DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | May 08, 2023
Immersive Labs, the leader in people-centric cyber resilience, today announced the launch of the Immersive Labs Resilience Score. The score measures an organization’s workforce preparedness for cyber attacks and breaches based on Immersive Labs’ years of benchmarking data across industry verticals. The score will help organizations identify weaknesses in their teams’ cyber capabilities, address skills gaps to prevent or mitigate damage to their revenues and brand reputations, and contribute to the factors that can lower insurance premiums.
The Immersive Labs Resilience Score addresses a major challenge facing cyber leaders around the world today: a lack of confidence in, or awareness of, their teams’ real readiness to confront threats. Alarmingly, 80% of cyber leaders don’t think, or are unsure, their teams have the capabilities to respond to future attacks, according to a new study commissioned by Immersive Labs and conducted by Forrester Consulting.*
“There is a common misconception that teams’ cyber capabilities are not measurable, but advancements in cyber exercising give us new insights to predict risk and build vital cyber capabilities across the workforce,” said Paul Bentham, Chief Product Officer, Immersive Labs. “The new Immersive Labs Resilience Score demonstrates that resilience can be assessed, benchmarked, and increased based on performance data. This is a huge leap forward in proving cyber capabilities compared to outdated, legacy cybersecurity training.”
How the Immersive Labs Resilience Score Works
The Immersive Labs platform provides realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities across the entire workforce, from executive decision makers to cyber defense, application security, IT, cloud teams and more. Now, when organizations use the platform to upskill their people, they will be able to view their overall resilience score against industry benchmarks and best practices, and see progress over time.
The Resilience Score is calculated based on several factors, including:
Executive and Crisis Management teams can effectively manage a complex crisis stemming from a cyber incident with consistent decision making and high levels of confidence
Cyber teams can work together to solve complex red-team and blue-team scenarios using real-world environments
Cyber teams are assigned to job roles and can prove their ability to carry out tasks in-line with new CVEs and capabilities
Developers are able to prove their ability to code securely and systematically reduce vulnerabilities in the SDLC
Cloud engineers are able to identify and fix common misconfigurations in real cloud environments
End users are confident in end user security outcomes including how to report an incident and spot business email compromise
The organization has proper security framework coverage, including MITRE ATT&CK
Teams and individuals are mapped to job skills and are proving their technical abilities and that their skills are being kept up to date
The Immersive Labs Resilience Score will be available to all customers beginning in late Q2 2023. To learn more about this new capability, please visit: https://www.immersivelabs.com/the-score/
*Forrester Opportunity SnapShot: “Cyber Leaders Need a More Effective Approach to Building and Proving Resilience” – A custom study commissioned by Immersive Labs, March 2023
About Immersive Labs
Immersive Labs is the leader in people-centric cyber resilience. We help organizations continuously assess, build, and prove their cyber workforce resilience for teams across the entire organization, from front-line cybersecurity and development teams to Board-level executives. We provide realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities and decision-making against the latest threats. Organizations can now prove their cyber resilience by measuring their readiness compared to industry benchmarks, building team capabilities, and demonstrating risk reduction and compliance with data-backed evidence. Immersive Labs is trusted by the world’s largest organizations and governments, including Citi, Pfizer, Humana, HSBC, the UK Ministry of Defence, and the NHS England. We are backed by Goldman Sachs Asset Management, Summit Partners, Insight Partners, Citi Ventures, Ten Eleven Ventures, and Menlo Ventures.
DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY
Globenewswire | May 17, 2023
Aqua Security, the pioneer in cloud native security, today announced the launch of Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, offering the best visibility and context in the industry. Real-Time CSPM provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and dramatically reduces noise so security practitioners can rapidly identify, prioritize, and remediate the most important cloud security risks, saving time and money.
“Customers have told us that they are bogged down by too much noise from current CSPM offerings,” said Amir Jerbi, CTO and co-founder, Aqua Security. “They receive too many findings yet lack complete visibility and therefore the ability to properly prioritize. Simply put, they fix the wrong things and end up compromised. This is where Aqua comes in. We are introducing Real-Time CSPM so security practitioners can pinpoint the most significant cloud risks and remediate them quickly.”
With Real-Time CSPM, teams have a complete view of cloud security risk and surface the most critical findings. This includes the ability to match correlated findings across multi-cloud environments, deduplicate findings and focus on identifying real cloud risks with smarter insights. Instead of wasting time on issues with low effective risk, customers can focus on what truly matters most and provide the context needed for resource owners to remediate quickly and secure their cloud applications.
“One of the world’s largest telcos turned to Aqua to provide better visibility and context. They went from 120M risk findings to 50k and they saw a reduction in their attack surface by 99% in just months. If everything is a priority, then nothing is – that’s why they chose Aqua,” said Jerbi.
Detailed context also allows teams to connect issues found in their cloud to their respective code repositories. With better prioritization and the ability to identify risk ownership, Real-Time CSPM then allows for rapid remediation of those most critical issues. Security professionals can focus their limited resources to manage, investigate and respond faster.
Identify Attacks That Agentless Solutions Cannot See
Point-in-time scanning opens the door for increased attacks. According to the IDC report, “The State of Cybersecurity Maturity in Vulnerability Management Among U.S. Organizations,” 74% of organizations scan less than 85% of their IT assets when they do scan, leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them. By then it is too late.
Aqua Real-Time CSPM eliminates that risk and delivers real-time visibility and risk prioritization in a single, unified platform for faster, more effective risk management. Unlike point-in-time scanning solutions, Aqua Real-Time CSPM provides a deeper layer of visibility for better context, leading to the ability to prioritize the most critical cloud security risks.
“Other CSPM solutions give you a false sense of security. Whether you scan daily or monthly, you’re only seeing a portion of the risks with a point-in-time scan. And that’s not true security,” said Jerbi.
Further data from Aqua Nautilus, Aqua’s cloud security research team, supports the need for real-time scanning. Nautilus uses an extensive honeypot network to detect and analyze over 80,000 attacks a month. Of those attacks, one in three do not leave a footprint and would be missed by point-in-time scanning solutions. Similarly, zero-day attacks are missed, whilst other standard operating procedures like ephemeral containers and transient attacks raise that number to 50%.
Real-Time CSPM is part of the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP). The Aqua Platform is composed of a fully integrated set of security and compliance capabilities to discover, prioritize, and eliminate risk in minutes across the full software development life cycle. Aqua improves operational efficiency by connecting cloud to code and tracing runtime risks to the code and developer who can fix them. By connecting CSPM to runtime, it shields risks that cannot be immediately addressed with a code fix.
For more information on Aqua’s Real-Time CSPM, visit the blog.
About Aqua Security
Aqua Security stops cloud native attacks and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.
DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY
Prnewswire | May 18, 2023
Barracuda Networks, Inc., a leading provider of cloud-first security solutions, today announced a new platform called Barracuda SecureEdge, a SASE solution that helps make hybrid and remote work easier to secure. Barracuda SecureEdge integrates Barracuda's Secure SD-WAN, Firewall-as-a-Service, Zero Trust Network Access, and Secure Web Gateway capabilities. Using a single-vendor solution enables businesses and MSPs to strengthen their security posture and help to reduce costs. Delivered as a service, Barracuda SecureEdge secures users, sites, and IoT devices, is easy to manage and connects any device, application, and cloud/hybrid environment.
According to Gartner®, "By 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services, and private application access using a SASE/SSE architecture, up from 20% in 2021."1.
Using a single-vendor SASE solution like Barracuda SecureEdge can lead to cost reduction and stronger security. It reduces the number of systems to purchase and lowers internal and external support costs. Additionally, improved security can be achieved and there are fewer risks of misconfigurations and interoperability issues that can happen between separate security systems. Today, cloud migrations, remote work, and the need for anytime, anywhere access makes a SASE solution essential.
The new Barracuda SecureEdge platform makes hybrid and remote work easier to secure, strengthens security, improves performance, and reduces management complexity. Key use cases for customers include:
Multi-layered network protection: Offers consistent policy enforcement for in-office and remote users, delivered from the cloud, on-premises, or in a hybrid environment.
Protection against web-based threats: Protects against web-based threats, regardless of the location of the user.
Secure remote access: Provides secure remote access for any user to any application and workload, with Zero Trust Access.
Optimized cloud and application access: Facilitates optimized cloud and application access from any user or site by providing Secure SD-WAN capabilities.
SecureEdge facilitates direct access to applications for remote users with Zero Trust enforcement, URL filtering, and traffic optimization to make the most of shared internet lines. Key highlights of the new platform are:
Control and visibility: Provides a high level of control and visibility into user-generated traffic at each endpoint. Selective security inspection enables businesses and MSPs to maintain control over critical application traffic.
Intent-based networking: Simplifies operations by applying intent-based networking principles across the entire platform, including SD-WAN and secure application access.
Multiple levels of security and connectivity: Includes multiple levels of security and connectivity with auto-secure SD-WAN over all available uplinks.
Built-in optimization: Built-in last-mile optimization uses advanced Forward Error Correction algorithms to mitigate packet loss and optimize network traffic. These algorithms are applied when connecting office locations as well as endpoints.
Barracuda SecureEdge is available for customers, partners, and MSPs. Please see the following for more information:
"Barracuda's new SecureEdge platform provides businesses and MSPs with a SaaS solution that makes remote and hybrid work easier to secure and helps to improve security and reduce costs," said Tim Jefferson, SVP, Engineering for Data, Network, and Application Security at Barracuda. "With SecureEdge, Barracuda offers a cloud-native SASE platform that enables customers to control access to data from any device, anytime, anywhere, and allows security inspection and policy enforcement in the cloud, at the branch, or on the device."
"The new SecureEdge platform from Barracuda, which offers a single solution that includes secure SD-WAN and remote access for users, will enable us to extend security features to the endpoint and make remote and hybrid work easier to protect," said David Peppard, Chief Technology Officer with SuperCare Health. "By implementing device-level security and inspecting suspicious or endangered network traffic on the SD-WAN device or in the cloud, we are confident that we can achieve a dramatically increased level of security."
"Barracuda's new SASE service, SecureEdge is an innovative platform that provides enhanced security capabilities to the endpoint and facilitates the protection of remote and hybrid workforces," said Sascha Koecher, Technical Team Lead, Security & Network at Digit Solutions. "SecureEdge boasts a simple rollout and intuitive management, all accessible through a single portal. We are confident that our mutual customers will appreciate the benefits of the platform and enjoy peace of mind knowing their networks are protected against today's most advanced cyber threats."
About Barracuda Networks
At Barracuda, we strive to make the world a safer place. We believe every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level. For more information, visit barracuda.com.
Barracuda Networks, Barracuda and the Barracuda Networks logo are registered trademarks or trademarks of Barracuda Networks, Inc. in the U.S. and other countries. Other trademarks are the property of their respective owners.