Microsoft shares threat intelligence, security guidance during global crisis

CXOtoday | April 23, 2020

With much of the world now transitioned to virtual work, digital safety has become a key area of concern. This is not something security professionals, were given time to prepare for, yet many of our customers have been thrust into a new environment and challenged to respond quickly.Our threat intelligence teams at Microsoft are actively monitoring and responding to this shift in focus. Our data shows that these COVID-19 themed threats are rethreads of existing attacks that have been slightly altered to tie to this pandemic. This means we’re seeing a changing of lures, not a surge in attacks. Our intelligence shows that these attacks are settling into a rhythm that is the normal ebb and flow of the threat environment.

Spotlight

Fireside chat with Dimitri Sirota Chief Strategy & Marketing Officer of Layer7 which has been acquired by CA in 2013. The conversation topic is "building and selling a security startup"


Other News
DATA SECURITY,PLATFORM SECURITY

Resecurity Named as One of America's Fastest-Growing Private Cybersecurity Companies by Inc. Magazine

Resecurity | August 19, 2022

Resecurity, Inc., a cybersecurity company based in Los Angeles, California, was recently recognized by Inc. magazine's annual Inc. 5000 list, the most prestigious ranking of the nation's fastest-growing private companies. Ranked as one of the fastest-growing private cybersecurity companies, Resecurity was number 2477 on the list for achieving 234 percent of revenue growth in past three years. The list represents a unique look at the most successful companies within the American economy's most dynamic segment—its independent small businesses. Intuit, Zappos, Under Armour, Microsoft, Patagonia, and many other well-known names gained their first national exposure as honorees on the Inc. 5000. Among the 5,000, the average median three-year growth rate soared to 230 percent and total revenue reached $317.2 billion. Together, those companies added more than one million jobs over the past three years. The recognition comes after a record year for the company, including a recent acquisition of Cybit Sec, a vulnerability assessment and penetration testing company, and the launch of their latest product offering, the Digital Identity Protection Platform. Resecurity has fueled its growth with strategic investments into R&D, expanding its international and channel sales presence, and scaling its industry partnerships. "The Inc. 5000 list is home to some of the most innovative companies in the market today. Resecurity is proud to have earned a top spot on this prestigious list. This growth is a testament to cybersecurity's critical role in the future. We're committed to accelerating this growth with strategic partnerships and investments in R&D, allowing us to help more individuals and enterprises combat ever-evolving cyber threats." Gene Yoo, Resecurity CEO Resecurity's SaaS solution combines XDR/endpoint protection, cyber threat intelligence and digital risk management, enabling customers ranging from Fortune 500 corporations to governments to protect their ecosystem. The innovative platform allows administrators to reduce potential blind spots and security gaps by quickly seeing in-depth analysis and specific artifacts obtained through the dark web, botnets activity, network intelligence and high-quality threat intelligence data. "The accomplishment of building one of the fastest-growing companies in the U.S., in light of recent economic roadblocks, cannot be overstated," says Scott Omelianuk, editor-in-chief of Inc. "Inc. is thrilled to honor the companies that have established themselves through innovation, hard work, and rising to the challenges of today." Methodology Companies on the 2022 Inc. 5000 are ranked according to percentage revenue growth from 2018 to 2021. To qualify, companies must have been founded and generating revenue by March 31, 2018. They must be U.S.-based, privately held, for-profit, and independent--not subsidiaries or divisions of other companies--as of December 31, 2021. (Since then, some on the list may have gone public or been acquired.) The minimum revenue required for 2018 is $100,000; the minimum for 2021 is $2 million. As always, Inc. reserves the right to decline applicants for subjective reasons. Growth rates used to determine company rankings were calculated to four decimal places. About Resecurity Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, Resecurity was named as one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California by Inc. Magazine. An Official Member of Infragard, AFCEA, NDIA, SIA, FS-ISAC, the American Chamber of Commerce in Saudi Arabia (AmChamKSA) and Mexico (AmChamMX).

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Cybeats Announces Partnership with Veracode, an Industry-Leading Application Security Firm

Cybeats | September 29, 2022

Cybeats Technologies Inc., a leading software supply chain risk and security technology provider announces a strategic partnership with Veracode, a leading global provider of application security testing solutions. The partnership will leverage complementary expertise to ensure customers receive the highest standard of cybersecurity solutions. Cybeats' software supply chain security product, SBOM Studio, will be available to customers through Veracode Partners, and the companies will explore joint commercial opportunities. Once generated within the Veracode Continuous Software Security Platform, a Software Bill of Materials (SBOM) can enable greater software security by offering a full inventory of the third-party components used within an application. Cybeats SBOM Studio is an enterprise-class solution that helps companies understand and track third-party components that are an integral part of their own software. Veracode will provide advice and guidance around the commercial deployment of SBOM Studio within its existing customer base. The partnership aims to enable both companies to continue to expand their existing presence in the global cybersecurity market. Through this alliance, the companies' joint customers will be able to maximize their technology investments and procure, develop, and deploy secure software, while reducing the risk of a security breach resulting from weak links in their software supply chain. "As a Veracode Elite Technology Alliance Partner, Cybeats brings additional expert solutions to the frictionless developer experience already offered by our Continuous Software Security Platform," said Laurie Haley, Vice President of Strategic Alliances at Veracode. "By complementing our existing software composition analysis capability, Cybeats' integrated solutions will allow customers to maximize SBOM (Software Bill of Materials) utility and simplify their workflow for greater ROI." "We are honoured to partner with Veracode to expand each other's presence in the global cybersecurity market. As the cyber risk related to software supply chain attacks continues to mount, deep visibility and universal transparency using SBOMS is necessary for resilient cybersecurity defense." Yoav Raiter, CEO, Cybeats "In this modern era of rapid development, the importance of time to market and automation is paramount. Together, Veracode and Cybeats offer a substantial contribution to enabling our customers to align with the SBOM market needs and seamlessly support practices mentioned in SSDF NIST 800-218 framework without increasing the overhead on their development and product security teams," said Dmitry Raidman, CTO, Cybeats Through a single, centralized platform offering comprehensive visibility into vulnerabilities using all software security testing types, Veracode delivers one of the industry's only cloud-native solutions that allows partners to onboard quickly and seamlessly, so companies can securely move AppSec to the cloud. As a result of this partnership, Veracode can easily integrate the full breadth of Cybeats' software solutions into their customers' environments. The partner program provides market-leading solutions and services to get partners up and running straight away, with minimal impact to their existing business. Cybeats SBOM Studio SBOM Studio provides organizations with the capability to efficiently manage SBOM and software vulnerabilities, and provides proactive mitigation of risks to their software supply chain. Key product features include robust software supply chain intelligence, universal SBOM document management and repository, continuous vulnerability, threat insights, precise risk management, open source software license infringement and utilization, and secure SBOM exchange with regulatory authorities, customers and vendors, at reduced cost. About Cybeats Cybeats is a leading software supply chain intelligence technology provider, helping organizations manage risk, meet compliance and secure software from procurement, development through operation. Our platform provides customers with deep visibility and universal transparency into their software supply chain, as a result enables them to increase operational efficiencies and revenue. Cybeats. Software Made Certain.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

AI-Based Cloud Security Meets Live Professional Monitoring--Rhombus Releases 24/7 Alarm Monitoring with Video Verification and Emergency Dispatch

Rhombus | September 17, 2022

Rhombus, a leader in enterprise cloud physical security, has released Alarm Monitoring, a 24/7 service that deters threats in real time and enhances an organization's after-hours security by combining AI-based alerts with live professional monitoring. "Many IT and Safety Managers love that Rhombus automatically sends AI-based alerts but don't have the staff on call to respond after hours. "This is where Alarm Monitoring comes in. When an alert is triggered—for instance, if human movement is detected when a building should be empty—an audible deterrent can be issued to deescalate a threatening situation and a live dispatcher will verify the alert to determine the appropriate course of action. The combination of issuing a deterrent while conducting a live investigation not only reduces false alarms but also accelerates incident resolution and emergency response." Rickey Cox, Director of Product at Rhombus Once an alert is triggered, live agents will automatically verify the alert and will text/call an organization's contact list or immediately dispatch emergency services if a threat to a person or property is identified. Additionally, with the Rhombus A100 Audio Gateway, an audible deterrent can be issued, such as a police siren, loud alarm, or custom message. Monitoring agents can also use the A100 as a two-way communication device, informing perpetrators that the authorities are on their way and to vacate the property. The use of an audible deterrent helps neutralize damage or threats in real-time as emergency services are en route. Within minutes, Rhombus can trigger an alert, issue an audible deterrent, verify an alert, contact essential personnel regarding the situation, send emergency services, and provide contextual information to first responders, including alert footage, live streams, and location details. Alarm Monitoring utilizes fully redundant, Five Diamond, UL-Listed Central Monitoring Centers and the full suite of Rhombus products –including smart cameras, sensors, and industry-leading AI analytics—to provide best-in-class coverage to enterprise organizations. Rhombus Alarm Monitoring is now available starting at $1,799 per year, per location. About Rhombus Rhombus is a cloud physical security platform designed to bring greater intelligence, security, and productivity to enterprise organizations. Rhombus delivers NDAA-compliant smart cameras and connected sensors that can be managed from a single pane of glass to simplify infrastructure and security management at scale.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Concentric AI Included in Newly Created Data Security Posture Management Category in Recent Gartner® Hype Cycle™ Report

Concentric AI | August 29, 2022

Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security posture management, today announced it has been listed as a Sample Vendor in the newly created Data Security Posture Management category in the recently published Gartner Hype Cycle for Data Security, 2022 report.1 Concentric AI also appears in the Data Access Governance and Data Discovery and Management categories in the Gartner Hype Cycle for Data Security, 2022 report.1 According to the Hype Cycle for Data Security, 2022: “Data security posture management (DSPM) provides visibility as to where sensitive data is, who has access to that data, how it has been used and what the security posture of the data store or application is.”1 Organizations use DSPM as the basis for data risk assessment and to optimize data security governance implementations. The new Data Security Posture Management category has a Benefit Rating of Transformational, which Gartner defines as, “Enables new ways of doing business across industries that will result in major shifts in industry dynamics.”1 According to Gartner: “Organizations face challenges mitigating data security and privacy risks as data rapidly proliferates across multi-cloud and hybrid IT architectures. Identifying meaningful data risk is impossible to solve without combining metrics from data sensitivity, data lineage, infrastructure configurations that create data risks and access risk into a common view. This is an urgent problem that is encouraging rapid growth in the availability and maturation of this technology.”1 “We believe being recognized by Gartner as a Sample Vendor in Data Security Posture Management validates that organizations need visibility of into their sensitive data across datasets and locations, as well as a consolidated view into the risk associated with inconsistent access privileges, permissions, activity, and location to protect their data from loss. “Organizations using Concentric AI benefit from the company’s AI-assisted deep learning autonomous data security solution to reduce their data risk by discovering, evaluating, and remediating security issues.” Karthik Krishnan, Founder and CEO, Concentric AI Concentric AI secures data-centric work using AI to protect business-critical information hidden in the millions of files and databases used by today’s distributed workforce. The company’s unique deep learning solution autonomously and accurately finds sensitive content, assesses risk, and remediates security issues, allowing organizations across industries to meet their data security needs for the first time. Concentric AI’s Semantic Intelligence™ automates unstructured and structured data security using deep learning to categorize data, uncover business criticality and reduce risk. Its Risk Distance™ analysis technology uses the baseline security practices observed for each data category to spot security anomalies in individual files. It compares documents of the same type to identify risk from oversharing, third-party access, wrong location, or misclassification. Organizations benefit from the expertise of content owners without intrusive classification mandates, with no rules, regex, or policy maintenance needed. Gartner Disclaimer Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. About Concentric AI With Concentric AI, organizations can finally address their unmet data security needs by discovering and protecting business-critical content. Concentric AI protects intellectual property, financial documents, PII/PCI content, customer data, business confidential data and more, across on-premises and cloud-based data stores, as well as messaging and communication applications. The Concentric AI Semantic Intelligence™ Data Security Posture Management solution uses deep learning and Risk Distance™ analysis to accurately categorize data, assess risk, and remediate security issues – without relying on upfront rules or complex configuration. Concentric AI is venture-backed by leading Silicon Valley VCs and is headquartered in San Jose, Calif.

Read More