ENTERPRISE SECURITY

SecurityScorecard Partners with Tenable to Deliver Complete Cyber Risk Monitoring

SecurityScorecard | August 23, 2021

SecurityScorecard, the global leader in security ratings, today announces a partnership with Tenable the Cyber Exposure company, to deliver a comprehensive view into an organization's risk posture by marrying Tenable's unmatched visibility and depth of analytics into enterprise environments with external cyber monitoring powered by SecurityScorecard. As a result of this partnership, CISOs, IT leaders and security teams are able to review their SecurityScorecard rating, assess their external cybersecurity health, and understand their risk posture directly within the Tenable Lumin dashboard.

"Understanding your up-to-date risk posture has become a necessity in a world that's increasingly more complex, dynamic and transient," said Ray Komar, vice president of technical alliances, Tenable. "We're excited to partner with SecurityScorecard to give customers complete visibility into the risks that exist inside and outside their environment, and guidance for how to most effectively reduce that risk, all in a single platform."

Point-in-time or periodic cybersecurity testing procedures have become antiquated. Today's cyber risks change by the minute and companies need a solution that keeps pace with the dynamic nature of cybersecurity by continuously monitoring for exposures and measuring the security posture and cyber resilience across the organization.

"Organizations must be proactive to address cyber breaches, and security ratings are the foundation to measuring and understanding security resilience in real time," says Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. "Together, SecurityScorecard and Tenable are advancing a new standard for continuous monitoring by blending external and internal risk assessments, which provide organizations with a holistic view into the risks that exist in their environments."

The integration pairs Tenable Lumin's advanced analytics capabilities for assessing risk alongside real-time visibility of external vulnerabilities from SecurityScorecard. This arms Tenable Lumin customers with the intelligence to develop external risk management and threat detection playbooks through real-time updates, allowing organizations to effectively identify and respond to threats and risks.

SecurityScorecard continuously monitors millions of entities globally, and uses non-intrusive proprietary methods to assess their security posture across ten risk categories to instantly deliver an easy-to-understand "A" through "F" rating; including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. On a daily basis, these ratings are updated based on objective, publicly-available data that, similar to credit ratings, provides an "outside-in" view of an entity's security posture.

About SecurityScorecard
Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with tens of millions of companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 18,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Spotlight

The insecurity of the wireless links, power and energy constraints, poor physical protection of nodes in a hostile environment, and the vulnerability of statically configured security schemes poses challenges for routing and secure data transfer in wireless networks. No part or component of the network is dedicated to support specific network functionalities such as routing, security, load balancing, topology discovery, data forwarding etc individually. The absence of infrastructure and the consequent absence of authorization facilities impede the usual practice of establishing a line of defense, separating nodes into trusted and non-trusted.

Spotlight

The insecurity of the wireless links, power and energy constraints, poor physical protection of nodes in a hostile environment, and the vulnerability of statically configured security schemes poses challenges for routing and secure data transfer in wireless networks. No part or component of the network is dedicated to support specific network functionalities such as routing, security, load balancing, topology discovery, data forwarding etc individually. The absence of infrastructure and the consequent absence of authorization facilities impede the usual practice of establishing a line of defense, separating nodes into trusted and non-trusted.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Information Management Leader Archive360 Launches Developer Program to Extend Business Users’ Access to Archived Data with Zero-Trust APIs

Archive360 | August 29, 2022

Archive360™, the archiving and information management leader trusted by enterprises and government agencies worldwide, today announced its Archive360 Extend developer program, giving customers and partners access to the company’s unique APIs (application programming interfaces) so they can leverage the market-leading information governance capabilities of the Archive360 Open Archiving Platform, extending capabilities of customer in-house developed applications as well as third party applications. As the only true Platform-as-a-Service (PaaS) solution provider, Archive360 enables organizations to migrate and onboard massive volumes of data to the cloud, with full control over data security, privacy, access, and compliance. With Archive360 Extend, users can now benefit from one search to directly access, manage and extract relevant data from the Archive360 archive in the comfort and familiarity of their preferred applications, while professionals in the legal, IT and compliance units are assured that all data is being appropriately managed. “Companies offering vital services such as eDiscovery, internal and external audits and core business applications are not in the business of archiving and managing information - that’s our specialty,” said Robert DeSteno, co-founder and CEO of Archive360. “In today’s operating environment, skilled professionals prioritize working from the applications they access daily. Archive360 now makes it possible for these users to access and leverage data in Archive360’s repository from those apps with one search - in most cases, they won’t even know where the data is, only that their access is fully authorized and secure. More than a dozen partners have already joined this program, and over the next few weeks we’ll be announcing key partnerships with specific companies. Archive360 Extend represents a new advance in archiving and information management, and we’re just getting started.” The new program enables a seamless, secure and compliant connection between two complementary forces: the Archive360 information management platform’s ability to onboard, manage and store massive volumes of business data - including files, videos, audio, CRM, ERP, emails/electronic communication, social media and more - and companies specializing in complex disciplines such as eDiscovery and data analytics, serving business users who need immediate, authorized, and secure access to all relevant data resources without having to switch between applications. Archive360 enables participating companies to promote their offerings to a much broader market, including large and heavily regulated enterprises with massive amounts of data that need to be retained and managed securely in compliance with internal and external mandates. One Search User Access Archive360 APIs enable end users, with one search, to quickly, easily, and cost-effectively access, review and act on data from any system across their organization. And while the company leads the market with a unified platform - massive data volumes offering enhanced flexibility for easy and secure access - its APIs also come with major advantages. The collective benefits include: One Search: Greater visibility into any data source connected to the Archive360 archive, and greater control over that data: how it’s processed, stored, protected and managed, with performance tailored to meet specific business needs Scalability: Process and manage petabytes of data, rapidly, cost-effectively and dynamically scale horizontally and vertically to meet any workload Security: True Zero Trust data security with unparalleled PII protection - even system administrators can’t access the data without explicit approval Defensible Compliance: Ensuring data accuracy, compliance and reliability through immutable storage, data localization, and an audit trail to capture the complete chain of custody. Separate micro-APIs run in the right place across on-premises, in-country or overseas cloud infrastructures ensuring compliance with data localization requirements Risk Management: eliminating redundant, obsolete and trivial (ROT) information; replacing legacy systems; and optimizing storage Comprehensive Functionality: There’s one front-end API for ingestion, operations, monitoring, admin, records, discovery, machine learning and analytics, along with micro-APIs Open Framework: The APIs are extensible - for example, Archive360’s archive functionality can be seamlessly embedded into independent software vendors’ applications and customer portals Archive360 APIs are managed with a Zero-Trust framework that encompasses data threat surfaces, lifecycles, governance and more - a critical advantage in today’s operating environment. The company also adheres to an API-first philosophy: The APIs are consistent and reusable across the Archive360 platform and applications or portals accessing the data. Customers and partners can learn more about the Archive360 Extend developer program by speaking with their account representative or registering to become an Archive360 partner. About Archive360 Archive360 is the enterprise information archiving company that businesses and government agencies worldwide trust to securely migrate their digital data to the cloud, and responsibly manage it for today’s regulatory, legal and business intelligence obligations. This is accomplished by applying context around the search, classification, security, retention, disposition and indexing of data including files, videos, and emails—all while allowing organizations to maintain full control over privacy, access, and compliance. Archive360 is a global organization that delivers its solutions both directly and through a worldwide network of partners. Archive360 is a Microsoft Cloud Solution Provider, and the Archive2AzureTM solution is Microsoft Azure Certified.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

SonicWall Earns Prestigious 2022 CRN Annual Report Card Award for Enterprise Network Security

SonicWall | August 22, 2022

SonicWall today announced that CRN, a brand of The Channel Company, named the cybersecurity leader as one of the winners in the Enterprise Network Security category of the 2022 CRN Annual Report Card (ARC) Awards. This award honors the industry's top technology vendors for success in providing high levels of satisfaction for channel partners through innovative products, services and partner programs. "As a 100% channel company, we remain completely committed to delivering our partners and customers with the absolute best products and support to face today's increasingly complicated security challenges," said SonicWall President and CEO Bob VanKirk. "We're excited to be recognized by CRN, especially knowing that they celebrate best-in-class vendors that are committed to driving partner growth and demonstrating outstanding channel performance. SonicWall is uniquely positioned to help partners, including MSSPs, evolve and help facilitate their growth." With 37 years of history, CRN's ARC Awards recognize best-in-class vendors devoted to boosting IT channel growth through innovation in technology and partner strategy. Through the ARC Awards — known as one of the most prestigious honors in the IT industry — solution providers offer key feedback that commends technology manufacturers for designing channel-friendly product offerings, developing strong partner programs, and building long-term successful relationships with solution providers. SonicWall's SecureFirst Partner Program and its industry-leading security products help partners and MSSPs exceed customer demands. More than 17,000 active SonicWall partners help protect our customers every day, and because of them SonicWall is one of the unquestioned leaders in the cybersecurity space. The ARC Awards are based on an invitation-only research survey conducted by The Channel Company. Responses from 3,000 solution providers across North America were evaluated in this year's survey, rating 82 vendor partners across four criteria: product innovation, support, partnership, and managed cloud services. Scores were awarded in 25 major product categories in technology areas that are critical to channel partner success. "It's our pleasure to honor vendors that consistently deliver top-performing products and services to establish and foster successful channel partner relationships. "In addition to highlighting our winners, CRN's Annual Report Card Awards provide vendors with actionable feedback and insight into their current standing with partners that can be incorporated into their channel strategies in the future." Blaine Raddon, CEO, The Channel Company Winners will be featured throughout The Channel Company's XChange 2022 conference, taking place August 21-23 in Denver, Colorado. Coverage of the CRN 2022 ARC results can be found online at www.CRN.com/ARC and will be featured in the October 2022 issue of CRN Magazine. About SonicWall SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram. About The Channel Company The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequalled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace.

Read More

SOFTWARE SECURITY

Legal Industry Leader HBR Managed Services Partners with Tanium to Enhance Security and IT Services Capabilities

HBR Consulting | August 16, 2022

HBR Managed Services (HBR), a comprehensive strategy, operations and technology consulting firm focused on the legal industry, today announced its partnership with Tanium, the industry's only provider of converged endpoint management (XEM) for complex security and technology environments. Recognizing that law firms are attractive targets for cyber criminals, HBR is leveraging the Tanium platform to provide IT operations management, IT asset discovery, and security threat response to manage system updates at scale, thereby helping the firm's IT managed services and network operating center (NOC) clients reduce risk and operating costs. "The Tanium platform allows us to automate patching of OS and applications on servers and workstations, whether those endpoints are attached to a firm's network or not," said Bill Elser, vice president of engineering services at HBR. "That's critical in today's hybrid environment, allowing us to quickly prevent or remediate security or other operational issues by deploying registry changes and executing scripts." "The legal field faces unique challenges not only to protect the integrity and reputation of individual firms, but to safeguard the various constituencies they serve. "Tanium is keenly aware of the heightened risks the industry faces and we are proud to align with a leader like HBR as they work to secure the interests of their clients. We look forward to expanding this long-term partnership as they continue to grow." Todd Palmer, SVP of partner sales of Tanium "We're pleased to add Tanium to our roster of best-in-class vendor partners," added Chris Petrini-Poli, HBR's executive chairman. "HBR is committed to continually innovating services and partnering with best-in-class tool providers. Throughout the past year, we've been investing in relationships that will help us continue to provide exceptional, cost-effective service to our clients. We're proud to be on the leading edge of using top-of-the-line technology that ensures a continuously updated and monitored, safe and secure IT environment, while allowing HBR's team to operate as efficiently as possible." About HBR Consulting HBR Consulting (HBR) provides law firms and corporate law departments with strategic guidance, operational improvement, and technology solutions that drive innovation while managing cost and mitigating risk. HBR's proven combination of experience, relationships, and insights—spanning the legal ecosystem—delivers sustainable financial and competitive advantages for its clients. Visit www.hbrconsulting.com and follow HBR on LinkedIn and Twitter. About Tanium Tanium, the industry's only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune's list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That's the power of certainty.

Read More