy. All functions of the SASE solution developed by Fortinet can be executed either in an appliance or in the cloud. This capability is facilitated by a unified management console, networking and security layer, and operating system. Recently, Fortinet was positioned in the inaugural Gartner Magic Quadrant for Single-Vendor SASE in 2023. Lastly, the security operations market is anticipated to reach $78 billion by 2027, expanding at slightly more than 14% per year. Fortinet's SecOps platform is the most comprehensive, integrated, and broad in the industry, enabling organizations to gain control and insight into their distributed operations through security orchestration, endpoint detection and response (EDR), automation and response (SOAR), security information and event management (SIEM), network detection and response (NDR), and additional integrated enterprise-grade cybersecurity technologies. Complementing Fortinet's R&D expenditures are strategic realignments in its GTM investments, concentrating on security operations, universal SASE, and secure networking. With the assistance of marketing support and training, sales will be structured in accordance with these three strategic areas in order to increase market penetration and consumer engagement.

Read More

Cloud Security

Palo Alto Networks Announces Intent to Acquire Cloud Security Start-up Dig Security

PR Newswire | November 01, 2023

Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced that it has entered into a definitive agreement to acquire cloud security start-up Dig Security, an innovative provider of Data Security Posture Management (DSPM). Today, almost 70% of organizations already have data stored in the public cloud1. With increased interest and adoption of generative AI, sensitive data is often even more spread out across cloud services, including distributed databases, vector databases, PaaS services, and more. Organizations need help identifying sensitive data, effectively managing user access, and implementing robust security measures to protect against internal and external threats. Simultaneously, the relentless surge in the volume and impact of cloud data breaches persists2, causing significant damage to enterprises. This underscores the critical role that DSPM will play within a comprehensive cloud security strategy. Dig's DSPM solution enables organizations to discover, classify, monitor, and protect sensitive data across all cloud data stores, which will give Palo Alto Networks' customers visibility into and control of their multi-cloud data estate. After the close of the proposed acquisition, Dig's capabilities will be seamlessly integrated into the Prisma® Cloud platform to provide near real-time data protection from code to cloud. Dig was founded by entrepreneurs Dan Benjamin, Ido Azran, and Gad Akuka. They will continue leading their teams in joining the Prisma Cloud team at Palo Alto Networks after closing. Lee Klarich, Chief Product Officer for Palo Alto Networks: "As companies build AI-enabled applications, there will be a substantial increase in the amount of data transferred to the cloud. Dig's highly innovative DSPM technology helps safely enable this shift, and its dedicated team will complement and help advance Palo Alto Networks' strengths across cloud security. The announcement of our intent to join forces with Dig reinforces our longstanding commitment to our team in Israel and to continue growing our footprint with its talented and dedicated cybersecurity professionals." Ankur Shah, SVP Products, Prisma Cloud for Palo Alto Networks: "Data protection was the top priority for cloud security cited in the 2023 The State of Cloud-Native Security Report. Upwards of 75% of respondents noted that the number of point tools they use creates blind spots. Dig lets security teams see and secure their data across multi-cloud environments. This visibility and security is becoming increasingly important in the age of generative AI. Dig's innovation, coupled with Prisma Cloud's leading code-to-cloud intelligence highlighted in the recent Darwin release, will create what CISOs need to drive complete cloud security and data protection with a single, integrated, cloud-native platform." Dan Benjamin, Co-Founder & CEO, Dig Security: "Modern cloud applications leverage a broad set of data stores to meet the complex needs of businesses. We developed an award-winning DSPM solution to alleviate this strain by providing a centralized offering to monitor and manage the security of these cloud data stores. Integrating Dig's technology with Prisma Cloud will enable customers to effectively manage the security of their diverse data stores in modern cloud applications and reduce the risk of data breaches. My co-founders and I look forward to continuing our innovation journey with Palo Alto Networks to make the world safer."

Read More