PLATFORM SECURITY,SOFTWARE SECURITY,END POINT PROTECTION
Wallarm | January 23, 2023
Wallarm, a leading end-to-end API security provider, has recently announced the early release of the Wallarm API leak management solution, an improved API security technology designed to assist organizations in identifying and remediating attacks exploiting leaked API keys and secrets while also providing ongoing protection against hacks in the event of a leak.
Given the recent increase in hacks involving leaked API keys and other API secrets, Wallarm developed the API leak management solution in order to give a comprehensive solution for this issue by automatically detecting leaked API keys and secrets, implementing controls to prevent their use, and protecting against any follow-on attacks. As a result, it prohibits unwanted access to sensitive data within enterprises while also protecting their internal operations and customers from unauthorized use of that data.
With the average cost of an API leak incident being $1.2 million per year, protecting API keys is a security and financial need. However, as locating and revoking API keys is both time-consuming and resource-intensive, Wallarm's proactive API leak management solution focuses on automated detection, remediation, and control using a three-pronged approach:
Detect - Wallarm automatically searches public sources for leaked API secrets, which hackers can discover and exploit in under a minute.
Remediate - Regardless of protocol, Wallarm immediately blocks requests that use compromised API secrets across the entire API portfolio.
Control - Wallarm also continuously monitors and prevents the use of leaked API secrets.
The Wallarm API leak management solution is the first of its kind in the API security space and is coupled with other Wallarm capabilities such as API threat prevention, API discovery and cloud-native WAAP. Wallarm’s API security platform provides customers with full-spectrum visibility, detection, and security for their entire web application and API portfolio, regardless of protocol or environment. This minimizes tool sprawl and costs while also increasing risk management and fostering innovation.
About Wallarm
Wallarm, founded in 2016, provides End-to-End API Security solutions to safeguard web applications, APIs, microservices, and serverless workloads in cloud-native environments. With its commitment to developing the cybersecurity industry, it has designed a new security platform to defend tech firms and Global 2000 enterprises throughout their journey from their legacy apps to APIs in cloud-native infrastructures. Hundreds of Security and DevOps teams use Wallarm to discover all of their web apps and API endpoints, traffic flows, and sensitive data consumption for total visibility, secure their whole API portfolio against emerging risks, and respond to incidents automatically for better risk management.
Read More
PLATFORM SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS
Skyhigh Security | December 28, 2022
Skyhigh security, a leading data security solutions provider, recently announced receiving Amazon Web Services (AWS) Security Competency accreditation in the infrastructure security industry. This distinction recognizes Skyhigh Security's extensive technical expertise in AWS and proven success in its ability to assist customers in achieving their cloud security objectives.
Achieving AWS Security Competency distinguishes Skyhigh Security as a member of the AWS Partner Network (APN) that offers specialized software to assist organizations in adopting, developing, and deploying complex security projects on AWS. To achieve the distinction, APN Partners must have in-depth knowledge of AWS and provide solutions on AWS effortlessly.
AWS delivers scalable, versatile, and cost-effective solutions to startups and large-sized organizations. To enable the seamless integration and implementation of these solutions, AWS launched the AWS Competency Program to assist customers in identifying consulting and technology APN Partners with extensive industry knowledge and expertise.
AWS users can buy the entire Security Service Edge (SSE) portfolio of Skyhigh Security through the AWS Marketplace, which enhances the efficiency of the procurement process and provides flexible licensing options. The company's SSE portfolio is cloud-native, designed from the bottom up with Zero Trust principles, and includes a unified data loss prevention and policy engine.
Skyhigh SSE contains, Skyhigh Cloud Access Security Broker, Skyhigh Secure Web Gateway, and Skyhigh Private Access, among other products, offering one of the most extensive portfolios in the market.
About Skyhigh Security
Based in California, U.S., Skyhigh Security, a provider of a complete, market-leading data security platform built on a modern cloud stack, focuses on helping customers protect the world's data. It protects businesses with data-aware and user-friendly cloud-native security solutions. Its industry-leading Security Service Edge (SSE) portfolio extends beyond data access and focuses on data use, enabling enterprises to communicate from any device and location without compromising security.
Read More
INFOSEC PROJECT MANAGEMENT,PLATFORM SECURITY,SOFTWARE SECURITY
NowSecure | January 03, 2023
NowSecure, the leader in standards-based mobile app security and privacy software, announced the introduction of its latest solution, NowSecure Mobile Pen Testing as a Service (PTaaS), which will bridge the gap between manual and automated mobile security assessments for continuous security.
NowSecure PTaaS is designed to provide mobile developers and security teams with a more cost-effective and efficient pen testing solution. The solution combines periodic expert manual assessments with continuous automated testing to optimize comprehensive coverage at a higher frequency. With this combination, the all-inclusive portal and service can instantly discover concerns early in the developer pipeline, provide consulting help to repair security issues promptly, and accelerate the release of high-quality software into production.
As organizations struggle with tightening budgets in conjunction with an increased threat of mobile cyber assaults, there is an industry demand for a cost-effective, higher-coverage, higher-frequency, mobile AppSec testing solution.
"According to Coalfire and NowSecure's 4th Annual Penetration Risk Report, 99% of mobile applications pose security or privacy threats."
By integrating NowSecure's latest offering, Mobile PTaaS, CISOs and security leaders can optimize their budget for penetration testing while prioritizing continuous, comprehensive security testing. The NowSecure Mobile PTaaS cloud-based platform, built on tens of thousands of pen tests and over 12 years of mobile application security experience, provides a comprehensive set of automatic, continuous, and manual assessments, including:
Expert pen testing periodically depending on the specific demand and timeline
On-demand and continuous security testing is built into the CD/CI and dev toolchains
Automatic ticket generation with incorporated remedial resources
Consultation with an experienced pen tester on remediation
Optional industry standard(s) certifications and validations
All-in-one SAST, IAST, DAST, APISec, and SBOM
Simple-to-use dedicated SaaS platform
About NowSecure
A Chicago-based mobile security company, NowSecure safeguards the worldwide mobile app economy as the leading authority in standards-based mobile application privacy and security automation. The company is trusted by the most demanding enterprises for its comprehensive security testing solution package for DevSecOps, mobile app supply-chain monitoring, Pen Testing as a Service (PTaaS), professional mobile pen testing, and training courseware.
NowSecure actively contributes to and supports the open-source mobile security community, industry standards, and certifications such as ADA MASA, OWASP MASVS, NIAP, ioXt, and others. The firm is SOC 2-certified and has been recognized by Gartner, IDC, TAG Cyber, and Deloitte Fast 500.
Read More