DATA SECURITY

Balbix Extends Cyber Security Posture Automation to AWS

Balbix | November 02, 2021

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the general availability of the Balbix Connector for AWS. As a result of the new offering, customers gain a comprehensive inventory of their assets spanning on-premises and cloud as well as the ability to discover, prioritize and mitigate unseen risks, including unpatched software vulnerabilities, weak credentials, missing or poor encryption, trust issues and cloud infrastructure misconfigurations.

A surge in cloud adoption has made modern IT environments more complex and increased the enterprise attack surface. While gains have been made in cloud security, visibility remains siloed. Proactive cybersecurity tools are typically split into on-premises and cloud silos, making it extremely difficult to get a consolidated view into both environments. In addition, the ability to identify and address the most pressing risks requires the assistance of automation to successfully scale.

Improved AWS Security Posture Management
The new Connector for AWS provides support for the most popular AWS Cloud services including core services like Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), and AWS Identity and Access Management (IAM); database and container services like Amazon Relational Database Service (Amazon RDS), and Amazon Elastic Kubernetes Service (Amazon EKS); and analytics services like Amazon OpenSearch Service. As a result, teams overseeing security of their AWS environments can:
  • Get comprehensive visibility into cloud assets and accurately categorize them into compute, storage, network, and containers
  • Discover exposure to common cloud attack vectors, especially misconfigurations – the most exploited attack vector for the cloud
  • Measure risks in terms of the likelihood and monetary impact of them being exploited in order to prioritize risks for remediation and report on the overall security posture

Visibility Across the Entire Network
With the addition of the Connector for AWS, Balbix merges cloud and on-premises visibility in one view, eliminating the need for security practitioners to look through multiple dashboards and allowing them to work more productively.

"With a significant portion of our IT infrastructure already running in AWS alongside a longer-term cloud-first strategy to migrate most workloads to the cloud, the addition of the Balbix Connector for AWS enables us to drive down risk comprehensively across our enterprise," said Nate Miller, Senior IT Manager, Global Cyber Security and IT Compliance at Cooper-Standard. "However, we know some critical IT infrastructure will remain on-premises. The unified visibility provided by Balbix is key to enable our cyber security teams to make the best decisions for the business and most efficiently minimize the risk of breach."

Advanced Risk Analysis
AWS data is analyzed using purpose-built AI algorithms to produce a comprehensive view of cyber-risk for organizational cloud assets, along with relevant context and recommended action items. Risk is measured in dollars, which provides a common language that organizations can use to prioritize projects, spending and track the effectiveness of their overall cybersecurity program.

"Traditionally, cyber posture tools have been siloed, only offering views for cloud or on-premises, never both,We are excited to introduce the Balbix Connector for AWS to break down the siloed approach and offer AWS customers a holistic view of their overall corporate risk, along with new insights to manage security under the shared responsibility model."

Gaurav Banga, CEO at Balbix

About Balbix
Balbix is the world's leading platform for cybersecurity posture automation. Using Balbix, organizations can discover, prioritize and mitigate unseen risks and vulnerabilities at high velocity. With seamless data collection and petabyte-scale analysis capabilities, Balbix is deployed and operational within hours, and helps to decrease breach risk immediately. Balbix counts many global 1000 companies among its rapidly growing customer base and was named a "Cool Vendor" by Gartner in 2018.

Spotlight

Inaugural launch of the CDSE "Cybersecurity Awareness Updates" series. Identifies and discusses the latest trends in Cybersecurity awareness. This update focuses on helping security and cybersecurity professionals understand the current Cybersecurity landscape, as well as where they can find more information to assist their organizations. A new Cybersecurity Awareness Update will be available at the end of each month.


Other News
PLATFORM SECURITY

QuSecure Launches Industry’s First End-to-End Post-Quantum Cybersecurity Solution to Uniquely Address Current and Future Quantum Computing Threats

QuSecure | May 21, 2022

QuSecure™, Inc., an innovator in post-quantum cybersecurity (PQC), today introduced its quantum orchestration platform, QuProtect™, the industry’s first end-to-end PQC software-based solution uniquely designed to protect encrypted communications and data with quantum-resilience using quantum secure channels. With QuProtect, for the first time organizations can leverage quantum resilient technology to help prevent today’s cyberattacks, while future-proofing networks and preparing for post-quantum cyberthreats. Leading experts, including Arthur Herman, senior fellow and director of the Quantum Alliance Initiative at The Hudson Institute, believe that a Cryptographically Relevant Quantum Computer (CRQC), which is a quantum computer that can break current cryptography and will expose the world’s encrypted communications and data, will be available within the next 3-5 years. Additionally, nation-state attackers are currently stealing encrypted data, using a “Steal Now, Decrypt Later” (SNDL) strategy to collect global encrypted data, which will be retroactively decrypted once a CRQC is available. As a result, on May 4, the White House mandated PQC compliance via the National Security Memorandum “Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems.” Also, the bipartisan Endless Frontiers Act would establish a Technology and Innovation Directorate at the National Science Foundation which would use $100 billion in federal funds over five years to research emerging technologies including quantum computing, and specifically mentions the need for PQC. Organizations will need to follow suit to protect their data and communications from post-quantum cyberthreats. QuProtect provides quantum-resilient cryptography, anytime, anywhere and on any device. QuProtect uses an end-to-end quantum security as a service (QSaaS) architecture that addresses the digital ecosystem’s most vulnerable aspects, uniquely combining zero-trust, next-generation post-quantum-cryptography, quantum-strength keys, high availability, easy deployment, and active defense into a comprehensive and interoperable cybersecurity suite. The end-to-end approach is designed around the entire data lifecycle as data is stored, communicated, and used. “Quantum technologies have the potential to represent a platform shift, and platform shifts don’t come around that often,” said Laura Thomas, former CIA Chief of Base with more than 17 years in various national security and leadership roles and currently VP of Corporate Strategy at ColdQuanta, a quantum computing and sensing company. “When they do, they bring enormous opportunity coupled with the power for intense disruption, in all arenas, to include national security and economic security. Organizations should be evaluating post-quantum encryption solutions now and mapping out the resources and timelines needed to deploy them on their networks. QuSecure is playing a key role in future-proofing our networks from current classical and future quantum attacks.” QuSecure also today announced its formal company launch. See accompanying company launch press release issued by QuSecure today at QuSecure Company Launch. “Enterprises are charged with providing high levels of data security,” said Skip Sanzeri, QuSecure Founder and COO. “We are facing the largest computer upgrade cycle in history as all public key cryptography globally needs to be upgraded to PQC. Our QuProtect solution provides organizations with a first-mover advantage as the industry accelerates toward a quantum future. QuProtect allows organizations and their clients to maintain the highest level of quantum-resilient security to address cyberthreats with minimal disruption to existing systems.” QuProtect protects any node on the network by using National Institute of Standards and Technology (NIST) approved quantum algorithms to create secure quantum communications channels. Its technology enables backwards compatibility and can translate back and forth from PQC to standard Transport Layer Security (TLS), ensuring interoperability with any network. No other company combines QuSecure’s broad-based quantum and post-quantum technologies providing secure, interoperable cybersecurity to protect organizations’ networks from quantum threats. QuProtect’s unique differentiators include (partial list): Post-quantum open-source, end-to-end data protection on all platforms and networks – QuSecure applies post-quantum protections to all systems and devices – from cloud, to server, to laptop, to edge and IoT – protecting communications and data. QuProtect uses Quantum Random Number Generation (QRNG) to create quantum-resilient cryptographic keys which provide entropy throughout the entire network. Network-wide entropy is important because true quantum randomness protects systems from vulnerabilities and attacks such as pattern detection and cryptanalysis. Easy integration and deployment with zero client-side installations supporting most platforms – QuProtect is designed to be simple to deploy, operate and manage for existing devices and systems. Any existing platform that runs cryptography can be upgraded to PQC through QuProtect’s software-upgrade solutions. QuSecure’s solution enables controlled, phased deployment in highest priority segments first, enabling organizations to audit and/or delay endpoints which don’t need immediate upgrade. QuProtect permits instantaneous re-selection of algorithms enabling crypto agility while NIST finalizes the PQC algorithms to be standardized. Continuous monitoring and attack resilience – QuProtect improves security through continuous anomaly monitoring, machine learning-enabled attack detection, and active remediation. QuProtect is the industry’s most advanced PQC solution providing end-to-end quantum-resilience for many of today’s critical use cases, including satellite, network, and IoT communications. QuProtect can be hosted on-premise or via cloud-based orchestration delivering the most compatible solution to the post-quantum problem. An organization can implement PQC across all devices on the network with minimal disruption to existing systems, protecting against current and future classical and quantum attacks which could irreparably disrupt industries and infrastructures across government and commercial sectors. About QuSecure QuSecure is an innovator in post-quantum cybersecurity with a mission to protect enterprise and government data from quantum and classical cybersecurity threats. Its patent-pending, quantum-safe solutions provide an easy transition path to quantum resiliency across any organization. The company’s QuProtect solution is the industry’s first PQC software-based platform uniquely designed to protect encrypted communications and data with quantum-resilience using a quantum secure channel. QuSecure has current customer deployments in banking/finance, healthcare, space/satellite, IT/data enterprises, datacenters and various Department of Defense agencies. QuSecure is investor backed and has offices in Silicon Valley.

Read More

PLATFORM SECURITY

Cybersecurity Startup ActZero Partners with Measured Analytics and Insurance

ACTZERO | December 15, 2021

ActZero, a cybersecurity startup whose AI-driven platform makes best-in-class security accessible for businesses of all sizes, today announced a strategic partnership with Measured Analytics and Insurance, the data and analytics-driven cyber insurance company. The partnership will enable businesses to protect themselves against emerging security threats with an integrated risk management approach. Recent reports by lead researchers have found that a majority of organizations have experienced incidents of ransomware or phishing in the last 12 months, while other cybersecurity threats are also on the rise. This trend means that more and more businesses need to level up their cybersecurity posture, while also preparing for the ramifications of potential attacks with cybersecurity-specific insurance. The partnership between ActZero and Measured is among the first to holistically address a business's cybersecurity needs by combining sophisticated managed detection and response services designed to stop attacks and extortion with insurance services that position companies to mitigate potential losses. "We're pleased to be working with Measured, which will serve as the foundation of our integrated risk management distribution channel,Pairing our solution with insurance coverage to better protect customers represents another leap forward in our pursuit of making cybersecurity more effective and affordable for small and mid-sized enterprises." Chris Finan, ActZero's Chief Operating Officer The ActZero platform combines next-generation antivirus protection, endpoint detection and response, extended detection and response technologies, and 24/7 automated and managed threat hunting capabilities to detect and prevent all types of cybersecurity threats, from commodity malware to sophisticated, headline attacks across endpoints, network and cloud. The combined offering with Measured means that ActZero clients can now take advantage of streamlined access to cyber insurance at better rates. Measured Analytics and Insurance sells industry-leading comprehensive cyber insurance backed by the most reputable reinsurance companies in the world. Measured tackles the challenge of underwriting cyber insurance by combining proprietary data and machine learning algorithms to assess and price cyber insurance for small- and mid-sized businesses. In partnering with ActZero, Measured's clients gain access to a robust suite of cybersecurity technologies at preferred rates. "In this era of growing concerns and evolving threats, it's critical to complement our cyber insurance offering with innovative detection and response capabilities to stop problems before they start," said Jack Vines, CEO of Measured Insurance. "ActZero is the ideal partner to deliver on this promise, enabling our customers to implement sophisticated risk management strategies, thereby best positioning themselves against today's current threat climate." ABOUT ACTZERO ActZero is a cybersecurity startup that makes small- and mid-size businesses more secure by empowering teams to cover more ground with fewer internal resources. Our intelligent managed detection and response service provides 24/7 monitoring, protection and response support that goes well beyond other third-party software solutions. Our teams of data scientists leverage cutting-edge technologies like AI and ML to scale resources, identify vulnerabilities and eliminate more threats in less time. We actively partner with our customers to drive security engineering, increase internal efficiencies and effectiveness and, ultimately, build a mature cybersecurity posture. Whether shoring up an existing security strategy or serving as the primary line of defense, ActZero enables business growth by empowering customers to cover more ground. ABOUT MEASURED ANALYTICS AND INSURANCE Measured Insurance offers an analytics-based approach to cyber insurance, specifically quantifying specific exposure to ransomware attacks. Measured Insurance is bridging the gap between technology and insurance by using AI-powered analytics that tracks individual exposure in real-time to create smarter insurance products. Every policy is tailored to fit the individual client–clearly identifying pre-event exposure in seven fundamental areas and customizing post-event loss mitigation services with real experts, real people, and real help if ever needed.

Read More

DATA SECURITY

Noetic Cyber Partners with SentinelOne to address growing cybersecurity asset management challenges

Noetic Cyber | February 03, 2022

Noetic Cyber, a cloud-based continuous cyber asset management and controls platform, today announced a partnership with autonomous cybersecurity platform company SentinelOne (NYSE:S). This partnership delivers an end-to-end cybersecurity asset management solution that leverages SentinelOne's endpoint and cloud workload telemetry, combined and correlated with information from other information sources, to generate a high-fidelity, continuously updated, multidimensional map of all assets and their cyber relationships. The current fragmentation of IT management, DevOps and security tools makes it difficult for security teams to see all the assets in the business and to understand the relationships between them. In fact, 71% of global IT leaders admit to finding new endpoints in their environment on a weekly basis. Endpoint and cloud workload telemetry is a vital part of this information, providing high-fidelity, relevant insights into threats and cyber assets. The integration of SentinelOne Singularity XDR and the Noetic platform enables teams to extend the visibility, detection and endpoint insights of SentinelOne into a wider asset inventory and management architecture, maximizing their value. "We are very excited to be partnering with Noetic Cyber on this integrated solution," said Chuck Fontana, SVP of Business Development, SentinelOne. "There is a significant security challenge in not understanding the cyber risk of all assets in your environment. Together with Noetic, we're able to close that gap and ensure a hygienic cybersecurity environment for organizations across industries." The SentinelOne Connector for Noetic is an API-based integration. Joint customers install the SentinelOne Connector into the Noetic platform and provide it with API credentials to establish a bi-directional integration between the two platforms. The Noetic platform periodically polls SentinelOne, looking for information indicating new, updated or removed endpoints. This information is ingested, aggregated and correlated with information from other data sources, presented to security teams via innovative graph database technology. Pre-packaged queries and dashboards help analysts to uncover coverage and compliance gaps and hidden risks. The Noetic platform also includes a comprehensive automation workflow engine, which allows security teams to pre-determine corrective action, such as deploying the SentinelOne agent to unprotected machines, triggering a scan or disconnecting a machine from the network. "Through this innovative partnership with SentinelOne, we are able to jointly address security coverage gaps and automatically correct misconfigured endpoints that could otherwise leave organizations vulnerable,Leveraging the high-fidelity data provided by SentinelOne, Noetic provides unparalleled insights into your cyber assets, identifies security risks and uses automation to continuously close them." Paul Ayers, CEO of Noetic About SentinelOne SentinelOne's cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform. About Noetic Cyber Noetic Cyber enables security teams to make faster, more accurate decisions to detect coverage gaps and reduce cyber risk. The Noetic solution is a cloud-based Continuous Cyber Asset Management & Controls Platform that provides teams with unified visibility of all assets across their cloud and on-premises systems, and delivers continuous, automated remediation to close coverage gaps and enforce security policy. Noetic improves security tools and control efficacy by breaking down existing siloes and improving the entire security ecosystem. Founded in 2019, Noetic is based in Boston and London.

Read More

DATA SECURITY

Axonius Unveils SaaS Management Solution to Combat Complexity, Cost, and Risk

Axonius | January 20, 2022

Axonius, the leader in cybersecurity asset management, today unveiled Axonius SaaS Management, a new comprehensive solution that helps security, IT, finance, and risk teams control the complexity, cost, and risk of software as a service (SaaS) with a single source of truth into their SaaS application landscape. As businesses rapidly increase consumption of SaaS applications, they face acute IT, security, and business challenges. The rate of SaaS adoption makes manual approaches to gaining a credible SaaS asset inventory woefully inadequate and exposes extremely difficult visibility challenges into both known and unknown SaaS applications. Compounding these visibility challenges, companies struggle to identify how data flows between apps, manage a myriad of configurations, and close security gaps, as well as track licensing and spend, across hundreds sometimes thousands of SaaS applications. Axonius SaaS Management lets customers address the operational and financial challenges of SaaS asset management, as well as the security and risk gaps, all via a seamless, nonintrusive deployment that delivers actionable insights from day one. This is the first product delivered by AxoniusX, the company’s innovation-focused business unit that launched in June 2021. “Over the past few years, we’ve seen tools emerge that address some aspects of SaaS management from either the business side or SaaS security posture management, but these approaches still leave companies with gaps in visibility and siloed information,We’ve built on our unique approach to cybersecurity asset management to deliver the same results for SaaS applications. With our rich history in building and maintaining API integrations with SaaS solutions, Axonius has the expertise and market traction to bring massive value to organizations struggling with the complexity of modern apps and infrastructure.” Amir Ofek, CEO and co-founder of AxoniusX Axonius SaaS Management uses adapters (API connections to data sources) and proprietary SaaS discovery tools to create a detailed inventory of all SaaS applications, permissions, and data flows. By connecting to all layers of the SaaS application stack, the solution discovers both the SaaS applications known to and sanctioned by organizations as well as shadow and unmanaged apps. This approach provides comprehensive visibility into all data types and interconnectivity flows, identifies misconfigurations and data security risks, and delivers actionable insights for better IT management and cost optimization. Axonius SaaS Management integrates with Axonius Cybersecurity Asset Management to provide a comprehensive platform that unifies all digital assets from SaaS apps to devices, user accounts, cloud assets, and more so customers can easily and effectively control complexity across the entire IT environment. About Axonius Axonius gives customers the confidence to control complexity by mitigating threats, navigating risk, automating response actions, and informing business-level strategy. With solutions for both cyber asset attack surface management (CAASM) and SaaS management, Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically validate and enforce policies. Cited as one of the fastest-growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of assets, including devices and cloud assets, user accounts, and SaaS applications, for customers around the world.

Read More

Spotlight

Inaugural launch of the CDSE "Cybersecurity Awareness Updates" series. Identifies and discusses the latest trends in Cybersecurity awareness. This update focuses on helping security and cybersecurity professionals understand the current Cybersecurity landscape, as well as where they can find more information to assist their organizations. A new Cybersecurity Awareness Update will be available at the end of each month.

Resources