DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
GreyNoise Intelligence | November 07, 2022
GreyNoise Intelligence, the cybersecurity company analyzing internet scanning traffic to separate threats from background noise, today announced the official launch of a mulit-faceted partner program to help customers defend against mass exploitation attacks. As an ecosystem for cybersecurity solution providers, the program offers an array of opportunities for technical alliances, channel resale and OEM partners.
"Mass exploitation attacks like Log4j have become the attack vector of choice for cyber criminals and state actors. "Security teams are struggling to defend themselves against these kinds of attacks with tools and threat intelligence designed for last year's threats. By building partnerships with other leading cyber solution providers, we can help customers implement new security strategies to end mass exploitation attacks."
Andrew Morris, Founder and CEO of GreyNoise
Mass exploitation attacks leverage internet-wide scanning technologies to find and exploit vulnerable computer systems around the world in minutes. When a new internet-exploitable vulnerability like Log4j is announced, these attacks can start in a matter of hours, before security teams have a chance to put their defenses in place.
The GreyNoise Intelligence Partner Network enables other cybersecurity solution providers to expand their reach, increase revenues and deepen customer relationships. The network has three primary components:
1) GreyNoise Technical Alliance Program. GreyNoise provides contextual data on noisy IP addresses that scan the Internet. Technical Alliance partners collaborate with GreyNoise to ensure that mutual customers can seamlessly leverage inter scanner intelligence in their existing workflows, tools and processes. Customers use this data to reduce their alert volumes by 25% and minimize alert fatigue. GreyNoise also sharpens threat detection fidelity for mutual customers by providing valuable context on known malicious internet-wide scanners, speeding up the triage process. With GreyNoise data, technical partners have real time visibility into mass exploitation IPs targeting specific vulnerability, which provides critical actionable data during an active emergent attack.
“Whenever a vulnerability is disclosed the dinner bell sounds for good and bad actors alike, meaning organizations are already on their back foot,” explains Robert Huber, chief security officer and head of research, Tenable. “We know threat actors are monitoring disclosure programs in the same way we are, looking for newly announced vulnerabilities, studying all available information such as proof of concepts, but they’re looking to utilize the flaw. OUr partnership with GreyNoise gives our customers the tools to address these weaknesses when they’re publicly announced. In doing so, we reduce that intelligence gap and hand the advantage back to the good guys.”
2) GreyNoise OEM Partnership Program. GreyNoise provides an integrated out-of-the-box threat intelligence solution for security vendors, ISPs and technology firms to embed in their product and service offerings. Unlike other threat intelligence vendors, GreyNoise is solely focused on providing high fidelity data on IPs that are actively mass scanning, crawling and attacking the internet. Integrating GreyNoise data directly into the platform of OEM partners enables customers to intelligently rule out internet background noise, and helps them to prioritize emerging threats and targeted activity more effectively.
“Modern security teams need a fast, flexible and scalable platform for threat detection capable of analyzing terabytes of data per day, with built-in threat intelligence to rule out activity from trusted sources, and immediately flag activity from known bad actors,” said Jack Naglieri, CEO and founder, Panther Labs. “With Panther and GreyNoise, security teams can cut through background noise, improve alert fidelity, speed up analyst workflows and ensure prioritization of the most critical alerts. By making detection and response faster and more accurate, security teams can better protect their organizations from disruptive cyberattacks.”
3) GreyNoise Channel Resale Program. GreyNoise is committed to developing partnerships with highly focused, security-dedicated channel partners to deliver the best results to mutual customers. Value-added resellers and distributors offer GreyNoise protection and intelligence solutions to meet the IT security needs of their enterprise customers. In addition to providing a unique data and automation security solution that is relevant to Incident Response, SOC and Threat Intel teams, GreyNoise has a transparent, simple and profitable, channel sales program with a generous deal registration and rebate structure. GreyNoise sales teams provide materials for channel partners to explain the value GreyNoise offers in improving analyst efficiency, leveraging customer investment in existing technologies, and reducing the overall risk landscape.
About GreyNoise Intelligence
GreyNoise is THE source for understanding internet noise. We collect, analyze and label data on IPs that saturate security tools with noise. This unique perspective helps analysts waste less time on irrelevant or harmless activity, and spend more time focused on targeted and emerging threats. GreyNoise is trusted by Global 2000 enterprises, government organizations, top security vendors and tens of thousands of threat researchers.
Keeper Security | December 15, 2022
Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets and connections, today announced their latest iOS updates which include integration of the One-Time Share feature, which enables secure record sharing on a time-limited basis, using Keeper's zero-knowledge encryption and zero-trust security model. Keeper also now integrates with Siri Shortcuts, providing users with a quicker way to control their Keeper Password Manager.
Keeper One-Time Share is the easiest and most secure way to send confidential information to a friend, family member or co-worker without exposing sensitive information over email, text or other forms of messaging. One-Time Share links are restricted to the recipient's device and automatically expire at a time of the Keeper user's choosing. One-Time Share records can only be used on one device. Even if the user forgets to unshare the record, it will expire automatically, and the recipient's access will be revoked. With Siri Shortcut integration, users will be able to quickly get things done on Keeper's Password Manager by asking Siri.
"Keeper is thrilled to provide iOS users with this rich feature set that maximizes the security capabilities of their iOS devices, With One-Time Share, iOS users can securely share critical information, whether that's a family sharing their WiFi password with a friend or a security system code with a houseguest. Additionally, Siri integration allows users to control Keeper more easily with voice commands."
Craig Lurey, CTO and Co-founder of Keeper Security.
About Keeper Security:
Keeper Security is transforming the way people and organizations around the world secure their passwords, secrets and confidential information. Keeper's easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations globally, Keeper is the leader for best-in-class password management, secrets management, privileged access, secure remote access and encrypted messaging.
SOFTWARE SECURITY,WEB SECURITY TOOLS,WIRELESS AND MOBILE SECURITY
Airbyte | December 07, 2022
Airbyte, creators of the fastest-growing open-source data integration platform, today announced a deeper partnership with dbt Labs, the pioneer in analytics engineering. The partnership now includes a new integration that allows dbt Cloud customers to trigger dbt jobs from directly within Airbyte Cloud.
The integration brings together two of the leading open-source products in the data ecosystem, making it simpler than ever to move and transform data, while minimizing the risk of lock-in. Airbyte helps move data from a collection of sources, and dbt helps organize that data for analysis by, for example, consistently defining key business logic or standardizing data structures.
“Our companies already share hundreds of users and now they will see the integration of our Cloud products, making it simple to use the two together,” said Michel Tricot, co-founder and CEO of Airbyte. “With partners like dbt Labs, we are building a more open modern data stack to better serve the data community.”
“We’re thrilled to deepen this partnership with Airbyte, a company with whom we are aligned regarding the importance of open standards in the data ecosystem. This partnership and integration will help better serve our joint users, customers, and the data community as a whole.”
Nikhil Kothari, director of technology partnerships at dbt Labs
With its growing community of 10,000 data practitioners and 600 contributors, Airbyte is redefining the standard of moving and consolidating data from different sources to data warehouses, data lakes, or databases in a process referred to as extract, load, and, when desired, transform (ELT). Over the past year and a half, more than 25,000 companies have used Airbyte to sync data from sources such as PostgreSQL, MySQL, Facebook Ads, Salesforce, Stripe, and connect to destinations that include Redshift, Snowflake, Databricks, and BigQuery.
Airbyte’s open-source data integration solves two problems. First, companies always have to build and maintain data connectors on their own because most less popular “long tail'' data connectors are not supported by closed-source ELT technologies. Second, data teams often have to do custom work around pre-built connectors to make them work within their unique data infrastructure.
dbt Cloud enables data teams to develop faster and collaborate more effectively to build and deploy production-grade data pipelines with version control and CI/CD, pre-production testing and documentation of models, modular SQL modeling, and dependency management built in. dbt Cloud provides a centralized development experience to safely deploy, monitor, and investigate transformation code with a web-based user interface.
Airbyte is the open-source data integration leader running in the safety of your cloud and syncing data from applications, APIs, and databases to data warehouses, lakes, and other destinations. Airbyte was co-founded by Michel Tricot (former director of engineering and head of integrations at Liveramp and RideOS) and John Lafleur (serial entrepreneur of dev tools and B2B). The company is headquartered in San Francisco with a distributed team around the world.
DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY
Wib | November 08, 2022
Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA.
API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk.
Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface.
"APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk.
Gil Don, CEO and Co-Founder of Wib
"What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security."
A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach.
Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.