DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Concentric AI Included in Newly Created Data Security Posture Management Category in Recent Gartner® Hype Cycle™ Report

Concentric AI | August 29, 2022 | Read time : 02:50 min

Concentric AI
Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security posture management, today announced it has been listed as a Sample Vendor in the newly created Data Security Posture Management category in the recently published Gartner Hype Cycle for Data Security, 2022 report.1 Concentric AI also appears in the Data Access Governance and Data Discovery and Management categories in the Gartner Hype Cycle for Data Security, 2022 report.1

According to the Hype Cycle for Data Security, 2022: “Data security posture management (DSPM) provides visibility as to where sensitive data is, who has access to that data, how it has been used and what the security posture of the data store or application is.”1 Organizations use DSPM as the basis for data risk assessment and to optimize data security governance implementations.

The new Data Security Posture Management category has a Benefit Rating of Transformational, which Gartner defines as, “Enables new ways of doing business across industries that will result in major shifts in industry dynamics.”1

According to Gartner: “Organizations face challenges mitigating data security and privacy risks as data rapidly proliferates across multi-cloud and hybrid IT architectures. Identifying meaningful data risk is impossible to solve without combining metrics from data sensitivity, data lineage, infrastructure configurations that create data risks and access risk into a common view. This is an urgent problem that is encouraging rapid growth in the availability and maturation of this technology.”1

“We believe being recognized by Gartner as a Sample Vendor in Data Security Posture Management validates that organizations need visibility of into their sensitive data across datasets and locations, as well as a consolidated view into the risk associated with inconsistent access privileges, permissions, activity, and location to protect their data from loss. “Organizations using Concentric AI benefit from the company’s AI-assisted deep learning autonomous data security solution to reduce their data risk by discovering, evaluating, and remediating security issues.”

Karthik Krishnan, Founder and CEO, Concentric AI

Concentric AI secures data-centric work using AI to protect business-critical information hidden in the millions of files and databases used by today’s distributed workforce. The company’s unique deep learning solution autonomously and accurately finds sensitive content, assesses risk, and remediates security issues, allowing organizations across industries to meet their data security needs for the first time.

Concentric AI’s Semantic Intelligence™ automates unstructured and structured data security using deep learning to categorize data, uncover business criticality and reduce risk. Its Risk Distance™ analysis technology uses the baseline security practices observed for each data category to spot security anomalies in individual files. It compares documents of the same type to identify risk from oversharing, third-party access, wrong location, or misclassification. Organizations benefit from the expertise of content owners without intrusive classification mandates, with no rules, regex, or policy maintenance needed.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

About Concentric AI
With Concentric AI, organizations can finally address their unmet data security needs by discovering and protecting business-critical content. Concentric AI protects intellectual property, financial documents, PII/PCI content, customer data, business confidential data and more, across on-premises and cloud-based data stores, as well as messaging and communication applications. The Concentric AI Semantic Intelligence™ Data Security Posture Management solution uses deep learning and Risk Distance™ analysis to accurately categorize data, assess risk, and remediate security issues – without relying on upfront rules or complex configuration. Concentric AI is venture-backed by leading Silicon Valley VCs and is headquartered in San Jose, Calif.

Spotlight

One of the oft-repeated themes in media reporting of cybersecurity events is that the "threat landscape is constantly evolving," that attacks are becoming increasingly sophisticated and the men and women behind them are better resourced than ever before. It's certainly true, but begs for a deeper and more nuanced analysis.


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

AI-Based Cloud Security Meets Live Professional Monitoring--Rhombus Releases 24/7 Alarm Monitoring with Video Verification and Emergency Dispatch

Rhombus | September 17, 2022

Rhombus, a leader in enterprise cloud physical security, has released Alarm Monitoring, a 24/7 service that deters threats in real time and enhances an organization's after-hours security by combining AI-based alerts with live professional monitoring. "Many IT and Safety Managers love that Rhombus automatically sends AI-based alerts but don't have the staff on call to respond after hours. "This is where Alarm Monitoring comes in. When an alert is triggered—for instance, if human movement is detected when a building should be empty—an audible deterrent can be issued to deescalate a threatening situation and a live dispatcher will verify the alert to determine the appropriate course of action. The combination of issuing a deterrent while conducting a live investigation not only reduces false alarms but also accelerates incident resolution and emergency response." Rickey Cox, Director of Product at Rhombus Once an alert is triggered, live agents will automatically verify the alert and will text/call an organization's contact list or immediately dispatch emergency services if a threat to a person or property is identified. Additionally, with the Rhombus A100 Audio Gateway, an audible deterrent can be issued, such as a police siren, loud alarm, or custom message. Monitoring agents can also use the A100 as a two-way communication device, informing perpetrators that the authorities are on their way and to vacate the property. The use of an audible deterrent helps neutralize damage or threats in real-time as emergency services are en route. Within minutes, Rhombus can trigger an alert, issue an audible deterrent, verify an alert, contact essential personnel regarding the situation, send emergency services, and provide contextual information to first responders, including alert footage, live streams, and location details. Alarm Monitoring utilizes fully redundant, Five Diamond, UL-Listed Central Monitoring Centers and the full suite of Rhombus products –including smart cameras, sensors, and industry-leading AI analytics—to provide best-in-class coverage to enterprise organizations. Rhombus Alarm Monitoring is now available starting at $1,799 per year, per location. About Rhombus Rhombus is a cloud physical security platform designed to bring greater intelligence, security, and productivity to enterprise organizations. Rhombus delivers NDAA-compliant smart cameras and connected sensors that can be managed from a single pane of glass to simplify infrastructure and security management at scale.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Contrast Security Launches Expanded Security Testing Tools for JavaScript and Popular Angular, React and jQuery Frameworks

Contrast Security | October 07, 2022

Contrast Security (Contrast), the leader in code security that empowers developers to secure as they code, today announced the expansion of its Secure Code Platform's static application security testing (SAST) capabilities to include JavaScript language support along with support for Angular, React and jQuery frameworks, which will allow developers to quickly find and fix security defects in their client-side code. With this new Contrast Scan addition, application security and development teams leveraging the Contrast Secure Code Platform can scale security across the entire application stack, from client-side to server-side, with industry-leading speed and accuracy. JavaScript is the most popular coding language in the world with modern frameworks such as Angular, React and jQuery being ubiquitous in web development. However, since JavaScript is executed on the user's browser, this exposes sensitive application data on the client-side, leaving JavaScript applications susceptible to vulnerabilities like cross-site scripting (XSS) or Broken Access Control. Contrast prioritizes real, exploitable vulnerabilities in client-side code by performing analysis on vulnerable entry points within the application, allowing developers to rely on accurate scans that take just seconds. Contrast's extended capabilities help DevSecOps organizations achieve the following benefits: Early detection of client-side vulnerabilities. This is achieved through analyzing client-side source code within routine development pipelines, complemented by easy-to-follow remediation guidance directly within the developers' pipeline environment. Full visibility into client-side code risk. Contrast's pipeline-native SAST engine coupled with security rules tailored for JavaScript finds up to 63% more exploitable vulnerabilities than superficial tests run within the IDE. False positive rates as low as 1%. A significant reduction in false positive rates compared to leading commercial SAST tools. Ability to safeguard each layer of the software stack. Contrast Scan works in tandem with Contrast's runtime code security solution to secure front-end code and back-end code within a centrally managed platform "A growing concern for AppSec and Development Managers is how to embed security within the development pipeline. Regardless of whether you specialize in front-end, back-end, or full-stack development, we want to help enable developers to deliver secure code from the start. "Fortunately, with the new expansion of our Secure Code Platform language coverage to include client-side JavaScript with Angular, React and jQuery, AppSec and Development managers and their teams can now find and fix security defects in their client-side code with industry-leading speed and accuracy. This is a testament to Contrast's mission to further invest in tools that allow customers to embed code security testing through each stage of the SDLC [software development lifecycle]." Steven Phillips, Vice President of Product Marketing at Contrast Security Client-side JavaScript support is now available to enterprise customers through existing Contrast Scan subscriptions. Individual developers can also immediately start analyzing code for vulnerabilities with just a few clicks for free with CodeSec. About Contrast Security: Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive code security platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.

Read More

SOFTWARE SECURITY,WEB SECURITY TOOLS,WIRELESS AND MOBILE SECURITY

Airbyte Integrates with dbt Cloud to Bring Together Leading Data Integration and Transformation Technologies

Airbyte | December 07, 2022

Airbyte, creators of the fastest-growing open-source data integration platform, today announced a deeper partnership with dbt Labs, the pioneer in analytics engineering. The partnership now includes a new integration that allows dbt Cloud customers to trigger dbt jobs from directly within Airbyte Cloud. The integration brings together two of the leading open-source products in the data ecosystem, making it simpler than ever to move and transform data, while minimizing the risk of lock-in. Airbyte helps move data from a collection of sources, and dbt helps organize that data for analysis by, for example, consistently defining key business logic or standardizing data structures. “Our companies already share hundreds of users and now they will see the integration of our Cloud products, making it simple to use the two together,” said Michel Tricot, co-founder and CEO of Airbyte. “With partners like dbt Labs, we are building a more open modern data stack to better serve the data community.” “We’re thrilled to deepen this partnership with Airbyte, a company with whom we are aligned regarding the importance of open standards in the data ecosystem. This partnership and integration will help better serve our joint users, customers, and the data community as a whole.” Nikhil Kothari, director of technology partnerships at dbt Labs With its growing community of 10,000 data practitioners and 600 contributors, Airbyte is redefining the standard of moving and consolidating data from different sources to data warehouses, data lakes, or databases in a process referred to as extract, load, and, when desired, transform (ELT). Over the past year and a half, more than 25,000 companies have used Airbyte to sync data from sources such as PostgreSQL, MySQL, Facebook Ads, Salesforce, Stripe, and connect to destinations that include Redshift, Snowflake, Databricks, and BigQuery. Airbyte’s open-source data integration solves two problems. First, companies always have to build and maintain data connectors on their own because most less popular “long tail'' data connectors are not supported by closed-source ELT technologies. Second, data teams often have to do custom work around pre-built connectors to make them work within their unique data infrastructure. dbt Cloud enables data teams to develop faster and collaborate more effectively to build and deploy production-grade data pipelines with version control and CI/CD, pre-production testing and documentation of models, modular SQL modeling, and dependency management built in. dbt Cloud provides a centralized development experience to safely deploy, monitor, and investigate transformation code with a web-based user interface. About Airbyte Airbyte is the open-source data integration leader running in the safety of your cloud and syncing data from applications, APIs, and databases to data warehouses, lakes, and other destinations. Airbyte was co-founded by Michel Tricot (former director of engineering and head of integrations at Liveramp and RideOS) and John Lafleur (serial entrepreneur of dev tools and B2B). The company is headquartered in San Francisco with a distributed team around the world.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

LMG Security Introduces New Proactive Cybersecurity Solutions

LMG Security | September 30, 2022

LMG Security, an internationally recognized cybersecurity consulting firm, has expanded its popular selection of cybersecurity advisory, testing, and training services with a new line of cybersecurity solutions. These solutions are designed to reduce the burden organizations face from implementing or managing cybersecurity technology, as well as create fast, easy access to skilled cybersecurity staff to augment internal teams. LMG Security is pleased to announce it now offers the following new solutions and services: Virtual CISO and Staff Augmentation: Organizations struggle to find and retain cybersecurity talent. LMG Security provides staff augmentation services that enable organizations to quickly access the specialized cybersecurity skills they need on a fractional basis. Endpoint Detection and Response Implementation: LMG Security implements and seamlessly integrates an endpoint detection and response solution that helps organizations defend against zero-day attacks, supply chain vulnerabilities, and other common cybersecurity threats. Multi-Factor Authentication Implementation (MFA): Protect against attack vectors such as phishing, business email compromise, and cross-cloud attacks with a customized MFA implementation. Password Manager Implementation: A password manager is a simple, affordable way to decrease the risk of a data breach from weak or reused passwords. LMG Security's team implements the password manager and ensures that it is optimally configured. Managed On-Demand Employee Cybersecurity Training: Get experts to design and manage your cybersecurity training for you. An LMG Security cybersecurity specialist will plan and monitor your training program to ensure your employees have the skills to be an effective "human firewall." Continuous Attack Surface Monitoring: LMG Security's team implements and seamlessly integrates a solution that scans Internet-facing systems to help organizations identify assets that are exposed or vulnerable. All LMG Security cybersecurity solutions are implemented and managed by experts who ensure that each solution follows all cybersecurity best practices and is optimally integrated with each organization's existing tech stack. "Organizations are struggling to find and hire skilled cybersecurity talent. "We make it easy for our clients by offering expert virtual CISO and cybersecurity staff augmentation services, as well as implementation and management services for key cybersecurity solutions." Davidoff continued, "IT teams are stretched to the limit at most organizations. We're excited to launch these new cybersecurity solutions that will help organizations defend against the constantly changing threat landscape." Sherri Davidoff, president and CEO of LMG Security ABOUT LMG Security LMG Security is an internationally recognized leader in the cybersecurity consulting industry. This full-service cybersecurity firm provides one-stop shopping for a wide array of cybersecurity services. Specializing in technical testing, advisory and compliance services, and training for more than a decade, the LMG Security team's security testing services were featured on the Today show. In addition, the team has published cutting-edge research on cell phone intrusion detection and banking Trojans, written books on network forensics, data breaches, and an upcoming book on ransomware and cyber extortion, and routinely speak or train at Black Hat, RSA and many other security conferences. LMG Security is privately held and headquartered in Missoula, Montana.

Read More

Spotlight

One of the oft-repeated themes in media reporting of cybersecurity events is that the "threat landscape is constantly evolving," that attacks are becoming increasingly sophisticated and the men and women behind them are better resourced than ever before. It's certainly true, but begs for a deeper and more nuanced analysis.

Resources