Data Security

By Launching Threat Protection, NordVPN Entered the Antivirus Market

With the launching of Threat Protection, which is integrated
With the launching of Threat Protection, which is integrated into the NordVPN app, NordVPN, the world's largest VPN service provider, takes another step toward cementing its position as a market leader in cybersecurity. By preventing trackers, phishing attempts, invasive adverts, harmful websites, and corrupted files, this new function provides a complete defense against cyber threats.

"At Nord Security, we know that cybersecurity evolves rapidly, and cybersecurity tools must evolve too. And as part of a broader effort to shift into a more encompassing cybersecurity company, introducing Threat Protection brings us one step closer," says Vykintas Maknickas, product strategist at NordVPN. "With the introduction of Threat Protection, we will be able to offer more services and more comprehensive protection that doesn't depend merely on your VPN connection."

Threat Protection protects against three types of threats. Web trackers and malicious adverts, as well as hazardous websites and corrupted files, are among them.

Web trackers and malicious ads

Defending against trackers is often outside the scope of a VPN, which is where Threat Protection comes in. Threat Protection improves the overall web privacy experience by ultimately preventing trackers. In real-time, you can monitor and manage the blacklisted trackers.
Harmful websites

To avoid harmful websites, utilize Threat Protection while browsing the web. Before the page loading, Threat Protection displays a warning popup. This allows you to escape rather than proceed to a potentially hazardous site where you could be phished or have your info harvested.
Infected files

Threat Protection can also be the first line of security while downloading a file from the internet. It will scan the file for malware and, if none are found, it will be designated as safe without any interruptions. However, if malware is discovered, the file will be removed before it can cause any harm. You'll also get access to a log of scanned files that you may look at at any time.

"Threat Protection takes what was once the task of antivirus software and merges it with NordVPN,Regardless of how long you have been using the internet, you can end up falling victim to some precarious website or download. This is exactly why Threat Protection was introduced — to add a layer of security to make your online browsing safer, cleaner, and more private."

Vykintas Maknickas, product strategist at NordVPN

Users must download the newest OpenVPN version of the NordVPN app from the official website to use Threat Protection. Users will be protected without connecting to a VPN server once the feature is enabled. Threat Protection is currently available for all macOS users, and Windows users will receive it gradually.

NordVPN is a service provided by Nord Security. Nord Security is steadily progressing toward its goal of being an all-in-one cybersecurity solution. Three more market-leading products join NordVPN: NordLocker, an encrypted cloud storage solution; NordPass, a next-generation password manager; and NordLayer, an advanced network access security solution.

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va


Other News
Cloud Security

Tigera Boosts Calico for Enhanced Security & Performance

Tigera | November 07, 2023

Tigera, a provider of an active security platform for containers and Kubernetes, has announced significant upgrades to its Calico Open Source and Calico Cloud. These improvements focus on enhancing the security, scalability, and performance of Kubernetes deployments for enterprises, providing a comprehensive solution for containerized environments. Given the increased utilization of Windows containers in production, Tigera has introduced the Calico Open Source Windows HostProcess Container feature. It streamlines node pool deployment, eliminating the need for manual node initialization and enhancing Kubernetes administrators' ability to manage Windows container-based applications efficiently. Calico Cloud now introduces a Security Score and Recommended Actions feature, addressing the paramount importance of security in Kubernetes clusters. This feature offers administrators an at-a-glance view of their organization's security posture by monitoring historical trends and risks by namespace. Moreover, it provides actionable recommendations tailored to each workload, fortifying the security of individual workloads and the entire cluster. It supports IPv6 for the eBPF dataplane, meeting the demands of enterprise-class applications by providing scalable, high-performance networking. This innovation ensures optimal performance for latency-sensitive applications and addresses IP shortages. Multi-cluster Kubernetes deployments over VxLAN are on the rise, requiring enhanced application layer observability and security. Calico introduces Kubernetes Cluster Mesh for VxLAN, offering a scalable solution for workload communication and security policy enforcement across Kubernetes clusters. This simplifies complex multi-cluster environments and ensures enterprise infrastructure can run efficiently, securely, and compliantly. These Calico enhancements redefine container networking and security, enabling enterprises to secure, scale, and optimize their Kubernetes clusters with unparalleled confidence. Tigera's Chief Product Officer, Amit Gupta, emphasized the importance of these updates, stating that Calico provides the industry's most complete solution for securing and observing Kubernetes environments. About Tigera Tigera provides the industry's sole active security platform, complemented by comprehensive observability capabilities tailored for containers and Kubernetes. The company's platform operates on a multifaceted front, effectively thwarting, identifying, troubleshooting, and autonomously mitigating potential security breach risks. It offers its platform through two distinct avenues: a fully managed SaaS solution, Calico Cloud, or a self-managed service, Calico Enterprise. Its open-source offering, Calico Open Source, is the most widely adopted solution for container networking and security, shaping the landscape of secure container environments.

Read More

Cloud Security

Checkmarx Announces Technology Partner Program to Enable the Industry's Most Extensible, Code-to-Cloud Enterprise AppSec Ecosystem

PR Newswire | October 19, 2023

Checkmarx, the industry leader in cloud-native application security for the enterprise, today announced its Checkmarx Technology Partner program, enabling organizations to easily extend the leading AppSec platform with a wide range of technology partner capabilities. The combination of best-of-breed technology partners with the leading enterprise AppSec platform helps organizations shift everywhere, from code to cloud, with a unified AppSec posture integrated into the software development life cycle (SDLC). Checkmarx' Technology Partner Program helps organizations simplify management across their AppSec programs, get more value out of existing AppSec solutions and drive better security outcomes. Providing broad support for greater AppSec maturity throughout the entire SDLC, the Checkmarx Technology Partner program enables partners and their customers to centralize and simplify discovery in these key areas through Checkmarx One: Vulnerability and risk management systems: Aggregate, normalize and prioritize vulnerabilities and risks with a unified, holistic view with partners like ArmorCode, Brinqa and ServiceNow. SDLC tools: Integrate AppSec at all stages of the software development lifecycle within the environments and tools used daily by analysts, developers and testers with partners like GitLab, JetBrains and Security Compass. Cloud and runtime security: Match cloud assets at runtime with application source code projects so that vulnerabilities found in the developer source code are enriched with runtime context, and runtime cloud security inventories are enriched with AppSec findings – all possible through partners like AWS, Cisco Panoptica and Sysdig. Emerging technologies: Work with the most innovative startups and technologies including AI and GenAI to shape tomorrow's AppSec solutions landscape with partners like Mobb.ai. Expanding this ecosystem simplifies the process of mitigating AppSec risk for our partners' customers, making their applications exponentially more secure during a time of escalating threats, said Kobi Tzruya, Chief Research and Development Officer at Checkmarx. From protecting AI-generated code to helping build trust between developers and security teams, Checkmarx One is already the AI-driven, enterprise-ready AppSec platform of choice. Now working with other leading technology companies to meet the need for streamlined, consolidated solutions will make life easier and applications safer for everyone. Checkmarx recently announced Sysdig as its latest technology partner, bringing runtime container insights into Checkmarx One so organizations can prioritize vulnerabilities associated with container packages that are actually running and that pose the most risk. "The top application security vendors have a responsibility to team up to provide more robust and complete solutions for the world's enterprises," said Bryan Smoltz, VP of Technology Alliances at Sysdig. "By delivering runtime insights within Checkmarx One, customers have clear visibility into the workloads that are running in production so they can make better-informed security decisions. Together, we're helping to bring maximum protection at cloud speed." Technology partners also benefit from the program with new marketing and sales opportunities, and by making their solution readily accessible to Checkmarx' more than 1,800 customers, including 60% of the Fortune 100. The Checkmarx One platform scans more than 100 billion lines of code monthly and its world-renowned Checkmarx Labs security research team provides ongoing threat intelligence to inform product development and to advise customers of their best defenses in today's threat landscape. For more information about becoming a Checkmarx Technology Partner, visit this page. Click here to explore the Checkmarx One partnership ecosystem. About Checkmarx Checkmarx is the enterprise application security leader and the provider of Checkmarx One™, the industry-leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Powered by the intelligence from our industry-leading AppSec security research team, and our AI-driven technology and services, our platform is designed to enable CISOs, AppSec and development leaders to prioritize their teams' focus on what impacts their business. Our offerings secure every phase of development for every application, from the very first line of code through production, while simultaneously balancing the dynamic needs of security and development teams. It's no longer just about shifting left or right - it's about shifting everywhere. We are honored to serve more than 1,800 customers, which includes 60 percent of all Fortune 100 organizations. We are committed to moving forward with unwavering dedication to the safety and security of our customers, and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.

Read More

Enterprise Security

Skybox Security Launches New Continuous Exposure Management Platform

Skybox Security | September 14, 2023

Skybox Security, a leading Exposure Management solutions provider, has unveiled the next generation of its prestigious Continuous Exposure Management Platform. This 13.0 release introduces significant enhancements to its solution for Attack Surface and Vulnerability Management, which revolutionizes the manner businesses manage and mitigate cyber exposure risk. Attack Surface Management Delivers Complete Visibility Skybox's Surface Management solution provides an extensive inventory and map of users' assets and applications. It evaluates and simulates attack paths. The result is a dynamic security model for the hybrid attack surface. Version 13.0 introduces significant new features, including: New Attack Surface Map Enhanced Attack Path Analysis LDAP Integration Cloud Infrastructure Integration Vulnerability Management Deepens Exposure Insights Skybox's Vulnerability Management solution combines more than 25 third-party threat intelligence feeds with its own Skybox Threat Intelligence feed in order to prioritize threats based on exposure risk and remediate vulnerabilities with prescriptive guidance. With Version 13.0, businesses are able to: Import Vulnerability Data New Business-Focused' Solutions View' Celebrity Vulnerabilities SOAR Integration Mordecai Rosen, CEO of Skybox Security, said, In today's complex threat landscape, organizations need to continuously manage their threat exposure based on the prioritized risks to their business. [Source – Business Wire] Rosen stated that the Skybox platform now supports every stage of an enterprise's continuous exposure management (CEM) program, from mapping the attack surface through contextualization and risk-based prioritization to final remediation. It was also mentioned that the latest enhancements enable organizations to further improve their security posture and substantially reduce the risk of a successful attack. About Skybox Skybox is trusted by over 500 of the world's largest and most security-conscious enterprises for providing insights and assurance to stay ahead of dynamically changing attack surfaces. Its Exposure Management Platform provides complete analytics, visibility, and automation to quickly prioritize, map, and remediate vulnerabilities across organizations. The vendor-agnostic solution optimizes security policies, actions, and change processes across all cloud environments and corporate networks. With Skybox, security teams can emphasize the most strategic business initiatives while ensuring enterprises remain protected.

Read More

Software Security

ZeroFox Unveils New Anti-Phishing Features to Stop Attacks at Source

ZeroFox | September 22, 2023

ZeroFox, an industry-leading provider of enterprise software-as-a-service for external cybersecurity, has announced the unveiling of multiple anti-phishing product enhancements. These updates solidify ZeroFox's position as the world leader in digital risk protection. Developed using cutting-edge AI/ML technologies and designed by a team of top-tier security experts, these new anti-phishing features boost escalated alert volume, reduce the occurrence of false positives, and expedite the process from threat identification to initial disruption and successful takedowns for all our customers. The importance of these new features cannot be overstated, especially given the rising threat landscape. In the first half of 2023, ZeroFox Intelligence has recorded a substantial increase in the volume and complexity of phishing attacks, including a 30% surge in domain takedowns compared to the first half of 2022. New ZeroFox phishing trend research also highlights the adoption of evasion techniques like cloaking alongside emerging tactics such as SEO poisoning and phishing-as-a-service. These developments underscore the critical role of these new capabilities in safeguarding against evolving cyber threats. Continuous and Complete Protection Against Domain-based Threats ZeroFox adopts a unique approach to phishing compared to email security and conventional anti-phishing providers. Its strategy revolves around the identification, disruption, and elimination of the domains necessary for launching phishing campaigns. With daily monitoring of over 65 million domains, ZeroFox combats various threats like typo squats, subdomain spoofs, homoglyphs, and other malicious domain and URL-based attacks, effectively shielding customers and preventing any disruptions to business operations. Incorporate advanced domain protection capabilities to enhance their cybersecurity measures, aiming to achieve substantial and measurable business outcomes: Reduce Phishing Risks with Anti-Cloaking Capabilities: Strengthen Compliance and Trust with SSL Monitoring Secure Brand Identity with Favicon Search Improve Operational Efficiency with Enhanced Subdomain Coverage Enhance User Experience (UX) with Weblog Monitoring Mike Price, Chief Technology Officer of ZeroFox, said, ZeroFox has been detecting and disrupting phishing attacks for the last decade, constantly enhancing our solution to protect our customers from changing phishing techniques used by threat actors, including the widespread use of malicious cloaking and subdomains techniques. [Source – Globe Newswire] Price stated that the enhanced capabilities being announced represented their ongoing commitment to tackling the increasing phishing challenge encountered by security teams. He emphasized that as phishing continued to evolve, ZeroFox would remain a trusted anti-phishing partner dedicated to safeguarding customers from both current and future phishing techniques. About ZeroFox ZeroFox, a prominent enterprise software-as-a-service provider in the field of external cybersecurity, has revolutionized security beyond the corporate perimeter on the internet, where businesses conduct their operations and threat actors are active. Their platform seamlessly integrates cutting-edge AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust set of breach, incident, and takedown response tools. This enables them to uncover and disrupt various threats, including phishing and fraud campaigns, botnet exposures, impersonations, credential theft, data breaches, and physical threats that target domains, brands, personnel, and assets.

Read More

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Resources