Enterprise Security, Platform Security, Software Security
Globenewswire | July 21, 2023
ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, highlights its recent contributions to the OWASP Amass Project in an ongoing effort to give businesses and government entities better visibility to their full external attack surface asset ecosystem. The recent additions to the project from the ZeroFox team provide more advanced tool sets for analysts to discover and catalog their internet-facing assets and exposures. The contributions create a new standard framework to lead the industry in a more cohesive approach to attack surface management.
As organizations face increasingly sophisticated cyber threats, understanding and managing their external attack surface has become paramount. By leveraging its expertise in external cybersecurity, ZeroFox identified a critical gap in the attack surface management landscape and responded by spearheading the development of the Open Asset Model and Asset Database within the OWASP Amass Project.
The Open Asset Model and Asset Database contributions offer security analysts a unified and structured approach to identifying and managing potential vulnerabilities outside the perimeter. The Open Asset Model provides a new standard for asset definitions, representing a comprehensive framework for describing and categorizing diverse internet-facing assets. The Amass community can quickly adapt the model to include new types of assets exposed on the Internet, and their relationships to each other, for more accurate discovery, tracking, monitoring, and management. The Asset Database implements this model, offering the database interaction layer to store discovered assets in the popular sqlite3 and PostgreSQL database management systems. The Asset Database will foster the development of an ecosystem of scanning and analysis tools, allowing them to store and analyze assets from the Open Asset Model and their relationships.
These contributions directly benefit both existing Amass users and the broader attack surface management community in an effort to standardize asset definitions. The new standards now provide the information security community with a consistent and predictable format when transferring data describing external attack surfaces.
"We are thrilled to contribute to the OWASP Amass Project and provide the security community with cutting-edge tools for Attack Surface Management," said Jeff Foley, VP of Research at ZeroFox. "By leveraging the power of open source, we aim to expand access to advanced cybersecurity capabilities, helping organizations proactively defend against emerging threats."
These engineering contributions represent a continued commitment by ZeroFox to the open source community, OWASP, and the Amass Project. ZeroFox will continue to contribute to the Amass Project in an effort to enable the discovery, management, and protection of the external attack surface. By sharing its expertise and resources, ZeroFox aims to foster collaboration and innovation within the information security community, ultimately making the digital landscape safer for all users.
About ZeroFox
ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.
Read More
Enterprise Identity, Security Audit and Compliance
PR Newswire | August 29, 2023
Malwarebytes, a global leader in real-time cyber protection, announced the acquisition of Cyrus, a disruptive innovator in online privacy solutions. This strategic acquisition reinforces Malwarebytes' commitment to privacy by giving users more control over their information, no matter where or how they choose to browse and interact online. The Cyrus team and technology will also help Malwarebytes strengthen its mobile privacy solutions.
"We firmly believe that data privacy is a human right. Hackers, trackers, location data, and even browsing history are information that individuals should control," said Marcin Kleczynski, co-founder and CEO of Malwarebytes. "The innovative technology Cyrus has built will allow us to better advise our customers on the intersection of privacy and security while also providing us the tools to safeguard their personal data and online privacy."
"By leveraging Cyrus' cutting-edge technology, we can provide an even more holistic, mobile-first, experience that provides context to when, why and how users may be at risk," said Mark Beare, the General Manager of Malwarebytes' Consumer Business Unit. "The acquisition underscores our mission to provide world-class cybersecurity and privacy solutions and is a logical continuum for our portfolio expansion from Premium Security to Privacy VPN and Browser Guard."
The Cyrus technology looks at security and privacy in a new way, exploring the kill chain for consumer threats – considering social media, dark web content and overall online presence to form a correlated view of threats specific to each individual, helping flag early indicators that something is awry.
"In an era where the digital landscape is increasingly dangerous for consumers, joining forces with Malwarebytes is a pivotal step toward realizing our mission and vision," said Oren Arar, CEO of Cyrus. "Through this powerful collaboration, we are uniquely positioned to protect millions of people across the world from cybercrime. Our combined strengths will empower individuals to navigate the digital realm with newfound confidence and security."
As part of the acquisition, all Cyrus employees joined Malwarebytes, ensuring a seamless transition for customers and continuous innovation in the areas of mobile and online privacy.
About Cyrus
Founded in 2020 by cybersecurity experts Oren Arar, Jonathan Livneh and Shahak Shalev, Cyrus emerges as a leader in shielding individuals and businesses from the increasing threats of cybercrime and fraud. The platform, crafted to provide an easy and seamless experience, interweaves cutting-edge technology with the battle-hardened insights of its founders. Cyrus stands not only as a guardian but as an ally, resolute in its mission to safeguard the digital journey of its customers. www.cyrus.app
About Malwarebytes
Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes' award-winning endpoint protection, privacy and threat prevention solutions along with a world-class team of threat researchers protect millions of individuals and thousands of businesses across the globe daily. Malwarebytes solutions are consistently recognized by independent tests including MITRE Engenuity, MRG Effitas, AVLAB and AV-TEST (consumer and business). Customers award Malwarebytes for being the most implementable and most usable endpoint protection product with the best results on G2 and Gartner Peer Insights. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.
Read More
Enterprise Security, Platform Security, Software Security
PR Newswire | August 18, 2023
Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection and Response and Identity Threat Detection and Response.
Powered by CrowdStrike, as part of Kivu and CrowdStrike's elite MSSP partnership, these innovative services are designed to equip clients with new capabilities to address the expanding technology attack surface and continued targeting of digital identities by cyber threats.
Cloud Detection and Response:
Kivu's Cloud Detection and Response service is a fully managed solution engineered to support cloud and hybrid environments. Key features include:
Identification and alerts for cloud accounts, infrastructure misconfigurations, and compliance violations.
Detection and prevention of cloud account and control plane threats.
Resolution of vulnerabilities and misconfigurations in Cloud workload.
Runtime detection and response for container and function-based applications.
Identity Threat Detection and Response:
Kivu's Identity Threat Detection and Response service integrates seamlessly with Active Directory and cloud-based identity stores to provide:
Real-time threat detection using AI-based behavioral analytics for actionable insights.
Early identification of threats before systems and data are impacted.
Identity scoring and enforcement of robust authentication for risk-based remediation.
Implementation of Zero Trust Principles.
"As a leading incident response firm, we are observing daily how the threat landscape changes. Remote work has surged post-pandemic, the cloud has become a predominant IT delivery model, and zero trust is a priority," said Gary Alterson, Vice President of Kivu's Managed Security Services. "Our Cloud and identity managed services address modern threats and ensure we are providing the best possible security outcomes for our clients."
"The steady increase in compromised credentials magnifies the importance of identity threat protection, and Kivu is determined to address this critical client need," said Shane Sims, CEO of Kivu Consulting. "With the launch of our expanded managed security services, Kivu continues to lead in providing trusted solutions to our clients and cybersecurity ecosystem partners."
About Kivu Consulting
Kivu is a leading global cybersecurity firm that offers a full suite of pre- and post-incident services, specializing in the forensic response to cyberattacks and ransomware incidents. We deliver cutting-edge cybersecurity solutions to organizations in need and are a trusted cyber incident partner to insurance carriers and law firms worldwide. Visit KivuConsulting.com.
Read More