DATA SECURITY

Coreio and Wembley Partners Announced Strategic Partnership to Help Canadian Businesses Tackle Cyber Threats

Coreio | July 20, 2021

It was officially announced that Coreio Inc. and Wembley Partners Ltd. have teamed up to support Canadian businesses to overcome various ever-growing risks of cyberattacks. Wembley Partners Ltd. Is a global cybersecurity firm providing Incident Response, Risk Assessment services, products, and Cyber Threat Intelligence to clients across Canada,  the US, and the UK.

This alliance, benefitting from the combined expertise of both, is looking forward to bring in strategic cybersecurity transformation consulting, digital cyber incident management products and services, and market-leading 24/7/365 Managed Detection & Response to the Canadian market with the finest interests of their every valued client. Due to evolving post-COVID workplace arrangements, more malicious threat actors analyze and exploit the victims’ ever-growing IoT infrastructures, the threat is increasing.

Moving from reactive ad-hoc cyber threat mitigation to around-the-clock, proactive defense
for Canadian companies in high-risk industries quickly becomes vital for long-term prosperity and survival, assuring stakeholders, customers, and business partners. As Canada quickly makes its way up the list of Top 10 countries targeted by cyberattacks, the timing is crucial.

About Coreio

Across North America,  Coreio Inc. is a leading services provider that delivers Operations solutions and IT Infrastructure for enterprise-scale companies. In addition, Coreio provides various managed IT services across the data center and networking, onsite IT support, request/incident management, asset lifecycle management, and strategic IT counsel to customers concerning Operations and Infrastructure.

About Wembley Partners

Wembley Partners is a global cybersecurity products and services firm providing Intelligence-Led Penetration Testing, Strategic Risk Management consulting, bespoke Cyber Risk Advisory, and Cyber Threat Intelligence offerings to businesses across EMEA regions and North America. Their Partners come from the industries such as global financial, non-profits, healthcare, manufacturing and high-tech clients, and national governments.

Spotlight

For organizations around the world, nearly nonstop security threats are simply a way of life. In fact, the average organization experienced more than 91 million security events in 2013 a 12 percent increase over 2012. But security intelligence tools make it possible to reduce these millions of events to a small, manageable list of potentially critical attacks that require further attention.


Other News
DATA SECURITY, PLATFORM SECURITY, SECURITY AUDIT AND COMPLIANCE

CrowdStrike and EY Expand Global Alliance to Deliver Cloud Security and Observability Services

CrowdStrike | October 27, 2022

CrowdStri, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, and Ernst & Young LLP (EY US), a leading organization in cyber risk consulting services, today announced an expanded relationship to deliver Cloud Security and Observability services globally, powered by the CrowdStrike Falcon platform. This collaboration expands on existing services previously announced including: Ransomware Readiness and Resilience; Incident Response (IR), Recovery and Remediation; Identity Assessment; and Zero Trust capabilities. “The CrowdStrike-EY Alliance combines CrowdStrike’s leading cloud security and observability solutions with the transformational consulting capabilities and services provided by EY,” said Michael Rogers, vice president of global alliances at CrowdStrike. “Our expanded alliance now provides joint customers the ability to secure their cloud workloads with CrowdStrike Cloud Security, as well as ingest their log and event data at scale with CrowdStrike Falcon LogScale, providing real-time visibility to better understand and assess issues in their infrastructure environments.” “Cloud security and observability continue to be key priorities for our clients. Our expanded alliance with CrowdStrike is critical in helping organizations address new and emerging threats,” said Dave Burg, EY Americas Cybersecurity Leader. “As a result of this relationship expansion, EY will implement CrowdStrike Cloud Security and CrowdStrike Falcon LogScale to help clients confidently secure their cloud workloads and operationalize the data they are generating for increased visibility.” Cloud Security The EY Cloud Security service offering leverages CrowdStrike Cloud Security, a CNAPP solution with agent-based and agentless protection, with EY’s cybersecurity professionals to accelerate the journey of clients through alignment and implementation of appropriate controls as part of the shared responsibility model. This enables DevOps and infrastructure runtime scanning teams to: Securely move to the cloud: Build a secure and compliant path to production by assessing, architecting, implementing and optimizing key cloud security controls, whether hybrid or multi-cloud. Secure business-critical workloads: Reduce the overhead, friction and complexity associated with protecting cloud workloads, containers and serverless environments, and transform the lengthy risk and audit processes into automated and continuous ones. Shift left securely: Automate the secure development of cloud-native applications, delivering full-stack protection and compliance for containers, Kubernetes and hosts across the container lifecycle. Observability The EY NextGen SOC service offering utilizes CrowdStrike Falcon LogScale, a modern log management solution, with EY’s SOC transformation practice to help clients – such as Mondelēz International – transform and optimize their cyber risk management operations practices by assessing, designing, building, improving, operating and automating their security operations and cyber defense capabilities. This enables DevOps, SecOps and IT Ops teams to: Decrease mean time to detection (MTTD): Evaluate all security use cases with EY’s SOC Transformation services and optimize them with Falcon LogScale, which provides real-time streaming, searching and alerting. Reduce complexity and increase visibility: Spend less time managing and maintaining disparate environments and more time triaging incidents with Falcon LogScale, which centralizes all logs in a single dashboard and reduces the time spent filtering data. EY can guide clients in maximizing their most important resource – people. Lower total cost of ownership (TCO): Remove the limitations present in traditional logging solutions by leveraging Falcon LogScale’s index-free architecture, which provides seamless data ingestion, reduced infrastructure costs and lower operational costs. EY can help clients to reduce their TCO and drive relevant business insights by assisting in their identification and prioritization of their capital and operational investments. “EY and CrowdStrike Falcon LogScale have enabled a global, multi-functional log management solution for our growing IT, security and compliance requirements,” said Kostas Georgakopoulos, CTO & CISO at Mondelēz International. The Cloud Security and Observability services are generally available for customers. About CrowdStrike CrowdStrike, a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

DartPoints Launches Enhanced Managed Detection and Response (MDR) Security Solution

DartPoints | September 21, 2022

DartPoints®, the leading edge digital infrastructure provider, launches its updated managed detection and response (MDR) product, which combines MDR, endpoint detection and response (EDR), security orchestration, automation and response (SOAR), and extended detection and response (XDR) into one complete solution with support and monitoring by DartPoints experts. With ransomware and other cybersecurity incidents striking more than ever, DartPoints' MDR solution quickly detects threats 24x7 across endpoints, network, cloud, and SaaS applications. "Executives and security leaders know they need a multi-layered cybersecurity strategy that combines MDR, EDR, SOAR, and XDR solutions, but increasingly, they don't have the in-house resources to make that happen. "Plus, with the hundreds of tools and providers on the market, analysis paralysis sets in. We are proud to help our clients by bringing these best-in-class security vendors and technologies together into one comprehensive, airtight solution." Brad Alexander, CTO for DartPoints DartPoints' enhanced MDR offering addresses many weaknesses in legacy antivirus and security solutions, including the overwhelming high volume of alerts and false positives. Offering advanced threat detection, continuous threat hunting, and 24x7 monitoring and investigations, the solution is built for high-risk, compliance-sensitive verticals, including finance, government, manufacturing, education, and healthcare. Organizations with compliance, standard, or framework requirements, those looking to obtain or renew cyber insurance, and those without their own security operations center will find the enhanced product especially beneficial. Outlined in Accenture's State of Cybersecurity Resilience 2021 report, a global survey of nearly 4,800 executives found an average of 270 cyberattacks per company in 2021, a jump of 31% compared with the previous year. Meanwhile, ransomware attacks nearly doubled in 2021. IBM's latest Cost of a Data Breach Report finds that the average cost of a data breach is at an all-time high in 2022: $4.35 million. About DartPoints DartPoints is the leading digital infrastructure provider enabling next-generation applications at the edge. By weaving together cloud, interconnection, colocation, and managed services, DartPoints enables edge ecosystems for enterprises, carriers, and cloud and content providers. DartPoints is building tomorrow's distributed digital infrastructure while serving today's cloud and colocation needs — and helping to bridge the digital divide.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Blackpoint Cyber Launches Three Product Features

Blackpoint Cyber | November 11, 2022

Blackpoint Cyber, a leading technology-focused cybersecurity company, has released three product features this fall, as they look ahead to 2023. “I am consistently blown away by the Blackpoint Cyber team. Our desire to improve the security posture for our partners is an ongoing journey as we continue to expand an ecosystem of products which address the needs of MSPs and customers in todays’ dynamic threat landscape. As someone with previous experience in the MSP space, it is refreshing to see how much our team really loves the channel and strives to regularly provide additional value by helping MSPs to secure themselves as well as their customers,” said Justin Weller, Director of Business Development at Blackpoint Cyber. Blackpoint partners can stay ahead of cyberthreats with the following products: Security Configuration Benchmarks for M365 – Vulnerability Mapping to CIS Benchmarks for Cloud Environments CIS foundation benchmark for M365 and Azure provide prescriptive guidance for establishing a secure baseline configuration. Blackpoint has reviewed every control on your behalf and made recommendations on several to harden your customer environments. Now you can compare your security measures to Center of Internet Security Benchmarks directly in the Blackpoint portal. Assess your standing against these internationally recognized security standards and implement the recommended changes to reduce the attack surface in cloud tenants. MDE Vulnerability Report—Security Visibility Unlocked The capabilities of Blackpoint’s product bundle, Blackpoint Response, have grown. With Managed Defender for Endpoint, we've introduced internal vulnerability reporting to help you better assess your customers’ security posture, directly within the portal. The reports include recommendations for remediation and simplify the process to action them. Improvements based on the reports may pertain to expiring certificates, device exposure, or vulnerable software. macOS Agent—The Power of MDR Within Your Mac After many requests from their partner community, due to a lack of true Mac MDR, Blackpoint’s flagship MDR product, SNAP-Defense, is now available to monitor and respond to threats on Apple devices running macOS. As the macOS market share in business settings continues to grow, Blackpoint partners now have the capability to provide protection to those assets. About Blackpoint Cyber Blackpoint Cyber offers the only world-class, nation-state-grade cybersecurity ecosystem serving the MSP community. Using its own software and SOC, Blackpoint’s true 24/7 MDR service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep your and your clients’ networks safe from widespread damage.

Read More

ENTERPRISE IDENTITY,PLATFORM SECURITY,SOFTWARE SECURITY

Bearer Launches Data-First Security Solution

Bearer | November 15, 2022

Bearer, the data-first security software company, today announced the general availability of the Bearer Data Security Platform. Based on extensive interviews with more than 130 enterprise CISOs at high-growth and global 2,000 companies, Bearer is in beta use across multiple industries with one customer protecting the private data of more than 75 million medical patients. “At Bearer, we strongly believe the best approach for a data-first security approach is to start at the beginning of the journey, following the shift-left security trend. “Data-first security should start in the code. And to be truly effective, it should never impede developers and never allow access to private data itself while still providing ownership context and protecting against vulnerabilities created in the business logic of an application or service.” said Guillaume Montard, CEO and co-founder of Bearer Why Bearer Data Security Platform Now Data security is becoming a top priority for businesses, with customers and governments demanding better data protection driven by the demands of GDPR, CCPA, PDPA and more. Bearer’s detection engine protects PD, PHI, PII and financial data. Cloud native organizations have more complex and fragmented architectures than ever before, making properly-implemented data security risk controls impossible without a proper solution. More than two-thirds of the enterprise 2,000 are focusing on cloud-native applications. DevSecOps is gaining huge traction. 57% of security teams have shifted security left already or are planning to this year, making them ready to use a solution such as Bearer. Bearer has been tested on more than 20,000 open source software projects as well as more than 6,000 data repositories at beta users, partners and early customers. The Bearer Data Security Platform Bearer is a SaaS platform that enables scalable deployments and workflow automation for security management. It discovers sensitive data flows automatically by continuously scanning source code and associated metadata. By monitoring data security risks proactively, it can automatically detect gaps within data security policies during coding and in production. Finally, it can remediate data security issues at a massive scale, giving developers immediate actionable advice on how to mitigate as well as prioritize an issue. Bearer accomplishes these results through three major innovations: Identification of data security risks – Including business logic flaws: Bearer pinpoints data security technical and business logic flaws in code before it’s too late and costly to correct. It then provides actionable context and ownership information to fix issues quickly – in minutes. Before Bearer, pinpointing business logic flaws could only be achieved manually – often left ignored. Frictionless deployment: Bearer is a data security SaaS solution that fits into the development cycles of Global 2000 enterprises without requiring any changes to how software engineering teams work. Additionally, Bearer does not require access to the underlying source code nor the sensitive data itself. Extreme automation: Designed by developers for developers in a world of constant code iterations, Bearer automates the burden of data security compliance for software engineers so they don’t have to become experts on data security regulations across different global markets. Security and compliance teams love how Bearer prioritizes the most critical issues in remediation workflow to allow for speedy resolution between security and development. About Bearer Bearer, the data-first security software company, pioneered a solution for developers to automatically detect sensitive data flow and data security risks while coding. Its policy engine proactively monitors data security policies before releasing code and its unique remediation workflow prioritizes the most critical issues – including business logic flaws – for quick resolution between security and engineering teams. Venture-backed with more than $8 million in seed financing, Bearer is used in markets where privacy protection and data security are business-critical, including eCommerce, financial services, and healthcare.

Read More

Spotlight

For organizations around the world, nearly nonstop security threats are simply a way of life. In fact, the average organization experienced more than 91 million security events in 2013 a 12 percent increase over 2012. But security intelligence tools make it possible to reduce these millions of events to a small, manageable list of potentially critical attacks that require further attention.

Resources