DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

BigID Announces Native Data Security Controls for Snowflake

BigID | September 23, 2022 | Read time : 02:50 min

BigID
BigID, the leading data intelligence platform that enables organizations to know their enterprise data and take action for privacy, security, and governance, today announced native data security controls for Snowflake, alongside becoming the first Snowflake partner to achieve Snowflake Ready Technology Validation in both" Data Security" and "Data Cataloging".

BigID provides Snowflake customers with simplified access control, a data-centric approach to data masking, and accelerated security controls to better manage and protect their data.  With Snowflake Ready Technology Validation, these integrations make it easier than ever for joint customers to manage and protect their sensitive data in Snowflake Data Cloud.

As a validated solution in both data security and data cataloging, customers can:

  • Gain continuous control of their snowflake data and automatically detect new and changed data
  • Automatically find and classify all types of data - including dark data - alongside sensitive, regulated,critical, and personal data
  • Streamline access policy definitions with a data-driven approach
  • Apply intelligent tag-based data masking based on sensitivity and type

"With this validation, our customers gain the trust and confidence that BigID has been battle tested against Snowflake best practices across deployment, performance, security, compliance, and more. "We're thrilled to continue to deepen our relationship with Snowflake, and drive innovation together across the modern tech stack."

Nimrod Vax, Head of Product at BigID

About BigID
BigID's data intelligence platform enables organizations to know their enterprise data and take action for privacy, security, and governance. Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. BigID has been recognized for its data intelligence innovation as a 2019 World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, the 2021 Inc 5000 as the #19th fastest growing company and #1 in Security, a Business Insider 2020 AI Startup to Watch, and an RSA Innovation Sandbox winner.

Spotlight

These predictions are part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. New Norms Expected in Threat Landscape Threat Landscape Recruiters Search for Cyber Talent Outside of Security Talent Hiring Awareness of Flaws in IoT Security Will Be Magnified Endpoint Security Financial Sector Attackers Exploit Cracks in Blockchain Technology Financial Services Machine Learning and AI-Driven Frameworks Shape Cloud Security Cloud Service Providers Confront IoT Security Service Provider The Year We Get Serious About IoT Security Network Security Price of Ransomware Continues to Increase in Asia-Pacific APAC Ransomware and SaaS Challenges Persist in Healthcare Healthcare Confronts SMB Cyber Resiliency, Anticipating Tokyo 2020 Japan Preparation, Proliferation, Personnel and Protection = a Bumper Year in EMEA EMEA 2017 CYBERSECURITY PREDICTIONS Learn more:


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Datadog Launches Cloud Security Management to Provide Cloud Native Application Protection

Datadog | October 20, 2022

Datadog, Inc., the monitoring and security platform for cloud applications, today announced the general availability of Cloud Security Management. This product brings together capabilities from Cloud Security Posture Management (CSPM), Cloud Workload Security (CWS), alerting, incident management and reporting in a single platform to enable DevOps and Security teams to identify misconfigurations, detect threats and secure cloud-native applications. As organizations' cloud architectures become more complex, assessing security risks and collaborating across teams to mitigate them has become increasingly difficult. While security engineers are responsible for identifying threats and misconfigurations, DevOps teams are responsible for remediating them. DevOps and security teams often use multiple point solutions and tools to report on and resolve issues, but these tools provide an incomplete view of security risks and create silos between teams. Datadog's Cloud Security Management brings together observability and security insights across an organization's entire cloud environment—without the need to deploy additional agents. This shared context provides security engineers with deeper insights to collaborate with DevOps teams and more quickly remediate security issues. "Tight collaboration between security and DevOps teams is required to mitigate security risks in today's environments. This change has been brought on by the move to the cloud. Security teams today cannot take countermeasures alone without potentially impacting the performance and reliability of production systems. "Datadog Cloud Security Management helps these teams work together to remediate issues quickly by providing a single platform—as opposed to multiple point solutions—that delivers a complete view of an organization's infrastructure and risk exposure." Prashant Prahlad, VP of Product at Datadog "Using Cloud Security Management was like having a member of the InfoSec team embedded within our DevOps team," said Chad Upton, Vice President of Infrastructure at FirstUp. "All the security metrics were front and center so they could easily see the number of misconfigured resources in a single view and they didn't have to wait for someone from InfoSec to reach out and let them know there was an issue." "Because Datadog Cloud Security Management shows observability and security data together, alongside the resource relationship graph, we were able to remove cloud resources that were no longer in use and easily understand the impact of misconfigured cloud resources by visualizing all dependencies," said Ben Collen, Senior Director of Engineering and CISO at Vertex. Cloud Security Management expands on the foundational capabilities of cloud security posture management and cloud workload security of a CNAPP solution through: Resource Relationship Graph: By providing a visual risk assessment of misconfigured resources and vulnerabilities across an organization's cloud infrastructure, DevOps teams can take remedial actions based on the impact of the risk. Custom Detection Rules: Teams can now create fine-grained threat detection rules across all cloud resources—including their associated logs and security incident events. Resource Catalog (Beta): Engineers can access a comprehensive visual representation of all security risks associated with each cloud resource in a customer's environment and identify the owners of every cloud infrastructure resource to remediate vulnerabilities and misconfigurations. About Datadog Datadog is the monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

LMG Security Introduces New Proactive Cybersecurity Solutions

LMG Security | September 30, 2022

LMG Security, an internationally recognized cybersecurity consulting firm, has expanded its popular selection of cybersecurity advisory, testing, and training services with a new line of cybersecurity solutions. These solutions are designed to reduce the burden organizations face from implementing or managing cybersecurity technology, as well as create fast, easy access to skilled cybersecurity staff to augment internal teams. LMG Security is pleased to announce it now offers the following new solutions and services: Virtual CISO and Staff Augmentation: Organizations struggle to find and retain cybersecurity talent. LMG Security provides staff augmentation services that enable organizations to quickly access the specialized cybersecurity skills they need on a fractional basis. Endpoint Detection and Response Implementation: LMG Security implements and seamlessly integrates an endpoint detection and response solution that helps organizations defend against zero-day attacks, supply chain vulnerabilities, and other common cybersecurity threats. Multi-Factor Authentication Implementation (MFA): Protect against attack vectors such as phishing, business email compromise, and cross-cloud attacks with a customized MFA implementation. Password Manager Implementation: A password manager is a simple, affordable way to decrease the risk of a data breach from weak or reused passwords. LMG Security's team implements the password manager and ensures that it is optimally configured. Managed On-Demand Employee Cybersecurity Training: Get experts to design and manage your cybersecurity training for you. An LMG Security cybersecurity specialist will plan and monitor your training program to ensure your employees have the skills to be an effective "human firewall." Continuous Attack Surface Monitoring: LMG Security's team implements and seamlessly integrates a solution that scans Internet-facing systems to help organizations identify assets that are exposed or vulnerable. All LMG Security cybersecurity solutions are implemented and managed by experts who ensure that each solution follows all cybersecurity best practices and is optimally integrated with each organization's existing tech stack. "Organizations are struggling to find and hire skilled cybersecurity talent. "We make it easy for our clients by offering expert virtual CISO and cybersecurity staff augmentation services, as well as implementation and management services for key cybersecurity solutions." Davidoff continued, "IT teams are stretched to the limit at most organizations. We're excited to launch these new cybersecurity solutions that will help organizations defend against the constantly changing threat landscape." Sherri Davidoff, president and CEO of LMG Security ABOUT LMG Security LMG Security is an internationally recognized leader in the cybersecurity consulting industry. This full-service cybersecurity firm provides one-stop shopping for a wide array of cybersecurity services. Specializing in technical testing, advisory and compliance services, and training for more than a decade, the LMG Security team's security testing services were featured on the Today show. In addition, the team has published cutting-edge research on cell phone intrusion detection and banking Trojans, written books on network forensics, data breaches, and an upcoming book on ransomware and cyber extortion, and routinely speak or train at Black Hat, RSA and many other security conferences. LMG Security is privately held and headquartered in Missoula, Montana.

Read More

DATA SECURITY, SOFTWARE SECURITY

Quad9 Joins the Cyber Threat Alliance as Leading DNS Service to Improve the Cybersecurity of Our Global Digital Ecosystem

Quad9 | September 22, 2022

Today, Quad9, the leading free recursive DNS service, has joined the Cyber Threat Alliance (CTA) [cyberthreatalliance.org], a global non-profit working to improve the cybersecurity of our global digital ecosystem by enabling near real-time, high-quality cyber threat information sharing among organizations. Quad9 is part of the Contributing Allies program, which involves collaboration on cyber incidents and key cybersecurity topics. Exchange of expertise and threat intelligence with partners within the Cyber Threat Alliance is indispensable to counter online threats like malware, phishing, identity theft and ransomware. "As we expand our global reach, Quad9 is committed to working together with other cybersecurity providers through strategic partnerships and alliances. "Joining CTA's Contributing Allies program certainly fits that goal and enables us to engage more frequently with other like-minded organizations as we work together to improve security and privacy for all." John Todd, General Manager for Quad9 The Domain Name System (DNS) is where malicious domain names can be blocked most effectively preventing users from getting robbed of their money, identity or data. Over the past six years, Quad9 has built its strength developing the best-in-class maximum security and 100% privacy-assured DNS service. In so doing Quad9 has secured its place as one of the most important free cybersecurity providers in the world; protecting many tens of millions of users with servers in almost 100 countries. "We're excited to have Quad9 as a Contributing Ally," said Michael Daniel, President and CEO of the Cyber Threat Alliance. "They provide great security services and have some unique insights into the flow of data across the Internet. We look forward to working with them to continue improving the security of our digital ecosystem." Anyone who wants to boost their privacy and security can configure their device to use Quad9's DNS service, which blocks more than 150 million malicious events each day. Quad9's services are available to both individuals and organizations. About Quad9 Quad9 is a recursive DNS service providing cybersecurity protection against malware and phishing. Quad9 is a Swiss public-benefit foundation which exists for the purpose of improving privacy and security, Quad9 does not collect or resell personal data. Its service is provided to individuals and organizations at no cost and requires no contract. The organization was launched in 2017 and now operates from nearly two hundred locations in ninety countries. Quad9 exists to improve end user protection and privacy worldwide in addition to promoting the stability and security of the Internet.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY

Wib Raises $16 Million Investment to Accelerate Growth and Tackle Rising API Security Problem

Wib | November 08, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA. API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk. Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. "APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk. Gil Don, CEO and Co-Founder of Wib "What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security." A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach. About Wib Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.

Read More

Spotlight

These predictions are part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. New Norms Expected in Threat Landscape Threat Landscape Recruiters Search for Cyber Talent Outside of Security Talent Hiring Awareness of Flaws in IoT Security Will Be Magnified Endpoint Security Financial Sector Attackers Exploit Cracks in Blockchain Technology Financial Services Machine Learning and AI-Driven Frameworks Shape Cloud Security Cloud Service Providers Confront IoT Security Service Provider The Year We Get Serious About IoT Security Network Security Price of Ransomware Continues to Increase in Asia-Pacific APAC Ransomware and SaaS Challenges Persist in Healthcare Healthcare Confronts SMB Cyber Resiliency, Anticipating Tokyo 2020 Japan Preparation, Proliferation, Personnel and Protection = a Bumper Year in EMEA EMEA 2017 CYBERSECURITY PREDICTIONS Learn more:

Resources