DATA SECURITY

Cyware and Flashpoint Expand Partnership to Proactively Mitigate Enterprise Risk

Cyware | November 19, 2021

Cyware
Cyware, the industry’s only Virtual Cyber Fusion platform provider, today announced an expanded partnership with Flashpoint, the global leader in actionable threat intelligence, to deliver intelligent automation to security teams. The partnership now features a solution that enables customers to leverage Flashpoint’s intelligence data with Cyware’s Security Orchestration Layer (CSOL), providing the advanced workflow automation necessary to help security analysts build more efficiency into threat response.

The enhanced partnership features Cyware’s CSOL orchestration solution integrated with Flashpoint core collections—enriched datasets that provide insight and key context into the latest and most critical threats from threat actor communities and other crucial sources. The combined capabilities of CSOL and Flashpoint’s threat intelligence enable security teams to confidently automate workflows by escalating critical incidents or indicators related to organizational risk. The joint integration maximizes analyst efficiency and reduces the need for manual internal processes by proactively mitigating risks to the enterprise.

“The combination of Cyware and Flashpoint empowers security teams with the enriched context and intelligent automation needed to identify and thwart emerging threats to proactively address the evolving threat landscape,” said Josh Lefkowitz, CEO of Flashpoint. “The early success we have already experienced together has truly been remarkable. Our expanded partnership enables our mutual customers to better protect their most critical infrastructure and assets through automation.”

Through the newly expanded partnership, joint customers are provided with the ability to:
  • Access Flashpoint’s extensive threat intelligence sources, including illicit communities and technical data, as well as identified compromised credentials that add value and context to existing intelligence feeds through the Cyware platform.
  • Jumpstart automation and orchestration efforts by using Cyware’s vast library of pre-built playbooks and customizing them to specific workflows.
  • Create queries related to threat intelligence requirements and automate response efforts based on internal workflows and systems.
  • Universally search within CSOL across integrated Flashpoint datasets, delivering unprecedented context to security teams.

“By building on our existing partnership with Flashpoint, the industry benefits from two of the leading threat intelligence technologies available on the market today,Our customers are able to streamline security operations and stay ahead of threats to their organizations through the careful application of intelligent automation and real-time threat intelligence.”

Anuj Goel, CEO, Cyware

About Flashpoint

Flashpoint, the globally trusted leader in actionable intelligence, enables organizations to protect critical infrastructure and assets from cyber, corporate, and physical attacks. The world’s leading financial, technology, retail, and healthcare companies, as well as US and US-allied government agencies, trust Flashpoint’s advanced data collections and human-powered analysis to proactively identify, mitigate, and prevent threats related to cybersecurity, fraud, insider threats, corporate and physical security, executive protection, and third-party risk.

About Cyware

Cyware helps cybersecurity teams build virtual cyber fusion centers enabling end-to-end threat intelligence automation, sharing, and unprecedented threat response. Cyware is transforming security operations by delivering the industry's only Virtual Cyber Fusion Center Platform with next-generation SOAR (security orchestration, automation, and response) and threat intelligence (TIP) solutions for large and small enterprise security teams, ISACs/ISAOs, MSSPs, and government agencies - so that organizations can reduce costs and analyst burnout and increase speed and efficiency.

Spotlight

As a chief information officer, you know you can’t outsource risk. Yet every year, cyber risk demands more and more time from the already-busy CIO. In this guide, we’ll walk through the following: Why cybersecurity benchmarking is difficult for the modern CIO. Different methods of benchmarking you may be involved in (or want to


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Noname Security Announces Ambitious EMEA Channel Strategy to Capitalise on Accelerating Demand for API Security

Noname Security | November 02, 2022

Noname Security, the leading API security company, today shared its EMEA channel strategy, which builds on significant momentum achieved in the past six months and is led by Ides Vanneuville, recently appointed EMEA Channels & Alliances Director. Vanneuville is an experienced leader in the cybersecurity market with a strong track record in cybersecurity and solutions engineering, having held a number of senior positions at organisations such as Palo Alto Networks, Nutanix, and Aviatrix. Demand for API security solutions is accelerating throughout EMEA as businesses continue to transition to public cloud and are increasingly adopting cloud-native development strategies. High-profile API breaches have underlined the critical nature of API security and the need for advanced solutions such as the Noname API Security Platform that accelerate digital transformation while addressing API security risks and vulnerabilities. This offers a new and growing market for established cybersecurity resellers and new entrants alike. "I am excited to join Noname Security at a time when the channel is transforming to meet growing demand for the powerful yet easy-to-use API security that our platform delivers," comments Vanneuville. "We are building productive partnerships with traditional cybersecurity companies seeking to expand their offering into the DevSecOps market, along with the innovative application-centric resellers that are carving out opportunities in this space." Noname Security operates a 100% indirect sales model, and its channel strategy focuses on building out presence across EMEA by securing key partnerships with a range of cybersecurity resellers, consultancies, systems integrators, and distributors. Since March 2022, Noname Security has signed new partnerships with Oblivion, part of Xebia (Netherlands, Denmark & Germany), NewGens Pte (Singapore, Malaysia, Indonesia and Thailand), CyberGate Defense (UAE), Evanssion (Middle East & Africa), Aditinet (Italy), iSOC24 (Benelux) and HighPoint (UK & NL) . These partners join a diverse group of existing partners across Europe, the Middle East, and Africa. These partners will be supported by Noname Security's global partner program, which provides the resources they need to address key customer pain points in their region and build sizable revenue opportunities in the API security market. The program is tailored to reflect the variations in maturity and background of the API security market in each geographic area. "API security is a rapidly evolving area that wraps around the ways APIs are being used in different territories," adds Vanneuville. "For example, the increase in open banking in emerging regions like Turkey is driving demand for API security in that region, and we have new Noname Security partners in place to meet that need. Similarly, the booming m-commerce market in Africa is a valuable target for our partners to focus on. Our program helps partners target these key vertical markets and build a reputation for excellence." API Security Workshops Provide Essential Partner and Market Education Noname Security is running a series of workshops to educate the market and channel partners about the importance of protecting APIs against attacks and how to go about it. These are currently available, both virtually and in-person in a variety of worldwide cities, and will help Noname's channel partners as well as their end-users to understand: The underlying security risks when deploying APIs Emerging threats facing applications and APIs Techniques used to exploit vulnerable APIs How Noname Security monitors API traffic for anomalies. "These educational workshops form an important part of Noname's go-to-market strategy," concludes Vanneuville. "An educated market is a receptive market, and with these workshops we aim to ensure that customers and partners fully understand the urgency of securing APIs in order to protect core revenue streams against disruptive attackers. This is a relatively new area, but one that is of critical importance for the success and stability of modern enterprises as the cloud transition continues and born-in-the-cloud businesses ramp up innovation and expansion." About Noname Security Noname Security is the only company taking a complete, proactive approach to API security. Noname works with 20% of the Fortune 500 and covers the entire API security scope across three pillars: posture management, runtime security and API security testing. Noname Security is privately held, remote-first with headquarters in Palo Alto, California, and offices in Tel Aviv and Amsterdam.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Fordefi Raises $18M Seed Round to Launch Institutional DeFi Wallet and Security Platform

Fordefi | November 09, 2022

Fordefi, a financial technology and software company, today announced an $18 million seed round and the public launch of its institutional MPC wallet built for transacting on decentralized applications (dApps). Led by Lightspeed Venture Partners, the investors of the firm's initial capital raise also include Electric Capital, Alameda Research, Jump Crypto, Castle Island, Pantera Capital, Illuminate Financial, PayPal Alumni Fund, Nima Capital, Digital Currency Group, Defiance Capital and StarkWare. "The Fordefi team is bringing to market a solution that addresses two of the biggest challenges in DeFi today: institutional-grade security and smart contract transparency," said Sam Harrison, Senior Advisor at Lightspeed Venture Partners and Managing Partner at Faction. "We are excited to support an experienced team bringing a powerful solution to market that directly solves pain points that have held institutions back from achieving the full potential of decentralized finance." "Wallet hacks made major headlines this year. Until now, decentralized finance was missing a secure, stable, and seamless way to connect to dApps," said Ken Deeter, Partner at Electric Capital. "Fordefi's single-browser extension paired with a top-notch institutional grade MPC wallet platform will unlock opportunities across DeFi for all crypto-native institutions. We're excited to be part of Fordefi's journey, as an investor, design partner and customer." Introducing the Fordefi Platform Co-founders Josh Schwartz, CEO, Dima Kogan, CTO, and Michael Volfman, Vice President of Research and Development, began developing the Fordefi platform in 2021, an unprecedented year for crypto adoption, as institutions took notice of the explosive growth and massive volumes of digital assets moved into the markets. A boom in the development of new blockchains and decentralized applications created opportunities for investing that institutions could not safely participate in, as available wallets had been designed years before and lacked the technology to securely and confidently connect them. "Decentralized finance is evolving quickly and its complexities require a dynamic solution," said Schwartz. "Legacy wallet providers are unable to meet the needs of institutions that want to access the new opportunities DeFi has created while ensuring their assets are protected. Fordefi has taken a DeFi-first approach and has built a solution engineered for how clients interact with dApps." "DeFi transactions are much more complex than simple asset transfers, and that's the key to DeFi's exciting new opportunities," said Kogan. "Unfortunately, this complexity also brings with it many new security risks. Fordefi enables institutions to interact with DeFi applications with increased operational efficiency and security through in-depth visibility into each transaction and the ability to set the right controls." A first of its kind wallet and security platform, Fordefi enables market participants to easily and securely connect to decentralized applications. Fordefi's platform is the only institutional MPC wallet on the market built for firms transacting on decentralized applications across blockchains. The solution delivers a previously unavailable degree of insight into transactions, translating smart contracts into language that users can understand, simulating every transaction in advance and independently verifying dApp names. Its advanced MPC key management capabilities are built to protect against any single point of failure, and the platform's unique policy management capabilities offer users the ability to create and define their own workflows, proactively protecting themselves from both internal and external vulnerabilities. "Fordefi has been a tremendous addition to our DeFi workflow. We've seen accelerated deployment efficiency across a comprehensive set of on-chain opportunities, alongside enhanced user intuitiveness and without compromising security." Shane Al, Head of Investments at Arc Capital and Fordefi design partner. "The Fordefi platform provides robust solutions for institutions to access thousands of DeFi opportunities with the highest levels of security. The platform is extremely customizable and allows us to manage our own policies and controls, ensuring a balance between flexibility and security - crucial for liquid fund strategies." Jacob Goh, Head of Operations & Investor Relations at DeFiance Capital, Fordefi investor and design partner. About Fordefi Fordefi's MPC wallet platform and Web3 gateway enables institutions to seamlessly connect to dApps across a wide range of chains while keeping digital assets secure. Fordefi is the first institutional MPC wallet and security platform built for decentralized finance (DeFi), offering MPC key management, self-serve DeFi policy controls, time-of-transaction smart contract insights, transaction simulation and risk alerts. Fordefi was founded in 2021 by crypto custody and cybersecurity experts, and designed in close collaboration with industry-leading trading firms, funds and custodians. Fordefi is a financial technology and software company with offices in New York and Tel Aviv. About Fordefi's Founders Josh Schwartz, Dima Kogan and Michael Volfman founded Fordefi after establishing themselves with decades of experience as leaders in crypto, cybersecurity, and financial services. Schwartz served as Chief Operating Officer at Curv, an institutional MPC wallet acquired by PayPal in 2021, and was Vice President of Sales at digital custody platform BitGo. Dr. Kogan's career spans more than 15 years in academia, industry and government. He received his PhD from Stanford with a specialization in applied cryptography and was awarded the "Best Young Researcher" prize at Eurocrypt 2018, the Theory of Cryptography Conference 2019, and Eurocrypt 2020. Volfman is an engineering manager with 20 years of experience in cybersecurity, serving as Vice President of R&D at Toka, was Chief Technology Officer and co-founder of an edtech startup, and a Director at Guardicore.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Abnormal Security Redefines Cloud Email Security with the Launch of Security Posture Management to Protect Against Email Platform Attacks

Abnormal | November 16, 2022

Abnormal Security, the leading behavioral AI-based security platform, announced today its newest addition to the product portfolio as the company progresses toward delivering the most comprehensive cloud email security in the market. The latest innovation protects customers from emerging email platform attacks that are increasing in volume and severity as attackers find new ways to target organizations. The open, interconnected nature of cloud email platforms creates new entry points for attackers to exploit and manipulate—increasing the need for security tools that protect organizations from attacks beyond those that are delivered through inbound email. While advanced inbound email attacks like business email compromise and credential phishing remain the primary cloud email attack vector, accounting for $43 billion in exposed losses since 2016, this addition to the Abnormal product portfolio expands the capabilities of cloud email security to protect against side-channel attacks that directly target the entire email platform. In recent headlines, cybercriminals have exploited unguarded entry and exit points to carry out sophisticated platform attacks, including: Compromising user and administrator accounts by bypassing MFA policies Exploiting global administrator privileges by setting up tenant-wide email forwarding rules that send company emails to attacker inboxes Tricking employees into installing malicious OAuth applications through consent phishing email links disguised as file-sharing links These examples showcase the need for security tools that can detect changes to the cloud email environment and provide full visibility into the current posture. But because security teams often share responsibility for these platforms alongside IT and messaging teams, it is operationally difficult and manual to understand the full scope of potential configurations across thousands of users, third-party applications and email tenants, and manage them accordingly. “As we’ve spoken to our customers, we’ve heard increasing concerns about this next generation of attacks. Since they have implemented Abnormal to secure the inbound channel against advanced attacks such as BEC, attackers are looking for new ways to access their inboxes and email platforms. “Implementing a solution that can alert security teams to new integrated applications, over-permissioned users, and other potentially risky events will be extremely helpful to security leaders, and Abnormal is excited to evolve our inbound email security platform to provide this capability and better protect our customers from the full spectrum of attacks.” Mike Britton, chief information security officer at Abnormal Security The new Security Posture Management product from Abnormal gives security teams immediate visibility to each of the potential entry and exit points to the cloud email platform. Increased visibility begins with three new Knowledge Bases, in addition to the existing VendorBase, which present comprehensive databases of employees, third-party applications, and email tenants. Each of the three new Knowledge Bases provides the foundational visibility security teams need to understand potentially exposed surface areas in Microsoft 365 and conduct security investigations. AppBase: Provides a running inventory of all of the third-party applications that have access to data within Microsoft 365. It provides a summary of important information about application permissions and data access, as well as an activity timeline of recent events. PeopleBase: Provides a directory of each active user in the environment. It uses contextual, behavioral data to build a dynamic user genome. PeopleBase also provides an activity timeline of recent events, including sign-on patterns, suspicious email activity, and more. TenantBase: Provides a catalog of each of the email tenants Abnormal Security protects and relevant permissions governing access to them. Taking the information derived from these Knowledge Bases, the new Security Posture Management product then monitors each entity for potentially risky configuration changes. Key changes may include the escalation of administrator privileges or the integration of new unverified applications with read-write access to mailboxes. When changes occur, Security Posture Management alerts administrators so they can understand the impact and take appropriate downstream action to protect their cloud email platform from insider threats or attacker infiltration. While the monitoring and alerting capabilities of Security Posture Management are available as an add-on purchase to Inbound Email Security, Abnormal is providing the foundational visibility of its new Knowledge Bases at no cost to all customers with Microsoft 365. New Product Continues to Drive Abnormal Growth in the Email Security Market The posture management offering underscores Abnormal’s commitment to providing its customers with the most effective email security platform on the market. In recent weeks, Abnormal was named to the CNBC Top 25 Startups for the Enterprise list of companies that are best suited to meet the needs of large enterprises, as well as the Madrona Intelligent Applications 40 list for the platform’s superior capabilities in using machine learning to extract useful information from real-time and historical data. These awards highlight the continued success of the company as Abnormal continues to experience more than 2x growth per year, with notable customers including Xerox, Urban Outfitters, Royal Caribbean International, and Groupon. The company maintains a 4.8-star review on Gartner Peer Insights, with 100% recommendation from participating companies. This continued growth is driven by the recent Series C funding round in which Abnormal raised $210 million with backing from Insight Partners, Greylock Partners, and Menlo Ventures. Security Posture Management is the second major product launch in the past six months, with Abnormal releasing the Email Productivity module in August 2022. The Email Productivity add-on uses behavioral AI to filter time-wasting promotional emails away from employee and executive inboxes, automatically personalizing protection to each user based on behavior cues like folder moves. By shielding employees and executives from the growing barrage of promotional emails, including vendor cold calls, newsletters, and marketing promotions, Email Productivity saves enterprises multiple hours per employee per month. Both new products are part of the Abnormal Cloud Email Security platform, which stops the full spectrum of email-borne attacks. About Abnormal Abnormal Security provides the leading behavioral AI-based security platform that leverages machine learning to stop sophisticated inbound email attacks and dangerous email platform attacks that evade traditional solutions. The anomaly detection engine leverages identity and context to analyze the risk of every cloud email event, preventing inbound email attacks, detecting compromised accounts, and remediating emails in milliseconds—all while providing visibility into configuration drifts across your environment. You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly.

Read More

DATA SECURITY, ENTERPRISE IDENTITY

Cervello Partners with ST Engineering to Provide Cybersecurity for Rail Operational Networks

Cervello | October 19, 2022

Cervello, a global leader in rail cybersecurity, announced today a new strategic partnership with ST Engineering, a global technology, defense, and engineering group, to incorporate ST Engineering’s cybersecurity services as part of Cervello's patented rail security solution for rail operators and infrastructure managers. This partnership, which has already proven its value by securing the operations of one of the busiest rail networks in APAC, enhances Cervello's ability to offer and support its solution globally. “We are pleased to officially announce our already proven strategic cooperation with ST Engineering, a proven technology and engineering powerhouse, as a significant step toward Cervello's continued global expansion,” states Roie Onn, Cervello's CEO & Co-Founder. “Combining ST Engineering’s decades of experience in empowering cyber resilience across various sectors, together with Cervello’s unparalleled expertise in rail-specific security, we are able to globally support rail organizations with cybersecurity solutions and services that enable them to operate more safely and efficiently.” “Threats in the cyber-physical world are growing at an exponential rate and conventional ways of securing systems and assets are no longer sufficient. “The joint cybersecurity capabilities of ST Engineering and Cervello allow us to build a more comprehensive effective suite of cybersecurity rail solutions that is reliable and ensures business continuity for rail operators." Goh Eng Choon, President, Cyber, ST Engineering About Cervello Cervello accelerates rail digital transformation by securing the industry’s infrastructure and operations from cyber threats. Cervello offers the industry's leading dedicated rail security platform, enabling rail companies to safely deliver connected service. Cervello’s platform gives you the confidence to see, secure, and manage all ​assets connected to your ​critical ​network, combining OT, IoT, IT and physical systems, and turn the associated data into a powerful resource. This means the end of any compromise between security​, safety​ and usability – put simply, this allows you to ​operate with confidence​. The world’s leading rail operators and infrastructure managers trust Cervello to minimize threats and prevent cybersecurity incidents, thereby increasing their safety, reliability, business continuity and service availability.

Read More

Spotlight

As a chief information officer, you know you can’t outsource risk. Yet every year, cyber risk demands more and more time from the already-busy CIO. In this guide, we’ll walk through the following: Why cybersecurity benchmarking is difficult for the modern CIO. Different methods of benchmarking you may be involved in (or want to

Resources