DATA SECURITY

The latest release of Cyber Observer provides new visibility into the risk posture of cybersecurity

businesswire | January 19, 2021

Digital Observer, the chief Continuous Controls Monitoring (CCM) arrangement, today declared a significant upgrade to its foundation that empowers CISOs and other security and danger the board heads to acquire new, constant, bound together perceivability into the viability of online protection instruments that are executed all through their endeavor. By ceaselessly recovering and examining Critical Security Controls (CSCs) from applications on-premises and in-cloud, Cyber Observer's CCM stage improves consistence, lessens mean opportunity to location and reaction, and advances hazard act the executives.

Network protection groups are overpowered with multifaceted nature of overseeing many unique security apparatuses that have been executed across their mixture ventures. In spite of best endeavors to actualize security controls to limit dangers and dangers, venture heads are finding that misconfigured or failing apparatuses are time after time a vulnerable side and probably the most fragile connection in their security guards. Digital Observer's CCM stage disposes of this issue and now empowers ventures to keep a finger on the beat of how their security instruments are performing.

Digital Observer associates and pulls information from a venture's on-premises and in-cloud apparatuses to make a complete perspective on the security instruments executed. Notwithstanding persistently examining in excess of 5,000 CSCs and giving controls status with regards to the executives, consistence prerequisites and different structures, Cyber Observer delivered a bunch of new highlights, including:

Ongoing dashboards. Effectively show the status of each apparatus, status of the distinctive security regions, organize weaknesses, total danger act scoring, and alarm on deviation from ordinary conduct.

Nonstop revealing. New announcing module robotizes gives an account of an association's network safety instruments status and digital stance sees.

Open API upgrades. Empower endeavors to effortlessly share information gathered by Cyber Observer with outsider devices that give security data and occasion the executives (SIEM), mechanization (SOAR), and man-made consciousness.

“Managing risks requires more than implementing security tools and checking the box,” said Shimon Becker, Cyber Observer Co-founder and VP Product. “It requires continuous monitoring, management, and oversight to ensure that people, processes, and technology are in fact protecting your data and your enterprise.”

“The new release offers quick and easy remote implementation,” said Moti Ram, Cyber Observer Co-founder and VP R&D. “We support hybrid on-premises and in-cloud connectivity and deployment.”

Cyber Observer is backed by Merlin Ventures, which strategically invests in and scales innovative cybersecurity companies. “Things like misconfigured or unpatched security tools are such easy targets for adversaries to exploit,” stated Seth Spergel, Vice President of Emerging Technology at Merlin Ventures. “Implementing a simple solution like Cyber Observer's Continuous Controls Monitoring platform should really be a part of any organization’s cyber hygiene protocol and a standard practice for all enterprises.”

About Cyber Observer

Cyber Observer is the premier Continuous Controls Monitoring (CCM) solution that reduces business losses and audit costs by continuously monitoring and auditing critical security controls and applications. The Cyber Observer platform integrates dozens of the most popular security tools into a single interface, enabling security and risk management executives to monitor tool performance in alignment with cybersecurity, business, and regulatory frameworks. This equips security and risk management executives with unprecedented visibility, control, and strategic oversight that empowers security and risk executives to proactively identify and close critical security gaps while demonstrating the effectiveness and maturity of their security programs and investments.

About Merlin Ventures

Merlin Ventures is a strategic investment firm that rapidly scales visionary companies and introduces disruptive solutions designed to help enterprises address today’s most critical cybersecurity challenges. Merlin Ventures’ unique business model combines robust infrastructure and capital, onboarding and market readiness acceleration, cybersecurity engineering leadership, and deep-rooted customer and market relationships to enable its portfolio of cybersecurity companies to accelerate growth and flourish.

Spotlight

THREAT LANDSCAPE REPORT Q1 2017. ATTACK TOOLS— ANYWHERE ANYTIME SERVICE. RANSOMWARE EXPANDS AUTOMATIC ATTACKS Almost 10% of organizations detected ransomware activity last quarter Malicious ransomware like WannaCry can scale-out to hundreds of organizations across the world at onc.

Spotlight

THREAT LANDSCAPE REPORT Q1 2017. ATTACK TOOLS— ANYWHERE ANYTIME SERVICE. RANSOMWARE EXPANDS AUTOMATIC ATTACKS Almost 10% of organizations detected ransomware activity last quarter Malicious ransomware like WannaCry can scale-out to hundreds of organizations across the world at onc.

Related News

DATA SECURITY

Imperva Extends its Data Security Fabric to Include Enterprise Data Lakes Built on AWS

Imperva | July 27, 2022

Imperva, Inc., a comprehensive digital security leader, announces that its award-winning Imperva Data Security Fabric (DSF) now provides data-centric protection and compliance for enterprise data lakes built on Amazon Web Services (AWS). Imperva reinforces its commitment to securing data and all paths to it by allowing AWS customers to secure their data with one comprehensive platform, leveraging a unified security model across Amazon Aurora, Amazon Redshift, Amazon Relational Database Service (Amazon RDS), Amazon DynamoDB, Amazon Athena, and AWS CloudFormation without requiring any changes to their existing data infrastructure. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Imperva DSF includes User Entity Behavior Analytics (UEBA) models that can identify suspicious data access patterns, such as excessive access to sensitive records, the use of privileged service accounts by interactive users, and suspicious network connections. This helps organizations automatically identify and detect potential data breaches without the need for specialized data security analysts. Finally, with Imperva DSF, security operations teams can create playbooks to automatically mitigate threats using native AWS features like security groups or revoking user access using AWS IAM. This ensures organizations stay in compliance while also helping to prevent data breaches. Comprehensive Data Security From one holistic dashboard, Imperva DSF delivers a broad range of data security capabilities – including data discovery, classification, monitoring, access control, risk analytics, compliance management, security automation, threat detection, and audit reporting. This makes it easier for customers to protect the migration of sensitive data, including Personally Identifiable Information (PII) like customer names, email addresses, phone numbers, and gender, and adhere to privacy regulations, such as the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI-DSS), and the Health Insurance Portability and Accountability Act (HIPAA). Tens of thousands of organizations build data lakes on AWS and configure AWS Lake Formation, AWS Identity and Access Management (IAM), and Amazon Simple Storage Service (Amazon S3) policies to secure access to them. Imperva DSF leverages services like AWS Lake Formation and AWS Glue to discover data lakes, monitor how users query and access stored data, and detect and prevent malicious user access and data leakage incidents. Imperva DSF also safeguards critical data workloads across all of their databases, file repositories, data warehouses, multicloud, and data lake environments. Imperva Data Security Fabric can be deployed directly in any AWS Regions using pre-built AWS CloudFormation templates. Once deployed, Imperva DSF will begin discovering and monitoring data lakes. More than 400 pre-defined vulnerability assessment tests are available for cloud databases on AWS. Also, Imperva DSF takes the complexity out of deciding which baselines to establish by including policies based on Center for Internet Security (CIS) and Defense Information System Agency’s (DISA) Security Technical Implementation Guide (STIG) benchmarks that are adapted for the cloud. "AWS allows organizations to quickly and securely build solutions that help them to reach new markets and deliver new services to end users,” says Dan Neault, SVP and GM, Data Security, Imperva. “Imperva Data Security Fabric gives organizations building data lakes on AWS a streamlined experience for securing data, and confidence that their data lakes are in compliance.” About Imperva DSF on AWS The support of data lakes is the latest milestone in Imperva’s work with AWS. Imperva is an AWS Partner with the AWS Security Independent Software Vendor (ISV) Competency and Amazon RDS Ready Product validation. Imperva also participates in AWS Marketplace and AWS ISV Accelerate Program. About Imperva Imperva is the cybersecurity leader whose mission is to help organizations protect their data and all paths to it. Customers around the world trust Imperva to protect their applications, data and websites from cyber attacks. With an integrated approach combining edge, application security and data security, Imperva protects companies through all stages of their digital journey. Imperva Research Labs and our global intelligence community enable Imperva to stay ahead of the threat landscape and seamlessly integrate the latest security, privacy and compliance expertise into our solutions.

Read More

PLATFORM SECURITY

Cerberus Sentinel completes acquisition of CyberViking

Cerberus Sentinel | July 07, 2022

Cerberus Cyber Sentinel Corporation (NASDAQ: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., announced that it has completed the acquisition of CyberViking, a cybersecurity company based in Georgia and Oregon. Upon the closing of the transaction, CyberViking became a wholly owned subsidiary of Cerberus Sentinel. CyberViking founder and cyber lead for the company is Carric Dooley. CyberViking specializes in application security services, incident response and threat hunting, and the creation and management of security operations centers. They have advised many Fortune 100 companies worldwide. "With the addition of CyberViking, we take a next step in expanding our international reach as well as broadening our expertise for our cybersecurity healthcare and industrial controls systems customers. "Carric is an innovative thinker who is well respected by customers for solving and preparing for challenging cybersecurity threats. The team is the very embodiment of our commitment to a culture of security." David Jemmett, founder and CEO, Cerberus Sentinel "We are looking forward to helping shape a global strategy for incident response, as well as driving new capabilities in application security," said Dooley. "We believe in the development of the cybersecurity community and have actively participated as trainers and presenters at global conferences. Our two organizations share a vision in helping our customers rise above the cybersecurity challenges inherent in threats today and in the future, and to get them to a place where they can concentrate on growing their business." About Cerberus Sentinel Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Read More

DATA SECURITY,SOFTWARE SECURITY

Appgate Launches Technology Alliance Partnership Program to Help Customers Simplify and Accelerate Zero Trust Advancement

Appgate | September 08, 2022

Appgate (OTC: APGT), the secure access company, today announced the launch of its Technology Alliance Partnership program and four of the program’s featured partners: Illumio, Menlo Security, CrowdStrike and Amazon Web Services (AWS). Appgate’s Technology Alliance Partnership program is designed to help organizations unlock greater performance from their cybersecurity investments and accelerate Zero Trust security adoption. This growing ecosystem of partners demonstrates Appgate’s vision and commitment to build purposeful product integrations that enable its customers to automate cybersecurity processes, optimize operations, reduce risk and improve the user experience. “While many organizations have embraced the principles of Zero Trust security, the reality is their goals cannot be met with any single product, vendor or platform. Our Technology Alliance Partnership program is designed to make it easier for our customers to navigate this complex landscape, simplify deployments and get the most out of their cybersecurity investments. “We’re thrilled to bring more value to our customers through our partnerships with Illumio, Menlo Security, CrowdStrike and AWS.” Barry Field, CEO, Appgate Zero Trust requires all users, devices and workloads—whether inside or outside an organization’s network—to be authenticated, authorized and continuously validated before receiving access to applications and data. Appgate’s Technology Alliance Partnership program enables partners to integrate with the company’s industry-leading Zero Trust Network Access (ZTNA) solution, Appgate SDP, through robust API integrations, clear documentation and dedicated support. Together, Appgate and its technology partners offer comprehensive offerings that help their customers reach Zero Trust goals with ease and speed: Illumio The combination of Appgate SDP and Illumio Core, a leading micro-segmentation solution, enables joint customers to achieve full-compass dynamic Zero Trust segmentation. Appgate SDP ensures secure access to workloads via the network perimeter (north-south traffic) by creating user-to-workload access controls that are cloaked, fine-grained and dynamic. Illumio Core micro-segments workloads within the interior (east-west traffic) to eliminate excess workload-to-workload interconnectivity. When co-deployed and integrated together, these solutions immediately improve any organization’s Zero Trust posture. “Security teams are turning to Zero Trust strategies to build resilience throughout their hybrid IT environments but find that no single vendor or solution can achieve their goals alone—an ecosystem-based approach is required,” said John Skinner, Vice President of Business Development at Illumio. “Both Zero Trust segmentation and ZTNA are important pillars of any Zero Trust strategy. Illumio is delighted to join forces with Appgate to deliver best-of-breed Zero Trust solutions in both categories to our customers to ensure minor breaches can’t grow to become disasters.” Menlo Security The combination of Appgate SDP and the Menlo Security Cloud Platform delivers a comprehensive secure access solution that safeguards all internet traffic, Software-as-a-Service (SaaS) applications and private networked resources. With this integration, enterprises can shift to a seamless, high-security Zero Trust framework with industry-leading data and threat protection, enabling users to browse the internet and access SaaS apps and private enterprise resources safely and securely. “The evolution toward hybrid workforces and public and private cloud infrastructures requires organizations to deploy a new approach to ensure secure access to web and SaaS applications and confidential enterprise data without affecting the user experience or productivity,” said Sanjit Shah, Head of Strategic Alliances, Menlo Security. “Teaming with Appgate enables our joint customers to adopt a comprehensive and scalable ZTNA-based approach that improves deployment and management flexibility, while providing secure web access to application workloads across public and private clouds using Menlo’s Cloud Security Platform with Isolation Core and Zero Trust private access to hybrid resources and IT infrastructure via Appgate SDP.” CrowdStrike Appgate’s integration with CrowdStrike helps organizations reduce their attack surface and mitigate lateral movement. Appgate SDP gathers intelligence provided through CrowdStrike Falcon Zero Trust Assessment (ZTA) to assess user, device and workload risk postures at the time of authentication and on an ongoing basis. This dynamic functionality makes it possible to leverage device health or behavioral changes provided by the CrowdStrike Falcon platform to build policy controls that restrict or deny access, preventing lateral movement across the network. AWS Enterprises that utilize the strong security foundations provided by AWS can augment the network security of their environments with Appgate SDP, which leverages AWS-native capabilities like tagging and auto scaling to provide fine-grained access and enterprise-grade scale. Appgate SDP ensures that only authorized users connect to AWS and hybrid architectures with multiple encrypted tunnels. Appgate SDP is available in the AWS Marketplace. About Appgate Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles. This people-defined security approach enables fast, simple and secure connections from any device and location to workloads across any IT infrastructure in cloud, on-premises and hybrid environments. Appgate helps organizations and government agencies worldwide start where they are, accelerate their Zero Trust journey and plan for their future.

Read More