ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | April 20, 2023
Lookout, Inc., the endpoint-to-cloud security company, today announced the availability of Lookout Mobile Endpoint Security, the industry's most advanced mobile endpoint detection and response (EDR) offering for managed security service providers (MSSPs). This solution enables MSSPs to deliver a complete turn-key program for identifying risk, protecting sensitive data and securing their customers' mobile devices. With Lookout's Mobile EDR, MSSPs can help organizations reduce the risk of a data breach through mobile phishing, ransomware and exploitation of device and app vulnerabilities.
While businesses are adapting to the "new normal" of remote working and continuing to invest in mobile devices, many are still struggling with keeping up with mobile security. According to industry data, less than half of SMBs specifically have any form of mobile security in place1 – as a result mobile threats are on the rise year over year. In Lookout's recent Global State of Mobile Phishing report, 2022 marked the highest percentage of mobile phishing encounter rates ever, with an average of more than 30% of personal and enterprise users exposed to these attacks every quarter. Lookout also found that users on all devices – whether personal or work provided – are tapping more on mobile phishing links in comparison to just two years ago2.
A Turn-Key Program to Close Security Gaps and Manage Mobile Risk
Lookout's Mobile EDR program for MSSPs allows them to address these mobile security challenges head on – by partnering with Lookout, MSSPs have access to the Lookout mobile dataset of security telemetry, which is built on graph-based machine intelligence that analyzes data globally from more than 210 million devices, 175 million apps and ingests four million web URLs daily. In addition, Lookout's comprehensive Mobile EDR solution enables MSSPs to detect and block mobile phishing attempts; detect unauthorized camera and mic access through surveillanceware; detect and prevent credential theft and data exfiltration; detect device compromise; check all apps for risky behavior; and detect app and OS vulnerabilities. Lookout also helps MSSPs reduce resource constraints by decreasing their policy administration time by 80%. Other operational benefits for MSSPs include a 95% user self remediation rate and optimized battery consumption leading to less support tickets as well as built-in multi-tenancy for easier management.
"As the threat landscape becomes increasingly sophisticated, businesses of all sizes must evolve their security strategy to keep up with and proactively address these threats, yet many do not have the security tools or skill sets in place to tackle this on their own," said Eva-Maria Elya, vice president, MSSP Sales at Lookout. "The MSSP ecosystem becomes a natural partner for them to turn to for help in managing their security posture, including identifying risk, ensuring compliance and safeguarding sensitive data across their device landscape. By extending our channel partner program to MSSPs, we help ensure these customers have access to the best security solutions delivered through the leading MSSP organizations."
The Lookout Mobile EDR program for MSSPs is available today. For more information on how Lookout supports SMB customers and MSSPs, click here.
About Lookout
Lookout, Inc. is the endpoint-to-cloud security company purpose-built for the intersection of enterprise and personal data. We safeguard data across devices, apps, networks and clouds through our unified, cloud-native security platform — a solution that's as fluid and flexible as the modern digital world. By giving organizations and individuals greater control over their data, we enable them to unleash its value and thrive. Lookout is trusted by enterprises of all sizes, government agencies and millions of consumers to protect sensitive data, enabling them to live, work and connect — freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter.
© 2023 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design®, and SIGNAL FLARE® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, SCREAM, the 4 Bar Shield Design, and the Lookout multi-color/multi-shaded Wingspan design.
Read More
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | April 19, 2023
Veracode, a leading provider of intelligent software security solutions, today launches Veracode Fix, a new AI-powered product. Trained on Veracode’s proprietary dataset, Veracode Fix suggests remediations for security flaws found in code and open-source dependencies.
Shifting the Paradigm from Merely ‘Find’ to ‘Find and Fix’
“For far too long, organizations have had to choose between remediating software security flaws and meeting aggressive deadlines to push code into production. Veracode Fix makes it possible to deliver more secure software faster, at lower cost, and with higher confidence,” said Brian Roche, Chief Product Officer at Veracode.
“Through the power of AI and machine learning, leveraging GPT (Generative Pre-trained Transformer) technology, we’ve revolutionized the way developers and security teams address software security issues. Nearly two decades ago, Veracode pioneered a new industry standard as a cloud-based SaaS security platform. Today, we set a new bar, moving beyond application security testing to intelligent software security.”
Since its inception in 2006, Veracode has been committed to helping organizations find, understand, and remediate software security risk. The release of Veracode Fix brings software security to the next level by changing the scope of application security from merely ‘find’ to ‘find and fix.’
Automated Attacks Require Automated Response
Traditionally, when a flaw is found, developers research and rewrite code to manually fix the security issue. This requires enormous effort when compounded across thousands of security flaws in a codebase. This approach typically delays releases into production and increases security debt.
“Fixing security flaws has traditionally been a manual effort—until now,” said Roche. “With the increase in automated attacks, it’s no longer tenable to continue to remediate flaws entirely manually. Veracode Fix paves the way to a scalable mechanism to remove vulnerabilities before attackers can exploit them.”
Veracode Fix will be generally available with initial support for Java and C# in June 2023. To learn more about Veracode Fix, read more here.
About Veracode
Veracode is intelligent software security. Powered by nearly two decades of data, securing more than 130 trillion lines of code, with the Veracode Software Security Platform, development teams continuously find and fix flaws at every stage of the modern software development life cycle. Trusted by security teams, developers, and business leaders from thousands of the world’s most innovative organizations, Veracode is the software security pioneer for integrated prevention, detection, and response. Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.
Copyright © 2023 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | May 16, 2023
Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today extended its single-vendor SASE platform, Cloudflare One, to generative artificial intelligence (AI) services. Cloudflare One for AI, a suite of Zero Trust security controls, will enable enterprises to safely and securely use the latest generative AI tools without putting intellectual property and customer data at risk.
With every transformative step forward in technology, from mobile phones to cloud computing, there are new security threats that rise to the surface. Major companies have banned the use of popular generative AI chat apps because of sensitive data leaks, and Italy instituted a temporary ban on generative AI tools for inadequate user data protections. According to a KPMG survey on generative AI, AI is expected to have an enormous impact on business, but the majority of US executives surveyed are years away from implementing it; cyber security (81%) and data privacy (78%) are the most top of mind concerns for leaders. CISOs and CIOs need to strike a balance between enabling transformative innovation through AI and still maintaining compliance with data privacy regulations. Whether it’s an employee experimenting with AI, or a company initiative, once proprietary data is exposed to AI, there is no way to reverse it.
"AI holds incredible promise, but without proper guardrails it can create significant risks for businesses. It is far too easy, by default, to upload sensitive internal or customer data to AI tools. Once the data is used for training AI, it is virtually impossible to get it out," explained Matthew Prince, co-founder and CEO of
Cloudflare. "If you were going to let a class of university students rummage around in your internal data, you'd of course put clear rules in place on what data they can access and how it can be used in their education. Cloudflare's Zero Trust products are the first to provide the guard rails for AI tools, so businesses can take advantage of the opportunity AI unlocks while ensuring only the data you want to expose gets shared."
Cloudflare One for AI provides a simple, fast, and secure way for companies to safely build using the latest generative AI technologies, without compromising security or performance. With Cloudflare One, companies can gain visibility into and measure AI tool usage, prevent data loss, and manage integrations:
Cloudflare Gateway helps companies observe how many employees are experimenting with AI services, and adds context when planning for budgets and enterprise licensing.
Service tokens give administrators a clear log of API requests, control over the specific services that can access AI training data, and the ability to revoke tokens with a single click when building ChatGPT plugins for internal and external use.
Cloudflare Tunnel provides an encrypted, outbound-only connection to Cloudflare’s network. Every request will be checked against the access rules configured for services protected by Cloudflare One or when teams are ready to allow an AI service to connect to their infrastructure.
Cloudflare’s Data Loss Prevention (DLP) service provides a safeguard to close the human gap in how employees may share data. Simple pre-configured options can check for data that looks like social security numbers or credit card numbers, and custom scans can look for patterns based on data configurations for a specific team. More granular rules can even allow select users to experiment with projects containing sensitive data, with stronger limitations on the majority of teams and employees.Cloudflare's cloud access security broker (CASB) service gives comprehensive visibility and control over SaaS apps. Soon, Cloudflare CASB will be able to scan the AI tools that your team uses to detect misconfiguration and misuse.
Generative AI is an exciting technology with the promise to transform how we work. As this technology evolves and new tools and plugins are developed, Cloudflare’s platform approach to security will ensure that enterprises everywhere can embrace these productivity enhancements without creating bottlenecks and ensure compliance with the latest regulations.
About Cloudflare
Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company's Most Innovative Companies in 2021, and ranked among Newsweek's Top 100 Most Loved Workplaces in 2022.
Read More