InfoSec Project Management

CyberCube Partners With Kroll to Launch Response Service

CyberCube | May 31, 2022

CyberCube
CyberCube, a supplier of cyber risk analytics, has developed CAERS, a new cyber incident response service for customers of the company's SaaS products.

CyberCube will collaborate with Kroll, the premier supplier of data, technology, and insights linked to risk, governance, and growth, to offer CyberCube's customers information and assistance on important cyber aggregation events via the Cyber Aggregation Event Response Service (CAERS). Kroll will deliver frontline risk information derived from thousands of incident response cases handled each year.

Following a large cyber disaster, the CAERS team will provide the most recent information to CyberCube's customers, while CyberCube's SaaS tools, including Broker Manager, Account Manager, and Portfolio Manager, will aid in the reaction to any developing cyber calamity.

“With cyber events becoming increasingly common, the speed and accuracy with which organisations respond to them is critical. That’s why we’ve launched this response service, specifically tailored to CyberCube’s growing client base. The pressure on our clients during a major cyberattack can be extreme. With CAERS, our team—comprising data scientists, actuaries, engineers, economists and cyber security experts—will become an extension of our clients’ teams, providing the updates they need and sharing both our expertise and data.”

Darren Thomson, CyberCube’s Head of Cyber Intelligence Services

Benedetto Demonte, Chief Operating Officer for Kroll’s Cyber Risk practice, said: “We’re pleased to be contributing to CAERS because effective incident response depends on the most current and relevant threat intelligence available. In our most recent Threat Landscape Report, we saw a 356% growth in the number of attacks quarter-on-quarter where the infection vector was a zero-day or freshly announced software exploit. Ransomware groups have also been found to be leveraging newly announced vulnerabilities just days after release. It is only with access to frontline intelligence that firms can prioritize resources, mitigate the risk of a cyberattack and react appropriately if the worst happens.”

Spotlight

Traditional email security products struggle to detect email impersonation threats such as BEC and targeted phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra’s Agari uses advanced data sc


Other News
Data Security

Canadian Federal Government Choose Netskope as Preferred Vendor

Netskope | September 11, 2023

Netskope, an industry-leading secure access service edge (SASE) provider, has announced that it has been chosen as the preferred cloud access security broker vendor for the Canadian Federal Government under the cybersecurity procurement vehicle (CSPV) of Shared Services Canada (SSC). The objective of the SSC cloud access security broker CSPV is to provide government users with secure access to cloud-based applications, including all software-as-a-service (SaaS) applications, regardless of their location. The Government of Canada (GC) selected Netskope after a competitive bidding process for a commercially available cloud access security broker service to fulfill its business requirements across various government organizations and agencies. The cloud access security broker service aims to facilitate the continued adoption, utilization, and delivery of SaaS cloud services by GC departments. The cloud access security broker service will improve the security posture of GC applications, services, and data as they are migrated to public cloud environments, permitting complete visibility and monitoring of GC cloud environments to detect, prevent, and respond rapidly to cyber threats; and ensuring the privacy, confidentiality, and protection of GC data in accordance with GC policies. As an integral part of Netskope Intelligent Security Service Edge (SSE), Netskope's market-leading cloud access security broker enables agencies to detect and manage the usage of cloud applications rapidly, irrespective of whether they are managed or unmanaged, and safeguard sensitive data from being stolen by malicious cybercriminals or risky insiders who have compromised the technology environment. A cloud access security broker is a cloud-based or on-premises security policy enforcement point situated between cloud service providers and consumers to combine and insert enterprise security policies when cloud-based resources are accessed. With a cloud access security broker solution, agencies can manage the unintentional or unauthorized transfer of sensitive data between cloud application instances while expediting security workflows with simple policy controls and incident response management. Paul Tanasi, Federal Regional Manager, Netskope, said, With the hybrid workforce becoming the new normal, Canadian government departments and agencies are relying more and more on giving their users direct-to-cloud access to SaaS applications and to web applications in general. [Source – Cision PR Newswire] Paul Tanasi further mentioned that there is a requirement to ensure these users' security and regain some of the visibility and control they were accustomed to when everyone worked from the office. A solution is required to tackle risks associated with cloud services, enforce security policies, and adhere to regulations, mainly when dealing with cloud services that are located outside their network perimeter and beyond their direct control. Netskope's CASB solution would offer the capability to adopt cloud applications and services confidently without compromising security or performance. About Netskope Netskope, an industry leader in SASE, assists organizations in implementing zero trust principles and AI/ML innovations to safeguard data and defend against cyber threats. The company's platform offers optimized access and real-time security for devices, people, and data, regardless of their location. Netskope assists customers in mitigating risk, accelerating application performance, and gaining unparalleled visibility into cloud, web, and private application activity. Thousands of clients rely on Netskope and its robust NewEdge network to combat evolving threats, technology shifts, new risks, organizational and network changes, and others.

Read More

Data Security

Cohesity and Carahsoft Partner to Offer Data Security to Public Sector

Cohesity | September 07, 2023

Cohesity, an industry leader in data security and management, and Carahsoft Technology Corp., a provider of trusted government IT solutions, announced entering into a partnership. Under the agreement, Carahsoft plans to act as a distributor for Cohesity, making Cohesity's data cloud platform accessible to the Public Sector via Carahsoft's reseller partners, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), NASA Solutions for Enterprise-Wide Procurement (SEWP) V, National Association of State Procurement Officials (NASPO) ValuePoint, OMNIA Partners, National Cooperative Purchasing Alliance (NCPA), and E&I Cooperative service contract. The extensive data cloud platform from Cohesity consolidates data sources, assists in the elimination of infrastructure silos, and automates data management tasks. The platform streamlines data management by offering a single, user-friendly interface for managing data in cloud, on-premises, and edge environments. Cohesity's data security and management solutions offer the public sector with granular control over their data, enabling them to comply with legal and regulatory requirements and protect sensitive data. The Cohesity Data Cloud’s key capabilities include: Data Protection: Captures backup copies of data that are preserved inalterably and are instantaneously recoverable in an instance of a ransomware attack or other business disruptions. Data Security: Provides enhanced resilience to cyber threats via cyber vaulting, data classification, threat intelligence and scanning, and bidirectional integration with the security operations center of agencies. Data Mobility: Enables agencies to transfer data across hybrid multi-cloud environments in a secure and efficient manner, thereby reducing costs and increasing flexibility. Data Access: Eliminates unnecessary copies and efficiently manages files and objects at scale. Data Insight: Enables agencies to search, classify, and analyze data worldwide across their entire infrastructure in order to provide business value or pinpoint sensitive data for compliance. Kit Beall, Chief Revenue Officer at Cohesity, said, We are pleased to partner with Carahsoft and its resellers to provide U.S. government agencies with powerful novel capabilities based on our leadership position in data security and management. [Source – GlobeNewswire] Beall also added that they look forward to expanding their strategic partnership with Carahsoft to assist public sector customers in strengthening their cyberspace resilience in the face of evolving advanced adversaries. About Cohesity Cohesity is an industry leader in AI-powered data management and security. The company makes it simple to secure, protect, manage, and extract value from data — across the data center, cloud, and edge. It provides organizations with comprehensive data security and management capabilities, such as AI-based threat detection, immutable backup snapshots, and monitoring malicious behavior, among others, to defend against cybersecurity threats. About Carahsoft Carahsoft Technology Corp. is a trusted government IT solutions provider serving public sector organizations across local, state, and federal government agencies and healthcare and education markets. As the master government aggregator for vendor partners, the company provides solutions for multicloud, DevSecOps, cybersecurity, Big Data, AI, customer experience and engagement, open source, and other domains. Working with resellers, systems integrators, and consultants, Carahsoft's sales and marketing teams provide hundreds of contract vehicles with industry-leading IT products, services, and training.

Read More

API Security

Salt Security, CrowdStrike Expands Partnership with New Integration

Salt Security | September 20, 2023

Salt Security, a prominent API security company, has announced the expansion of its partnership with CrowdStrike, a leading cybersecurity technology company providing cloud workload and endpoint security, cyberattack response, and threat intelligence services. This expansion involves the integration of the Salt Security API Protection Platform with the widely recognized CrowdStrike Falcon Platform. Roey Eliyahu, Co-founder and CEO of Salt Security, stated, Protecting against API threats requires deep visibility and robust runtime protection. We’re excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organizations with extended runtime protections and posture management across the cloud and application landscapes. [Source – Cision PR Newswire] Through this integration, customers gain access to a comprehensive 360-degree view of API security risks, particularly focusing on the application-layer attack surface. This integration is accessible via the CrowdStrike Marketplace and provides valuable API threat intelligence. It also enhances cross-organization API security capabilities by streamlining and enhancing the workflows related to API auditing, monitoring, and enforcement. The partnership between Salt Security, offering top-notch API runtime monitoring and AI-driven insights, and CrowdStrike, renowned for its award-winning AI-powered protection, provides organizations with complete visibility into their API attack surface. This integration also offers valuable context regarding the severity of threats in relation to business-critical aspects. With this partnership, customers benefit from: API vulnerability and threat context API threat mitigation API threat management automation The patented Salt API security platform stands out for its utilization of cloud-scale big data, artificial intelligence (AI), and machine learning (ML). These technologies work in tandem to automate the process of discovering and cataloging an organization's entire set of APIs. Salt plays a crucial role in pinpointing areas where APIs might expose sensitive data. This proactive approach aids enterprises in recognizing and mitigating potential API threats while also reinforcing their overall API security. Gur Talpaz, Head of Falcon Fund and Vice President of Corporate Development at CrowdStrike, said, With APIs now a prime target for malicious actors, securing them requires a comprehensive and diligent approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organizations complete visibility into their application-layer attack surface and a detailed understanding of their application threat landscape. [Source – Cision PR Newswire] About Salt Security Salt Security is a leading API security company that safeguards the APIs at the core of all modern applications. Its API Protection Platform is the sole API security solution that integrates the power of cloud-scale big data with time-tested machine learning and artificial intelligence to detect and prevent API attacks. Salt provides extensive context, real-time analysis, and continuous insights for API discovery, hardening APIs, and attack prevention by correlating the activities of millions of APIs and users over time.

Read More

Software Security

Keeper Security’s Latest Update Improves Android and User Interface

Keeper Security, Inc. | September 25, 2023

Keeper Security, a prominent cybersecurity software provider specializing in zero-trust and zero-knowledge solutions safeguarding credentials, privileged access, secrets, and remote connections, has announced the unveiling of a new, contemporary User Interface (UI) for the Keeper Password Manager application on Android. This awaited release introduces enhanced usability, intelligent search capabilities, and quicker synchronization times. With a focus on a polished appearance and user-friendly interactions, these enhancements are designed to simplify the utilization of Keeper's robust password and passkey management features, offering improved clarity and search functionality. Keeper has adopted an incremental approach to enhancing the user experience, consistently refining the appearance, usability, and overall feel of its applications while staying mindful of the importance of consistency, familiarity and the world-class security and functionality that Keeper users have come to expect. With this update, Keeper's new user experience has been effectively implemented across all platforms, encompassing desktop, web browsers, and iOS. Android users can also anticipate an upcoming dark mode experience soon. Android users of Keeper will encounter refreshed themes, including a default Light Mode and improved user-selectable themes. Additionally, new features include: Streamlined Usability Friendlier Interface Accessibility and Inclusion Advanced Search Craig Lurey, CTO and Co-Founder of Keeper Security, said, We are excited to introduce these enhancements to our Android app, completing the rollout of our stunning new user interface (UI) to every Keeper user. [Source – Cision PR Newswire] Lurey stated that the update represented their ongoing commitment to delivering the best possible user experience while maintaining the highest security standards. He mentioned that with the improved usability, modernized interface, and lightning-fast sync times, Keeper Password Manager for Android continued to be a go-to solution for organizations and individuals looking to secure their digital identities. About Keeper Security Keeper Security is revolutionizing the way to secure passwords, confidential data, and secrets for individuals and organizations worldwide. The company's user-friendly cybersecurity platform is built on the foundation of zero-trust and zero-knowledge security, providing protection for users on all devices. Its solution is quick to deploy and seamlessly integrates with any technology stack, effectively preventing breaches, lowering help desk expenses, and ensuring compliance. Trusted by millions of individuals and numerous global organizations, Keeper leads in top-tier password management, privileged access, secrets management, secure remote access, and encrypted messaging solutions.

Read More

Spotlight

Traditional email security products struggle to detect email impersonation threats such as BEC and targeted phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra’s Agari uses advanced data sc

Resources