Technology and Enterprise Leaders Combine Efforts to Improve Open Source Security

Red Hat, IBM, Google, Microsoft | August 10, 2020

With the growth of open source software such as Linux and cloud computing becoming more wide spread, a host of tech giants have joined a new group focusing on improving security.

Red Hat – the global leader in Linux open source software and solutions – is part of the Open Source Security Foundation as well as IBM, Red Hat’s owner.

Also signing on are GitHub, Google, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation, ElevenPaths, GitLab, HackerOne, Intel, Okta, Purdue, SAFECode, StackHawk, Trail of Bits, Uber and VMware.

Spotlight

What Is Cyber Threat Intelligence? Secure business Cyber threat intelligence (CTI) involves the collection, evaluation, verification, and distribution of information about ongoing and emerging cyber threats and attacks against network assets and infrastructure. #1 barrier to e¬ffective threat intelligence: internal silos among IT departments and lines of business. This finding indicates the importance of a centralized program and tools to make exchange of threat intelligence easier.

Spotlight

What Is Cyber Threat Intelligence? Secure business Cyber threat intelligence (CTI) involves the collection, evaluation, verification, and distribution of information about ongoing and emerging cyber threats and attacks against network assets and infrastructure. #1 barrier to e¬ffective threat intelligence: internal silos among IT departments and lines of business. This finding indicates the importance of a centralized program and tools to make exchange of threat intelligence easier.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

SonicWall Earns Prestigious 2022 CRN Annual Report Card Award for Enterprise Network Security

SonicWall | August 22, 2022

SonicWall today announced that CRN, a brand of The Channel Company, named the cybersecurity leader as one of the winners in the Enterprise Network Security category of the 2022 CRN Annual Report Card (ARC) Awards. This award honors the industry's top technology vendors for success in providing high levels of satisfaction for channel partners through innovative products, services and partner programs. "As a 100% channel company, we remain completely committed to delivering our partners and customers with the absolute best products and support to face today's increasingly complicated security challenges," said SonicWall President and CEO Bob VanKirk. "We're excited to be recognized by CRN, especially knowing that they celebrate best-in-class vendors that are committed to driving partner growth and demonstrating outstanding channel performance. SonicWall is uniquely positioned to help partners, including MSSPs, evolve and help facilitate their growth." With 37 years of history, CRN's ARC Awards recognize best-in-class vendors devoted to boosting IT channel growth through innovation in technology and partner strategy. Through the ARC Awards — known as one of the most prestigious honors in the IT industry — solution providers offer key feedback that commends technology manufacturers for designing channel-friendly product offerings, developing strong partner programs, and building long-term successful relationships with solution providers. SonicWall's SecureFirst Partner Program and its industry-leading security products help partners and MSSPs exceed customer demands. More than 17,000 active SonicWall partners help protect our customers every day, and because of them SonicWall is one of the unquestioned leaders in the cybersecurity space. The ARC Awards are based on an invitation-only research survey conducted by The Channel Company. Responses from 3,000 solution providers across North America were evaluated in this year's survey, rating 82 vendor partners across four criteria: product innovation, support, partnership, and managed cloud services. Scores were awarded in 25 major product categories in technology areas that are critical to channel partner success. "It's our pleasure to honor vendors that consistently deliver top-performing products and services to establish and foster successful channel partner relationships. "In addition to highlighting our winners, CRN's Annual Report Card Awards provide vendors with actionable feedback and insight into their current standing with partners that can be incorporated into their channel strategies in the future." Blaine Raddon, CEO, The Channel Company Winners will be featured throughout The Channel Company's XChange 2022 conference, taking place August 21-23 in Denver, Colorado. Coverage of the CRN 2022 ARC results can be found online at www.CRN.com/ARC and will be featured in the October 2022 issue of CRN Magazine. About SonicWall SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram. About The Channel Company The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequalled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace.

Read More

SOFTWARE SECURITY

McGill and Partners Choose CyberCube for Cyber Risk Analytics

CyberCube | July 14, 2022

CyberCube, the provider of the world’s leading cyber risk analytics for the insurance industry, today announces that McGill and Partners, the specialist (re)insurance broker, is using its Portfolio Manager and Broking Manager cyber risk analytics platforms. Launched in 2019 by insurance veteran Steve McGill, McGill and Partners is rapidly growing to become a major force in the insurance and reinsurance market, quickly developing its offering in both cyber reinsurance and insurance. Today the firm has over 430 staff and offices in the UK, US, Bermuda and Ireland. The deal with CyberCube is part of McGill and Partners’ continued development of its cyber (re)insurance strategy. CyberCube’s Portfolio Manager is a scenario-based data-driven model that enables risk professionals to develop insights for their senior leadership and teams. Portfolio Manager stress tests portfolios of insurance and reinsurance risks against a range of systemic cyber-related scenarios including data breaches, cloud outages, global ransomware attacks and financial fraud. Broking Manager is the first software-as-a-service application CyberCube has built specifically for the insurance broking community. It offers a streamlined approach to analyzing potential financial exposure impacts arising from cyber events that helps clients make informed decisions on coverages and limits. “We are excited to be working with the team at McGill and Partners and be part of the company’s cyber (re)insurance growth strategy on both the direct insurance side via Broking Manager and on its reinsurance side via Portfolio Manager.” Alejandra Donoso, CyberCube’s Principal Client Account Manager Neil Sharma, Partner – Reinsurance at McGill and Partner, said: “We are looking to bring all stakeholders in the cyber value chain together; collaborating between our insurance and reinsurance teams and partnering with CyberCube’s platforms which help deepen our understanding of the risks allowing us to provide best-in-class solutions to our clients.” About CyberCube CyberCube delivers the world’s leading cyber risk analytics for the insurance industry. With best-in-class data access and advanced multi-disciplinary analytics, the company’s cloud-based platform helps insurance organizations make better decisions when placing insurance, underwriting cyber risk and managing cyber risk aggregation.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

JupiterOne Recognized as a Sample Vendor for Cyber Asset Attack Surface Management (CAASM) in Gartner® Hype Cycle™ for Cyber Risk Management, 2022

JupiterOne | August 19, 2022

JupiterOne, the industry's leading provider of cyber asset attack surface management (CAASM) technology, today announced that it was named as a Sample Vendor for CAASM in the latest release of the Gartner Hype Cycle for Cyber Risk Management, 2022. According to Gartner, "In 2022, the global risk landscape continues to be impacted by the ongoing COVID-19 pandemic conditions, the Russian invasion of Ukraine, labor shortage, worsening climate change, and inflation. In particular, the increased inflation rate and labor market tightness mean that organizations must do more with fewer resources." The Gartner report notes that security and risk management (SRM) leaders continue to struggle to: "Position risk management as a decision-making practice. Either because of their rigid focus on framework-based controls or inability to scale their security and risk controls for individual projects Inform cyber and technology decisions in an ever-expanding operating ecosystem Gain sufficient transparency in evaluating environmental, social and governance risks and incidents, local and worldwide. Mitigate global supply chain risks as these risks continue to form a web of complexity and volatility. Look for ways to automate and inform risk assessment with data-driven insights." One solution category that addresses these challenges is the cyber asset attack surface management (CAASM) space, where solutions aggregate and track assets such as endpoints, servers, devices, and applications. By consolidating internal and external cyber assets, users can use queries to find gaps in coverage for security tools such as vulnerability assessment and endpoint detection and response (EDR) tools. JupiterOne pioneered a graph-based approach to CAASM that allows customers to track and monitor IP addresses and analyze and map all intra-asset relationships. As the Gartner analysts explained, "CAASM enables security teams to improve basic security hygiene by ensuring security controls, security posture, and asset exposure are understood and remediated. Organizations that deploy CAASM reduce dependencies on homegrown systems and manual collection processes, and remediate gaps either manually or via automated workflows. Organizations can visualize security tool coverage, support attack surface management (ASM) processes, and correct systems of record that may have stale or missing data." The drivers of CAASM adoption, according to Gartner, include: "Full visibility into all information technology (IT), Internet of Things (IoT) and operational technology (OT) assets under an organization's control, which improves understanding of the attack surface area and existing security control gaps or serves as part of a wider ASM process. Quicker audit compliance reporting through more accurate, current and comprehensive asset and security control reports. Consolidation of existing products that collect asset and exposure information into a single normalized view, which reduces the need for manual processes or dependencies on homegrown applications. Access to consolidated asset views for multiple individuals and teams across an organization, such as enterprise architects, security operations teams and IT administrators, who can benefit from viewing and querying consolidated asset inventories with a view to achieving business objectives." The recent Gartner report on Top Trends in Cybersecurity 2022 cited "Attack Surface Expansion" as one of the year's top security trends resulting from the expanding digital footprint of modern organizations. According to the report, "A dramatic increase in attack surface is emerging from changes in the use of digital systems, such as new hybrid work, accelerated use of public cloud, more tightly interconnected supply chains, expansion of public-facing digital assets and increased use of operational technology." In our opinion, security leaders who reinvent the cybersecurity function and technology architecture can better position their organizations to maintain and grow value in an increasingly agile, distributed, and decentralized environment. JupiterOne was named a Sample Vendor for CAASM in the latest release of the Gartner Hype Cycle for Security Operations, 2022. The report is available for complimentary download from JupiterOne. Additionally, Gartner recognized JupiterOne as a Representative Provider for CAASM in the Innovation Insights for Attack Surface Management and as a Sample Vendor in the Gartner Hype Cycle for Workload and Network Security, 2022 research reports. "JupiterOne is honored to receive yet another recognition from Gartner. Right now, the world is full of uncertainty, making it challenging to conduct business. More than ever, businesses must prioritize effective security measures. Security leaders can get invaluable insights by tracking their assets and making efficient use of their resources. Overall, organizations can make better data-driven business decisions while keeping security risks in mind." Erkang Zheng, Founder and CEO at JupiterOne About JupiterOne JupiterOne is a cyber asset attack surface management (CAASM) platform company providing visibility and security into your entire cyber asset universe. Using graphs and relationships, JupiterOne provides a contextual knowledge base for an organization's cyber asset operations. With JupiterOne, teams can discover, monitor, understand, and act on changes in their digital environments. Cloud resources, ephemeral devices, identities, access rights, code, pull requests, and much more are collected, graphed, and monitored automatically by JupiterOne.

Read More