DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | March 30, 2023
Noname Security, the leading provider of complete API security solutions, today announced major enhancements to its market-leading API security platform to help organisations protect their API ecosystem, secure their applications, and increase cyber resilience. With the fastest, most flexible, and most comprehensive solution on the market, Noname Security continues to define API security.
Noname Enables Secure Growth with API Security Innovation
Today, APIs drive business, delivering value to customers, clients, patients, users, shareholders, and more. However, securing APIs – and all of the critical assets they connect – has become more difficult than ever as APIs attacks have increased exponentially. IBM Security X-Force reported that two-thirds of its analysed incidents were due to unsecure APIs.
"APIs are the connective tissue for the digital world, but the explosion in API use has created new and rapidly growing threats to organisations across the globe. We created the Noname API Security Platform to uniquely address the modern API ecosystem, with discovery, insight, protection, and testing capabilities," said Shay Levi, Co-Founder and CTO at Noname Security. "Doing so means not only securing APIs and their use, but also improving the speed at which our customers can expand their business."
The Noname API Security Platform Continues to Define API Security
Noname's latest major release delivers new capabilities across the entire platform – covering discovery, posture management, runtime protection, pre-production testing, and deployment – to help customers:
Discover More & Strengthen Security Posture
Noname Security's Discovery and Posture Management solutions locate and provide insight to every API in an organisation's ecosystem, uncovering vulnerabilities (including the most recent OWASP API Top Ten), protecting sensitive data, and proactively monitoring for changes, including in OpenAPI and other specifications. New capabilities enable customers to:
Gain complete visibility and detailed insights to protect APIs with customisable discovery, flexible tagging, and datatype assignments – including PII, PCI, PHI, and custom categories – for grouping APIs by application, business unit, and more.
Understand APIs in rich context with visualisations of business logic, physical network infrastructure, and API traffic to understand specific interactions and behaviour patterns.
Secure containerised applications with enhanced discovery and detection for Kubernetes (k8s).
Prioritise resources and eliminate blind spots with extensive infrastructure inventories for AWS and Azure, enabling organisations to find unprotected APIs, map the connections between APIs and infrastructure resources, pinpoint resources that could increase the attack surface, and resolve potential issues with full context.
Stop Attacks with Runtime Protection
Noname Security Runtime Protection detects and blocks API attacks with real-time traffic analysis, out-of-band monitoring, inline remediation options, and workflow integrations to increase SOC effectiveness. New capabilities enable customers to:
Identify business-logic-based attacks immediately with updates to the industry's most advanced anomaly detection engine using artificial intelligence & machine learning (AI/ML), including unsupervised online learning.
Reduce Mean-Time-To-Resolution (MTTR) with more context on issue records, including detailed remediation guidance and tools for deeper investigation.
Fully align with security operations center (SOC) processes with automation, custom workflows, and integrations with existing systems such as ITSM, SIEM, SOAR, and more.
Deliver Secure APIs Faster with Active Testing
Noname Security Active Testing is a purpose-built API security testing solution that helps organisations easily add security into the CI/CD pipeline without sacrificing speed. The newest version of Active Testing enables customers to:
Shift left with integrations into the entire software development lifecycle (SDLC). Teams get dynamic API visibility across multiple states and environments throughout the CI/CD process.
Leave no API untested with a unique ability to find and test every API based on an understanding of the application's business logic.
Empower developers with best-in-class usability such as simple setup & automation, in-line test results, and contextual guidance for request failure mitigation.
Continuously Adapt to Changing Environments
Noname Security offers the most flexible and comprehensive set of deployment and integration options available. New capabilities enable customers to:
Rapidly realise value with simplified step-by-step onboarding and in-app guidance.
Meet any deployment requirement with both agentless and agent-based options, including eBPF, and both out-of-band and inline protection options.
Easily manage complex deployments with automatic updates across cloud-hosted, self-hosted, hybrid, and distributed deployments.
Maintain data residency and reduce overhead with remote engines to aggregate traffic into a centralised console, allowing you to keep data within your control and reducing traffic.
Meet strict public-sector compliance requirements with a new hardened virtual appliance.
See the entire attack surface with additional integrations and improvements to Akamai, AWS ECS, Cloudflare, Oracle Cloud Infrastructure, Citrix, and other connectors.
Staying Ahead of Attackers
Built by the largest team of API security researchers and developers in the industry, the Noname API Security Platform helps organisations proactively find vulnerabilities, stop attacks, reduce the risk of costly incidents, and ensure business continuity.
"Improving security posture and shifting from reactive to proactive does more than reduce risk. It allows the entire enterprise to change its position in the market from follower to leader," said Oz Golan, CEO and Co-Founder of Noname Security.
About Noname Security
Noname Security is the only company taking a complete, proactive approach to API Security. Noname works with 20% of the Fortune 500 and covers the entire API security scope — Discovery, Posture Management, Runtime Protection, and API Security Testing. Noname Security is privately held, remote-first with headquarters in Silicon Valley, California, and offices in Tel Aviv and Amsterdam.
Read More
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | May 19, 2023
CyberMaxx, Inc., a tech-enabled cybersecurity services company, today introduced MaxxMDR, its revamped managed detection and response (MDR) solution. MaxxMDR provides enhanced protection through an advanced detection library proprietary to CyberMaxx developed through the company's comprehensive DFIR, offensive security, and threat hunting research.
Traditional MDR tools and processes only provide a base-level of protection. By supplementing a SIEM or EDR tool's default detections library with advanced insights gained from its offensive and DFIR work, MaxxMDR strengthens an organization's defenses and enables them to catch more advanced threats. This provides customers with a strong partnership for a comprehensive offensive and defensive approach to securing their environments.
MaxxMDR empowers organizations to monitor and manage cyber risk through:
24 x 7 x 365 SOC: around-the-clock monitoring and response by CyberMaxx Security Operations Center of experts
Custom Detection Library: derived from years of experience and working closely with our DFIR and Offensive security teams across a diverse set of customers
Purpose-built: purpose-built platforms designed with SOAR in mind
Endpoint security (EDR): partnership with industry-leading endpoint security providers like SentinelOne and Crowdstrike
Proprietary Advanced Analytics Platform: cloud-native analytics platform for better integration with SAAS and IAAS
Full Visibility: full stack visibility of your assets both on-premise and in the cloud
Faster & Better Quality: improved mean time to recovery (MTTR) and reduced false positives through automation and orchestration
Additionally, MaxxMDR is offered through a flexible deployment model available in both managed and co-managed environments. The managed solution is delivered on a proprietary analytics engine for organizations looking for a fully outsourced solution. The co-managed solution is delivered on a third-party SIEM either licensed by CyberMaxx or the customer and allows the customer more control and access.
"The speed and pace of evolving threats today requires a new approach to defensive security," said Michael Quattrochi, CyberMaxx's SVP of Defensive Security. "Traditional MDR solutions too often aren't able to detect modern threats because they are based on legacy insights. By empowering MaxxMDR with real-time insights into active threats from our offensive and DFIR work we are enabling customers to better keep pace with their adversaries and strengthen their defensive posture."
MaxxMDR bundles
CyberMaxx helps customers strengthen their security posture by offering both offensive and defensive security solutions together. The MDR bundles strengthen MDR detection with insights from offensive solutions and provides a uniform customer experience at a competitive investment level.
MaxxMDR: provides monitoring + Alert Escalation and containment through EDR API.
MaxxMDR Advanced: builds on monitoring, alerting, and containment by including an annual Security Configuration Assessment (M365/Azure, Active Directory, AWS & GCP), semi-annual Hunt & Detect in EDR, annual IR or BCDR Tabletop, Password Hash Strength Testing, Deception Tokens Deployment and Monitoring, and Discounted Advanced DFIR Rates.
MaxxMDR Premium: builds on MaxxMDR Advanced and includes monthly Hunt & Detect in EDR, Endpoint Purple Team, annual External Penetration Test, annual VIP Public Data Reconnaissance, additional discounts on advanced DFIR Rates.
You can learn more about the MaxxMDR solution at www.cybermaxx.com/mdr and learn about MaxxMDR bundles here: www.cybermaxx.com/mdrbundles
About CyberMaxx
CyberMaxx, Inc., founded in 2002, is a tech-enabled cybersecurity service provider headquartered in Nashville, TN. Through a comprehensive set of services CyberMaxx empowers customers to Assess, Monitor, and Manage cyber risk and stay ahead of emerging threats. CyberMaxx expanded its capabilities through the 2022 acquisition of CipherTechs, an international cybersecurity company providing a complete cybersecurity portfolio across MDR Services, Offensive Security, Governance, Risk & Compliance, DFIR, and 3rd party security product sourcing.
CyberMaxx's managed detection and response solution (MAXX MDR) is designed to be scalable for clients of all sizes, providing protection and improving the organization's security posture, ultimately giving customers peace of mind that their systems and data are secure.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Globenewswire | April 05, 2023
Banyan Security, a leading provider of zero trust access solutions for the modern workforce, is proud to announce the launch of its innovative Device-Centric Security Service Edge (SSE) solution. Banyan’s offering delivers a comprehensive range of integrated security measures to safeguard the modern workforce – including Zero Trust Network Access (ZTNA), Virtual Private Network as a Service (VPNaaS), Cloud Access Security Broker (CASB), and Secure Web Gateway (SWG) – all in a unified product that is simple to implement and boosts employee productivity.
Unlike traditional security products focused on the network perimeter, Banyan’s device-centric SSE brings the user and device to the forefront of protection, enabling intelligent, risk-based connectivity and threat detection. Working in concert with the Banyan Cloud permits consistent policy enforcement without needing to route all enterprise traffic through vendor data centers or expensive on-premise appliances, which significantly improves the user experience. Moreover, Banyan’s device-centric approach treats clientless scenarios as first-class citizens, enabling seamless access combined with granular policy controls.
“The launch of our device-centric Security Service Edge solution marks a major milestone for our company, delivering on the idea of enabling workers to securely do their job from anywhere” said Jayanth Gummaraju, CEO and Co-founder of Banyan Security. “We saw a clear need for a new solution that does not suffer from the baggage of existing network-centric approaches. What we’ve built brings together device and network security in a unique way to secure all types of access – private or internet. This approach reduces the attack surface and provides a frictionless user experience, thus increasing employee productivity. We’re excited to see customers and industry partners embracing our approach, and are confident that our solution will exceed expectations, revolutionizing the way organizations think about workforce security."
Banyan Security’s strategic partners understand that a new approach is needed to effectively realize the promise of a zero trust framework.
“We are thrilled to partner with Banyan Security to deliver more value to our joint customers. The partnership provides a risk-based approach to security and simplifies the deployment of Zero Trust initiatives,” said Akhil Kapoor, Vice President of Business Development at SentinelOne. “Together, we can offer unparalleled protection and peace of mind to organizations as they navigate an ever-evolving threat landscape.”
The implications of a device-centric SSE product are revolutionary, providing organizations with considerable benefits including:
Improved User Experience – Localized, intelligent decision making minimizes latency and results in a better user experience. Rather than forcing organizations to ship all traffic to the cloud for inspection, each device makes the optimum access and security decisions. Coupling faster decision making with an always-on approach minimizes potential gaps for advanced threats to exploit.
Better Enterprise Security – The Banyan SSE solution includes multiple layers of security, providing least privileged access for users regardless of location. Additional security is provided by incorporating real-time, continuous authorization using advanced risk modeling based on user, device, resource, and threat profiles. Together these features provide superior threat protection and automated threat remediation.
Lower Total Cost of Ownership – a device-centric Security Service Edge is significantly easier to deploy and manage for most organizations. Rather than having to configure complex network environments to support the analysis and routing of user traffic, this happens locally on end-user devices based on intuitive selections made in the Banyan admin console. Advanced discover and publish capabilities further simplify deployments and results in much lower total cost of ownership for an organization versus legacy solutions.
Deployment Flexibility – The Banyan Security SSE solution architecture provides additional benefits for organizations that are concerned with data privacy and security. Unlike other SSE solutions, the Banyan Security Platform can be configured to route encrypted traffic through either the Banyan cloud infrastructure or directly through a service installed and maintained in the organization’s infrastructure. This capability allows the freedom to address the needs of any regulatory or security-conscious environment.
Banyan’s customers, aware that existing solutions were not addressing the rapidly changing requirements of a distributed workforce, have rallied behind the Banyan Security Platform.
“With Banyan Security’s device-centric SSE, we confidently replaced our legacy VPN and accelerated our zero trust architecture initiatives. Their robust solution empowers us to secure our cloud-first environment, seamlessly monitor security posture through efficient device checks, and ultimately enhance our primary customers’ security – our users,” said Cesar Esteban, Staff Security Engineer at Snapdocs. “Investing in Banyan Security has transformed our approach to cybersecurity and unlocked new potential for serving our users better.”
About Banyan Security
Banyan Security provides secure, zero trust “work from anywhere” access to applications and resources for employees and third parties while protecting them from being phished, straying onto malicious web sites, or being exposed to ransomware. A Flexible Edge architecture enables rapid, incremental deployment on-premises or in the cloud without compromising privacy or data sovereignty. A unique device-centric approach intelligently routes traffic for optimal performance and security delivering a great end user experience. Banyan Security protects workers across multiple industries, including finance, healthcare, manufacturing, and technology.
Read More