DATA SECURITY

GoVanguard Expands Cybersecurity Capabilities with Acquisition of Gotham Security

GoVanguard | August 11, 2021

Technology security firm GoVanguard has completed it's acquisition of boutique cybersecurity company, Gotham Security. The move positions GoVanguard to expand its leadership in the cybersecurity sector, building its team and expertise to help clients' increasing need to prevent and mitigate emergent threats, such as ransomware attacks. The move comes as a natural extension of GoVanguard's mission to advance security awareness and provide elite-level cybersecurity services to its clients.

GoVanguard services a wide range of industries looking to secure their business. Clients include Odyssey Group, nTopology, Insurance Technologies and Abacus Group, as well as several international businesses, medium sized companies and small local firms, spanning organizations across the financial, healthcare, insurance and technology industries.

GoVanguard has built its reputation through its approaches to adversary simulation, risk reduction, threat management, and information security strategy. The acquisition completes the company's suite of offerings by acquiring a five-year partner and industry leader in red-teaming and pentesting—two essential services for companies protecting against security threats and staying ahead of risks to business information.

"As threat actors become more sophisticated, it's become obvious that the best defense is to go on the offensive. Adversary simulation has become increasingly valuable for organizations looking to quickly gauge and improve their security position. Afterall, if you can't measure it, you can't improve it," said Mahdi Hedhli, GoVanguard CEO. "Gotham Security has been a close partner for years and this was a natural next step to allow our red-teaming experts to take our clients' defenses to the next level and continue our dedication to finding the security gaps before cybercriminals do."

Underscoring the commitment to quality and continuity, Blake Shalem, Gotham Security COO, will be joining GoVanguard as its Chief Customer Officer. Blake said that the move will not only enhance services and expand resources to new and existing clients, it will also provide opportunities to further develop team members in the ever-evolving space of cybersecurity.

"This move allows us to elevate what we do best, which translates to a superior class of protection for our clients," said Blake.

Recent attacks on Kaseya, thousands of Microsoft Exchange Servers, Colonial Pipeline, JBS, a nuclear contractor, and a U.S. Congressional vendor, spotlight the brazenness and sophistication of cybercriminals, who are constantly probing for new angles of attack. Meanwhile, ransomware is becoming an increasingly lucrative venture for threat actors. The institute for Security and Technology estimates that U.S. companies paid out about $350 million in 2020, a year-over-year increase of 171 percent in the average ransomware payment.

GoVanguard's acquisition of Gotham Security positions clients to remain a step ahead of the criminals, specifically in the areas of red-teaming and pentesting to help companies eliminate existing vulnerabilities before cybercriminals strike.

"We're doubling down on our commitment to improve the cybersecurity landscape by honing our focus on red teaming," Hedhli said. "We feel this is the area where GoVanguard makes the biggest impact for our clients and the industry as a whole."

About GoVanguard

GoVanguard is a cybersecurity firm based in New York City dedicated to providing world class services with actionable results. The company's innovative team of technology and cybersecurity experts specialize in emulating sophisticated cybercriminals to find gaps in business security before criminals do. Using attack simulation, risk reduction, threat management and compliance and strategy guidelines, the company has been working toward its mission of developing security awareness and protection for organizations across the financial, healthcare, insurance, technology and other business enterprises across the U.S. for nearly a decade.

Spotlight

As Germany’s largest IT provider, Bechtle future-proofs technology for clients across Europe – placing special focus on improving employee experiences. Marco Stalder, team leader of Workspace services at Bechtle, knew the successful roll out of future-ready apps and technology demanded both an easy-to-use platform and education for employees on how to master it. This roll out identified champions within the company to communicate the value of the technology, and leveraged onboarding resources from Citrix to simplify employee training.

The Challenge: Gaining technology adoption for 70 offices
As the largest B2B IT provider in Germany, Bechtle’s success depends on having an IT environment that supports today’s challenges and enables future growth as business needs change. This means being able to onboard and accommodate employees at a wide range of skill levels, and having an easy-to-use, flexible technology platform to deploy new apps. With this kind of environment coupled with training and support, Bechtle can drive vast user adoption.

Adopting a flexible, easy-to-use platform that any employee can master
As part of its future-proofing strategy, Bechtle chose Citrix to simplify its technology environment across the business. In addition to deploying Citrix Workspace to deliver a secure app, desktop, and file experience for employees, the strategy included Citrix Networking solutions. The result is Bechtle’s IT team had choices as to how to manage its cloud journey. At the same time, the IT team customized user adoption and training resources to help each Bechtle user have a great experience using Citrix technology.

Empowering employees with anywhere access to essential apps and data
Today, Bechtle employees across Europe have access to the business apps and information they need on any device and in any location. By simplifying the technology infr


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

KnowBe4 Launches New Mobile Learner App for Anytime, Anywhere Cybersecurity Learning

KnowBe4 | November 29, 2022

KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it is launching the new KnowBe4 Mobile Learner App to empower end users by introducing security awareness and compliance training on the go at no additional cost to customers, improving user engagement and strengthening security culture. With a large majority of the world's population using smartphones today, mobile training revolutionizes the way people learn. This new app will enable end users to complete their security awareness and compliance training conveniently from their tablets or smartphones, giving them 24/7/365 access. "The KnowBe4 Mobile Learner App is the first of its kind to launch in the security awareness and compliance training space, making it easier than ever to train users while subsequently strengthening an organization's security culture. "This new app will enable IT and security teams to improve engagement and completion rates for required training thanks to a seamless user experience. This will also help users to associate security with their personal devices, keeping it top of mind all the time rather than only when they are at work on their computers. We are making this substantial new capability available at no additional cost to all subscription levels as a show of our commitment to supporting our customers' security and human risk management objectives." Stu Sjouwerman, CEO, KnowBe4 Based on subscription levels, KnowBe4 offers 100+ Mobile-First training modules that were designed specifically for mobile. The KnowBe4 Learner App supports push notifications for custom announcements, updates on assigned training as well as KnowBe4 newsletters. About KnowBe4 KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by more than 54,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY

Netpluz strengthens cybersecurity offerings for SME customers across the Asia Pacific

Netpluz | October 12, 2022

Netpluz, a one-stop Managed Communications Service Provider in the region, has teamed up with two leading security platforms, Stellar Cyber and Ridge Security, to provide more comprehensive cybersecurity services for Small and Medium-sized Enterprises (SMEs) across the Asia Pacific. Netpluz eSentinel™ is a cloud-based, all-in-one managed cybersecurity platform that offers comprehensive protection of confidentiality, integrity, and availability of computer systems and networks against cyber-attacks and unauthorized access. The partnerships with Stellar Cyber and Ridge Security will significantly enhance the cyber defence capabilities of eSentinel™ in two main areas, namely Managed SOC (Security Operations Centre) and VAPT (Vulnerability Assessment and Penetration Testing). With the adoption of Stellar Cyber's Open XDR platform and ingestion of data from multiple different sources, eSentinel™ Managed SOC service will offer high-fidelity threat detection and incident correlation through AI, automated threat hunting and response. MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond) will also improve tremendously by more than eight and twenty times, respectively. Ridge Security's pioneering product, RidgeBot®, is an intelligent risk-based vulnerability management and automated pentest robot that value-adds to eSentinel™ VAPT service. RidgeBot® acts like human attackers, relentlessly locating exploits and documenting the findings. Unlike humans, RidgeBot® comes armed with dynamic attack strategies to exploit before moving on to the next target. "With digitalization accelerated by the pandemic, adopting technology as part of strategic growth is now at the forefront of many organizational agendas, even for SMEs. In fact, we see SMEs looking at digitalization for business and growth opportunities in the long term – driving stronger demand for managed cybersecurity services. "Responding to this demand, we are thrilled to work with Stellar Cyber and Ridge Security to deliver enterprise-grade and cost-effective managed cybersecurity services to businesses in the Asia Pacific." Mr Lau Leng Fong, Chief Executive Officer of Netpluz Such collaborations extend Netpluz's comprehensive selection of business-focused solutions and align with the company's vision to be the top Managed Communications Service Provider in the Asia Pacific. With the evolving digital landscape, cybersecurity is now an integral part of communication services and an even more significant concern for SMEs. Unlike large enterprises, SMEs are often more vulnerable to cyber-attacks due to the lack of strong technological defences, less awareness of threats, and a shortage of talents and resources to invest in cybersecurity. This is where Netpluz comes in. With an increasing focus on offering managed cybersecurity services, Netpluz has established a high-availability Security Network Operation Centre (SNOC) spanning its regional operations, to provide round-the-clock monitoring, detection and response of its customers' IT devices, systems, and network infrastructure. To further strengthen its cybersecurity capabilities and processes, Netpluz has also attained certifications, including CREST Certification, CSA Cyber Trust mark (Advocate), ISO/IEC: 27001:2013, and MTCS Standard. Netpluz is also a Cybersecurity Service Provider (CSP) licensed by the Cyber Security Agency of Singapore (CSA), enabling the company to provide secure and reliable services to customers in Singapore and across the Asia Pacific region. About Netpluz Netpluz is a transforming Managed Communications Service Provider that helps clients become more agile by simplifying their Information and Communications Technology (ICT) needs. With humble beginnings in 2015 serving business internet connectivity, acquisition of MediaRing business assets and merger of Y5Zone Singapore in 2016, Netpluz has evolved from an Internet Service Provider (ISP) to providing Managed Data, Cloud, Cybersecurity, Voice, Video, and Mobility services to over 2,000 clients over a single, converged network with uncompromising availability, scalability and service standards. Backed by decades of industry expertise, experience and global technology partners, Netpluz managed services are designed and operationalized with cost efficiency to fit business needs. With an unwavering dedication to delivering quality services to its clients, Netpluz aspires to become the top Managed Communications Service Provider in the Asia Pacific. About Stellar Cyber Stellar Cyber's Open XDR platform delivers Everything Detection and Response by ingesting data from all tools, automatically correlating alerts into incidents across the entire attack surface, delivering fewer and higher-fidelity incidents, and responding to threats automatically through AI and machine learning. Its XDR Kill Chain™, fully compatible with the MITRE ATT&CK framework, is designed to characterize every aspect of modern attacks while remaining intuitive to understand. This reduces enterprise risk through early and precise identification and remediation of all attack activities while slashing costs, retaining investments in existing tools and accelerating analyst productivity. The company is based in Silicon Valley. About Ridge Security Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems. The management team has years of networking and security experience. Ridge Security's robotic security validation system RidgeBot, fully automates the penetration testing process and emulates adversary attacks to validate an organization's cybersecurity posture.

Read More

DATA SECURITY,ENTERPRISE SECURITY,PLATFORM SECURITY

Laminar Supports Launch of Amazon Security Lake

Laminar | November 30, 2022

Laminar, a leader in public cloud data security, today announced it is supporting the launch of Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned purpose-built data lake. With support for the Open Cybersecurity Schema Framework (OCSF) standard, Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response. “All cybersecurity in the end is about protecting data and all cybersecurity is more effective and efficient with data-context. “Laminar is proud to be a launch partner for Amazon Security Lake, adding data-context to security events for better risk models, effective investigations and efficient remediation.” Amit Shaked, co-founder and CEO, Laminar Amazon Security Lake helps organizations aggregate, manage, and derive value from log and event data on the cloud and on-premises to give security teams greater visibility across their organizations. With Amazon Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases. Amazon Security Lake helps customers optimize security log data retention by optimizing the partitioning of data to improve performance and reduce costs. Now, analysts and engineers can easily build and use a centralized security data lake to improve the protection of workloads, applications, and data. Laminar is a Data Security Posture Management (DSPM) leader that delivers autonomous, agentless, and continuous data security for everything that you build and run on the cloud. Laminar provides autonomous discovery and classification for all data across AWS and hybrid cloud environments into a cloud data catalog, prioritization of data assets by our proprietary risk model, and an agentless and asynchronous approach to DSPM to reduce the exposure surface without impacting performance. “Data is every enterprise’s most valuable asset, which makes protecting it a critical capability for all cybersecurity solutions,” said Rod Wallace, General Manager for Amazon Security Lake. “Amazon Security Lake enables security teams to optimize security log data collection and retention by optimizing the partitioning of data to improve performance and reduce costs. With the Laminar integration, analysts and engineers can store their data in the OCSF format for further analytics to improve the protection of workloads, applications, and data.” About Laminar Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers and cloud data warehouses. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY

Vicarius Partners with CISA to Bring Awareness to Software Vulnerabilities for Cybersecurity Awareness Month

Vicarius | October 18, 2022

Vicarius, creators of vsociety, the open and independent social community for research and security professionals, has announced the publication of novel security research detailing multiple new exploits for popular developer tools. The publication comes in an effort to amplify safe hygiene practices during CISA’s Cybersecurity Awareness Month. October 2022 marks the 19th anniversary of National Cybersecurity Awareness Month, with this year’s campaign theme — “See Yourself in Cyber” — demonstrating that while cybersecurity may seem like a complex subject itself, it’s really all about people. In alliance with the Cybersecurity and Infrastructure Security Agency (CISA), who leverages the month to spread awareness of good cyber hygiene, Vicarius looks to enhance the security posture of organizations by publishing new research along with steps to mitigate the risk. Among the publications, which are provided to the community by independent researchers and validated by Vicarius, is a zero-day vulnerability for a popular Python developer tool called yacmmal. In the post, anonymous researcher “M” lays out the steps taken to compromise the application and execute code remotely, going further to warn “as this exploit is not known and no patches are available, usage of the package should be avoided until patches are public,” while providing a workaround for temporary protection. In a few subsequent posts to the community, the same researcher details an exploit to a beloved developer resource called Flask as well as a method to exploit a deserialization vulnerability in a python library called Jsonpickle. Both of these examples illustrate the potential for remote code execution and the steps required to mitigate the threat. Vicarius stresses the importance of providing mitigation details for any exploit posted to vsociety. Research is only published on the platform if it follows responsible disclosure and is accompanied by remediation details and documentation. “Our goal is to make organizations more aware of potential vulnerabilities in the wild and provide the steps necessary to protect against them. “With the growing popularity and prominence of Awareness Month, we aimed to go a step beyond the typical materials provided by other CISA partners, encouraging awareness of previously unpublished threats in the wild which all security teams should be cognizant of.” Vicarius CEO Michael Assraf Vicarius will release additional pieces of research that will be published to vsociety throughout the month. About Vicarius Vicarius helps security teams protect their most critical apps and assets against software exploitation through TOPIA, the company’s end-to-end vulnerability remediation platform. Founded by three security experts and backed by tier one investors from Silicon Valley, Vicarius’ mission is to provide customers with problem-solving solutions that proactively reduce risk wherever computer software resides.

Read More

Spotlight

As Germany’s largest IT provider, Bechtle future-proofs technology for clients across Europe – placing special focus on improving employee experiences. Marco Stalder, team leader of Workspace services at Bechtle, knew the successful roll out of future-ready apps and technology demanded both an easy-to-use platform and education for employees on how to master it. This roll out identified champions within the company to communicate the value of the technology, and leveraged onboarding resources from Citrix to simplify employee training.

The Challenge: Gaining technology adoption for 70 offices
As the largest B2B IT provider in Germany, Bechtle’s success depends on having an IT environment that supports today’s challenges and enables future growth as business needs change. This means being able to onboard and accommodate employees at a wide range of skill levels, and having an easy-to-use, flexible technology platform to deploy new apps. With this kind of environment coupled with training and support, Bechtle can drive vast user adoption.

Adopting a flexible, easy-to-use platform that any employee can master
As part of its future-proofing strategy, Bechtle chose Citrix to simplify its technology environment across the business. In addition to deploying Citrix Workspace to deliver a secure app, desktop, and file experience for employees, the strategy included Citrix Networking solutions. The result is Bechtle’s IT team had choices as to how to manage its cloud journey. At the same time, the IT team customized user adoption and training resources to help each Bechtle user have a great experience using Citrix technology.

Empowering employees with anywhere access to essential apps and data
Today, Bechtle employees across Europe have access to the business apps and information they need on any device and in any location. By simplifying the technology infr

Resources