DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY

Veza Announces Open Authorization API to Extend Identity-First Security Across the Enterprise Data Landscape

Veza | December 02, 2022 | Read time : 02:30 min

Veza_Announces_Open
Veza today announced that its Open Authorization API (OAA) is now public on GitHub for community collaboration, extending the reach of identity-first security across the enterprise. Developers can now create and share connectors to extend the Veza Authorization Graph to all sensitive data, wherever it lives, including cloud providers, SaaS apps, and custom-built internal apps, accelerating their company’s path to zero trust security.

Security professionals espouse the principle of ‘Least Privilege’ to secure enterprise data, but the rush to a multi-cloud, multi-app environment has exploded the complexity and layers of interconnection for which access must be understood, monitored, and constantly remediated to achieve and maintain least privilege. Recent attacks on Okta and Twilio demonstrate that companies are allowing overly-broad access to data via constructs of groups, roles, policies, and system specific permissions. Veza connects the dots of effective permissions across cloud providers, SaaS apps and identity platforms, making it easy to visualize who can view or delete sensitive data. OAA allows organizations and the broader community to create their own integrations with Veza, extending visibility to any resource, including SaaS apps like GitLab and Jira as well as custom-built internal apps.

“The vast majority of cybersecurity failures are rooted in issues with the gap that exists between identity, access to data, and permissions,” said Tarun Thakur, co-founder and CEO, Veza. “Since our founding, we have been committed to protecting our customers from threats like ransomware, privilege abuse, and data breaches. With Veza Open Authorization API, we are extending our identity-first security approach broadly in the market and arming organizations with the tools they need to remediate undesirable and unnecessary data access at a granular level, and meet the requirements of access governance for enterprise systems, both on-premises and in the cloud."

With Veza's Open Authorization API, customers can translate and visualize authorization metadata from any SaaS app, custom and in-house applications. Users can explore identity-to-data relationships through the Authorization Graph, monitor for least privilege misconfigurations and violations, and conduct comprehensive entitlement reviews for all of their sensitive data.

“We specifically chose Veza because their Open Authorization API allowed us to connect to our custom internal applications. We follow the principle of least privilege, but with so many systems to review, we valued Veza’s unique ability to give us a comprehensive view quickly. They made it faster and easier for our team to review all permissions with confidence.”

-Riaz Lakhani, CISO of Barracuda Networks. 

As an open-source project on GitHub, Veza’s Open Authorization API allows customers and partners to learn from, and build upon, each other’s work to create a control plane that reaches all data. By bringing OAA SDK and connectors available on GitHub Community, Veza empowers customers to ingest authorization metadata previously isolated in internal systems and SaaS applications. The OAA community has already created integrations for critical SaaS apps including GitHub, GitLab, Bitbucket, Jira, Zendesk, Slack, Coupa Software, Pagerduty, and Looker. These integrations are available now to all Veza customers.

“Veza solves the problem of aligning identities to data,” said Craig Rosen, Chief Security & Trust Officer at ASAPP. “Veza’s Open Authorization Platform helped us extend that visibility to all the apps and data that matter most to us, like GitHub and Jira. Now it is easy for our security professionals to understand (and remediate) who has access to our important intellectual property.”

About Veza
Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to visualize, remediate, and control who can and should take what action on what data. We empower customers to take an identity-first approach to secure data by addressing critical business needs of streamlining identity and access governance, implementing data lake security, managing cloud entitlements, and modernizing privileged access. Our Authorization Graph connects identities to data across enterprise systems, enabling analysis, monitoring, and certification of end-to-end access. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza to secure their enterprise data. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures.

Spotlight

Remote-Access-VPN ist nicht sicher Anwendungen laufen heute in der Cloud, und User greifen von überall auf sie zu. Dadurch verlieren Unternehmen die Kontrolle über das Netzwerk – und die über 25 Jahre entwickelten Remote Access-Technologien ihre Wirksamkeit zur Gewährleistung der Netzwerksicherheit. Die digitale Transformation

Spotlight

Remote-Access-VPN ist nicht sicher Anwendungen laufen heute in der Cloud, und User greifen von überall auf sie zu. Dadurch verlieren Unternehmen die Kontrolle über das Netzwerk – und die über 25 Jahre entwickelten Remote Access-Technologien ihre Wirksamkeit zur Gewährleistung der Netzwerksicherheit. Die digitale Transformation

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Cymulate Integrates with the Trend Micro Vision One XDR Platform

Cymulate | December 07, 2022

Cymulate, the market leader in Threat Exposure Assessment and Cybersecurity Controls Validation, today announced a new technology integration with Trend Micro, a global cybersecurity leader, which reduces risk related to cyber threats. In addition to joining the Trend Micro Vision One ecosystem partner program, the company has completed the technology integration of its cybersecurity risk validation and exposure management solution with the Trend Micro Vision One XDR platform. The collaboration will correlate simulated attacks with ongoing events and alerts, enhancing the security control environment and management against malicious behavior and real and simulated malware. Today's malicious actors are becoming increasingly sophisticated in their execution of attacks. As a result, organizations must have measures in place to protect their network and ensure they are constantly monitoring their environment for new threats. Together, the integrated Cymulate and Trend Micro Vision One XDR solution provides comprehensive protection against cyber threats and strengthens an organization's security posture with the following benefits: Automated and continuous security validation across the entire attack kill-chain Ongoing simulation that operationalizes the MITRE ATT&CK framework Creating auto remediation playbooks to new threats and attack vectors Configuration of Trend Micro's XDR policies to Cymulate's actionable remediation guidance "Cyberattacks are not showing any signs of slowing down and need a united front from security providers to combat them. "We are delighted to be partnering with Trend Micro so that businesses can better understand any weaknesses in their security posture and optimize their existing security infrastructure to better protect their organizations." Carolyn Crandall, chief security advocate at Cymulate "Security validation is an essential step for organizations to take towards cyber resilience," said Jon Clay, vice president of threat intelligence at Trend Micro. "Integrating our solutions with Cymulate is an exciting milestone for us. This new offering will significantly strengthen the risk assessment capability and provide enhanced seamless protection for mission-critical environments through ongoing simulated attacks deployed alongside events and alerts coming from Trend Micro." Cymulate's platform is recognized for its ability to continuously test a business's security posture against immediate threats and to validate whether security controls are functioning properly to stop in-network activities tied to execution methods, OS manipulation, data manipulation, lateral movement, data exfiltration, and other actions that inform on how bad the incursion or breach might be. The breadth and depth of this platform have earned it recognition as the gold standard for continuous threat exposure management (CTEM) programs, an emerging security program that was coined by Gartner, Inc. About Cymulate Cymulate's continuous risk validation and exposure management platform provides security professionals with the ability to continuously challenge, validate and optimize their on-premises and cloud cyber-security posture with visualization end-to-end across the MITRE ATT&CK® framework. The platform provides automated, expert and threat intelligence led risk assessments that are simple to deploy and use for organizations of all cybersecurity maturity levels. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarios and advanced attack campaigns tailored to their unique environments and security policies. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

BeyondTrust Releases Cybersecurity Predictions for 2023 and Beyond

BeyondTrust | November 04, 2022

BeyondTrust, the leader in intelligent identity and access security today released its annual forecast of cybersecurity trends emerging for the New Year and beyond. These projections, authored by BeyondTrust experts Morey J. Haber, Chief Security Officer and Brian Chappell, Chief Security Strategist, EMEA/APAC, are based on shifts in technology, threat actor habits, culture, and decades of combined experience. Prediction #1: Negative, Zero, and Positive Trust -- Next year, expect products to actually be “zero trust-ready", satisfy all seven tenants of the NIST 800-207 model, and support an architecture referenced by NIST 1800-35b. Zero trust product vendors will create marketing messages that may imply positive and/or negative intent (maybe not using such simple puns on the number zero). Some will provide positive zero trust authentication and behavioral monitoring, while others will work using a closed security model to demonstrate what should happen when a negative zero trust event occurs. Prediction #2: Camera-Based Malware is here. Say “Cheese”! -- In 2023, expect to see the first of many exploits that challenge smart cameras and the technology embedded within to leverage vulnerabilities. While there have been timeless discussions on the risks of using QR codes, we’re only now beginning to understand the risks from our smart cameras. As cameras become more complex, the risk surface is expanding for novel approaches that could lead to their exploitation. Prediction #3: Reputation for Ransom—The rise of Ransom-Vaporware – We will see a rise in the extortion of monies based purely on the threat of publicizing a fictional breach. Society so willingly accepts the veracity of breaches reported in the news—and without evidence. For a threat actor, this could mean the need to perpetrate an actual breach is reduced and a threat alone, that is not even verifiable, becomes an attack vector all in itself. Prediction #4: The Foundation of Multi-Factor Authentication (MFA) Invincibility Fails -- Expect a new round of attack vectors that target and successfully bypass multifactor authentication strategies. In the next year, push notifications, and other techniques for MFA will be exploited, just like SMS. Organizations should expect to see the foundation of MFA eroded by exploit techniques that compromise MFA integrity and require a push to MFA solutions that use biometrics or FIDO2-compliant technologies. Prediction #5: Cyber Un-insurability is the New Normal -- In 2023, more businesses will face the stark realization that they are not cyber-insurable. As of the second quarter of 2022, U.S. cyber-insurance prices already increased 79% over the prior year. The truth is, it’s becoming downright difficult to obtain quality cyber insurance at a reasonable rate. Prediction #6: The Latest Concert Hack: Wearable Risk Surfaces and Hackable E-Waste -- If you have recently attended a large concert, you may have received a disposable LED bracelet that can receive RF transmissions during the event. The device is meant to be low cost, disposable, and have potentially only single use. In 2023, expect threat actors to easily decode the RF transmissions using tools like Flipper Zero to wreak havoc on venues that use these enhancements. Some, may be to form a protest for some other purpose. Prediction #7: Compliance Conflicts are Brewing -- Significant compliance standards, best practices, and even security frameworks, are starting to see a diverging in requirements. In 2023, expect more regulatory compliance conflicts, especially for organizations embracing modern technology, zero trust, and digital transformation initiatives. Prediction #8: The Death of the Personal Password -- The growth of non-password-based primary authentication will finally spell the end of the personal password. More applications, not just the operating system itself, will start using advanced non-password technologies, such as biometrics, either to authenticate directly or leverage biometric technology, like Microsoft Hello or Apple FaceID or TouchID, to authorize access. Prediction #9: De-Funding of Cyber Terrorists Becomes Law -- Governments all over the world will entertain a new approach to protect organizations from ransomware and stop the funding of terrorists: ban ransomware payouts outright. Granted, threat actors may move on to a new form of cyber crime to fund their operations, but ransomware as we know it will fade away. Prediction #10: Cloud Camouflage is Confronted -- To mitigate cloud security risks, expect a push for transparency and visibility into the security operations of SaaS solutions, cloud providers and their services. The push to ensure transparency of the architecture, foundational components, and even discovered vulnerabilities, will extend beyond SOC and ISO certifications. Prediction #11: Social Engineering in the Cloud -- Attackers will turn from their software toolkits to their powers of persuasion as they increase the number of social engineering attacks leveled at employers and organizations across the cloud. Prediction #12: Unfederated Identities to Infinity and Beyond -- Expect a push into unfederated identities to help provide a new level of services and potentially physical products that will become a mild access control and management nightmare. The size and scope will feel truly infinite—unless it is well-defined for identity management teams to provide access beyond what typically is available today. Prediction #13: OT Gets Smarter, Converges with IT -- Expect attack vectors for basic Operational Technology (OT) to expand based on similar exploits that target IT. OT which once had a single function and purpose is now becoming smarter, leveraging commercial operating systems and applications to perform expanded missions. As these devices expand in scope, their design is susceptible to vulnerabilities and exploitation. Predictions #14: Headline Breaches Move to Second-Page News -- Expect news of breaches to be buried deeper—whether in print or online format based on audience fatigue, lack of interest, or just because it is no longer exciting. With that said, legal, regulatory, and compliance responses will become front-page news should an organization fail to follow the proper steps for public disclosure and risk mitigation. Prediction #15: A Record-“Breaching” Year -- Expect a record-breaking year of cyber security breach notifications, not only because of the sophistication of threat actors, but also due to the larger changes in the world that will impact an organization's ability to mitigate, remediate, or prevent a problem. About BeyondTrust BeyondTrust is the worldwide leader in intelligent identity and access security, empowering organizations to protect identities, stop threats, and deliver dynamic access to empower and secure a work-from-anywhere world. Our integrated products and platform offer the industry's most advanced privileged access management (PAM) solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments. BeyondTrust protects all privileged identities, access, and endpoints across your IT environment from security threats, while creating a superior user experience and operational efficiencies. With a heritage of innovation and a staunch commitment to customers, BeyondTrust solutions are easy to deploy, manage, and scale as businesses evolve. We are trusted by 20,000 customers, including 75 of the Fortune 100, and a global partner network.

Read More