Developer-Centric Application Security Company StackHawk announces its launch of its General Accessibility

prnewswire | September 01, 2020

StackHawk, the software-as-a-service startup that empowers software engineers to easily find and fix application security bugs before they hit production, today announced it is launching into general availability. Over the past year, the product has built a strong base of Early Access customers who have automated their AppSec testing in the CI pipeline, checking for vulnerabilities on every merge. With great feedback from these early customers, StackHawk is now available to any company that wants to deliver secure software.

Spotlight

Disaster Recovery as a Service, or DRaaS, is a fully managed solution that minimizes disruption and data loss following a disaster. Data backup is an important part of disaster recovery (DR), but another critical component is the ability to restore systems that allow businesses to actually use that backed-up data. Under a DRaaS model, the implementation, testing, and managing of the DR solution is carried out by a third-party provider.


Other News
DATA SECURITY

SecurityScorecard Research Reveals Cyber Vulnerabilities Pose a Threat to U.S. Maritime Security

SecurityScorecard | December 21, 2021

SecurityScorecard, the global leader in cybersecurity ratings, today released a new report on the U.S. shipping industry, "Proactive Security Measures for Global Maritime Shipping." The research found that high severity cyber vulnerabilities pose a big risk to U.S. maritime security, especially ahead of a busy holiday season. In December 2021, SecurityScorecard conducted an analysis of the cybersecurity health of 100 global shipping container companies compared to the Forbes Global 2000 companies, finding that: Overall, the cybersecurity risk posture of the shipping industry was better than the Forbes Global 2000, but the shipping industry did not perform higher in every risk group factor The largest risks to the sector include vulnerabilities in application security, irregular patching cadence, and network security Data breach percentages for shipping container companies increased from 2018 through 2021, indicating that the industry may be an increasingly attractive target for malicious cyber actors during the 2021 winter holiday season Shipping container companies initially did better than the Forbes Global 2000 until April 2020, when high-profile attacks sank the industry average. Since mid-2020, shipping container companies have continued to struggle to build resilience in their cybersecurity and have not yet returned to their pre-2020 breach scores. Global supply shortages and shipping disruptions brought on by the COVID-19 pandemic pose a threat to U.S maritime security and threaten to disrupt the holiday gift-giving season. The maritime shipping network, which is responsible for 90% of the global trade, has gone from being a fast and cost-effective system to one plagued by delays, clogged shipping lanes, and exorbitant prices. "The shipping and maritime industry is already strained and taxed by the pandemic and resulting supply chain backlog,A potential cyber incident in the shipping industry could have catastrophic effects on people and businesses all across the world. This research is a key indicator that the industry should continue to keep a focus on cyber resilience through continuous monitoring." Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard SecurityScorecard continuously monitors millions of entities world-wide, and non-intrusively assesses their security posture across ten risk categories, including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. This instantly delivers an easy-to-understand "A" through "F" security rating. About SecurityScorecard Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More

SOFTWARE SECURITY

Thrive Integrates SOAR Technology into their Security Operations to Enhance Real-Time Cyber Threat Detection

Thrive | May 20, 2022

Thrive, one of the leading Managed Security Services Providers (MSSPs) in the world, has made a significant investment to upgrade their 24x7x365 eyes-on-glass Security Operation Center (SOC) by integrating a Security Orchestration, Automation, and Response (SOAR) engine. The SOAR capabilities will enable the Thrive global security team to better navigate today's complex, risk-laden environment for clients via tool aggregation and coordinated response, unified operations, reduced alert fatigue, and Artificial Intelligence (AI). This will result in a significant reduction of incident response times for client threats and provide higher quality information for the Thrive SOC to combat intricate cyber risks in real time. By 2025, the amount lost to cyber theft is expected to reach $10.5 trillion annually, which is the single greatest transfer of wealth in history, according to a report from AT&T. These glaring statistics indicate why cybersecurity has become imperative in the world of commerce. "Cybersecurity threats and vulnerabilities are constantly multiplying, due to not only more sophisticated social engineering but also a rise in micro-ransomware incidents, That means vigilance against attacks of all kinds must also evolve. Incorporating a SOAR into our robust global security operations unit will allow Thrive clients to have a stronger defense system in place against cybersecurity attacks and enable our team to respond more expeditiously to any issues should they arise." Mike Gray, CTO of Thrive Thrive's integrated managed cybersecurity solutions provide a proactive and expert approach to security management for identifying and remediating security issues. Powered by next-gen technology, proven frameworks and service-driven experts, Thrive's unified cybersecurity platform enables Thrive's 24x7x365 SOC to automatically address critical security issues without client intervention. By creating a stress-free experience that solves for the technical complexity and talent shortage mid-market enterprises face, Thrive's cybersecurity solutions fortify the digital transformation initiatives that propel business growth. About Thrive Thrive is a leading provider of NextGen managed services designed to drive business outcomes through application enablement and optimization. The company's Thrive5 Methodology utilizes a unique combination of its Application Performance Platform and strategic services to ensure each business application achieves peak performance, scale, uptime, and the highest level of security.

Read More

DATA SECURITY

ContraForce Announces $2M Seed Investment from DataTribe

ContraForce | December 28, 2021

DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today a $2M seed investment in ContraForce, a leader in no-code security automation for small and medium-sized businesses. ContraForce delivers a no-code security automation platform that makes cyber security accessible for small and medium-sized businesses that lack the resources and expertise to defend themselves. In addition, ContraForce also brings this facility to security compliance; a critical feature, as customers, regulators and insurance companies are putting increasing pressure on small and mid-sized organizations to not only be secure, but also to prove it. No longer is it acceptable for smaller organizations to be a step behind in their security and compliance. Hackers are increasingly targeting them for ransomware or as an entry point into a supply chain. Because small businesses typically have limited resources to cope with a cyber attack, cyber attacks can represent an existential risk for them. ContraForce enables small and mid-sized businesses to manage this risk with their easy-to-use, self-service platform to automate threat detection, response, and compliance. “We are thrilled to announce DataTribe's most recent investment in ContraForce on the heels of the company winning the fourth annual DataTribe Challenge,” said John Funge, Managing Director at DataTribe. “By providing a sort of security and compliance ‘easy button’, ContraForce is filling a really significant gap. Just because an organization is small does not mean that it does not possess vital data, IP, or access to strategic networks. It is paramount that smaller organizations overcome the resource barriers to robust security. ContraForce’s unique approach dramatically lowers these barriers.” “I am looking forward to working with DataTribe as we build on the ContraForce team's passion for simple and effective cybersecurity solutions designed for the needs of small and medium-sized businesses,” Stan Golubchik, CEO and co-founder of ContraForce ContraForce’s security and compliance solutions map security vulnerabilities to the industry standard MITRE ATT&CK framework. They create and adapt security detection and response capabilities in real-time, ensuring the environment is secured in hours across the cloud, network, endpoint, and users. By using ContraForce, an organization without dedicated security personnel can respond to threats without having to learn or write complex security detection code and response workflows. About DataTribe DataTribe is a startup foundry that invests in and co-builds world-class startups focused on generational leaps in cybersecurity and data science. Founded by leading investors, startup veterans, and alumni of the U.S. intelligence community, DataTribe commits capital, in-kind services, access to an unparalleled network, and decades of professional expertise to give their companies an unfair advantage. DataTribe is headquartered in the Washington-Baltimore metro area, in Fulton, Maryland. About ContraForce ContraForce is the new no-code security automation company. We focus on securing the small and medium-sized businesses by helping their security and IT teams work smarter, allowing them to implement automated operations that are effective in combating cyberattacks and demonstrating compliance. ContraForce is headquartered in McKinney, Texas and was founded and built by industry security and cloud experts from Armor, McAfee, and Intel. ContraForce's mission is to empower IT and Security teams and enable them to be more efficient.

Read More

SOFTWARE SECURITY

ZeroEyes Announces Partnership with Veteran-Owned Cybersecurity Firm Layer 8 Security

Layer 8 Security | February 02, 2022

ZeroEyes, Inc., creators of the only AI-based video analytics platform focused solely on gun detection, is proud to announce its partnership with Philadelphia-based company, Layer 8 Security. Layer 8 Security is a cybersecurity consulting and technical services firm that arms organizations with practical security, compliance, and privacy strategies. Starting in 2022, Layer 8 Security will assist ZeroEyes with the company's information security certifications. Both companies are veteran-founded, owned, and operated, and are part of the Veterans Business Referral Network with over 200 members in the Greater Philadelphia area. In addition to the local connections, both companies are well-known on the national stage for being leaders in their respective disciplines. "I've known members of the ZeroEyes team for years,ZeroEyes' focus on gun detection and physical security complements our focus on being the 'sheepdogs,' protecting people in any way we can. In our case our focus is on data privacy and protecting businesses from hackers. I'm excited to leverage our shared goals as veterans helping veterans." Kevin Hyde, President and Co-Founder at Layer 8 Security "Layer 8 Security and ZeroEyes are both focused on security and building veteran-owned businesses," adds ZeroEyes' Chief of Staff, Kieran Carroll. "We're excited to support Layer 8 Security in their mission and appreciate their services in securing our own business." About ZeroEyes ZeroEyes is the industry's leading AI-based weapons detection solution. Our software integrates into existing security camera systems and sends out a series of alerts when a verified gun is detected via our best-in-class weapons detection algorithms. Founded by a team of Navy SEALs and military veterans with over 50 years of military experience with deep special operations and intelligence community expertise, ZeroEyes is the trusted weapons detection provider of numerous clients, including the US Department of Defense, leading public K-12 school districts, commercial property groups, Fortune 1000 corporate campuses, shopping malls, and big-box retail. About Layer 8 Security Layer 8 Security is a cybersecurity consulting, advisory, and technical services firm that arms organizations with practical security, compliance, and privacy strategies. Today's business environment requires seamless integration with third-party vendors, clients, and partners. Layer 8 Security ensures your information ecosystem is secure, compliant, and resilient to the severity and frequency of a disruption resulting from a cyber attack.

Read More

Spotlight

Disaster Recovery as a Service, or DRaaS, is a fully managed solution that minimizes disruption and data loss following a disaster. Data backup is an important part of disaster recovery (DR), but another critical component is the ability to restore systems that allow businesses to actually use that backed-up data. Under a DRaaS model, the implementation, testing, and managing of the DR solution is carried out by a third-party provider.

Resources