DATA SECURITY

Keeper Security Buys Glyptodon to Give IT Admins, SREs, and DevOps Teams Zero-trust Remote Access

Keeper Security, Inc | February 04, 2022

Keeper Security, Inc
Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software that includes password management, digital file storage, dark web monitoring, and messaging, announced the acquisition of Glyptodon, the creator of Glyptodon Enterprise, a remote access gateway that gives DevOps and IT teams easy access to RDP, VNC, SSH, and Kubernetes endpoints via a web browser. Glyptodon is also the creator of Apache Guacamole, an open-source platform for accessing remote desktops utilized by millions of people.

Keeper Security's continuous evolution in the identity and access cybersecurity arena, notably enabling hyper-secure access to remote resources, will be aided by the purchase. It incorporates Glyptodon Enterprise's integration with Keeper Security's zero-trust and zero-knowledge security and encryption architecture, resulting in a highly secure, agentless remote access platform that doesn't require a virtual private network (VPN).

"In today's changing work environment with distributed technical teams and compute resources residing in the cloud or a remote location, it is vital that enterprises can securely and quickly connect with those systems,Acquiring Glyptodon is an important component of our go-forward strategy as we unify essential privileged access management features into our cybersecurity platform to protect organizations in the public and private sectors."

Darren Guccione, CEO, and Co-Founder of Keeper Security

"We're excited to become part of Keeper Security which is leading how enterprises protect company data at a time when the traditional way of working has been transformed," said Glyptodon CEO Mike Jumper. "Bringing Glyptodon's technology and insight securing enterprise remote computing access to Keeper Security will provide customers with the industry's most comprehensive and secure remote working experience."

Keeper will continue to support the Apache Guacamole open-source project while also expanding the functionality of its commercially funded version. Keeper has incorporated Glyptodon and Keeper Secrets Manager, offering encrypted vault storage of access credentials, in addition to the public announcement. Keeper Security intends to improve Glyptodon and integrate advanced features into the Keeper Enterprise platform in the following months.

Spotlight

RANSOMWARE! The dreaded word that is starting to have new DAILY occurrences worldwide. This can happen to YOU! You MUST watch this video to learn how to reduce the risk of getting attacked by ransomware or reducing the severity of it if you do get it .


Other News
DATA SECURITY

ShardSecure® To Present at Black Hat Cybersecurity Conference

ShardSecure | August 09, 2022

ShardSecure, inventor of the innovative MicroshardTM technology that mitigates data security and privacy risks in the cloud, will be exhibiting at Black Hat 2022, the leading information security event, from August 6 to 11 in Las Vegas, Nevada. While at Black Hat, ShardSecure will showcase their patented microsharding solution at Booth #30 in the Business Hall's Innovation City. During the conference, ShardSecure will demonstrate how microsharding renders sensitive data unintelligible in the wrong hands, offering crucial protection in multi-cloud and hybrid-cloud environments. ShardSecure Lead Developer Anthony Whitehead will present "Microsharding, an Alternative to Encryption for Data at Rest" from 2:25 to 2:45 p.m. PT on August 10 in the Business Hall, Theater C. Additionally, VP of Marketing Marc Blackmer will be interviewed on microsharding and encryption by Chuck Harold of SecurityGuyTV at 9:20 a.m. PT on August 11. "We're looking forward to making new connections and sharing how we can help organizations strengthen their data resilience, maintain business continuity, and mitigate the impact of ransomware," said Marc Blackmer. "Black Hat is an excellent opportunity for ShardSecure to participate in key industry conversations, strengthen our brand, and grow our networking opportunities." Microshard technology works to desensitize sensitive data by digitally shredding it into tiny microshards. Those microshards are then mixed with poison data and distributed to multiple customer-owned storage locations of the customer's choosing. Its self-healing data also reverses unauthorized data deletion and tampering — including ransomware — for data at rest. Through its ability to reconstruct data impacted by storage service outages, ShardSecure also helps protect against the effects of data loss and allows business operations to continue unaffected during an outage. "We're pleased to be sharing Microshard technology with a wide audience of thought leaders and vendors at Black Hat. "Combined with several new partnerships and our recent availability in Azure Marketplace, Black Hat is allowing us to reach more organizations with our innovative data security and data resilience solution. We look forward to continuing the discussion about how we can help organizations maintain control of their sensitive data in the cloud while protecting it from outages and attacks." Bob Lam, CEO and Co-Founder of ShardSecure About Black Hat Now in its 25th year, Black Hat USA is a leading cybersecurity event. With trainings, briefings, and virtual and in-person events, Black Hat 2022 will present the latest research, development, and trends in the information security industry. About ShardSecure ShardSecure is changing the nature of data security. It believes that all organizations can easily and securely enjoy the benefits of cloud adoption without surrendering control of their data. Inventors of the patented Microshard technology, ShardSecure cloud-enables sensitive data by desensitizing it in multi-cloud and hybrid-cloud environments.

Read More

DATA SECURITY

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

HYAS | August 10, 2022

Leading security technology firm HYAS Infosec — whose proactive solutions ensure that businesses can keep moving full forward in our ever-changing world — today announced the general release of its newest product, HYAS Confront, a cybersecurity solution offering complete visibility into every corner of a production environment. HYAS will be demoing Confront at Black Hat USA in Las Vegas from August 8 to August 11. Production environments are increasingly becoming a target for bad actors, as they want their attacks to cause as much disruption as possible. Afterall, if a company’s production environment is rendered inoperable, its ability to generate income is shut down. HYAS Confront addresses this growing issue by giving DevSecOps teams complete visibility into their production environment. HYAS Confront finally gives them a definitive picture of which devices on their network are communicating with one another, which devices are sending traffic outside the network, and how often and to whom they are sending it. HYAS Confront also automatically identifies communication to known command and control servers as well as other risks and threats. “We have gotten an excellent response from our first customers, who began using the service during development and testing. “We are extremely proud of the solution we have brought to market and the vital role it fulfills in providing complete network visibility.” HYAS CEO David Ratner Most cybersecurity solutions on the market today focus on protecting the perimeter of your network, but unfortunately, regardless of the strength of your outward-facing security posture, you will be breached at some point. The numbers bear this out, with 97 percent of companies reporting having experienced a successful cybersecurity breach at some point. However, even if bad actors sneak past your perimeter security, they can’t hide from the foundational network monitoring provided by HYAS Confront. Once deployed, a process that usually takes less than 30 minutes, it establishes a baseline of normal, healthy network traffic. With this data, HYAS Confront can recognize aberrations from normal traffic patterns that could indicate a problem. When such an anomaly is discovered, Confront alerts administrators so they can take appropriate action. But the benefits of full production environment visibility doesn’t end with security. HYAS Confront can also reveal issues like misconfigurations, violations of policies or controls, and incomplete removal of malware after an attack. One of the most difficult aspects of incident response is ensuring that the environment is actually clean again, and HYAS Confront’s visibility can play a vital role in that process. It can also be a useful tool for understanding service assurance. This innovative solution integrates seamlessly with other network management and security infrastructure, working alongside them to enhance the value of these pre-existing investments. This improves overall network health, preventing problems down the road and giving businesses the confidence to move forward at full speed. “Production environments are so critical to a company’s ability to function, and unfortunately, no matter how strong your perimeter is, bad actors will eventually find a way in,” said Ratner. “HYAS Confront’s distinctive ability to detect anomalies within your production environment ensures that even in these cases, you can uncover the problem before it does damage, letting businesses operate confidently and without fear of costly interruptions.” About HYAS HYAS is a valued partner and world-leading authority on cyber adversary infrastructure and communication to that infrastructure. We help businesses see more, do more, and understand more about the nature of the threats they face — or don’t even realize they are facing — in real time. HYAS’s foundational cybersecurity solutions and personalized service provide the confidence and enhanced risk mitigation that today’s businesses need to move forward in an ever-changing data environment.

Read More

SOFTWARE SECURITY

SentinelOne Integrates with Torq, Streamlining SOC Workflows with Automated Incident Response

SentinelOne | June 29, 2022

SentinelOne , an autonomous cybersecurity platform company, today announced a new integration with Torq, a no-code security automation platform. The combination of SentinelOne and Torq allows security teams to accelerate response time, reduce alert fatigue, and improve overall security posture. “SentinelOne’s powerful intelligence and protection helps security teams protect their employees and customers – no matter how complex the environment. “With Torq, security teams can extend the power of SentinelOne to systems across the organization to automate workflows, respond faster, maintain/boost compliance to benefit from a proactive security posture.” Eldad Livni, Chief Innovation Officer, Torq The SentinelOne integration with Torq combines SentinelOne’s powerful detection and protection with Torq’s no-code automation, enabling customers to limit alert fatigue, respond to threats at machine speed, and proactively identify and remediate risks. Torq makes it easy for security teams to create automated workflows, with a drag and drop workflow builder and hundreds of templates aligned with industry best practices and frameworks from MITRE and NIST. With robust data from SentinelOne, the Torq solution has access to more high-fidelity threat data for improved enrichment, accelerated response times, and alert fatigue reduction. Torq workflows can listen for SentinelOne alerts, and ingest these to trigger action in any security or operations tool. The solution deploys out-of-the-box in minutes with no coding, installation, or ‘connectors’ needed. Key benefits of the integration include: Real-time threat enrichment - automatically enrich alerts from any system with data directly from SentinelOne Singularity. Automated remediation - remediate threats with fully autonomous or partially autonomous remediation workflows to accelerate mean time to respond. Optimize SOC workflows - clearly and quickly orchestrate threat hunting, information sharing, and ticket creation for vulnerability management. Bot-driven collaboration - Create no-code interactive chat bots that allow users to perform critical actions, run deep visibility queries, or control SentinelOne endpoints from within Slack or other chat tools. “The SentinelOne-Torq integration provides joint customers with a powerful combination of best-in-breed automated security solutions,” said Ruby Sharma, Head of Technical Partnerships, SentinelOne. “Not only are customers utilizing industry leading endpoint protection and XDR, they also have access to innovative security automation tools that can accelerate workflow automation. We are pleased to make this integration available via the Singularity Marketplace, and we look forward to expanding our offerings to address even more use cases.” About SentinelOne SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Read More

PLATFORM SECURITY

Evo Security Announces the Launch of Evo Partner Identity Cloud for MSPs

Evo Security | June 21, 2022

Evo Security today announced the launch of Evo Partner Identity Cloud or EPIC. Evo Partner Identity Cloud is the first all-in-one identity and access management (IAM) solution designed exclusively with the needs of managed service providers (MSPs) and their business customers in mind. The enterprise-grade cloud platform is a comprehensive identity and access management solution that gives MSPs an easy and highly secure way to protect small and medium-sized businesses and enterprises from the most common types of cybersecurity attacks that frequently exploit login and access vulnerabilities to penetrate network and cloud assets. Evo Partner Identity Cloud includes multi-factor authentication (MFA), single sign-on (SSO), privileged access management (PAM), technician elevated access, secrets management, and unified directory services, among other critical security capabilities. Evo Partner Identity Cloud is the easiest and most complete way for MSPs to simultaneously protect login credentials and apply least-privilege access across applications, networks, and infrastructure for themselves and their customers in a single scalable, multi-tenant solution. "Traditional enterprise identity and access management solutions are built for 1:1 administration, which means they cannot adequately support the MSP and the MSP's customers simultaneously. Point solutions have helped bridge the gap, but don't provide the enterprise-grade security and platform approach required by MSPs seeking to build a sound security practice" said Evo Security's CEO and Founder, Mike Roth. "We built Evo Partner Identity Cloud with a multi-tenant architecture to provide MSPs an enterprise-grade level of security that they can use to protect themselves and all of their SMB and SME customers at scale with purpose-built platform that means business." said Evo's CEO and Founder, Michael Roth. "What's great about Evo Security's Partner Identity Cloud is that it works with our existing MSP managed technology stack to provide comprehensive identity and access management capabilities for us and our customers. It helps keep our internal systems secure, while providing cloudIT with new ways to generate revenue and enforce best security hygiene practices in our customers' networks." Vince Kent, CEO of managed service provider cloudIT The Evo Partner Identity Platform supports MSPs by providing the ability to: Turn identity and access management (IAM) into a highly profitable revenue center that can immediately produce new revenue with industry-leading margins; Replace multiple point solutions, including password vaults, password rotation tools, multi-factor authentication (MFA) tools, and privileged access management (PAM) tools, with a comprehensive identity and access management platform that reduces overhead expenses, provides enterprise-grade protection, and simplifies application and security administration for the MSP and its customers; Deploy login security at scale across customers for web applications, workstations, Macs, servers, VPNs, firewalls, switches, and other network devices; Establish least-privilege and exceed-compliance controls in managed and co-managed scenarios using granular permissions and security groups; Completely eliminate sharing of customer passwords and MFA codes, while simultaneously streamlining technician access across all customer endpoints and apps; Migrate from Microsoft to Evo as the sole Identity Provider (IdP) or build a hybrid IdP scenario based on customer configuration needs; Connect to common MSP tools, such as ConnectWise, Datto, and Microsoft, and improve internal management efficiencies; Gain visibility and real-time security intelligence across customer infrastructure to improve value of services delivery and stop attacks before they start. Evo Security CEO Michael Roth said "Evo Partner Identity Cloud isn't just an all-in-one MSP identity and access management platform. It's an all-in-one MSP business solution." About Evo Security Based in Austin, Texas, Evo Security is an identity and access management cybersecurity company that builds enterprise-grade security products with the MSP in mind. Evo Security's solutions are designed to protect MSPs and their SMB and enterprise customers with comprehensive, multi-tenant security solutions. They are easy to implement and help manage security across managed service providers' internal and external users, while providing MSPs new ways to generate new and highly profitable revenue streams.

Read More

Spotlight

RANSOMWARE! The dreaded word that is starting to have new DAILY occurrences worldwide. This can happen to YOU! You MUST watch this video to learn how to reduce the risk of getting attacked by ransomware or reducing the severity of it if you do get it .

Resources