SOFTWARE SECURITY

Exabeam Partners with Google Cloud

Exabeam | June 09, 2022

Exabeam
Exabeam, a pioneer in Next-Generation SIEM and XDR, announced today its intention to construct and evolve its modern cloud-native security information and event management (SIEM) and cybersecurity analytics solutions on Google Cloud. The move provides global security teams with endless data ingestion, speed, and scale options in their continuous battle against more sophisticated cybersecurity threats over an ever-expanding attack surface.

“Exabeam is unlike any other SIEM vendor in that we leverage our machine learning-based, cyber analytics product to help security teams be more efficient. With this next version of our product, we will now become completely cloud-native offering unparalleled performance, scale, and cost efficiency. Exabeam is built by security people for security people.”

Michael DeCesare, CEO and president, Exabeam

Gerrit Kazmaier, Vice President and General Manager, Data Analytics and Business Intelligence at Google Cloud said that “Addressing and protecting data from security threats and attacks is a business-critical focus that is constantly evolving. We look forward to continuing our work together to create products that help companies securely leverage their data at cloud scale.”

Adam Geller, chief product officer, Exabeam said that “After looking at several cloud players in the market, we selected Google Cloud, specifically the Data Analytics family of products including BigQuery, Dataflow, and Looker, because of its hyperscale, speed, and ability to support the type of technically advanced products we build at Exabeam. Google Cloud has enabled us to greatly accelerate our own security platform and product innovation resulting in state-of-the-art features and capabilities that can finally overcome the data proliferation and threat detection, investigation, and response (TDIR) challenges faced by security operations teams today.”

Exabeam has been named a Leader with the highest ability to execute in the 2021 Gartner Magic Quadrant for SIEM for the third time in a row, joining a rapidly growing list of technology companies that power their products and businesses with Google data cloud products like BigQuery, Looker, Spanner, and Vertex AI.

Spotlight

Home security and remote monitoring systems are a major application of the Internet of Things (IoT). Most include sensors, motion detectors, video cameras, and recorders all connected via the cloud to a mobile device or the web. But are they and IoT applications in general secure from hackers? This research study uses HPE Fortify on Demand to test 10 popular home security systems. The results will make you feel anything but secure.


Other News
SOFTWARE SECURITY

BlastWave Unifies Remote Cloud Security with Bulk Onboarding and Login Convenience Through BlastShield Software Update

BlastWave | June 17, 2022

BlastWave, a zero-trust networking solution provider that reduces the cost and complexity of remote access VPN management, today announced enhancements to its zero-trust security software solution, BlastShield™. The enhancements include added security capability for the three main cloud service providers, identity manager unification, Azure gateway security integration and easy bulk onboarding. BlastWave sees these updates as increasingly important with the global workforce shift to remote cloud environments on multiple vendor platforms. The recent update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment without forcing a user to rely on the respective security measures of each provider. This means users can have workloads distributed across provider environments but only one user authentication system. The update continues BlastWave's mission of convenient, cutting-edge cybersecurity, all while offering enhanced protection within identity management systems. Most importantly, users can take advantage of BlastShield's heightened speed and functionality, two vital features in multi-functional, cloud environments. This latest update also adds support for gateway security in Azure environments, expanding on BlastShield's previous gateway security capabilities in GCP, AWS, ESXi and COTS hardware systems. This new gateway security integration increases functionality for Azure users, allowing them to rely on password-less authentication instead of dated VPN security measures within their cloud-based Azure environments. BlastShield's latest update streamlines bulk onboarding, a typically arduous process, leveraging customers' SSO functionality. This update's features rely on an industry-standard API, System for Cross-domain Identity Management (SCIM), designed to simplify the management of user identities in cloud-based services as well as applications. It enables the automatic exchange of user information between identity domains, eliminating the insecure provisioning of identity managers when onboarding large numbers of users in distributed cloud environments. Identity managers have conventionally suffered from potential exposure to credential theft, SIM jacking, and other threat vectors. BlastShield's update addresses these vulnerabilities without hampering the convenience of identity managers. "BlastShield's latest update enhances our proven security mechanisms with single sign-on identity management tools and offers simplified bulk onboarding. "Many competitors are focusing more on endpoint security in these hybrid cloud environments, but we're offering a macro-level security approach that combines the convenience of identity management systems like Okta and One Identity with the proven agile security of BlastShield's network-level ZTNA and microsegmentation." Michael Bacon, BlastWave Solution Engineer The recent software update and resulting functionality are automatic for new subscribers and can be implemented with the click of a button in the BlastShield interface for current professional and enterprise customers. "In the past, cybersecurity may have elicited groans from providers, largely due to its perceived inconvenience. This update lends BlastWave's proven security stack to the login convenience offered by established identity managers," said Mel Knight, Brier and Thorn CISO. "Once again, whether through bulk onboarding via secure provisioning or enhanced Azure environment security, BlastWave continues to imbue existing technologies with their patented, proven ZTNA security solution. We are excited for our customers to experience this update's improved, secure convenience, bulk onboarding, and multi-vendor cloud security." About BlastWave Founded by former executives and technologists from Apple and Cisco, BlastWave is taking a fundamentally different approach to security aimed at protecting privacy and connected devices from cyberattacks. BlastWave's patented product, BlastShield™️, is an integrated, zero-trust stack that combines state-of-the-art passwordless multi-factor authentication with high-performance, resilient encrypted connectivity and built-in microsegmentation. BlastWave is backed by Rocket Strategies, Lucas Venture Group, and Millennium Investments. The company is headquartered in Palo Alto, California.

Read More

PLATFORM SECURITY

Talon Cyber Security Selected for Exclusive Microsoft for Startups Program

Talon Cyber Security | June 30, 2022

Talon Cyber Security, provider of the first secure enterprise browser, today announced it has been selected as a partner for Microsoft for Startups, a global program dedicated to accelerating the trajectory of high-potential startups. As a program member, Talon will receive access to Microsoft technology, mentorship and business support. “Talon is proud to be working with an established leader like Microsoft as we continue to aggressively scale to meet the demand for our secure enterprise browser. “Our goal is to make security for the future of work simple by enabling secure access for managed and unmanaged devices, and the feedback we have received from the world’s largest brands has been amazing. As we continue to gain traction, it is incredible to have the support of a true industry giant like Microsoft.” Ofer Ben-Noon, co-founder and CEO, Talon Cyber Security The traditional approach of enabling secure access to modern applications is complex, expensive and puts organizations at risk. The TalonWork browser acts as the first line of defense and control point for enterprise security, while drastically reducing complexity and cost. Talon brings enterprise-grade security to the browser, delivering native features like authentication, data loss prevention, zero trust controls and more. Customers leverage TalonWork to gain visibility into and secure SaaS applications, web activity, managed devices and unmanaged devices. Built on Chromium, TalonWork consistently delivers the high-quality user experiences required to secure the future of work. “Talon’s mission to help its customers simplify security programs for distributed workforces is a great fit for the program,” said Jeff Ma, Vice President, Microsoft for Startups, Microsoft. “We look forward to helping Talon deliver their innovative solution to our joint customers.” Talon leverages Microsoft’s infrastructure to facilitate seamless, real-time collaboration among its global team that enables it to deliver exceptional service to its customers. The company’s unique approach to security has led to significant corporate momentum. Talon won the Innovation Sandbox Contest at RSA Conference 2022, a prestigious competition where 10 industry leaders battle for the title of “Most Innovative Startup” each year. About Talon Cyber Security Talon Cyber Security is modernizing security programs and improving user experiences for hybrid work by delivering the first secure enterprise browser. Built on Chromium, the TalonWork browser provides customers with the consistent user experiences, deep security visibility, and control over SaaS and web applications needed to simplify security for the future of work. Talon was named the Most Innovative Startup of 2022 at the prestigious RSA Conference Innovation Sandbox Contest.

Read More

SOFTWARE SECURITY

Noetic Cyber Delivers Platform Update to Bring Data Science into Cyber Asset Management

Noetic Cyber | June 06, 2022

Noetic Cyber, an innovator in Cybersecurity Asset Attack Surface Management (CAASM), today announced the availability of a new version of its Continuous Cyber Asset Management and Controls platform. The latest version of the Noetic platform is focused on delivering immediate time to value for security teams by identifying high priority security gaps and exploitable vulnerabilities, using innovative data science techniques. Since its public launch in July 2021, Noetic has been working with security leaders in the United States and the United Kingdom to help them reduce their growing attack surface and improve their cybersecurity posture. The challenge these cyber leaders often face is to understand cyber risk across complex environments, where assets can exist for a short period of time in public or private cloud platforms, as well as having to manage legacy on-premises workloads. To gain the insights needed to be effective, they need confidence in their data quality, full visibility across all assets and contextual intelligence to help prioritize decision making. "The continued innovation we are delivering reflects the expanding use cases we see across our customer base. "Security teams are putting cyber asset intelligence at the heart of their security programs and our ability to continuously adapt and respond to changing environments is critical to their success." Paul Ayers, CEO and co-founder, Noetic Cyber Delivering Immediate Time to Value Security teams need to know what assets they have, and understand which ones are creating the most cyber risk. Noetic is delivering innovative cyber asset intelligence to help customers assess their current cyber posture readiness and focus the security team's efforts on the highest priority activities. The Noetic platforms helps customers successfully do this with: External Cyber Asset Intelligence – Mapping industry data including CISA's Known Exploited Vulnerabilities catalog, MITRE ATT&CK® mitigations and others to provide greater context on asset risk and exposure. Coverage Gap dashboards –Helping security teams quickly identify common and easily resolved security coverage gaps. Support for ad-hoc security data – Many organizations keep important information on critical applications or security risks in spreadsheets. Noetic's new data ingestion capability supports importing ad-hoc data into the model. Simplifying and Extending Cyber Asset Management use cases The Noetic platform uses Graph database technology to map cyber relationships between assets. This innovative technology approach enables Noetic to navigate deep hierarchies and find hidden connections, providing the context to help security teams to make more informed decisions. The latest release of the Noetic platform builds on native Graph capabilities to deliver additional value such as: Understanding & improving data quality –Noetic's new data analytics feature automatically and continuously analyzes data for each different source for completeness and accuracy, providing a data quality score. Simplifying Graph queries – Noetic has adopted openCypher, a widely used open query language. Noetic has developed a graphical point-and-click UI to guide security analysts through the steps of creating powerful relationship-based queries with little or no training. Supporting Cloud and On-premises applications – Organizations need to protect assets across public and private clouds, as well as traditional on-premises networks. Noetic Outpost supports secure ingestion from behind the corporate firewall, and private clouds. "The challenge of identifying and managing assets in the context of cybersecurity has grown considerably in recent years," said Dr. Ed Amoroso, CEO of TAG Cyber. "Noetic's innovations are important as their ability to prioritize and automate helps security teams to focus on critical areas of cyber risk." About Noetic Cyber Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, fix and improve their security posture and enterprise ecosystem. Our goal is to improve security tools and control efficacy by breaking down existing siloes and improving the entire security ecosystem. Founded in 2019, Noetic is based in Boston and London.

Read More

WEB SECURITY TOOLS

Star Atlas Launches Initiative to Establish Web3 Security Framework

Star Atlas | May 25, 2022

Star Atlas, a next-gen metaverse with triple-A game design and Unreal Engine 5 graphics built on the Solana blockchain, today announced an expanded focus on security to ensure consumer protection and digital safety in the metaverse. This multi-pronged initiative includes signing Kudelski Security, the cybersecurity division of the Kudelski Group - the world leader in digital security, and the forefront leader in providing security solutions for major blockchain-based applications, exchanges, and ecosystems - as its security partner. Kudelski Security will perform ongoing audits and analysis to help ensure the integrity of the Star Atlas metaverse is maintained and both partners will work together to explore setting standards for web3 security. "We are pleased to partner with the team at Kudelski Security to advance the digital security of our fast-expanding metaverse," said Michael Wagner, Co-Founder and CEO of ATMTA, Inc., the principal development studio of Star Atlas. "We understand there is a lot of skepticism when it comes to web3 and security, so we want to be proactive by partnering with one of the top cybersecurity firms to help make sure our community feels safe. Protection of assets is paramount, and we look forward to working with Kudelski Security to establish the best practices for security when it comes to web3 gaming." As security auditor of record, Kudelski Security will increase the safety and security of the Star Atlas metaverse by testing the protocols and looking for potential vulnerabilities to be addressed. Star Atlas players will have greater assurance that the metaverse has been built securely and tested rigorously, and that Star Atlas has taken the necessary action to become the leader in the web3 space when it comes to security. The relationship with Kudelski Security goes beyond the hardening of the Star Atlas environment. Star Atlas is looking to expand collaborations with the wider Group to focus on new standards that can help to transition companies and projects into web3, including security standards, tokenization, and best practices in web3 gaming. By developing standard technology and processes that enable safe and secure on-chain gaming, players will be protected from the hacks that currently plague web3 and some of the main barriers to wider stakeholder adoption will be lowered. "Web3 is growing rapidly, and we are seeing more need for developing a security standard that is adopted across the industry to act as a framework. This is why we are excited to partner with a native web3 leader like Star Atlas and to come together to solve potential security issues before they arise." Andrew Howard, CEO of Kudelski Security In addition to Kudelski Security's blockchain and cybersecurity experience, the Kudelski Group is recognized as global leaders in digital security – with specialized expertise in encryption, anti-piracy, watermarking, cryptography, and digital rights management. Executives from Star Atlas, the Kudelski Group, Kudelski Security, and NAGRA Kudelski are meeting during the World Economic Summit in Davos, Switzerland, to further discuss establishing a framework for securing the web3 ecosystem. ABOUT STAR ATLAS Star Atlas is a next-gen gaming metaverse emerging from the confluence of state of the art blockchain, real-time graphics, multiplayer video game, and decentralized financial technologies. Real-time graphics technology using Unreal Engine 5's Nanite allows for cinematic quality video game visuals. Blockchain technology using the Solana protocol establishes a largely serverless and secured gameplay experience. Non-fungible tokens obtained and traded within Star Atlas creates an economy that replicates the tangibility of real world assets and ownership.

Read More

Spotlight

Home security and remote monitoring systems are a major application of the Internet of Things (IoT). Most include sensors, motion detectors, video cameras, and recorders all connected via the cloud to a mobile device or the web. But are they and IoT applications in general secure from hackers? This research study uses HPE Fortify on Demand to test 10 popular home security systems. The results will make you feel anything but secure.

Resources