PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY
Businesswire | May 23, 2023
Conceal, a global leader in Zero Trust browser isolation technology, has announced a new strategic partnership with White Rock Cybersecurity, an industry-recognized Value Added Reseller specializing in comprehensive IT and network security solutions.
"White Rock Cybersecurity is committed to delivering innovative, scalable, and manageable solutions in information technology," said James Range, CEO of White Rock Cybersecurity. "With the inclusion of Conceal's Zero Trust isolation technology in our offerings, we are significantly boosting the defense capabilities of our customers against both existing and emerging cyber threats at the edge."
ConcealBrowse, Conceal's flagship product, is a lightweight browser extension that turns any existing browser into a Zero Trust, secure browser. By monitoring and detecting new and potentially malicious URLs, ConcealBrowse can accurately determine if the activity at the edge is safe to continue via the organization's network. This layer of protection effectively blocks potentially malicious activity, minimizing the success of credential theft and ransomware that bypass other cybersecurity controls.
In cases where the safety of a URL cannot be immediately determined, ConcealBrowse isolates the session, protecting the user's identity and the organization's network from potential threats.
"White Rock Cybersecurity has a proven track record of delivering top-tier IT and cybersecurity solutions to their customers," said Gordon Lawson, CEO of Conceal. "We are excited to work closely with them to enhance their capabilities further and ensure their clients benefit from our innovative Zero Trust isolation technology."
The partnership presents a tremendous opportunity for the security partner community. With ConcealBrowse, partners can now provide their customers with a comprehensive malware protection solution for any browser, enhancing the overall cyber resilience of organizations and protecting their digital assets at the edge.
Conceal enables organizations of all sizes globally to protect users from credential theft, malware, and ransomware at the edge. The ConcealBrowse Platform uses Zero Trust isolation technology to defend against sophisticated cyber threats, ensuring users and IT operations remain secure and isolated from attacks. For more information, visit https://conceal.io/.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
GlobeNewswire | March 23, 2023
Tenable®, the Exposure Management company, today announced significant advancements to Tenable Cloud Security, a unified and scalable Cloud Security Posture Management (CSPM) and vulnerability management solution delivered on the Tenable One exposure management platform, and expanded availability of Tenable Agentless Assessment for Microsoft Azure.
Hybrid and multi-cloud strategies enable organizations to satisfy unique business requirements and accelerate innovation. But managing highly complex and distributed cloud environments – each with its own security tools, processes and specialized skill requirements – is neither easy nor straightforward. As a result, security issues such as simple misconfigurations and excessive privileges – the root cause of the majority of cloud breaches – can go unseen.
Tenable Cloud Security enables organizations to achieve consistent cloud security and compliance by bringing all cloud vulnerabilities, misconfigurations and drift across multi-cloud and cloud-native environments to the forefront, providing organizations with a unified cloud security solution that simplifies and scales cloud security posture management. Tenable Cloud Security’s built-in best practices consistently enforce security posture and compliance across environments, detecting and preventing risky configurations from ever reaching cloud runtimes.
When deployed as part of Tenable One, customers gain advanced vulnerability prioritization capabilities and automated remediation workflows, enabling security and DevOps teams to prioritize remediation efforts where they can have the biggest impact on security and compliance posture.
“Cloud environments are in a constant state of change, meaning that security, compliance and governance is a ‘never-done’ job,” said Nico Popp, chief product officer, Tenable. “With more than half of data breaches occurring in the cloud, organizations are racing against the clock and cannot afford for weak code to go into runtime. To effectively scale security at the speed and scale of the cloud, the pendulum must swing from reactive threat detection and response to exposure management and preventive cloud security posture management.”
Additional new and enhanced CSPM features include:
Continuous Discovery and Assessment - Improved cloud account onboarding enables organizations to continuously discover and assess both managed and unmanaged cloud accounts, limiting blind spots and minimizing risks.
Most Comprehensive Policy Portal, Views and Content - New policy portal makes it easy to view and customize over 1,500 out-of-the-box policies spanning 20 industry benchmarks and regulations. Enriched by the expertise and speed of Tenable Research, including the industry’s most comprehensive library of 71,000 known vulnerabilities, Tenable Cloud Security has 2.6 times more cloud Center for Internet Security (CIS) certifications than any other cloud security vendor. Organizations can visualize misconfiguration details, impacted resources and all the context needed to quickly remediate issues. With the new low code policy group editor, organizations can create custom policy groups enabling security teams to build custom policy groups leveraging existing policies.
Automated Cloud-to-Cloud Drift Detection - New drift detection enables organizations to maintain compliance by detecting configuration drift in runtime and between Infrastructure-as-Code (IaC), automating pull requests including corrected code or step-by-step instructions to the right owner, or applying remediation code automatically to significantly reduce mean-time-to-remediation.
Enhanced Reporting and Collaboration: Enhanced reporting capabilities enable security teams to accurately report on key metrics to executive leadership while increasing cross functional collaboration between security operations and compliance teams. Report and share security posture findings by role, function or by industry benchmarks and regulatory frameworks – such as CIS, SOC 2 and 20+ others.
Tenable® is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | May 15, 2023
SANS Institute, the global leader in cyber security training and education, has announced the latest SANS ICS Cybersecurity Field Manual Volume 3, a continuation from Volumes 1 and 2, providing Industrial Control Systems (ICS) cybersecurity professionals and ICS risk managers with more advanced insights into industrial control system specific incident response, risk-based ICS vulnerability management, ICS defender skillsets, team management, and ICS security tools and protocols to defend these systems.
The first two volumes, released in 2022 and 2023, offered a comprehensive overview of ICS security, and the third volume provides more detailed, actionable guidance in the areas of active incident response, environment and safety concerns, vulnerability management and patching, threat detection, system design, network architecture, and effective risk management. Volume 3 also shares the security skillset recipe for the best ICS security team defenders.
"The SANS ICS Cybersecurity Field Manual series is an essential tool for all Industrial Control Systems (ICS) security professionals," said ICS expert, field manual author, and Certified SANS Instructor, Dean Parsons, "and it should find a home on the desk of every control system operator, critical infrastructure cyber defender, and ICS/OT risk manager, in all industrial control system sectors globally. Security professionals must up defenses and staff skillsets to meet the evolving threats, so the ICS Cybersecurity Field Manual should be a necessity in the ICS Incident Response jump bag."
SANS will be hosting a webcast featuring Parsons to discuss the new edition of the manual on Wednesday, May 10, 2023, at 10:00 AM EDT. Attendees will learn about the latest manual edition and gain insights on how to best protect ICS systems.
To join the webcast, please register here: https://www.sans.org/webcasts/discover-ics-cybersecurity-field-manual-vol-3/
Continue to enrich your ICS Security career by downloading the new ICS Cybersecurity Field Manual Vol. 3 as well as ICS Cybersecurity Field Manuals Vol. 1 and 2 here: https://www.sans.org/mlp/ics-resources/
The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cybersecurity training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cybersecurity events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on technical certifications in cybersecurity. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's and bachelor's degrees, graduate certificates, and an undergraduate certificate in cybersecurity. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to manage their "human" cybersecurity risk easily and effectively. SANS also delivers a wide variety of free resources to the InfoSec community, including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system-the Internet Storm Center. At the heart of SANS are the many security practitioners representing varied global organizations, from corporations to universities, working together to support and educate the global information security community.