Home > News > featured news > Veza, the Data Security Platform Built on the Power of Authorization, Announces Blackstone as a Customer and Strategic Series C Investor

Data Security

Veza, the Data Security Platform Built on the Power of Authorization, Announces Blackstone as a Customer and Strategic Series C Investor

Veza | June 27, 2022

Veza
Veza, the data security platform built on the power of authorization, announced an investment in their Series C funding round from Blackstone Innovations Investments, along with participation from previous investors. To date, Veza has raised a total of $110 million from top-tier investors including Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, True Ventures, and others. Blackstone has also selected Veza to help modernize its data security and access governance.

Veza empowers organizations to address today’s greatest cybersecurity challenge: who can and should take what action on what data. As the world increasingly moves online, our changing behaviors are driving a transformational shift toward multi-cloud data systems, apps, computing, and infrastructure. This shift creates a complex, distributed web of human identities, accounts, apps, services, and access points that are constantly changing and susceptible to vulnerabilities. To address this, Veza takes a comprehensive approach that pulls together authorization data from disparate systems, giving customers a single source of truth to manage data access and controls.

“Having a world-class cybersecurity program that protects our brand, reputation, investors and intellectual property is of paramount importance to our firm, and we are continuing to incorporate innovative technology solutions,” says Adam Fletcher, Chief Security Officer at Blackstone. “Our team is always looking for ways to develop a more comprehensive view of access across all of our applications and cloud infrastructure to allow us to modernize the firm’s access controls. We are excited to partner with Veza to help us accomplish this.”

“Blackstone Innovations Investments is committed to investing in cutting-edge technology companies that we believe will have a meaningful impact on Blackstone, our portfolio companies, and the broader industry. We look forward to working with Veza and their impressive leadership team as they enter this next phase of growth,” comments Stevi Petrelli, Head of Blackstone Innovations Investments.

“Institutions across multiple industries view Blackstone as an example of exceptional technology deployment and cybersecurity expertise. “Veza has greatly benefited from Blackstone’s product feedback and market insights. We are thrilled to work with Blackstone’s Security team to further modernize data security for their hybrid and multi-cloud environment.”

Tarun Thakur, CEO and Co-Founder of Veza

Additional investment in Veza comes from notable entrepreneurs including Dheeraj Pandey, Co-founder & CEO, DevRev and former CEO, Nutanix, and Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO, SuccessFactors.

“Authorization is the source of truth when it comes to understanding who has access to what,” says Dheeraj Pandey, Co-Founder and CEO of DevRev. “Understanding authorization at scale is one of the hardest problems to address and I am excited to watch team Veza bring on a new era of identity, rooted in authorization. Veza is defining authorization as a standard for protecting data against ransomware and other forms of data breach.”

“Entrepreneurs will tell you that company building is one of the hardest, yet rewarding experiences, with real potential to make an impact,” says Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO SuccessFactors. “When evaluating any company, I look for deep technical breakthrough for a massive market opportunity, deal composition and company traction, and passion amongst founders. And, I’m very excited to be partnering with Tarun and Veza on the mission to build an iconic company that will revolutionize the data security industry for decades to come.”

About Veza
Veza is the data security platform built on the power of authorization. Our platform is purpose-built for hybrid multi-cloud environments to help you use and share your data safely. Veza makes it easy to understand, manage, and control who can and should take what action on what data. We organize authorization metadata across identity providers, data systems, cloud service providers, and applications — all to address the toughest data security challenges of the modern era. Founded in 2020, the company is funded by top-tier investors including Accel, Bain Capital, Ballistic Ventures, Blackstone, GV, Norwest Venture Partners, and True Ventures. To learn more, please visit us at veza.com. Many Fortune 500, Fortune 1000 and smaller organizations use its data security platform for protection against ransomware, modernizing access governance for critical data and apps, and implementing data lake security for Snowflake and other solutions.

Spotlight

Risk-Based Authentication eBook: How Duo Can Reduce Risks for Hybrid Work

Risk-Based Authorization solves two challenges: it allows users to gain access from anywhere and ensures that access is secure. Find out how to frustrate attackers, not users with RBA in this guide

More featured news

Spotlight

Risk-Based Authentication eBook: How Duo Can Reduce Risks for Hybrid Work

Risk-Based Authorization solves two challenges: it allows users to gain access from anywhere and ensures that access is secure. Find out how to frustrate attackers, not users with RBA in this guide

Related News

Security Audit and Compliance

Lumen Enhances its SASE Solution with New Security Features Addition

Lumen Technologies | September 13, 2023

Lumen Technologies announces the launch of key security enhancements to its industry-leading secure access service edge product. The company’s SASE Solutions represents a first-of-its-kind, fully digital experience for purchasing, configuring, and overseeing enterprise SASE. The latest features incorporated into Lumen SASE Solutions are security service edge and cloud-hosted gateways. On September 12, 2023, Lumen Technologies, a leading provider of Secure Access Service Edge (SASE) solutions, committed to advancing human progress through technology facilitating the connection of people, data, and applications, announced the addition of key enhancements to its landmark SASE product. The addition of new features makes lumen SASE solutions even more simplified and flexible for customers. Lumen SASE Solutions represents a pioneering, entirely digital experience for purchasing, configuring, and managing enterprise SASE. This is a significant step in Lumen's ongoing efforts to drive innovation and foster growth. Notably, the SASE product improvements launch are a direct outcome of valuable customer feedback. The Lumen SASE approach focuses on simplification in order to deliver flexible, secure, and scalable SASE solutions to organizations of all sizes and industries. Senior Director of SASE Product Management at Lumen, Darren Wolner, said, There has been a rapid adoption of cloud-based services as more organizations implement hybrid work, but security is paramount to any cloud-based experience. This means savvy organizations soon realized a whole new set of requirements and challenges. We quickly enhanced the product to fit their requirements. [Source – Cision PR Newswire] Darren mentioned that Lumen has a strong focus on meeting customer wants and needs. He cited the latest SASE updates as a prime illustration of this commitment. The new capabilities added to Lumen SASE Solutions include: Security Service Edge (SSE) SSE encompasses a suite of integrated, cloud-centric security capabilities, which feature cloud-hosted gateways. These capabilities are designed to ensure secure access to websites, facilitate the safe sharing of sensitive data, and manage user permissions for software-as-a-service (SaaS) applications. These solutions are delivered in partnership with prominent SD-WAN and security providers. Cloud-hosted Gateways Cloud-hosted gateways offer organizations the flexibility to adopt 'grow as they go' network and security management features as they scale without the necessity of on-premises equipment. In addition to the global expansion of Lumen technologies, customers based in the US can now deploy premise-based SASE services to locations in EMEA and Canada. Pete Finalle, Research Manager with IDC, stated, The new, hybrid perimeter – encompassing the main office down to the remote workforce – has collided with multi-cloud resources. This has created numerous networking and security complexities that are difficult to solve without a customer outcomes-based approach, which few companies can provide. [Source – Cision PR Newswire] Finalle pointed out that Lumen has a distinctive position to deliver real business outcomes through a comprehensive, cloud-based network security stack. This stack significantly benefits from Lumen's presence in both network and cloud infrastructure. Additionally, he mentioned that the company's digital customer experience and managed approach to resolving the intricate security and networking challenges allow them to mitigate the deployment and management difficulties that frequently hinder the adoption of SASE.

Read More

Enterprise Security, Platform Security, Software Security

Legit Security Discovers and Helps Remediate CI/CD Vulnerabilities in Google Open-Source Projects

Prnewswire | July 19, 2023

Legit Security, a cyber security company with an Application Security Posture Management platform that helps organizations deliver fast and secure software releases, today announced that it discovered Continuous Integration/Continuous Delivery (CI/CD) security vulnerabilities in open-source projects from Google. The Legit Security Research Team found a vulnerability leveraging "GitHub environment injection" that allows attackers to take control of a vulnerable project's GitHub Actions CI/CD pipeline. In this case, any GitHub user could exploit the vulnerability found in the Google Orbit project to modify the project's source code, steal secrets, move laterally inside an organization and ultimately initiate a SolarWinds-like software supply chain attack. Google acknowledged and fixed the vulnerabilities after disclosure by Legit Security. For an in-depth description of the vulnerability and information on how to protect your organization, please visit the technical disclosure blog. GitHub Actions is part of the extremely popular GitHub source code management system at the heart of many organization's software supply chains and used by software developers globally. The recently discovered vulnerability relates to GitHub's special environment variables file called "GITHUB_ENV", which is used to control the pipeline container's environment variables. The vulnerable project had a GitHub Actions workflow that wrote untrusted user input into the GITHUB_ENV file. Legit Security's Research Team discovered that a specially crafted payload written to this file could allow an attacker to execute code on the target pipeline and thereby modify the source code or compromise the repository itself. This attack can be initiated by any GitHub user and is very easy to implement just by creating a pull request. The simple act of submitting the request will trigger the vulnerable build action and carry out a successful compromise. The attacker does not need a code review approval from the maintainer since the vulnerable build action is running on the pull request before the code is merged. The Legit team disclosed these issues via Google's vulnerability disclosure program, along with remediation guidelines, and verified that these vulnerabilities weren't exploited by a malicious actor. The Google project vulnerability was remediated quickly and is now safe. Unfortunately, there are many other projects using GitHub Actions that are susceptible to this same attack. Since using the GITHUB_ENV file is currently the widely accepted way to change environment variables in GitHub Actions, many repositories are using workflows that write untrusted data into this file, leaving them exposed these potential supply chain attacks. This type of vulnerability joins a large number of other disclosed vulnerabilities and successful supply chain attacks targeting popular open-source libraries. The Legit Security Research Team has previously discovered a wide range of vulnerabilities in popular Source Code Management systems including GitHub, as well as other Software Development Lifecycle Management (SDLC) systems and infrastructure commonly found in an organization's software supply chain. About Legit Security Legit Security provides application security posture management to ensure secure application delivery, governance and risk management from code to cloud. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

Enterprise Security, Platform Security, Software Security

Jamf Teams With Google Cloud to Enable Collaborative, Mobile Workforces Through New Advanced Security and Management Workflows

Globenewswire | July 07, 2023

Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, announced three new integrations with Google Cloud, enabling and protecting mobile workforces that use Google and Apple. Encompassing Zero Trust, observability, and identity workflows, Jamf continues to provide unique value for Google Cloud users with Apple devices. Bringing Zero Trust to Life: Google Cloud’s BeyondCorp Enterprise Now Available for iOS and iPadOS Jamf’s integration with BeyondCorp now supports device compliance signals for iOS and iPadOS. The addition of Apple’s mobile platforms builds on last year’s release of the Jamf and Google Cloud’s BeyondCorp integration for macOS. Jamf is the first management platform to support Apple desktop and mobile devices in this Zero Trust framework. “Some of the world’s most successful organizations choose to empower their employees with Mac and iPhone, while taking advantage of Google Cloud’s speed, security and flexibility for Cloud applications,” said Sam Weiss, Alliance Partner Manager for Google at Jamf. “Now these modern companies that choose Apple hardware and Google Cloud software can more effectively secure and manage their mobile workforces.” Jamf’s extensive Apple device management and security capabilities allow the enforcement and monitoring of device compliance status. When integrated with BeyondCorp, admins can create context-aware access policies that include Jamf compliance status. This combination of device-based and user-based access controls allows organizations to define policies specific to their needs, ensuring all devices and users can access corporate data wherever they choose to work from. "We at Unibuddy are thrilled about the seamless integration between Jamf and Google Cloud's BeyondCorp, which aligns with our Zero Trust security model. This partnership will enable us to efficiently manage our macOS and iOS devices while enhancing our security posture and ensuring the privacy of our employees," said Rupen Valand, Global IT Manager at Unibuddy. "Strong security is important for university partners and employees because it helps protect sensitive data and build trust. By providing an extra layer of security for accessing company resources, this solution empowers our employees to work remotely with ease and confidence, unencumbered by security or privacy concerns. We're excited to implement this solution and unlock its full potential with our teams at Unibuddy." Elevating Security Operations: Google Cloud’s Chronicle Enhances Jamf Integration Security teams are more effective when they have complete visibility of events in their environment. Google Cloud’s Chronicle is a modern security operations suite that enables threat detection, investigation and response with speed, scale and precision. Chronicle SIEM’s default parsers for Jamf Pro and Jamf Protect now map even more Jamf data into Chronicle’s unified data model (UDM). Additionally, Chronicle’s new support for Webhooks means Jamf Protect can automatically send security alerts and events to Chronicle as they occur. Now, IT and security teams can more effectively collaborate on security event detection and prevention by aggregating Jamf’s Apple device telemetry in Chronicle. The Chronicle parsers for Jamf Pro, Jamf Protect and support for Webhook, are all available now. “Directly integrating Jamf Protect into Chronicle has been a big win for us,” said Mikail Tunç, Head Of Security at Algbra. “The extensive detail provided by Jamf Protect Telemetry logs has heightened our ability to identify and mitigate more threats than ever, while staying resilient to Apple OS updates. We look forward to contributing to the broader community by open-sourcing our Chronicle detection rules over Jamf Protect data.” Simplifying end-user protection: Jamf brings Google Cloud Identity support to Jamf Trust Jamf has extended Google Cloud Identity support to Jamf Trust and improved the user app for endpoint security. This enhancement brings a consistent single sign-on experience for users with their Identity credentials, enabling robust endpoint security without complex integrations or additional assistance from IT. “At Spendesk, we’re thrilled to have our native identity provider Google Cloud supported by the Jamf Trust app. This will allow us to speed up our Zero Trust adoption. It’s really great how Jamf supports Google Cloud-based organizations like Spendesk,” said Hakim Boukir, IT Manager at Spendesk. About Jamf Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. To learn more, visit www.jamf.com.

Read More

Security Audit and Compliance

Lumen Enhances its SASE Solution with New Security Features Addition

Lumen Technologies | September 13, 2023

Lumen Technologies announces the launch of key security enhancements to its industry-leading secure access service edge product. The company’s SASE Solutions represents a first-of-its-kind, fully digital experience for purchasing, configuring, and overseeing enterprise SASE. The latest features incorporated into Lumen SASE Solutions are security service edge and cloud-hosted gateways. On September 12, 2023, Lumen Technologies, a leading provider of Secure Access Service Edge (SASE) solutions, committed to advancing human progress through technology facilitating the connection of people, data, and applications, announced the addition of key enhancements to its landmark SASE product. The addition of new features makes lumen SASE solutions even more simplified and flexible for customers. Lumen SASE Solutions represents a pioneering, entirely digital experience for purchasing, configuring, and managing enterprise SASE. This is a significant step in Lumen's ongoing efforts to drive innovation and foster growth. Notably, the SASE product improvements launch are a direct outcome of valuable customer feedback. The Lumen SASE approach focuses on simplification in order to deliver flexible, secure, and scalable SASE solutions to organizations of all sizes and industries. Senior Director of SASE Product Management at Lumen, Darren Wolner, said, There has been a rapid adoption of cloud-based services as more organizations implement hybrid work, but security is paramount to any cloud-based experience. This means savvy organizations soon realized a whole new set of requirements and challenges. We quickly enhanced the product to fit their requirements. [Source – Cision PR Newswire] Darren mentioned that Lumen has a strong focus on meeting customer wants and needs. He cited the latest SASE updates as a prime illustration of this commitment. The new capabilities added to Lumen SASE Solutions include: Security Service Edge (SSE) SSE encompasses a suite of integrated, cloud-centric security capabilities, which feature cloud-hosted gateways. These capabilities are designed to ensure secure access to websites, facilitate the safe sharing of sensitive data, and manage user permissions for software-as-a-service (SaaS) applications. These solutions are delivered in partnership with prominent SD-WAN and security providers. Cloud-hosted Gateways Cloud-hosted gateways offer organizations the flexibility to adopt 'grow as they go' network and security management features as they scale without the necessity of on-premises equipment. In addition to the global expansion of Lumen technologies, customers based in the US can now deploy premise-based SASE services to locations in EMEA and Canada. Pete Finalle, Research Manager with IDC, stated, The new, hybrid perimeter – encompassing the main office down to the remote workforce – has collided with multi-cloud resources. This has created numerous networking and security complexities that are difficult to solve without a customer outcomes-based approach, which few companies can provide. [Source – Cision PR Newswire] Finalle pointed out that Lumen has a distinctive position to deliver real business outcomes through a comprehensive, cloud-based network security stack. This stack significantly benefits from Lumen's presence in both network and cloud infrastructure. Additionally, he mentioned that the company's digital customer experience and managed approach to resolving the intricate security and networking challenges allow them to mitigate the deployment and management difficulties that frequently hinder the adoption of SASE.

Read More

Enterprise Security, Platform Security, Software Security

Legit Security Discovers and Helps Remediate CI/CD Vulnerabilities in Google Open-Source Projects

Prnewswire | July 19, 2023

Legit Security, a cyber security company with an Application Security Posture Management platform that helps organizations deliver fast and secure software releases, today announced that it discovered Continuous Integration/Continuous Delivery (CI/CD) security vulnerabilities in open-source projects from Google. The Legit Security Research Team found a vulnerability leveraging "GitHub environment injection" that allows attackers to take control of a vulnerable project's GitHub Actions CI/CD pipeline. In this case, any GitHub user could exploit the vulnerability found in the Google Orbit project to modify the project's source code, steal secrets, move laterally inside an organization and ultimately initiate a SolarWinds-like software supply chain attack. Google acknowledged and fixed the vulnerabilities after disclosure by Legit Security. For an in-depth description of the vulnerability and information on how to protect your organization, please visit the technical disclosure blog. GitHub Actions is part of the extremely popular GitHub source code management system at the heart of many organization's software supply chains and used by software developers globally. The recently discovered vulnerability relates to GitHub's special environment variables file called "GITHUB_ENV", which is used to control the pipeline container's environment variables. The vulnerable project had a GitHub Actions workflow that wrote untrusted user input into the GITHUB_ENV file. Legit Security's Research Team discovered that a specially crafted payload written to this file could allow an attacker to execute code on the target pipeline and thereby modify the source code or compromise the repository itself. This attack can be initiated by any GitHub user and is very easy to implement just by creating a pull request. The simple act of submitting the request will trigger the vulnerable build action and carry out a successful compromise. The attacker does not need a code review approval from the maintainer since the vulnerable build action is running on the pull request before the code is merged. The Legit team disclosed these issues via Google's vulnerability disclosure program, along with remediation guidelines, and verified that these vulnerabilities weren't exploited by a malicious actor. The Google project vulnerability was remediated quickly and is now safe. Unfortunately, there are many other projects using GitHub Actions that are susceptible to this same attack. Since using the GITHUB_ENV file is currently the widely accepted way to change environment variables in GitHub Actions, many repositories are using workflows that write untrusted data into this file, leaving them exposed these potential supply chain attacks. This type of vulnerability joins a large number of other disclosed vulnerabilities and successful supply chain attacks targeting popular open-source libraries. The Legit Security Research Team has previously discovered a wide range of vulnerabilities in popular Source Code Management systems including GitHub, as well as other Software Development Lifecycle Management (SDLC) systems and infrastructure commonly found in an organization's software supply chain. About Legit Security Legit Security provides application security posture management to ensure secure application delivery, governance and risk management from code to cloud. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

Enterprise Security, Platform Security, Software Security

Jamf Teams With Google Cloud to Enable Collaborative, Mobile Workforces Through New Advanced Security and Management Workflows

Globenewswire | July 07, 2023

Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, announced three new integrations with Google Cloud, enabling and protecting mobile workforces that use Google and Apple. Encompassing Zero Trust, observability, and identity workflows, Jamf continues to provide unique value for Google Cloud users with Apple devices. Bringing Zero Trust to Life: Google Cloud’s BeyondCorp Enterprise Now Available for iOS and iPadOS Jamf’s integration with BeyondCorp now supports device compliance signals for iOS and iPadOS. The addition of Apple’s mobile platforms builds on last year’s release of the Jamf and Google Cloud’s BeyondCorp integration for macOS. Jamf is the first management platform to support Apple desktop and mobile devices in this Zero Trust framework. “Some of the world’s most successful organizations choose to empower their employees with Mac and iPhone, while taking advantage of Google Cloud’s speed, security and flexibility for Cloud applications,” said Sam Weiss, Alliance Partner Manager for Google at Jamf. “Now these modern companies that choose Apple hardware and Google Cloud software can more effectively secure and manage their mobile workforces.” Jamf’s extensive Apple device management and security capabilities allow the enforcement and monitoring of device compliance status. When integrated with BeyondCorp, admins can create context-aware access policies that include Jamf compliance status. This combination of device-based and user-based access controls allows organizations to define policies specific to their needs, ensuring all devices and users can access corporate data wherever they choose to work from. "We at Unibuddy are thrilled about the seamless integration between Jamf and Google Cloud's BeyondCorp, which aligns with our Zero Trust security model. This partnership will enable us to efficiently manage our macOS and iOS devices while enhancing our security posture and ensuring the privacy of our employees," said Rupen Valand, Global IT Manager at Unibuddy. "Strong security is important for university partners and employees because it helps protect sensitive data and build trust. By providing an extra layer of security for accessing company resources, this solution empowers our employees to work remotely with ease and confidence, unencumbered by security or privacy concerns. We're excited to implement this solution and unlock its full potential with our teams at Unibuddy." Elevating Security Operations: Google Cloud’s Chronicle Enhances Jamf Integration Security teams are more effective when they have complete visibility of events in their environment. Google Cloud’s Chronicle is a modern security operations suite that enables threat detection, investigation and response with speed, scale and precision. Chronicle SIEM’s default parsers for Jamf Pro and Jamf Protect now map even more Jamf data into Chronicle’s unified data model (UDM). Additionally, Chronicle’s new support for Webhooks means Jamf Protect can automatically send security alerts and events to Chronicle as they occur. Now, IT and security teams can more effectively collaborate on security event detection and prevention by aggregating Jamf’s Apple device telemetry in Chronicle. The Chronicle parsers for Jamf Pro, Jamf Protect and support for Webhook, are all available now. “Directly integrating Jamf Protect into Chronicle has been a big win for us,” said Mikail Tunç, Head Of Security at Algbra. “The extensive detail provided by Jamf Protect Telemetry logs has heightened our ability to identify and mitigate more threats than ever, while staying resilient to Apple OS updates. We look forward to contributing to the broader community by open-sourcing our Chronicle detection rules over Jamf Protect data.” Simplifying end-user protection: Jamf brings Google Cloud Identity support to Jamf Trust Jamf has extended Google Cloud Identity support to Jamf Trust and improved the user app for endpoint security. This enhancement brings a consistent single sign-on experience for users with their Identity credentials, enabling robust endpoint security without complex integrations or additional assistance from IT. “At Spendesk, we’re thrilled to have our native identity provider Google Cloud supported by the Jamf Trust app. This will allow us to speed up our Zero Trust adoption. It’s really great how Jamf supports Google Cloud-based organizations like Spendesk,” said Hakim Boukir, IT Manager at Spendesk. About Jamf Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. To learn more, visit www.jamf.com.

Read More

More featured news