DATA SECURITY

The latest release of Cyber Observer provides new visibility into the risk posture of cybersecurity

businesswire | January 19, 2021

Digital Observer, the chief Continuous Controls Monitoring (CCM) arrangement, today declared a significant upgrade to its foundation that empowers CISOs and other security and danger the board heads to acquire new, constant, bound together perceivability into the viability of online protection instruments that are executed all through their endeavor. By ceaselessly recovering and examining Critical Security Controls (CSCs) from applications on-premises and in-cloud, Cyber Observer's CCM stage improves consistence, lessens mean opportunity to location and reaction, and advances hazard act the executives.

Network protection groups are overpowered with multifaceted nature of overseeing many unique security apparatuses that have been executed across their mixture ventures. In spite of best endeavors to actualize security controls to limit dangers and dangers, venture heads are finding that misconfigured or failing apparatuses are time after time a vulnerable side and probably the most fragile connection in their security guards. Digital Observer's CCM stage disposes of this issue and now empowers ventures to keep a finger on the beat of how their security instruments are performing.

Digital Observer associates and pulls information from a venture's on-premises and in-cloud apparatuses to make a complete perspective on the security instruments executed. Notwithstanding persistently examining in excess of 5,000 CSCs and giving controls status with regards to the executives, consistence prerequisites and different structures, Cyber Observer delivered a bunch of new highlights, including:

Ongoing dashboards. Effectively show the status of each apparatus, status of the distinctive security regions, organize weaknesses, total danger act scoring, and alarm on deviation from ordinary conduct.

Nonstop revealing. New announcing module robotizes gives an account of an association's network safety instruments status and digital stance sees.

Open API upgrades. Empower endeavors to effortlessly share information gathered by Cyber Observer with outsider devices that give security data and occasion the executives (SIEM), mechanization (SOAR), and man-made consciousness.

“Managing risks requires more than implementing security tools and checking the box,” said Shimon Becker, Cyber Observer Co-founder and VP Product. “It requires continuous monitoring, management, and oversight to ensure that people, processes, and technology are in fact protecting your data and your enterprise.”

“The new release offers quick and easy remote implementation,” said Moti Ram, Cyber Observer Co-founder and VP R&D. “We support hybrid on-premises and in-cloud connectivity and deployment.”

Cyber Observer is backed by Merlin Ventures, which strategically invests in and scales innovative cybersecurity companies. “Things like misconfigured or unpatched security tools are such easy targets for adversaries to exploit,” stated Seth Spergel, Vice President of Emerging Technology at Merlin Ventures. “Implementing a simple solution like Cyber Observer's Continuous Controls Monitoring platform should really be a part of any organization’s cyber hygiene protocol and a standard practice for all enterprises.”

About Cyber Observer

Cyber Observer is the premier Continuous Controls Monitoring (CCM) solution that reduces business losses and audit costs by continuously monitoring and auditing critical security controls and applications. The Cyber Observer platform integrates dozens of the most popular security tools into a single interface, enabling security and risk management executives to monitor tool performance in alignment with cybersecurity, business, and regulatory frameworks. This equips security and risk management executives with unprecedented visibility, control, and strategic oversight that empowers security and risk executives to proactively identify and close critical security gaps while demonstrating the effectiveness and maturity of their security programs and investments.

About Merlin Ventures

Merlin Ventures is a strategic investment firm that rapidly scales visionary companies and introduces disruptive solutions designed to help enterprises address today’s most critical cybersecurity challenges. Merlin Ventures’ unique business model combines robust infrastructure and capital, onboarding and market readiness acceleration, cybersecurity engineering leadership, and deep-rooted customer and market relationships to enable its portfolio of cybersecurity companies to accelerate growth and flourish.

Spotlight

How does your cyber security program compare to other companies? Where do your security people, processes, and technology place you among peer organizations? And more important, what should be your next steps to improve your program? Based on their research, Enterprise Strategy Group has developed a cyber security maturity model that classifies organizations as basic, progressing, or advanced.

Spotlight

How does your cyber security program compare to other companies? Where do your security people, processes, and technology place you among peer organizations? And more important, what should be your next steps to improve your program? Based on their research, Enterprise Strategy Group has developed a cyber security maturity model that classifies organizations as basic, progressing, or advanced.

Related News

PLATFORM SECURITY

Picus Security brings automated security validation to businesses of all sizes

Picus Security | November 10, 2022

Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced the availability of its next-generation security validation technology. The new Picus Complete Security Validation Platform levels up the company's attack simulation capabilities to remove barriers of entry for security teams. It enables any size organization to automatically validate the performance of security controls, discover high-risk attack paths to critical assets and optimize SOC effectiveness. "Picus helped create the attack simulation market, and now we're taking it to the next level, By pushing the boundaries of automated security validation and making it simpler to perform, our new platform enables organizations even without large in-house security teams to identify and address security gaps continuously." -H. Alper Memis, Picus Security CEO and Co-Founder The all-new-and-improved Picus platform extends Picus's capabilities beyond security control validation to provide a more holistic view of security risks inside and outside corporate networks. It consists of three individually licensable products: Security Control Validation - simulates ransomware and other real-world cyber threats to help measure and optimize the effectiveness of security controls to prevent and detect attacks. Attack Path Validation - assesses an organization's security posture from an 'assume breach' perspective by performing lateral movement and other evasive actions to identify high-risk attack paths to critical systems and users. Detection Rule Validation - analyzes the health and performance of SIEM detection rules to ensure that SOC teams are reliably alerted to threats and can eliminate false positives. A global cybersecurity workforce gap of 3.4 million professionals∗ means automated security validation is now essential to reduce manual workloads and help security teams respond to threats sooner. Recently, the US's Cybersecurity and Infrastructure Security Agency (CISA) and UK's National Cyber Security Centre (NCSC) published a joint advisory recommending organizations test their defenses continually and at scale against the latest techniques used by attackers. Insights from point-in-time testing are quickly outdated and do not give security teams a complete view of their security posture, With the Picus platform, security teams benefit from actionable insights to optimize security effectiveness whenever new threats arise, not once a quarter. With our new capabilities, these insights are now deeper and cover even more aspects of organizations' controls and critical infrastructure,said Volkan Erturk, Picus Security CTO and Co-Founder. About Picus Security Picus Security is the pioneer of Breach and Attack Simulation (BAS). The Picus Complete Security Validation Platform is trusted by leading organizations worldwide to continuously validate security effectiveness and deliver actionable insights to strengthen resilience 24/7. Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners. Picus has been named a 'Cool Vendor' by Gartner and is cited by Frost & Sullivan as one of the most innovative players in the BAS market.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Cloudflare Announces New Suite of Email Security and Data Protection Solutions

Cloudflare | January 12, 2023

On 11 Jan 2023, Cloudflare, Inc., a leading cybersecurity solutions provider focused on building a better internet, announced multiple new Zero Trust email security tools, compatible with any email provider. The solution prevents sensitive data exfiltration via email, guard employees against multichannel phishing attacks, and help businesses simplify and accelerate deployments. Cloudflare offers organizations simple and reliable phishing and malware protection that is deeply incorporated with its Zero Trust platform, helping organizations secure all their data and applications. “You can’t have a complete Zero Trust solution without securing email, given that a huge proportion of all cyberattacks begin with phishing,” stated the Co-Founder and CEO of Cloudflare, Matthew Prince. “In 2022, Cloudflare Area 1 identified and kept almost 2.3 billion unwanted messages out of customer inboxes. Today we’re filling a void in the marketplace that has been underinvested in for the last ten years, with the first set of deeply integrated solutions that bring together Cloudflare Area 1 email security and our Zero Trust platform,” he added. (Source: Businesswire) Email is one of the most pervasive and exploited tools used by businesses daily. According to the FBI’s most recent Internet Crime Report, email account compromise and business email compromise led to U.S. companies losing nearly US$ 2.4 billion. In addition, email is one of the most complex tools for businesses to secure, involving a massive drain on IT team resources, multiple vendors, and complex deployments. Cloudflare’s Zero Trust SASE platform will allow customers to deploy email security and data protection tools that are comprehensively linked with their current security stack and compatible with any email service provider. Cloudflare One offers a comprehensive Zero Trust SASE platform that is built into Cloudflare’s global network, which spans over 275 cities in over 100 countries. This deeply embedded approach makes it easy to set up in just a few clicks without switching email providers. With Cloudflare Area 1’s new solutions, companies can automatically isolate questionable email attachments and links, identify and prevent data leaks, and rapidly onboard new Microsoft 365 domains. About Cloudflare Headquartered in San Francisco, California, Cloudflare safeguards and speed up any Internet-based application without installing software, adding hardware, or modifying a single line of code. As a result, the company’s clients experience significant improvement in performance and a reduction in spam and other attacks. Founded in 2009, the organization ranks amongst the 50 most innovative companies worldwide by Fast Company, is acknowledged by the World Economic Forum as a Technology Pioneer, and has been named the Most Innovative Network & Internet Technology Company for two consecutive years by the Wall Street Journal.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Beyond Identity Launches Joint Integration With Zscaler to Accelerate Enterprise Zero Trust Security Strategies

Beyond Identity | December 09, 2022

Beyond Identity, the leading provider of phishing-resistant multi-factor authentication (MFA), has expanded its integration offerings to include cloud security leader Zscaler. The joint solution strengthens a zero trust architecture and reduces the attack surface by continuously validating the user and device and enabling secure access to applications. As threat actors’ attacks increase in scope, using freely available tools that simplify the task, legacy MFA solutions that rely on penetrable passwords and codes no longer guarantee protection throughout an active session. As such, Gartner recommends companies adjust their zero trust initiatives as “credentials and signals must be continuously reevaluated post login.” To provide enterprises with continuous identity and device inspection and verification, Beyond Identity’s integration with the Zscaler Zero Trust Exchange™ platform enables the real-time exchange of risk signals that are incorporated prior to initial user authentication and monitored continuously thereafter, increasing the security of the entire user session. Further, ongoing risk signal exchange between the solutions allows for near real-time notification and enforcement should a device fall out of compliance during an active session, and for session termination and remediation to ensure both user and device are ready for re-authentication. “Beyond Identity is committed to delivering the industry’s most secure and robust phishing-resistant authentication solution while removing the user friction that has stalled enterprise rollout of existing MFA solutions,” said Kurt Johnson, Chief Strategy Officer and Head of Corporate Development at Beyond Identity. “To achieve this objective, Beyond Identity is building an ecosystem of like-minded leaders, like Zscaler, where real-time information exchange can raise the level of application and system security and form the foundation of an enterprise’s journey to zero trust security.” ”As cyberattacks become more sophisticated and users work from everywhere, removing the silos of security solutions is key for implementing zero trust. “With Beyond Identity integrating into the Zscaler Zero Trust Exchange platform, customers have another strong option to enforce device-driven conditional access continuously, and adapt to their risk policies and application sensitivity.” Amit Raikar, VP of Tech Alliances and Business Development at Zscaler This integration empowers Beyond Identity and Zscaler customers to easily modernize their MFA strategies, minimize the risk of password-based and MFA-bypass breaches and extend the footprint of existing cybersecurity investments. By eliminating the need for a password from this process, usability and user satisfaction are ultimately improved while removing entire authentication attack vectors. “Lowering the risk of password-based breaches and secure application access are key business drivers for security leadership teams.stated Mick Coady, WWT, Global VP of Cyber Security Solutions at World Wide Technology. “The Zscaler, Beyond Identity integration enables organizations to achieve both.” About Beyond Identity Beyond Identity is revolutionizing secure digital access for workforces, contractors, customers and developers. Our Universal Passkey Architecture provides the industry’s most secure and frictionless multifactor authentication that prevents credential-based breaches, ensures device trust, and delivers secure and frictionless digital access, eliminating passwords entirely. Industry leaders like Snowflake, Unqork and Roblox rely on Beyond Identity to solve their access security challenges for their customers, employees, contractors and developers and to advance their journey toward Zero Trust Security.

Read More