Home > News > Trending news > Aqua Launches the Industry’s First Out-of-the-Box Runtime Security with Advanced Protection Against the Most Sophisticated Threats

Software Security

Aqua Launches the Industry’s First Out-of-the-Box Runtime Security with Advanced Protection Against the Most Sophisticated Threats

Aqua Security | July 26, 2022 | Read time : 03:00 min

Aqua Security
Aqua Security, the leading pure-play cloud native security provider, today announced the launch of out-of-the-box runtime protection with minimal configuration to stop attacks in real time on running workloads. Protection is composed of new curated and optimized default security controls, as well as advanced threat intel from observations of real attacks on cloud native environments. Both the controls and threat intel are the result of knowledge gained through years of securing customers’ live production environments. Customers can now apply this knowledge to achieve trusted and advanced runtime protection in minutes without requiring in-depth knowledge of their applications and environments.

Using eBPF technology and threat intel from cyber research team Aqua Nautilus to identify advanced threats, Aqua surfaces the most critical issues in real time while also implementing a set of controls to protect running workloads immediately, without disrupting the business.

“Aqua is transforming the runtime security paradigm. “Traditional runtime security requires security teams to have a great deal of cloud native knowledge, and as a result has been slow to adopt. Aqua is removing this barrier to adoption by making cloud workload threat protection immediately effective and easy for security professionals.”

Amir Jerbi, CTO and co-founder, Aqua Security

Stopping Attacks in Real Time with Runtime Security

Recent data from Nautilus shows that one in three live attacks could be missed when relying exclusively on snapshot scanning of running workload images. Nautilus also found tens of thousands of instances of in-memory attacks and fileless attacks in a one-month period—attacks that would not be seen or stopped without kernel-level visibility.

Aqua’s detection of anomalous behavior goes beyond point-in-time snapshots and catches malicious behavior of known and unknown threats in real time—this includes both known CVEs and zero-day exploits that have yet to be discovered. The new default runtime controls are based on ongoing recommendations from Aqua Nautilus, who detect and analyze 80,000 attacks a month using Aqua’s open source eBPF-based threat detection engine, Aqua Tracee. The result is real-time visibility at the kernel level that alerts customers the moment an attacker breaches a running workload, reducing attackers’ dwell time from months to milliseconds.

Aqua’s Runtime Protection solution is part of Aqua’s fully integrated Cloud Native Application Protection Platform (CNAPP), the Aqua Platform. Customers of the Aqua Platform also have access to the entire, full set of customizable, advanced runtime capabilities if and when they decide to define and implement more stringent policies.

Key benefits of Aqua Runtime Protection include:

  • Discover attacks immediately with continuously updated kernel-level behavioral detection. Updates are based on cloud native threat research from Aqua Nautilus along with years of experience securing customer workloads in production.
  • Respond faster and reduce attacker dwell time by stopping attacks with pattern-based anti-malware in production and the option to block or delete malware on access.
  • Simplify incident investigation and rapidly determine the impact and attack path of a security incident with a detailed incident timeline including rich contextual information.

“Unlike overly complex runtime solutions, legacy solutions not designed for cloud-native applications, or solutions that can’t detect in real time, our goal with this release is to provide runtime security that is simple to deploy, giving you effective real-time security out-of-the-box,” said Jerbi. “What this boils down to is that, unlike alternative solutions, Aqua’s Platform will both detect sophisticated attacks and stop them in real time.”

Aqua’s out-of-the-box Runtime Protection is now available and will make an industry debut at AWS re:Inforce on July 26-27 in Boston at Booth 104. To learn more, visit Aqua’s YouTube.

About Aqua Security
Aqua Security stops cloud native attacks and is the only company with a $1 Million Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry’s most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston and Ramat Gan, Israel, with Fortune 1000 customers in over 40 countries.

Spotlight

Zero Trust at Scale

In 2020, Cisco set out to move from a traditional networkbased perimeter and VPN model to a zero trust framework. Dubbed ‘borderless ’ internally, the core goal was to give users a secure, uniform experience accessing applications, wherever the user or application is located. Using the features of Duo Beyond, our team set out to


Other News
API Security

Salt Security, CrowdStrike Expands Partnership with New Integration

Salt Security | September 20, 2023

Salt Security, a prominent API security company, has announced the expansion of its partnership with CrowdStrike, a leading cybersecurity technology company providing cloud workload and endpoint security, cyberattack response, and threat intelligence services. This expansion involves the integration of the Salt Security API Protection Platform with the widely recognized CrowdStrike Falcon Platform. Roey Eliyahu, Co-founder and CEO of Salt Security, stated, Protecting against API threats requires deep visibility and robust runtime protection. We’re excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organizations with extended runtime protections and posture management across the cloud and application landscapes. [Source – Cision PR Newswire] Through this integration, customers gain access to a comprehensive 360-degree view of API security risks, particularly focusing on the application-layer attack surface. This integration is accessible via the CrowdStrike Marketplace and provides valuable API threat intelligence. It also enhances cross-organization API security capabilities by streamlining and enhancing the workflows related to API auditing, monitoring, and enforcement. The partnership between Salt Security, offering top-notch API runtime monitoring and AI-driven insights, and CrowdStrike, renowned for its award-winning AI-powered protection, provides organizations with complete visibility into their API attack surface. This integration also offers valuable context regarding the severity of threats in relation to business-critical aspects. With this partnership, customers benefit from: API vulnerability and threat context API threat mitigation API threat management automation The patented Salt API security platform stands out for its utilization of cloud-scale big data, artificial intelligence (AI), and machine learning (ML). These technologies work in tandem to automate the process of discovering and cataloging an organization's entire set of APIs. Salt plays a crucial role in pinpointing areas where APIs might expose sensitive data. This proactive approach aids enterprises in recognizing and mitigating potential API threats while also reinforcing their overall API security. Gur Talpaz, Head of Falcon Fund and Vice President of Corporate Development at CrowdStrike, said, With APIs now a prime target for malicious actors, securing them requires a comprehensive and diligent approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organizations complete visibility into their application-layer attack surface and a detailed understanding of their application threat landscape. [Source – Cision PR Newswire] About Salt Security Salt Security is a leading API security company that safeguards the APIs at the core of all modern applications. Its API Protection Platform is the sole API security solution that integrates the power of cloud-scale big data with time-tested machine learning and artificial intelligence to detect and prevent API attacks. Salt provides extensive context, real-time analysis, and continuous insights for API discovery, hardening APIs, and attack prevention by correlating the activities of millions of APIs and users over time.

Read More

Platform Security

SentinelOne Launches RemoteOps Forensics for Faster Incident Response

SentinelOne | September 18, 2023

SentinelOne, a global leader in autonomous cybersecurity, is addressing the pressing need for rapid and effective responses to the escalating wave of cyber breaches. Today, the company announced the launch of Singularity RemoteOps Forensics, a pioneering digital forensics product designed to streamline and accelerate incident response readiness. This innovative solution promises to empower organizations of all sizes, ushering in a new era of efficient and scalable investigation and response capabilities in the face of evolving cybersecurity challenges. Integrated seamlessly with the SentinelOne Singularity Platform and as an add-on to Sentinel One's Endpoint and Cloud Workload Security solutions, RemoteOps Forensics offers a rapid, adaptable digital forensics and incident response solution. Security teams can leverage this tool to enhance efficiency by optimizing resources and accelerating Mean Time to Resolution. With the capability for targeted investigations on various assets, including endpoints and server workloads, it enables conditional trigger-based evidence collection. This automation efficiently gathers evidence, such as process data, ports, service listings, MFT, Amcache, JumpLists, and memory dumps, orchestrating them in under a minute. Consolidating evidence into the Singularity Security DataLake allows for the correlation of SentinelOne and partner data with forensics data in a unified search, facilitating a comprehensive view of attacks, rapid root cause identification, and risk mitigation. Furthermore, it provides the ability to analyze collected evidence alongside Endpoint Detection and Response (EDR) data within a single console, empowering proactive defense against future threats. The integration and analysis of this combined data unveil concealed indicators of compromise, detect advanced attack patterns, and offer insights into threat actors' tactics, techniques, and procedures. RemoteOps Forensics is a cost-effective and resource-efficient solution that seamlessly integrates with the SentinelOne agent. This integration alleviates the necessity of deploying and provisioning multiple tools throughout the investigative process, resulting in significant time and resource savings for organizations. In addition, this innovative solution prioritizes the maintenance of forensic integrity by minimizing changes made to the disk, and it leverages SentinelOne's anti-tampering and metadata collection capabilities to safeguard data integrity. In doing so, it streamlines investigations and upholds the highest standards of forensic rigor, reinforcing organizations' cybersecurity defenses with a comprehensive and efficient approach. Jane Wong, Senior Vice President of Products and Strategy at SentinelOne, said, As timelines for reporting and responding to breaches shrink, it is imperative that the security teams have advanced forensics capabilities that can make investigations faster and more efficient, and with Singularity RemoteOps Forensics, the team is delivering them. [Source – Business Wire] SentinelOne's new forensic capabilities help develop incident response by enabling security teams to conduct thorough investigations more quickly, Jane also mentioned eliminating the requirement for specialized expertise or additional tools. About SentinelOne SentinelOne is a leading provider of autonomous cybersecurity solutions. With its identified Singularity Platform, the company excels at detecting, preventing, and responding swiftly to cyber threats. SentinelOne enables businesses to protect their endpoints, cloud workloads, containers, and identities, as well as their mobile and network-connected devices, with unparalleled speed, accuracy, and ease of use. With a formidable clientele comprising over 11,000 customers, SentinelOne has proven itself as the trusted guardian of a secure digital future.

Read More

Software Security

Cyolo Unveils Key Insights into OT Cybersecurity Threat Landscape from KuppingerCole and Releases Cyolo 4.3 for Enhanced Security

Business Wire | September 27, 2023

Today, Cyolo, provider of the fastest and most secure zero-trust access and connectivity solution for hybrid organizations with IT and OT, in partnership with KuppingerCole, released an industry analysis focused on zero trust and remote access for operational technology (OT) environments. The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks. OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and Supply Chains as vectors – while experiencing expanded OT-specific threats. While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions. Cyolo can help organizations with OT infrastructure to define and manage access control to those complex environments, said John Tolbert, Lead Analyst at KuppingerCole. Overall key insights include: OT Threat Landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being. Core Cybersecurity Regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework. OT Security Architectures and Key Functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol level threats. As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and making the product easier than ever to use for both administrators and end users in the industrial space. With Cyolo 4.3, industrial organizations will be able to extend their multi-factor authentication (MFA) across environments through an integration with Duo Security to support their physical tokens as required. Additionally, the company has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. Cyolo is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using SCIM. “Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organizations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O'Donnell, Vice President ICS/OT of Cyolo. “With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defenses against evolving cyber threats.” The announcement of Cyolo 4.3 highlights the company’s commitment to advancing zero-trust capabilities and it comes on the heels of Cyolo being listed as a Representative Vendor in the 2023 Gartner® “Market Guide for Zero Trust Network Access” report for the second consecutive year and recognized by Frost & Sullivan with the 2023 North American New Product Innovation Award for Secure Remote Access to Operational Infrastructure and Industrial Control Systems (OT/ICS). As the threats to critical infrastructure continue to evolve, Cyolo zero-trust access solution continues to provide the utmost protection and ease of use. To learn more about Cyolo 4.3, visit here. Access the report for a full view of the industry here. Register here to attend the joint webinar from Cyolo and KuppingerCole on how to achieve secure remote access for OT environments, to be held on Tuesday, October 10 at 7 a.m. PT. About Cyolo Cyolo helps hybrid organizations in the IT and OT spaces to stay safe, secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.

Read More

Data Security

Cohesity and Carahsoft Partner to Offer Data Security to Public Sector

Cohesity | September 07, 2023

Cohesity, an industry leader in data security and management, and Carahsoft Technology Corp., a provider of trusted government IT solutions, announced entering into a partnership. Under the agreement, Carahsoft plans to act as a distributor for Cohesity, making Cohesity's data cloud platform accessible to the Public Sector via Carahsoft's reseller partners, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), NASA Solutions for Enterprise-Wide Procurement (SEWP) V, National Association of State Procurement Officials (NASPO) ValuePoint, OMNIA Partners, National Cooperative Purchasing Alliance (NCPA), and E&I Cooperative service contract. The extensive data cloud platform from Cohesity consolidates data sources, assists in the elimination of infrastructure silos, and automates data management tasks. The platform streamlines data management by offering a single, user-friendly interface for managing data in cloud, on-premises, and edge environments. Cohesity's data security and management solutions offer the public sector with granular control over their data, enabling them to comply with legal and regulatory requirements and protect sensitive data. The Cohesity Data Cloud’s key capabilities include: Data Protection: Captures backup copies of data that are preserved inalterably and are instantaneously recoverable in an instance of a ransomware attack or other business disruptions. Data Security: Provides enhanced resilience to cyber threats via cyber vaulting, data classification, threat intelligence and scanning, and bidirectional integration with the security operations center of agencies. Data Mobility: Enables agencies to transfer data across hybrid multi-cloud environments in a secure and efficient manner, thereby reducing costs and increasing flexibility. Data Access: Eliminates unnecessary copies and efficiently manages files and objects at scale. Data Insight: Enables agencies to search, classify, and analyze data worldwide across their entire infrastructure in order to provide business value or pinpoint sensitive data for compliance. Kit Beall, Chief Revenue Officer at Cohesity, said, We are pleased to partner with Carahsoft and its resellers to provide U.S. government agencies with powerful novel capabilities based on our leadership position in data security and management. [Source – GlobeNewswire] Beall also added that they look forward to expanding their strategic partnership with Carahsoft to assist public sector customers in strengthening their cyberspace resilience in the face of evolving advanced adversaries. About Cohesity Cohesity is an industry leader in AI-powered data management and security. The company makes it simple to secure, protect, manage, and extract value from data — across the data center, cloud, and edge. It provides organizations with comprehensive data security and management capabilities, such as AI-based threat detection, immutable backup snapshots, and monitoring malicious behavior, among others, to defend against cybersecurity threats. About Carahsoft Carahsoft Technology Corp. is a trusted government IT solutions provider serving public sector organizations across local, state, and federal government agencies and healthcare and education markets. As the master government aggregator for vendor partners, the company provides solutions for multicloud, DevSecOps, cybersecurity, Big Data, AI, customer experience and engagement, open source, and other domains. Working with resellers, systems integrators, and consultants, Carahsoft's sales and marketing teams provide hundreds of contract vehicles with industry-leading IT products, services, and training.

Read More

API Security

Salt Security, CrowdStrike Expands Partnership with New Integration

Salt Security | September 20, 2023

Salt Security, a prominent API security company, has announced the expansion of its partnership with CrowdStrike, a leading cybersecurity technology company providing cloud workload and endpoint security, cyberattack response, and threat intelligence services. This expansion involves the integration of the Salt Security API Protection Platform with the widely recognized CrowdStrike Falcon Platform. Roey Eliyahu, Co-founder and CEO of Salt Security, stated, Protecting against API threats requires deep visibility and robust runtime protection. We’re excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organizations with extended runtime protections and posture management across the cloud and application landscapes. [Source – Cision PR Newswire] Through this integration, customers gain access to a comprehensive 360-degree view of API security risks, particularly focusing on the application-layer attack surface. This integration is accessible via the CrowdStrike Marketplace and provides valuable API threat intelligence. It also enhances cross-organization API security capabilities by streamlining and enhancing the workflows related to API auditing, monitoring, and enforcement. The partnership between Salt Security, offering top-notch API runtime monitoring and AI-driven insights, and CrowdStrike, renowned for its award-winning AI-powered protection, provides organizations with complete visibility into their API attack surface. This integration also offers valuable context regarding the severity of threats in relation to business-critical aspects. With this partnership, customers benefit from: API vulnerability and threat context API threat mitigation API threat management automation The patented Salt API security platform stands out for its utilization of cloud-scale big data, artificial intelligence (AI), and machine learning (ML). These technologies work in tandem to automate the process of discovering and cataloging an organization's entire set of APIs. Salt plays a crucial role in pinpointing areas where APIs might expose sensitive data. This proactive approach aids enterprises in recognizing and mitigating potential API threats while also reinforcing their overall API security. Gur Talpaz, Head of Falcon Fund and Vice President of Corporate Development at CrowdStrike, said, With APIs now a prime target for malicious actors, securing them requires a comprehensive and diligent approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organizations complete visibility into their application-layer attack surface and a detailed understanding of their application threat landscape. [Source – Cision PR Newswire] About Salt Security Salt Security is a leading API security company that safeguards the APIs at the core of all modern applications. Its API Protection Platform is the sole API security solution that integrates the power of cloud-scale big data with time-tested machine learning and artificial intelligence to detect and prevent API attacks. Salt provides extensive context, real-time analysis, and continuous insights for API discovery, hardening APIs, and attack prevention by correlating the activities of millions of APIs and users over time.

Read More

Platform Security

SentinelOne Launches RemoteOps Forensics for Faster Incident Response

SentinelOne | September 18, 2023

SentinelOne, a global leader in autonomous cybersecurity, is addressing the pressing need for rapid and effective responses to the escalating wave of cyber breaches. Today, the company announced the launch of Singularity RemoteOps Forensics, a pioneering digital forensics product designed to streamline and accelerate incident response readiness. This innovative solution promises to empower organizations of all sizes, ushering in a new era of efficient and scalable investigation and response capabilities in the face of evolving cybersecurity challenges. Integrated seamlessly with the SentinelOne Singularity Platform and as an add-on to Sentinel One's Endpoint and Cloud Workload Security solutions, RemoteOps Forensics offers a rapid, adaptable digital forensics and incident response solution. Security teams can leverage this tool to enhance efficiency by optimizing resources and accelerating Mean Time to Resolution. With the capability for targeted investigations on various assets, including endpoints and server workloads, it enables conditional trigger-based evidence collection. This automation efficiently gathers evidence, such as process data, ports, service listings, MFT, Amcache, JumpLists, and memory dumps, orchestrating them in under a minute. Consolidating evidence into the Singularity Security DataLake allows for the correlation of SentinelOne and partner data with forensics data in a unified search, facilitating a comprehensive view of attacks, rapid root cause identification, and risk mitigation. Furthermore, it provides the ability to analyze collected evidence alongside Endpoint Detection and Response (EDR) data within a single console, empowering proactive defense against future threats. The integration and analysis of this combined data unveil concealed indicators of compromise, detect advanced attack patterns, and offer insights into threat actors' tactics, techniques, and procedures. RemoteOps Forensics is a cost-effective and resource-efficient solution that seamlessly integrates with the SentinelOne agent. This integration alleviates the necessity of deploying and provisioning multiple tools throughout the investigative process, resulting in significant time and resource savings for organizations. In addition, this innovative solution prioritizes the maintenance of forensic integrity by minimizing changes made to the disk, and it leverages SentinelOne's anti-tampering and metadata collection capabilities to safeguard data integrity. In doing so, it streamlines investigations and upholds the highest standards of forensic rigor, reinforcing organizations' cybersecurity defenses with a comprehensive and efficient approach. Jane Wong, Senior Vice President of Products and Strategy at SentinelOne, said, As timelines for reporting and responding to breaches shrink, it is imperative that the security teams have advanced forensics capabilities that can make investigations faster and more efficient, and with Singularity RemoteOps Forensics, the team is delivering them. [Source – Business Wire] SentinelOne's new forensic capabilities help develop incident response by enabling security teams to conduct thorough investigations more quickly, Jane also mentioned eliminating the requirement for specialized expertise or additional tools. About SentinelOne SentinelOne is a leading provider of autonomous cybersecurity solutions. With its identified Singularity Platform, the company excels at detecting, preventing, and responding swiftly to cyber threats. SentinelOne enables businesses to protect their endpoints, cloud workloads, containers, and identities, as well as their mobile and network-connected devices, with unparalleled speed, accuracy, and ease of use. With a formidable clientele comprising over 11,000 customers, SentinelOne has proven itself as the trusted guardian of a secure digital future.

Read More

Software Security

Cyolo Unveils Key Insights into OT Cybersecurity Threat Landscape from KuppingerCole and Releases Cyolo 4.3 for Enhanced Security

Business Wire | September 27, 2023

Today, Cyolo, provider of the fastest and most secure zero-trust access and connectivity solution for hybrid organizations with IT and OT, in partnership with KuppingerCole, released an industry analysis focused on zero trust and remote access for operational technology (OT) environments. The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks. OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and Supply Chains as vectors – while experiencing expanded OT-specific threats. While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions. Cyolo can help organizations with OT infrastructure to define and manage access control to those complex environments, said John Tolbert, Lead Analyst at KuppingerCole. Overall key insights include: OT Threat Landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being. Core Cybersecurity Regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework. OT Security Architectures and Key Functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol level threats. As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and making the product easier than ever to use for both administrators and end users in the industrial space. With Cyolo 4.3, industrial organizations will be able to extend their multi-factor authentication (MFA) across environments through an integration with Duo Security to support their physical tokens as required. Additionally, the company has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. Cyolo is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using SCIM. “Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organizations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O'Donnell, Vice President ICS/OT of Cyolo. “With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defenses against evolving cyber threats.” The announcement of Cyolo 4.3 highlights the company’s commitment to advancing zero-trust capabilities and it comes on the heels of Cyolo being listed as a Representative Vendor in the 2023 Gartner® “Market Guide for Zero Trust Network Access” report for the second consecutive year and recognized by Frost & Sullivan with the 2023 North American New Product Innovation Award for Secure Remote Access to Operational Infrastructure and Industrial Control Systems (OT/ICS). As the threats to critical infrastructure continue to evolve, Cyolo zero-trust access solution continues to provide the utmost protection and ease of use. To learn more about Cyolo 4.3, visit here. Access the report for a full view of the industry here. Register here to attend the joint webinar from Cyolo and KuppingerCole on how to achieve secure remote access for OT environments, to be held on Tuesday, October 10 at 7 a.m. PT. About Cyolo Cyolo helps hybrid organizations in the IT and OT spaces to stay safe, secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.

Read More

Data Security

Cohesity and Carahsoft Partner to Offer Data Security to Public Sector

Cohesity | September 07, 2023

Cohesity, an industry leader in data security and management, and Carahsoft Technology Corp., a provider of trusted government IT solutions, announced entering into a partnership. Under the agreement, Carahsoft plans to act as a distributor for Cohesity, making Cohesity's data cloud platform accessible to the Public Sector via Carahsoft's reseller partners, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), NASA Solutions for Enterprise-Wide Procurement (SEWP) V, National Association of State Procurement Officials (NASPO) ValuePoint, OMNIA Partners, National Cooperative Purchasing Alliance (NCPA), and E&I Cooperative service contract. The extensive data cloud platform from Cohesity consolidates data sources, assists in the elimination of infrastructure silos, and automates data management tasks. The platform streamlines data management by offering a single, user-friendly interface for managing data in cloud, on-premises, and edge environments. Cohesity's data security and management solutions offer the public sector with granular control over their data, enabling them to comply with legal and regulatory requirements and protect sensitive data. The Cohesity Data Cloud’s key capabilities include: Data Protection: Captures backup copies of data that are preserved inalterably and are instantaneously recoverable in an instance of a ransomware attack or other business disruptions. Data Security: Provides enhanced resilience to cyber threats via cyber vaulting, data classification, threat intelligence and scanning, and bidirectional integration with the security operations center of agencies. Data Mobility: Enables agencies to transfer data across hybrid multi-cloud environments in a secure and efficient manner, thereby reducing costs and increasing flexibility. Data Access: Eliminates unnecessary copies and efficiently manages files and objects at scale. Data Insight: Enables agencies to search, classify, and analyze data worldwide across their entire infrastructure in order to provide business value or pinpoint sensitive data for compliance. Kit Beall, Chief Revenue Officer at Cohesity, said, We are pleased to partner with Carahsoft and its resellers to provide U.S. government agencies with powerful novel capabilities based on our leadership position in data security and management. [Source – GlobeNewswire] Beall also added that they look forward to expanding their strategic partnership with Carahsoft to assist public sector customers in strengthening their cyberspace resilience in the face of evolving advanced adversaries. About Cohesity Cohesity is an industry leader in AI-powered data management and security. The company makes it simple to secure, protect, manage, and extract value from data — across the data center, cloud, and edge. It provides organizations with comprehensive data security and management capabilities, such as AI-based threat detection, immutable backup snapshots, and monitoring malicious behavior, among others, to defend against cybersecurity threats. About Carahsoft Carahsoft Technology Corp. is a trusted government IT solutions provider serving public sector organizations across local, state, and federal government agencies and healthcare and education markets. As the master government aggregator for vendor partners, the company provides solutions for multicloud, DevSecOps, cybersecurity, Big Data, AI, customer experience and engagement, open source, and other domains. Working with resellers, systems integrators, and consultants, Carahsoft's sales and marketing teams provide hundreds of contract vehicles with industry-leading IT products, services, and training.

Read More

More Trending news

Spotlight

Zero Trust at Scale

In 2020, Cisco set out to move from a traditional networkbased perimeter and VPN model to a zero trust framework. Dubbed ‘borderless ’ internally, the core goal was to give users a secure, uniform experience accessing applications, wherever the user or application is located. Using the features of Duo Beyond, our team set out to

Resources

Protecting The Aviation Sector From Cyberattacks

Whitepaper

Protecting Public Water Systems From Cyberattacks

Whitepaper

Leading the Pack: Top 15 Network Security Providers for Businesses

Article

Protecting The Aviation Sector From Cyberattacks

Whitepaper

Protecting Public Water Systems From Cyberattacks

Whitepaper

Leading the Pack: Top 15 Network Security Providers for Businesses

Article