SOFTWARE SECURITY

DigitSec and UST Announce Partnership to Offer Continuous Application Security Testing for Salesforce DevSecOps

DigitSec and UST | August 27, 2021

DigitSec and UST Announce Partnership to Offer Continuous Application Security Testing for Salesforce DevSecOps
DigitSec, provider of the most comprehensive AppSec testing platform purpose-built for Salesforce, and UST, a leading digital transformation solutions company, today announced a partnership to provide full-spectrum application security testing as part of a comprehensive Salesforce portfolio for enterprise customers.

UST will offer its clients the DigitSec SaaS Security Scanner™- S4 for Salesforce™ as part of its plan to deliver more secure and resilient solutions for testing and remediation.

DigitSec S4 is a continuous application security testing platform for Salesforce DevSecOps that integrates multiple security tools, empowering developers and administrators to accurately identify security issues faster and with far fewer false positives than traditional AppSec testing solutions. It offers an automated penetration testing solution combining static source code analysis (SAST), interactive runtime testing (IAST), software composition analysis (SCA), and cloud security configuration review for a truly comprehensive Salesforce security assessment.

Commenting on the partnership, Prasan Vyas, General Manager and Global Head of SFDC Practice, UST, said, "At UST, we are constantly improving our value proposition for our Global 2000 and Fortune 500 customers by leveraging our platform expertise and working together with best-of-breed partners to help build secure and robust solutions. For our Salesforce customers, DigitSec presents a digital-age tool to secure applications against potential security threats early on in the build process. The partnership underwrites UST's deep commitment to the Salesforce platform and helping our customers identify and remediate security risks in their Salesforce orgs."

"Given the mission-critical and sensitive nature of customer personally identifiable information (PII) and other data, it's critical that developers consider security first in their Salesforce projects. Our S4 platform provides a continuous and automated 360-degree view of potential threats and now is available to UST clients as they create and update their Salesforce applications," said DigitSec CEO Waqas Nazir.   

S4 for Salesforce can quickly and accurately identify thousands of potential security vulnerabilities with the lowest rate of false positives in the industry. The DigitSec platform also supports compliance framework requirements including GDPR, HIPAA, ISO-27001, SOX, PCI DSS, CCPA, and APPI.

About DigitSec
DigitSec provides the most comprehensive application security testing platform purpose-built for Salesforce, including automated penetration testing. Its patented SaaS Security Scanner, S4, quickly assesses Salesforce security posture, allowing developers to easily identify potential issues before deployment while supporting compliance requirements.

About UST
For more than 20 years, UST has worked side by side with the world's best companies to make a real impact through transformation.  Powered by technology, inspired by people, and led by our purpose, we partner with our clients from design to operation. Through our nimble approach, we identify their core challenges and craft disruptive solutions that bring their vision to life. With deep domain expertise and a future-proof philosophy, we embed innovation and agility into our clients' organizations—delivering measurable value and lasting change across industries and around the world. Together, with over 26,000 employees in 25 countries, we build for boundless impact—touching billions of lives in the process.

Spotlight

Information technology drives innovation and has revolutionized the way businesses, governments and individuals work and interact. The ability to harness big data has opened the door for world-wide collaboration in real time and is no doubt a game changer. Big data has generated an enormous amount of discussion and debate in the press, on blog sites, amongst analysts and top technology firms.


Other News
DATA SECURITY

Security Tops Retailers’ Wish Lists this Holiday Season

Futurex | November 17, 2021

Record sales expected in 2021, along with hackers; Futurex recommends point-to-point encryption for retailers to protect cardholder data BULVERDE, Texas, November 17, 2021 — As we enter the biggest retail season of the year, transactions are increasing, as are the numbers of hackers and skimmers — targeting shoppers’ cardholder data. The last thing retailers need to worry about is cyber threats that lead to ransomware or data breaches, as they welcome shoppers and juggle supply chain disruptions. Futurex, a leader in hardened, enterprise-class data security solutions, recommends retailers implement point-to-point encryption (P2PE) to encrypt cardholder data at the point of sale to keep it safe from malware that might be spying on network traffic and capturing credit card numbers. Futurex secures transactions for several of the nation’s largest retailers, protecting shoppers’ sensitive cardholder data and payment information. U.S. retail sales now through December are expected to grow 10.5% to a record $859 billion, compared to 2020, according to the National Retail Federation. Meanwhile, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned about the increase of cyber threats, including ransomware, around the holidays. “Behind every gift, every purchase, and every payment, retailers and consumers depend on secure transactions to protect payment information,” said Ryan Smith, vice president, global business development, at Futurex. “As the critical security backbone of the global financial ecosystem, we work with the world’s largest retailers and financial institutions to safeguard data in transit and at rest." The use of hardware security modules (HSMs) in transaction processing is critical, as payment HSMs provide the cryptographic functions needed to support end-to-end data security, including encryption and cryptography key management. In a compliant P2PE environment, sensitive data is encrypted from the point of interaction and decrypted only within the secure boundary of a FIPS 140-2 Level 3 or PCI HSM-validated HSM. Learn more about point-to-point encryption. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

DATA SECURITY

Futurex Announces Support for Google Cloud External Key Manager

Futurex | October 12, 2021

Futurex’s key management technology and Google Cloud EKM give customers more control over encryption keys to maximize data security, privacy, and compliance BULVERDE, Texas, October 12, 2021 — Futurex, a leader in hardened, enterprise-class data security solutions, today announced support for Google Cloud External Key Manager (EKM), giving customers more control over encryption keys. Google Cloud EKM gives users full separation between their data and encryption keys, enabling users to create, store, and manage their encryption keys in a third-party key management service (KMS) — such as Futurex’s key management servers (KMES). Users can turn to Futurex KMES Series 3, a FIPS 140-2 Level 3-validated key management enterprise server, or Futurex's VirtuCrypt cloud service to handle all cryptographic key lifecycle management to maximize data security, privacy, and compliance. “We continue to add security and flexibility for Google Cloud users, giving them full control of the location, distribution, and access of their externally-managed keys,” said Bahul Harikumar, Head of Infrastructure Security Partnerships at Google Cloud. “Google Cloud EKM and Futurex give users more security options and more control.” Futurex’s robust key management platform is globally available and highly scalable, providing a versatile, external key service using fully-validated HSM and cloud technology. In addition to solutions for Google Cloud External Key Manager, Futurex’s KMES Series 3 offers: Cloud key management Data protection Public key infrastructure (PKI) Certificate Authority (CA) Code signing Vaultless tokenization Integration with numerous 3rd-party applications and services “Google Cloud’s commitment to encryption is evidenced by its support for external key management partners and we are thrilled to support Google Cloud EKM with our FIPS 140-2 Level 3-validated systems,” said Ryan Smith, vice president, global business development, at Futurex. “Futurex’s centralized encryption makes everything easier by fulfilling multiple key management use cases in a single platform.” Futurex’s Google Cloud EKM can be deployed via Futurex on-premises key management servers, Futurex’s VirtuCrypt Cloud, or an on-premises/cloud hybrid. For more information on Futurex’s support for Google Cloud EKM, visit futurex.com. Google Cloud will be showcasing its Cloud EKM at its Google Cloud Next ‘21 conference, taking place October 12-14, 2021. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

Thought leaders come together to discuss the futureof developer relations in a remote-first world

SlashData | September 19, 2020

For immediate release London, United Kingdom Media contact at SlashData Ltd. Viktorija Ignataviciute viktorija@slashdata.co Best practises engaging Open Source and DevOps developers Developer trends; Tracking Covid effect on the industry While industries, businesses and individuals are being challenged significantly, the Future Developer Summit is determined to turn this into an enhanced learning opportunity, open to all Developer Relations, Marketing and Advocacy community members. Traditionally hosted in the Bay Area, CA, the 5th Future Developer Summit invites its guests to join the event remotely on 29-30 Sep & 6-7 Oct, ensuring the safety of all stakeholders. For the first time this year, the Summit offers 2 tracks: Open Source and DevOps. Thought leaders at the Future Developer Summit Industry leaders are coming together to discuss the future of developer marketing and developer relations. Director and VP level representatives from CNCF, Google, Microsoft, Comcast, HashiCorp, Intel, Salesforce, Facebook, MongoDB, Futurewei, Eclipse Foundation, Indeed.com, Expedia, Nutanix, and more. Jono Bacon - author of “People Powered” and Mary Thengvall - Director of Developer Relations at Camunda are joining as event’s co-hosts. Follow new announcementsat futuredeveloper.io/ Keynotes by: • Mike Milinkovich, Executive Director at Eclipse Foundation • Nithya Ruff, Executive Director, OSPO at Comcast • Stormy Peters, Director of Open Source Programs Office at Microsoft • Adam FitzGerald, VP, Developer Relations at HashiCorp Lightning talks - hear about successes and failures from: • Melissa Evers-Hood - VP, Intel Architecture, Graphics and Software at Intel • Priyanka Sharma - General Manager at CNCF • Chris Kelly - Director, Open Source and Engineering Engagement at Salesforce • Grace Francisco - VP, Global Developer Relations & Education at MongoDB • Anni Lai - Head of Open Source Operations and Marketing, Cloud at Futurewei • Duane O'Brien - Head of Open Source at Indeed.com • Tobie Langel - Principal and founder, UnlockOpen • Satya Singh - Principal Product Manager - Platform & Marketplaces at Expedia • Mark Lavi - DevOps and Automation Solutions Architect at Nutanix • Tamao Nakahara - Head of Developer Experience at Weaveworks • Amr Awadallah - VP, Developer Relations at Google The highlights • On 29-30 Sep & 6-7 Oct. Full agenda at futuredeveloper.io/ • The highest rated industry event with a Net Promoter Score - 94! • Co-hosts: - Jono Bacon - author of “People Powered” - Mary Thengvall - Director of Developer Relations at Camunda • Remote friendly event for the global tech leaders community • Summit offers 2 tracks: Open Source and DevOps • 2 networks to join: Community and Exclusive • Registration is free for all attendees. We do invite you to voluntarily contribute to Black Girls Code • This year’s Summit coincides with SlashData’s 10-year anniversary of developer research. Join us to celebrate together! ▶ Reporters can redeem the Media Pass here. ▶ General Admission is available here. *Senior audience only Exclusive edition - announcement The Future Developer Summit is opening its doors in 2 weeks! Don’t miss a chance to join an outstanding crew of industry thought leaders bringing the best learning experience for Developer Relations, Marketing and Advocacy community members. Exclusive edition on 6-7 October Your Unique Executive Networking Opportunity in a remote-first world Two industry panels How do industry leaders approach contribution to open source? Speakers: • Sam Ramji - Chief Strategy Officer at DataStax • Chris DiBona - Director of Open Source at Google • Nithya Ruff - Executive Director, OSPO at Comcast • Stormy Peters - Director of Open Source Programs Office at Microsoft The diversity of DevOps approaches and how customers are adopting it? Speakers: • Kelsey Hightower - Staff Developer Advocate, Google Cloud Platform at Google • Greg Wilson - Director of Cloud Developer Relations at Google • Nicole Forsgren - VP, Research and Strategy at GitHub • TBA very soon! Two fireside chats with: • Jono Bacon - author of “People Powered” • Kathy Kam - Head of Open Source & Developer Advocacy at Facebook Two Master Classes Using practical examples, and a lot of data as usual, we will be demonstrating how you can increase your DevRel ROI by taking data-backed decisions and what are the key reasons for using data in your decision making process. Availability is limited → Secure Your Executive Seat

Read More

SALESFORCE LAUNCHES NEW HYBRID CMS PLATFORM 'SALESFORCE CMS

DECK7 | November 12, 2019

Demand owns content, and with the release of 'Salesforce CMS', it’s clear that Salesforce is putting the control squarely with demand, not to mention delighting the creative marketer with more power through additional tools for creating content that are expected to work well right out of the box (er… cloud). Customers have become accustomed to consuming content across multiple channels and platforms which requires marketers to provide for seamless integration of their content. Enterprises have always been challenged by using multiple systems for their content management. Salesforce CMS addresses these common content challenges and promises more.

Read More

Spotlight

Information technology drives innovation and has revolutionized the way businesses, governments and individuals work and interact. The ability to harness big data has opened the door for world-wide collaboration in real time and is no doubt a game changer. Big data has generated an enormous amount of discussion and debate in the press, on blog sites, amongst analysts and top technology firms.

Resources