DATA SECURITY

To speed up the distribution of cyber insurance for small companies, Cowbell Cyber Partners with Mylo

prnewswire | November 05, 2020

Cowbell Cyber, the business' first AI-controlled digital protection supplier for little to moderate sized organizations (SMBs), today declared it has cooperated with Mylo – the advanced specialist dispatched by the world's biggest free merchant, Lockton – to empower expanded dispersion of Cowbell's independent digital protection to the private company market, a territory customarily underserved by digital protection.

Organizations of all sizes are getting more dependent on an advanced climate given the present far off setting, regularly leaving them presented to expanded online protection weaknesses including information penetrates, ransomware assaults, digital wrongdoing, and then some. Along these lines, the interest in digital inclusion has definitely expanded as organizations acknowledge digital protection is currently a need, not an extravagance.

Mylo chose Cowbell Cyber in light of the fact that Cowbell Prime – Cowbell's independent, conceded digital protection programs – addresses the difficulties looked by private companies while considering protection including:

Lucidity of the arrangement terms: entrepreneurs can now quickly comprehend the insurance they will get

Importance: Quote and strategies are adjustable in a couple of snaps for higher significance for the policyholder

Conceded program: Ensures that everything has been altogether verified by state level offices

Prevalent danger the board apparatuses: Free danger appraisal and moderation devices increase the value of private venture on the very first moment of the strategy
"We are excited to partner with Mylo to deliver on the promise of customized cyber coverage and easy-to-use risk management tools for their expanding client base," said Dan Law, Head of National Accounts at Cowbell Cyber. "Partnering with Mylo will allow us to better distribute cyber insurance to the currently underserved markets, ultimately helping customers with their cyber resilience."

"As an advocate for small business owners, we care about helping them prepare for a cyberattack that could threaten everything they've worked so hard to build," said Mylo COO, Belen Tokarski. "Mylo and Cowbell Cyber are a great fit because we both focus on using technology to give businesses the protection they need to anticipate and recover from serious risks."

The association carries critical efficiencies to Mylo's operators including:

Speed: Cowbell Prime empowers operators to set up different, tweaked cites in a couple of snaps

Usability and straightforwardness: Selling of digital protection is rearranged with inclusions that are introduced to policyholders in a straightforward way, alongside Cowbell Factors to recognize hazard deviation from the business normal

No coupling delays: Every statement gave by Cowbell Prime can be momentarily bound

About Cowbell Cyber
Cowbell Cyber is dedicated to providing standalone, admitted, individualized and easy-to-understand cyber insurance for small and mid-size businesses. In its unique AI-based approach to risk selection and pricing, Cowbell's continuous underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Cowbell Insurance Agency is currently licensed in 34 U.S. states and provides SMBs with admitted cyber insurance on AM Best "A" rated paper with up to $15 Million in coverage.
About Mylo
Mylo is a digital one-stop-shop that makes it easy for businesses and individuals to compare and purchase top-rated insurance products from multiple carriers, including business, small group benefits, home, auto, life and individual health. Launched in 2015 by Lockton, the world's largest privately held independent insurance broker, Mylo offers expert insurance recommendations online or on the phone with licensed agents. Mylo can be easily integrated into a partner's customer experience, providing a proven boost in customer engagement.

Spotlight

Eine AI-gestützte Lösung zum Schutz vor Bedrohungen verhilft Ihnen zu einer Sicherheitsstrategie, die den aktuellen Anforderungen gewachsen ist. In einer Umgebung, in der wertvolle Assets und sensible Daten digital gespeichert sind, lassen potenzielle Angreifer nicht lange auf sich warten. Ihr erklärtes Ziel: Sicherheitslücken z

Spotlight

Eine AI-gestützte Lösung zum Schutz vor Bedrohungen verhilft Ihnen zu einer Sicherheitsstrategie, die den aktuellen Anforderungen gewachsen ist. In einer Umgebung, in der wertvolle Assets und sensible Daten digital gespeichert sind, lassen potenzielle Angreifer nicht lange auf sich warten. Ihr erklärtes Ziel: Sicherheitslücken z

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Legit Security Discovers New Class of Development Pipeline Vulnerabilities; Open-Source Rust Programming Language Found Vulnerable

Legit Security | December 12, 2022

Legit Security, a cyber security company with an enterprise platform that protects an organization's software supply chain from attack and ensures secure application delivery, today announced that it discovered a new class of software supply chain vulnerabilities that leverage artifact poisoning to attack underlying software development pipelines. The vulnerability was found in GitHub Actions, a platform for orchestrating and automating software development pipelines, and the vulnerability was identified in the highly popular programming language Rust. Many other GitHub Action projects remain potentially vulnerable and a technical disclosure blog including information to protect organizations from attack is available on Legit Security’s website. The discovered pipeline vulnerability could allow any GitHub user to replace legitimate development artifacts with malicious ones, enabling attackers to modify source code, steal secrets and create CodeCov-like wide-reaching software supply chain attacks. Rust, an extremely popular programming language used by millions of developers, acknowledged and fixed the vulnerability after initial disclosure by the Legit Security Research Team. GitHub Actions is part of the extremely popular GitHub source code management system at the heart of many organization’s software supply chains and used by software developers globally. The vulnerability affects the GitHub Actions artifacts storage mechanism, which is used to store and transfer build artifacts between software development build jobs. Due to a limitation in the cross-workflow artifact communication mechanism, vulnerable workflows cannot distinguish between legitimate project artifacts and artifacts that were created by the project’s forks or copies, allowing any user to create a fork, and then craft a malicious artifact that will be treated as a legitimate one. “This is a different class of vulnerability that can lead to attacks and modification of the development pipeline itself, not just modification of the code. “A simple analogy could be made to a car assembly line. This is an attack on the assembly line itself that could include stealing sensitive parts, turning off certain steps, or substituting any valid part for a malicious one. It’s a powerful attack vector that gives cyber criminals a lot of options to inflict damage. In this case, the vulnerable targets are software supply chains that use GitHub Action.” Liav Caspi, co-founder and CTO, Legit Security The Legit Security Research Team also disclosed the security issue to the GitHub security team. GitHub responded by simply updating their API to include information that could help prevent this vulnerability. It should be noted that GitHub didn’t address the root cause of the issue, thus leaving many other GitHub Action projects vulnerable to the aforementioned software supply chain attacks. Legit Security’s technical disclosure blog includes important information on how to protect organizations from this type of attack. More information about general GitHub security best practices can also be found here. Legit Security Legit Security protects an organization's software supply chain from attack and ensures secure application delivery, governance and risk management from code to cloud. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments, and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

1Password Acquires Passage Identity to Power a Passwordless Future

1Password | November 07, 2022

1Password, a leader in human-centric security and privacy, today announced the acquisition of Passage, a developer-first passwordless authentication company. 1Password will use Passage's technology to launch a passwordless authentication platform for enterprises – enabling a safer, simpler, and more secure end-user experience across any platform or device. "1Password is focused on empowering companies and consumers to have safer and simpler digital experiences. As the world evolves, that means helping companies and consumers navigate all the complexities on the path to a passwordless future," said Jeff Shiner, chief executive officer of 1Password. "With today's Passage acquisition, we are committing to giving businesses and end users what they want and deserve: the convenience of passwordless without compromising security." Together, 1Password and Passage Identity will enable developers, businesses, and consumers to make progress toward a passwordless future by accelerating adoption of passkeys. Passkeys represent the opportunity to replace passwords in favor of more secure and seamless user experiences. With passkeys, the pain of forgotten passwords is a thing of the past, and users minimize exposure to phishing attacks. For businesses, passwordless authentication can improve top- and bottom-line revenue by eliminating forgotten customer passwords and reducing sign-up friction. "Passwords are ubiquitous, but ever-changing requirements can make them a hassle to use, and that can harm the user experience and cause real ramifications for businesses. "1Password's market leadership and human-centric mission make them a natural fit to achieve our shared vision of a secure, user-friendly experience that enables businesses to deliver a frictionless and safe experience to users on any device – no QR codes required." Cole Hecht, co-founder and chief executive officer of Passage The entire Passage team, including co-founders Cole Hecht (CEO) and Anna Pobletts (CTO), will bring their technical expertise and exclusive focus on passkey authentication to 1Password. The Passage team will continue to focus on developing passkey-first authentication for consumer-facing businesses. This solution will be available in beta in early 2023. The FIDO Alliance is an open industry association focused on improving authentication standards to minimize password use and improve online security. "Enterprises around the world are rapidly adopting FIDO-based solutions in order to accelerate the journey toward a safer, passwordless future," said Andrew Shikiar, executive director and CMO of the FIDO Alliance. "With the Passage acquisition, 1Password has bolstered their solution offering which stands to help more companies reduce reliance on passwords in favor of user-friendly and unphishable FIDO authentication." About 1Password 1Password's human-centric security keeps people safe, at work and at home. Our solution is built from the ground up to enable anyone – no matter the level of technical proficiency – to navigate the digital world without fear or friction. The company's award-winning security platform is re-shaping the future of authentication, including passwordless. 1Password is trusted by over 100,000 businesses such as IBM, Slack, Snowflake, Shopify, and Under Armour and protects the most sensitive information of millions of individuals and families across the globe. The company's ultimate goal is to help consumers and businesses get more done in less time – with security and privacy as a given.

Read More

INFOSEC PROJECT MANAGEMENT,PLATFORM SECURITY,SOFTWARE SECURITY

NowSecure Unveils Its Latest Offering, Mobile Pen Testing-as-a-Service (PTaaS)

NowSecure | January 03, 2023

NowSecure, the leader in standards-based mobile app security and privacy software, announced the introduction of its latest solution, NowSecure Mobile Pen Testing as a Service (PTaaS), which will bridge the gap between manual and automated mobile security assessments for continuous security. NowSecure PTaaS is designed to provide mobile developers and security teams with a more cost-effective and efficient pen testing solution. The solution combines periodic expert manual assessments with continuous automated testing to optimize comprehensive coverage at a higher frequency. With this combination, the all-inclusive portal and service can instantly discover concerns early in the developer pipeline, provide consulting help to repair security issues promptly, and accelerate the release of high-quality software into production. As organizations struggle with tightening budgets in conjunction with an increased threat of mobile cyber assaults, there is an industry demand for a cost-effective, higher-coverage, higher-frequency, mobile AppSec testing solution. "According to Coalfire and NowSecure's 4th Annual Penetration Risk Report, 99% of mobile applications pose security or privacy threats." By integrating NowSecure's latest offering, Mobile PTaaS, CISOs and security leaders can optimize their budget for penetration testing while prioritizing continuous, comprehensive security testing. The NowSecure Mobile PTaaS cloud-based platform, built on tens of thousands of pen tests and over 12 years of mobile application security experience, provides a comprehensive set of automatic, continuous, and manual assessments, including: Expert pen testing periodically depending on the specific demand and timeline On-demand and continuous security testing is built into the CD/CI and dev toolchains Automatic ticket generation with incorporated remedial resources Consultation with an experienced pen tester on remediation Optional industry standard(s) certifications and validations All-in-one SAST, IAST, DAST, APISec, and SBOM Simple-to-use dedicated SaaS platform About NowSecure A Chicago-based mobile security company, NowSecure safeguards the worldwide mobile app economy as the leading authority in standards-based mobile application privacy and security automation. The company is trusted by the most demanding enterprises for its comprehensive security testing solution package for DevSecOps, mobile app supply-chain monitoring, Pen Testing as a Service (PTaaS), professional mobile pen testing, and training courseware. NowSecure actively contributes to and supports the open-source mobile security community, industry standards, and certifications such as ADA MASA, OWASP MASVS, NIAP, ioXt, and others. The firm is SOC 2-certified and has been recognized by Gartner, IDC, TAG Cyber, and Deloitte Fast 500.

Read More