ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Swimlane | November 15, 2022
Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments.
The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure.
Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role.
“Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.”
Cody Cornell Co-founder and Chief Strategy Officer of Swimlane
Swimlane’s security automation ecosystem for OT environments currently includes the following:
Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points.
Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk.
1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods.
“Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.”
Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment.
Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
ThreatX | November 17, 2022
ThreatX, the leading API protection platform, today announced the launch of the ThreatX Academy, an online portal hosting an extensive library of cybersecurity training modules. These courses provide an accessible and approachable opportunity for those looking to begin, or advance, their cybersecurity careers.
ThreatX is providing all foundational 100-level content at no charge. Training content spans many areas of cybersecurity, including Application Security, Data Protection and Privacy, Networking, Secure DevOps and Wireless Security, among others.
The need for cybersecurity professionals has been growing at a rapid pace, and that demand is expected to continue. The number of unfilled cybersecurity positions worldwide grew 350% between 2013 and 2021 (from 1 million to 3.5 million). Further, it is predicted that the same number of jobs will still be open in 2025.
This cybersecurity skills gap, along with the accelerated pace at which both technology and cyberattackers’ tactics are evolving, has made protecting digital assets increasingly difficult for businesses. In fact, 80% of organizations suffered one or more breaches due to a lack of cybersecurity skills and/or awareness within the last 12 months, underscoring the need for solid and robust training content.
Alongside Massachusetts-based training company, Security Innovation, ThreatX developed more than 140 hours of online security training videos beginning at an introductory level and progressing to more advanced subjects, such as Blockchain Security and Automating Security Updates. All 100-level content will be available free of charge, while 200 and 300-level content will be accessible via subscription. Through the integrated learning management platform, users will be able to consume the content in sequential fashion and earn certifications. The ThreatX Academy experience is powered by Raven360, a Massachusetts-based digital Academy business.
ThreatX will share all content, free of charge, with select nonprofit organizations, including participants of the Massachusetts Rehabilitation Commission’s (MRC) Networking Technology Program.
In addition, ThreatX Academy has partnered with (ISC)2 and is now an approved (ISC)2 CPE Submitter Partner. ThreatX content may count toward (ISC)2 CPE credits. (ISC)², is an international nonprofit cybersecurity professional organization. Through (ISC)², members can earn several well-established security certifications, including:
Certified in Cybersecurity
SSCP - Security Administration
CCSP - Cloud Security
CSSLP - Software Security
In order to maintain these certifications, members must earn Continuing Professional Education (CPE) Credits. Through ThreatX’s partnership with (ISC)², security practitioners will now be able to earn CPE Credits for consuming ThreatX Academy content.
“Cybersecurity is a continuous learning experience, and the need for training resources in the industry is only growing stronger. “We are excited to announce the launch of ThreatX Academy, and we look forward to advancing the program in the future as part of our broader effort to close cybersecurity’s ongoing talent gap.”
Gene Fay, CEO of ThreatX
ThreatX’s API protection platform and complete managed services make the world safer by protecting APIs from all threats, including DDoS attempts, complex botnets, zero-day and multi-mode attacks. ThreatX applies artificial intelligence and machine learning to detect and respond to even the slightest indicators of suspicious activity in real-time. Today, ThreatX protects APIs for companies in every industry across the globe.
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Apiiro | January 04, 2023
Apiiro, the market leader in Cloud-Native Application Security, announced that its award-winning security platform is now accessible on AWS Marketplace.
Apiiro's solution intends to assist developers and security engineers in resolving significant risks across the software supply chain before launching apps to the cloud. Instead of a single vulnerability or misconfiguration, multiple isolated and unconnected findings are scattered throughout the source code, configurations, open-source packages, and cloud infrastructure that, when combined with appropriate context, form a Risk Story that attackers can exploit.
Its Risk Graph technology integrates these endless elements with actionable information to provide developers and security teams with an entirely new way to fix problems.
Apiiro has introduced a whole new approach to application security by offering complete visibility into code bases, analyzing risks from design to code to the cloud, and proactively addressing actual vulnerabilities that attackers can exploit before they even get released to the cloud.
By connecting to their source control managers via API, Fortune 500 businesses can cut operational costs and risks at scale while ensuring seamless deployment.
Now that it is accessible in the AWS marketplace, customers may deploy Apiiro's Cloud Application Security Platform through their AWS Marketplace accounts, enabling them to quickly secure everything they develop and deliver to the cloud by proactively resolving risks with actionable context.
Apiiro is a Cloud Application Security Platform that provides comprehensive insight and actionable context to security and development teams to proactively fix risks before releasing them to the cloud. It also assists them in addressing threats throughout the software supply chain. Since its inception, the Apiiro Cloud-Native Application Security Platform has been deployed by developers and security experts in the world's biggest organizations to handle critical threats across more than 1 million code repositories, CI/CD pipelines, and cloud infrastructures.