SOFTWARE SECURITY

Camera Cyber Security Specification and Alliance Council for App Developers are announced by the Open Security & Safety Alliance.

Open Security & Safety Alliance | March 03, 2021

The Open Security and Safety Alliance, an industry body contained partners from all aspects of the security, wellbeing and building mechanization space, today declared two significant advancements as a component of its main goal to clear the street towards dependable and imaginative security and wellbeing arrangements. Initial, another particular is currently accessible to individuals that centers around camera network protection measures. OSSA likewise presents another App Developer Council intended to pull in and include application designers in the Alliance's steadily developing environment of security and wellbeing industry players.

Executing Trustworthiness Thresholds

The most current specialized particular – the OSSA Camera Cyber Security Specification – contains definitions and rules in regards to obligatory and discretionary security judgments for cameras. It is to a great extent dependent on a current norm by the International Electrotechnical Commission (IEC), with an extra clear spotlight on the security market and OSSA reasoning by straightforwardly splitting the jobs and duties between camera producers, the working framework (OS) supplier and the framework on-chip (SoC) merchant, specifically. The determination additionally endorses duty changes in case of individual OS alterations by camera producers. The compulsory piece of these rules will be utilized as contribution for the impending OSSA certificate system.

The OSSA-coordinated environment is intended to improve trust, empower development past the constraints of a solitary association, and fuel opportunity for industry partners and clients.

Spotlight

Seamless integration between SAP Signavio and LeanIX allows business and IT to each use the tools of their choice while maintaining a shared view of company processes. This ensures that stakeholders across the organization speak the same language and are able to collaborate more effectively. Download this white paper to learn: P


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Malwarebytes and Stellar Cyber Partner to Investigate and Mitigate Cyber Threats

Malwarebytes | November 28, 2022

Malwarebytes, a global leader in real-time cyber protection, today announced a new partnership with Stellar Cyber, an industry-leading Open XDR platform that delivers comprehensive, unified security without complexity. The partnership helps resource-constrained teams produce consistent security outcomes across all environments; on-premises, cloud and anything in between. The partnership comes at a critical time in the cybersecurity landscape, as security products become more complex and IT teams spend more time maintaining their security controls, instead of investigating and mitigating cyber threats. According to a 2020 report from Palo Alto Networks, only 46 percent of security operations decision makers are satisfied with their current ability to detect threats. "They point to wasted time chasing false leads, poorly integrated security tools, and a large learning curve for effectively using those tools," according to the report. "Every security team should be able to deliver continuous, consistent security regardless of their skills or experience. "By tightly integrating Malwarebytes' cutting-edge EDR technology with the Stellar Cyber Open XDR platform, IT teams are able to close the gaps between security controls that attackers exploit." Andrew Homer, Vice-President of Technology Alliances at Stellar Cyber The integration pairs Malwarebytes' EDR solution–which collects detailed threat information for analysis and investigation–with the Stellar Cyber Open XDR Platform that ingests, normalizes, and enriches security data, including endpoints, network, cloud and logs into a single repository. Malwarebytes EDR collects critical endpoint and server data and sends it to Stellar Cyber, which analyzes the data to identify potential threats. As security analysts complete investigation in Stellar Cyber, response actions are sent to Malwarebytes to eliminate the threat. "Today's IT and security teams spend more time sifting through data than eliminating actual threats. Organizations need real-time data sharing and visibility to enable decisive actions before attackers are successful," said Brian Thomas, Malwarebytes Vice President of Worldwide MSP and Channel programs. "Stellar Cyber shares our mission to simplify cybersecurity for resource-constrained organizations. Together we uniquely deliver an intelligent and automated solution that allows security teams to be more efficient, and organizations more productive and protected." About Stellar Cyber Stellar Cyber Open XDR platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to successfully secure their environments. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, that mission has expanded to provide cyberprotection for every one. Malwarebytes provides consumers and organizations with device protection, privacy, and prevention through effective, intuitive, and inclusive solutions in the home, on-the-go, at work, or on campus.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

KnowBe4 Launches New Mobile Learner App for Anytime, Anywhere Cybersecurity Learning

KnowBe4 | November 29, 2022

KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it is launching the new KnowBe4 Mobile Learner App to empower end users by introducing security awareness and compliance training on the go at no additional cost to customers, improving user engagement and strengthening security culture. With a large majority of the world's population using smartphones today, mobile training revolutionizes the way people learn. This new app will enable end users to complete their security awareness and compliance training conveniently from their tablets or smartphones, giving them 24/7/365 access. "The KnowBe4 Mobile Learner App is the first of its kind to launch in the security awareness and compliance training space, making it easier than ever to train users while subsequently strengthening an organization's security culture. "This new app will enable IT and security teams to improve engagement and completion rates for required training thanks to a seamless user experience. This will also help users to associate security with their personal devices, keeping it top of mind all the time rather than only when they are at work on their computers. We are making this substantial new capability available at no additional cost to all subscription levels as a show of our commitment to supporting our customers' security and human risk management objectives." Stu Sjouwerman, CEO, KnowBe4 Based on subscription levels, KnowBe4 offers 100+ Mobile-First training modules that were designed specifically for mobile. The KnowBe4 Learner App supports push notifications for custom announcements, updates on assigned training as well as KnowBe4 newsletters. About KnowBe4 KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by more than 54,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY

Wib Raises $16 Million Investment to Accelerate Growth and Tackle Rising API Security Problem

Wib | November 08, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA. API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk. Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. "APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk. Gil Don, CEO and Co-Founder of Wib "What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security." A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach. About Wib Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Absolute Software Unveils New Product Innovations for Resilient Zero Trust

Absolute | December 01, 2022

Absolute Software™ , the only provider of self-healing, intelligent security solutions, today announced new product innovations, empowering customers with deeper visibility and intelligence, expanded software integrations, and a refreshed user experience through its latest updates to Absolute Secure Endpoint and Absolute Secure Access. These product releases continue the company’s investment in bringing together the combined power of Absolute Secure Endpoint and Absolute Secure Access with our unique, firmware-embedded self-healing capability, enabling customers to achieve truly resilient Zero Trust environments and deliver an optimal user experience. This announcement builds on the launch of Absolute ZTNA – the industry’s first self-healing Zero Trust Network Access (ZTNA) solution – and Absolute Insights™ for Endpoints and Network, providing unparalleled intelligence into device, application, and network performance. Embedded in more than 600 million devices, Absolute is the only intelligent security solutions provider capable of delivering visibility, control, and resiliency across endpoints, applications, and network connections. The Absolute Platform enables IT and security teams to ensure their endpoints remain compliant and mission-critical applications remain operational, and empowers them to transition from traditional VPNs to a resilient Zero Trust approach without hindering security or user productivity. A recent 451 Research report validates Absolute’s differentiated platform approach and capabilities, saying: Too often, organizations don’t fully consider the resilience of the deployed zero-trust environment, and network access and device security are handled independently. It’s a situation that complicates security operations and one that can impact employee productivity. “Our common platform addresses a wide range of market needs, as we have the unique ability to apply self-healing capabilities to devices, applications, and network access. “Organizations are acknowledging that they need resilience-focused Zero Trust approaches, capable of integrating endpoint and access assessments at every step. By providing the critical components needed to achieve that resiliency - deep visibility, intelligence, and firmware-embedded Persistence - we are enabling them to not only protect devices, data, and users but also ensure critical controls are operating at maximum efficacy.” John Herrema, EVP of Products and Strategy at Absolute New capabilities available to Absolute Secure Endpoint customers in the latest product release include: Public API Expansion: The latest Absolute Secure Endpoint release adds new Public APIs to our existing library, allowing customers and partners to integrate our device actions into their existing workflows - significantly improving the efficiency of their existing workflows and enhancing automation capabilities. Absolute Connector for ServiceNow™: The Absolute Connector for ServiceNow enables joint customers to access Absolute’s comprehensive asset intelligence and single source of truth within their ServiceNow platform environment – enabling them to efficiently respond to service requests, supplement their ServiceNow workflows, and rapidly demonstrate compliance. Expanded Application Resilience™ Catalog: The Absolute Application Resilience catalog now includes support for more than 60 critical security applications that IT and security administrators can self-heal across their endpoints. Recent additions include WinMagic® MagicEndpoint™, Dell™ Trusted Device, Deep Instinct™, Norton 360™, OPSWAT™, UNOWHY™, Aranda Software™, and Pixart® MDM. The company also announced upcoming server and client enhancements to Absolute Secure Access, including: New Look and Feel: The names, status icons, fonts, and colors have been updated to reflect new product names and refreshed corporate brand; the core functionality and upgrade experience remain smooth and easy. SaaS Enhancements: The SaaS offering adds native NAT capabilities and enhanced alerting. Enhanced 5G Telemetry and Detection: Insights for Network dashboards that display cellular coverage, signal quality, and usage now include the 5G mid-band spectrum, and reflect improved 5G sensitivity. Deeper Visibility: The Secure Access/webService API has been enhanced, offering programmatic access to key pool performance metrics, including status information for our Active/Active server infrastructure. Faster NAC Checks: NAC capabilities are optimized, significantly reducing the time it takes for the VPN to connect and begin tunneling traffic. Android Client Enhancements: Collecting network telemetry on Android devices can now be done with the screen off to improve battery life, ensuring that administrators have actionable device and network information even if a device is in sleep mode. The Android cryptographic libraries providing FIPS 140-2 cryptography are also updated. The features included in the latest Absolute Secure Endpoint release are available now. For additional details, including which are available to Control, Visibility, or Resilience tier customers, visit here. The company expects to make Absolute Secure Access updates available to customers in January 2023. About Absolute Software Absolute Software is the only provider of self-healing, intelligent security solutions. Embedded in more than 600 million devices, Absolute is the only platform offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network connections - helping customers to strengthen cyber resilience against the escalating threat of ransomware and malicious attacks. Trusted by 18,000 customers, G2 recognized Absolute as a leader for the eleventh consecutive quarter in the Fall 2022 Grid® Report for Endpoint Management and as a high performer in the Grid Report for Zero Trust Networking.

Read More

Spotlight

Seamless integration between SAP Signavio and LeanIX allows business and IT to each use the tools of their choice while maintaining a shared view of company processes. This ensures that stakeholders across the organization speak the same language and are able to collaborate more effectively. Download this white paper to learn: P

Resources