BIGTINCAN TAKES AIM AT REVENUE ENABLEMENT WITH ASDEQLABS ACQUISITION

Bigtincan | September 05, 2019

Bigtincan (ASX:BTH), the leader in mobile, AI-powered sales enablement automation,  today announced the acquisition of AsdeqLabs, whose platform provides support for field-based employees and mobile service capabilities, helping to usher in the next evolution of service enablement and customer engagement for revenue accountability. With AsdeqLabs, Bigtincan strengthens its revenue enablement platform by expanding its content management and collaboration solutions to support customer engagement initiatives for service technicians, field engineers and mobile customer support technicians. These capabilities will help companies drive a holistic strategy to improve customer hand-offs and optimize their customers’ experiences with accountable revenue results. AsdeqLabs is a next generation service enablement solution that ensures secure and automatic delivery of documents and data collection on field employees’ devices. Its proprietary AsdeqForms is a fully mobile and cloud-based solution that removes paper-based processes to collect data in the field and sync it directly to existing backend business systems. As a result, field workers and mobile service technicians are more productive when onsite with their customers through reduced error rates and lowered administrative overhead.

Spotlight

How the Hackers Get In – Experiences from Real-Life Security Breaches - Part 2. In the second of a 3 part series of short videos, Don Smith, Dell SecureWorks Technology Director, shares how to get into the mindset of actors presenting threats to your organisation.


Other News
DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch

Pathlock | September 27, 2022

Pathlock, the leading provider of application security and controls automation for critical business applications, today announced the acquisition of Grey Monarch, a UK-based specialist SAP Partner dedicated to SAP Process Automation. The acquisition will strengthen Pathlock's vision of providing the industry's most complete 360-degree platform for application security and controls automation for the SAP ecosystem. Since 2008, Grey Monarch has developed expertise in SAP Security, Segregation of Duties, SAP Licence Optimization, SAP Background Processing Automation and Secure Managed File Transfer. With this acquisition, the SAP community will benefit from the very best SAP Process Automation advice, implementation skills, and software and training capabilities, improving levels of security, enhancing their users' experience and streamlining audit, compliance and control procedures. "It's now more imperative than ever for organizations to utilize a holistic view of user access and privileges so they can be managed, monitored and controlled to ensure the maximum protection of data, business processes and intellectual property," said David Lloyd, Director and Co-Founder, Grey Monarch. "Combining Grey Monarch's capabilities with the Pathlock family of expertise, resources and product portfolio will provide our customers, existing and new, with an unsurpassed visibility into their business applications." "We're thrilled to complete the acquisition of Grey Monarch. "We continue to see a strong demand for our globally recognized application security and controls automation solutions, and know that with Grey Monarch's specialization in SAP process automation we can continue to enable our global customers to revolutionize the way they secure their sensitive financial and customer data." Piyush Pandey, CEO of Pathlock In May 2022, Pathlock announced a $200M capital raise sponsored by Vertica Capital Partners alongside a merger with Appsian and Security Weaver and the acquisition of Belgium-based CSI Tools and Germany-based SAST SOLUTIONS. The company has successfully doubled in size in terms of revenue and employees and is now servicing over 1,400 customers across all major industries on a global scale with offices across the United States, Belgium, the UK, Germany, Israel and India. About Pathlock Pathlock is the leader in application security and controls automation. With Pathlock, enterprises can manage all aspects of access governance via a single platform, across applications, including user provisioning, ongoing User Access Reviews, segregation of duties, control testing, and audit preparation. Today, many of the world's most respected, global 2000 companies rely on Pathlock to protect their critical digital assets from financial, operational, regulatory and security threats, ensure corporate compliance and improve performance. Our customers have saved millions in employee productivity, labor costs, audit fees and data loss prevention.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Attackers Use Automation to Speed from Exploit to Compromise According to Lacework Labs Cloud Threat Report

Lacework | October 14, 2022

Lacework®, the data-driven cloud security company, today released the fourth Lacework Labs Cloud Threat Report and subsequently launched a new, open source tool for cloud hunting and security efficacy testing. The new tool, known as Cloud Hunter, will help customers keep pace with ever-improving adversarial tradecraft through advanced environmental analysis and improved incident response time. Developed in response to new types of sophisticated threat models uncovered through Lacework Labs' research, Cloud Hunter utilizes the Lacework Query Language (LQL) to permit hunting across data within the Lacework platform by way of dynamically-created LQL queries. Customers can quickly and easily find data and develop queries for ongoing monitoring as they scale detections along with their organization's cloud security program. Data is automatically analyzed while Cloud Hunter extracts information, further streamlining the capabilities and response times for incident investigations. The Lacework Labs Cloud Threat Report examines the cloud security threat landscape over the past three months and unveils the new techniques and avenues cybercriminals are exploiting for profit at the expense of businesses. In this latest edition, the Lacework Labs team found a significantly more sophisticated attacker landscape, with an increase in attacks against core networking and virtualization software, and an unprecedented increase in the speed of attacks following a compromise. Key trends and threats identified include: Increased speed from exposure to compromise: Attackers are advancing to keep pace with cloud adoption and response time. Many classes of attacks are now fully automated to capitalize on timing. Additionally, one of the most common targets is credential leakage. In a specific example from the report, a leaked AWS access key was caught and flagged by AWS in record time. Despite the limited exposure, an unknown adversary was able to login and launch tens of GPU EC2 instances, underscoring just how quickly attackers can take advantage of a single simple mistake. Increased focus on infrastructure, specifically attacks against core networking and virtualization software: Commonly deployed core networking and related infrastructure consistently remains a key target for adversaries. Core flaws in infrastructure often appear suddenly and are shared openly online, creating opportunities for attackers of all kinds to exploit these potential targets. Continued Log4j reconnaissance and exploitation: Nearly a year after the initial exploit, the Lacework Labs team is still commonly observing vulnerable software targeted via OAST requests. Analysis of Project Discovery (interact.sh) activity revealed Cloudflare and DigitalOcean as the top originators. "Creating an open source tool not only extends our capabilities as a research team and company, but also gives us a way to fully give back to and empower the developer community based on what we're seeing from our threat research," said James Condon, Director of Threat Research at Lacework. "As our research shows an increasingly more sophisticated attack landscape, this tool provides a more detailed analysis of an organization's unique environment based on the new techniques being leveraged by attackers. Cloud Hunter is the first tool from Lacework to generate queries that can be directly converted into custom policies within a customer's environment." The Lacework Labs team also examined issues around how "rogue accounts" are utilized by attackers for the reconnaissance and probing of S3 buckets as well as the growing popularity of cryptojacking and steganography. A full copy of the report and the executive summary can be found here. About Lacework Lacework is the data-driven security platform for the cloud. The Lacework Cloud Security Platform, powered by Polygraph, automates cloud security at scale so our customers can innovate with speed and safety. Only Lacework can collect, analyze, and accurately correlate data across an organization's AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. Customers all over the globe depend on Lacework to drive revenue, bring products to market faster and safer and consolidate point security solutions into a single platform. Founded in 2015 and headquartered in San Jose, Calif., Lacework is backed by leading investors like Sutter Hill Ventures, Altimeter Capital, D1 Capital Partners, Tiger Global Management, Counterpoint Global (Morgan Stanley), Franklin Templeton, Durable Capital, General Catalyst, XN, Coatue, Dragoneer, Liberty Global Ventures, and Snowflake Ventures, among others.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY

Wib Raises $16 Million Investment to Accelerate Growth and Tackle Rising API Security Problem

Wib | November 08, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA. API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk. Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. "APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk. Gil Don, CEO and Co-Founder of Wib "What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security." A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach. About Wib Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

VMware SASE and SD-WAN Helps Organizations Take a Holistic Approach to Networking and Security

VMware | October 31, 2022

The last two years accelerated Information Technology (IT) trends that were already underway: rapid increase in the adoption of cloud, multi-cloud, and internet of things (IoT); a smarter edge for use cases such as modern retail, healthcare, and manufacturing; and a distributed workforce, where employees can be anywhere. Software-defined (SD) WAN technology eliminates the traditional WAN connectivity challenges associated with distributed enterprise applications and IoT devices that held back this acceleration. The need to more securely connect distributed users to cloud-based applications is driving the adoption for software-defined, cloud-delivered security. Secure Access Service Edge (SASE) combines the flexibility of SD-WAN technology with a full suite of security services it delivers from the cloud. SASE points of presence (PoPs) provide networking and security functions closer to the user, enabling fast and more secure access Frost & Sullivan's latest white paper, As Edge Computing Gains Traction, the Business Case for SASE is Stronger than Ever, explores how market trends highlight the demand for the cloud-delivered networking, compute, and security architecture that SASE delivers. As public cloud adoption levels continue to increase post-pandemic due to hybrid and multi-cloud configurations, businesses should: Integrate edge computing as part of hybrid cloud architecture to optimize and more securely connect edge locations back to data centers and cloud-hosted applications. Implement hybrid and multi-cloud configurations to become more distributed and easily build, deploy, and continually optimize app delivery, for a more competitive edge. Support hybrid work trends and optimize user connectivity to cloud-based applications. Auto apply security conditions to users accessing enterprise applications based on the user identity and the context to mitigate risks and protect digital assets. VMware SASE is an example of the right way to secure and speed access in this distributed landscape through cloud-delivered SD-WAN Edge devices, Gateways, SASE Orchestrator, Edge Network Intelligence™, and Edge Compute Stack. The global network of scalable VMware SASE PoPs delivers apps to users reliably, quickly, and more securely over a single management interface. The VMware SASE product family delivers enterprise agility through a cloud-first open architecture, superior digital experience with rock-solid SD-WAN connectivity, security based on zero-trust principles, and operational simplicity with vendor-agnostic Artificial Intelligence for Operations that can help predict and prevent problems before they occur. About Frost & Sullivan For six decades, Frost & Sullivan has been world-renowned for its role in helping investors, corporate leaders and governments navigate economic changes and identify disruptive technologies, Mega Trends, new business models and companies to action, resulting in a continuous flow of growth opportunities to drive future success.

Read More

Spotlight

How the Hackers Get In – Experiences from Real-Life Security Breaches - Part 2. In the second of a 3 part series of short videos, Don Smith, Dell SecureWorks Technology Director, shares how to get into the mindset of actors presenting threats to your organisation.

Resources