DataTribe | July 29, 2022
DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today the launch of its fifth-annual DataTribe Challenge. The competition is poised to identify and curate Pre-Series A, high-technology start-ups with a vision to disrupt cybersecurity and data science.
Three finalists will split $20,000 in prize money, and one winner will be eligible to receive up to $2 million in seed capital from DataTribe. In 2021, the Challenge had two winners: Quickcode.ai and ContraForce. Quickcode.ai helps non-technical experts build machine learning training data with unprecedented speed and accuracy while ContraForce is the only platform to make comprehensive cybersecurity easy, effective, and accessible for the small to midsize enterprise.
“Over the last five years, the Challenge has evolved into an excellent platform for entrepreneurs to not only get exposure and feedback — but to actually fundraise. For the winner, it could take care of their entire seed round. We’re always humbled by the quality of submissions — as founders look over the horizon to chart the future of cyber. The Challenge is a lot of fun and we look forward to working with participants.”
John Funge, Managing Director of DataTribe
Mike Janke, Co-founder of DataTribe said, “The Challenge is the top cybersecurity startup competition in the world. We are inspired by the founders that participate and the innovations they present. We’re honored to be able to use all the resources we have at DataTribe to co-build with entrepreneurs, giving them an unfair advantage and creating the next generation of market-leading companies.”
In June 2021, Synopsys acquired the winner of the 2019 Challenge, Code Dx, a software security testing orchestration, correlation, and prioritization platform. The exit was a demonstration of the Challenge’s ability to draw top cybersecurity solutions, as well as of the success of the DataTribe model of partnering with over the horizon technology coming out of national security agencies.
DataTribe invites contestants to join the Challenge who have developed a robust concept and/or initiated development of a minimal viable product (MVP) – i.e., a product developed with sufficient features to entice early adopters. The firm anticipates a strong showing from teams with experience working in national security, defense, national laboratories, or at organizations specializing in cybersecurity and data science R&D.
Applicants will have until August 31, 2022 to enter an application. DataTribe will review submissions for technical merit, market potential, and readiness of the team. On October 12, 2022, DataTribe will announce up to three finalists. These teams will then have 3 weeks to refine their pitch and prepare for final judging, with assistance from DataTribe’s team of startup veterans. In a live event, finalists will present a pitch and answer questions from a panel of esteemed judges on November 3, 2022.
“Winning the 2021 DataTribe Challenge was a major catalyst in achieving the product and market momentum necessary to grow our customer base,” said Stan Golubchick, ContraForce Co-Founder and CEO. “DataTribe is more than just an investor. Their unique foundry approach is a true partnership, adding the experience, support, and knowledge of successful company-builders to our team.”
DataTribe is a startup foundry that invests in and co-builds world-class startups focused on generational leaps in cybersecurity and data science. DataTribe was launched in 2015 with the vision of empowering technologists in the Washington, D.C. region to build and grow successful companies.
SentinelOne | May 31, 2022
SentinelOne, an autonomous cybersecurity platform company, today announced SentinelOne XDR Response for Okta, enabling security teams to quickly respond to credential compromise and identity-based attacks. The integration of SentinelOne’s XDR platform with Okta’s identity management capabilities offers a powerful new solution to accelerate response and minimize enterprise risk.
“Attackers exploit endpoint and identity security and access gaps. SentinelOne and Okta are leaders in securing both of these enterprise domains. “Incorporating SentinelOne Singularity XDR into the Okta identity platform improves the contextual awareness of our solution, ensuring that every identity is verified and malicious actors cannot advance laterally in pursuit of high-value targets. With SentinelOne across enterprise attack surfaces and Okta enforcing identity policies, organizations enjoy the best of both worlds in a single solution.”
Stephen Lee, VP Technical Strategy & Partnerships, Okta
According to the 2022 Verizon Data Breach Investigations Report, 82% of breaches involved the human element including the use of stolen credentials. While there are existing solutions that secure various pieces of the enterprise they are often siloed, causing gaps in visibility and making it difficult to achieve a holistic understanding of an organization’s security posture.
“Groupon is on a constant journey of modernization, adopting new and cutting-edge cloud technologies like SentinelOne Singularity XDR and Okta to best protect our employees and customers,” said Ryan Ogden, Director of Information Security, Groupon. “Consolidating context from various tools and automating response force multiplies our team to address the growing scale and speed of threats.”
SentinelOne’s StorylineTM observes all concurrent processes across OSs and cloud workloads, providing rich context for any potential endpoint security incident. When a threat is detected, Singularity XDR informs Okta of the last logged-in user for that endpoint and Okta provides identity context from Okta data. By combining XDR and identity context, the joint solution helps security analysts quickly determine who is doing what on which device, significantly reducing the risk of endpoint or identity-based attacks.
SentinelOne XDR Response for Okta provides a fully automated remediation process, alleviating the burden on the SOC team and allowing analysts to focus on higher-value tasks. Other key use cases include:
Threat Enrichment - automatically enriches threats within Singularity XDR with recent login information via Okta to make security data actionable.
User Suspension - terminates active sessions originating from compromised devices to minimize response time for prevention and remediation.
Reset Password - forces password resets, preventing SSO-enabled lateral movement across corporate applications.
Force Reauthentication - initiates a multi-factor authentication (MFA) workflow within Okta, locking the account until the user re-authenticates with a valid MFA token for identity verification.
“Compromising identities and moving laterally to exploit an organization’s ‘crown jewels’ is the blueprint of modern attacks,” said Yonni Shelmerdine, Vice President of Product Management, SentinelOne. “Organizations need robust endpoint protection and visibility into user sessions to respond effectively to malicious activity. With SentinelOne and Okta, enterprises gain enterprise-grade context for effective security operations.”
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.
ShardSecure | August 09, 2022
ShardSecure, inventor of the innovative MicroshardTM technology that mitigates data security and privacy risks in the cloud, will be exhibiting at Black Hat 2022, the leading information security event, from August 6 to 11 in Las Vegas, Nevada. While at Black Hat, ShardSecure will showcase their patented microsharding solution at Booth #30 in the Business Hall's Innovation City.
During the conference, ShardSecure will demonstrate how microsharding renders sensitive data unintelligible in the wrong hands, offering crucial protection in multi-cloud and hybrid-cloud environments. ShardSecure Lead Developer Anthony Whitehead will present "Microsharding, an Alternative to Encryption for Data at Rest" from 2:25 to 2:45 p.m. PT on August 10 in the Business Hall, Theater C. Additionally, VP of Marketing Marc Blackmer will be interviewed on microsharding and encryption by Chuck Harold of SecurityGuyTV at 9:20 a.m. PT on August 11.
"We're looking forward to making new connections and sharing how we can help organizations strengthen their data resilience, maintain business continuity, and mitigate the impact of ransomware," said Marc Blackmer. "Black Hat is an excellent opportunity for ShardSecure to participate in key industry conversations, strengthen our brand, and grow our networking opportunities."
Microshard technology works to desensitize sensitive data by digitally shredding it into tiny microshards. Those microshards are then mixed with poison data and distributed to multiple customer-owned storage locations of the customer's choosing. Its self-healing data also reverses unauthorized data deletion and tampering — including ransomware — for data at rest.
Through its ability to reconstruct data impacted by storage service outages, ShardSecure also helps protect against the effects of data loss and allows business operations to continue unaffected during an outage.
"We're pleased to be sharing Microshard technology with a wide audience of thought leaders and vendors at Black Hat. "Combined with several new partnerships and our recent availability in Azure Marketplace, Black Hat is allowing us to reach more organizations with our innovative data security and data resilience solution. We look forward to continuing the discussion about how we can help organizations maintain control of their sensitive data in the cloud while protecting it from outages and attacks."
Bob Lam, CEO and Co-Founder of ShardSecure
About Black Hat
Now in its 25th year, Black Hat USA is a leading cybersecurity event. With trainings, briefings, and virtual and in-person events, Black Hat 2022 will present the latest research, development, and trends in the information security industry.
ShardSecure is changing the nature of data security. It believes that all organizations can easily and securely enjoy the benefits of cloud adoption without surrendering control of their data. Inventors of the patented Microshard technology, ShardSecure cloud-enables sensitive data by desensitizing it in multi-cloud and hybrid-cloud environments.
NowSecure | July 06, 2022
NowSecure, the leading standards-based mobile app security and privacy software company, today announced a new GitHub Action for Dependency Graph integration to bring automated mobile app Software Bill of Materials (SBOM) generation to developer workflows directly inside GitHub. Now iOS and Android mobile app developers can gain visibility into the components, third-party libraries and frameworks they use and ensure their proper version, security and privacy as they build them — all to deliver high-quality, secure mobile app releases faster.
GitHub,the leading software development platform for more than 83 million developers, announced new extensions for dependency information in the GitHub Dependency Graph with new GitHub Actions. As a recognized leader in mobile app security, NowSecure has delivered the first automated dynamic mobile app SBOM solution integrated into GitHub Dependency Graph. The NowSecure GitHub Action for Mobile SBOM to populate the GitHub Dependency Graph is now available in early access via the GitHub Marketplace. In addition, the NowSecure Platform can now be purchased through Microsoft Azure Marketplace. As part of the early access program, all GitHub mobile developers can request a free scan for dynamic SBOM generation into GitHub Dependency Graph.
Underlying the urgency of managing software dependencies, software supply-chain attacks in 2021 grew by 650% with major incidents from SolarWinds, Microsoft, Kasaya, log4j and others. White House Cybersecurity Orders in 2021 identified critical risks in the global software supply chain and set out requirements for government agencies to establish standards and policies for securing the software supply chain.
"Developers want to deliver innovative, high-quality mobile applications fast," said NowSecure CEO Alan Snyder. "This means they need a developer-first, easy to use and accurate mobile security solution embedded directly in their dev workflows. While mobile developers depend on third-party code for innovative experiences, complex functionality and time to market, they must ensure the code they use is up to date and secure. We are excited to extend our partnership with GitHub and the community by adding dynamic SBOM generation into GitHub Dependency Graph to help developers protect their software supply chain."
NowSecure offers two GitHub Actions for automated mobile app analysis and mobile app SBOMs. The NowSecure GitHub Action provides automated static and dynamic security analysis of iOS and Android mobile apps built in any language or framework including Swift, Objective-C, Java, Kotlin, Dart, React-Native and more. The NowSecure GitHub Action for Mobile SBOMs generates component detail for visibility into the libraries/frameworks included in all mobile apps, identifying transitive dependencies, pinpointing libraries/frameworks that are using older versions, identifying components that remain but may have previously specified to be removed, and uncovering component license details.
"The NowSecure GitHub Action for Mobile SBOM populates the GitHub Dependency Graph with mobile data so that in the future GitHub Dependabot alerts can update dependencies to the latest and more secure versions of libraries in mobile apps. "Furthermore, comparing SBOMs and dependencies from different versions of a mobile app provides insight into changes made by the developer over time that may require further analysis or help identify technical debt. Overall, we've been very impressed with GitHub's implementation, enabling third-parties to extend the Dependency Graph and Dependabot to support new ecosystems like mobile."
NowSecure CTO David Weinstein
"The software supply chain starts with the developer. Extending automated visibility into your SBOM means developers can significantly reduce their usage of vulnerable software dependencies as well as be confident in shipping new mobile features and products with security built in by design," said Jose Palafox, Director of Business Partnerships at GitHub.
The NowSecure GitHub Action for Mobile SBOM early access program for GitHub Dependabot Graph is part of the world's most comprehensive suite for mobile app security including NowSecure Platform for continuous security testing in the development pipeline for DevSecOps, NowSecure Workstation kit for pen tester productivity, NowSecure Supply Chain Risk Management, NowSecure Pen Testing Services, and NowSecure Academy training courseware for dev and security teams. Built on a foundation of standards and automation, NowSecure empowers organizations to deliver secure mobile apps faster and continuously monitor their mobile app supply chains for risk. Top mobile innovators, global businesses and agencies trust NowSecure to secure their mobile apps including AT&T, Caribou Coffee, Chime, iRobot and Uber.
As the standards-based mobile app security and privacy company, NowSecure protects the Mobile App Economy. The world's most demanding organizations, innovative mobile developers and advanced security teams entrust NowSecure to safeguard millions of mobile app users across banking, insurance, high tech, IoT, retail, hospitality, energy and government sectors. Only NowSecure delivers the full solution suite of continuous security testing for DevSecOps, mobile app supply-chain monitoring, expert mobile pen testing and training courseware with the depth, speed, accuracy, and efficiency to meet modern business demands. Dedicated to the open-source community and standards including OWASP, ioXt and NIAP, NowSecure is SOC 2 certified and recognized by IDC, Gartner, Deloitte Fast 500, and TAG Cyber.