Data Security
Netskope | September 11, 2023
Netskope, an industry-leading secure access service edge (SASE) provider, has announced that it has been chosen as the preferred cloud access security broker vendor for the Canadian Federal Government under the cybersecurity procurement vehicle (CSPV) of Shared Services Canada (SSC). The objective of the SSC cloud access security broker CSPV is to provide government users with secure access to cloud-based applications, including all software-as-a-service (SaaS) applications, regardless of their location.
The Government of Canada (GC) selected Netskope after a competitive bidding process for a commercially available cloud access security broker service to fulfill its business requirements across various government organizations and agencies.
The cloud access security broker service aims to facilitate the continued adoption, utilization, and delivery of SaaS cloud services by GC departments. The cloud access security broker service will improve the security posture of GC applications, services, and data as they are migrated to public cloud environments, permitting complete visibility and monitoring of GC cloud environments to detect, prevent, and respond rapidly to cyber threats; and ensuring the privacy, confidentiality, and protection of GC data in accordance with GC policies.
As an integral part of Netskope Intelligent Security Service Edge (SSE), Netskope's market-leading cloud access security broker enables agencies to detect and manage the usage of cloud applications rapidly, irrespective of whether they are managed or unmanaged, and safeguard sensitive data from being stolen by malicious cybercriminals or risky insiders who have compromised the technology environment.
A cloud access security broker is a cloud-based or on-premises security policy enforcement point situated between cloud service providers and consumers to combine and insert enterprise security policies when cloud-based resources are accessed. With a cloud access security broker solution, agencies can manage the unintentional or unauthorized transfer of sensitive data between cloud application instances while expediting security workflows with simple policy controls and incident response management.
Paul Tanasi, Federal Regional Manager, Netskope, said,
With the hybrid workforce becoming the new normal, Canadian government departments and agencies are relying more and more on giving their users direct-to-cloud access to SaaS applications and to web applications in general.
[Source – Cision PR Newswire]
Paul Tanasi further mentioned that there is a requirement to ensure these users' security and regain some of the visibility and control they were accustomed to when everyone worked from the office. A solution is required to tackle risks associated with cloud services, enforce security policies, and adhere to regulations, mainly when dealing with cloud services that are located outside their network perimeter and beyond their direct control. Netskope's CASB solution would offer the capability to adopt cloud applications and services confidently without compromising security or performance.
About Netskope
Netskope, an industry leader in SASE, assists organizations in implementing zero trust principles and AI/ML innovations to safeguard data and defend against cyber threats. The company's platform offers optimized access and real-time security for devices, people, and data, regardless of their location. Netskope assists customers in mitigating risk, accelerating application performance, and gaining unparalleled visibility into cloud, web, and private application activity. Thousands of clients rely on Netskope and its robust NewEdge network to combat evolving threats, technology shifts, new risks, organizational and network changes, and others.
Read More
Software Security
ZeroFox | September 22, 2023
ZeroFox, an industry-leading provider of enterprise software-as-a-service for external cybersecurity, has announced the unveiling of multiple anti-phishing product enhancements. These updates solidify ZeroFox's position as the world leader in digital risk protection. Developed using cutting-edge AI/ML technologies and designed by a team of top-tier security experts, these new anti-phishing features boost escalated alert volume, reduce the occurrence of false positives, and expedite the process from threat identification to initial disruption and successful takedowns for all our customers.
The importance of these new features cannot be overstated, especially given the rising threat landscape. In the first half of 2023, ZeroFox Intelligence has recorded a substantial increase in the volume and complexity of phishing attacks, including a 30% surge in domain takedowns compared to the first half of 2022. New ZeroFox phishing trend research also highlights the adoption of evasion techniques like cloaking alongside emerging tactics such as SEO poisoning and phishing-as-a-service. These developments underscore the critical role of these new capabilities in safeguarding against evolving cyber threats.
Continuous and Complete Protection Against Domain-based Threats
ZeroFox adopts a unique approach to phishing compared to email security and conventional anti-phishing providers. Its strategy revolves around the identification, disruption, and elimination of the domains necessary for launching phishing campaigns. With daily monitoring of over 65 million domains, ZeroFox combats various threats like typo squats, subdomain spoofs, homoglyphs, and other malicious domain and URL-based attacks, effectively shielding customers and preventing any disruptions to business operations.
Incorporate advanced domain protection capabilities to enhance their cybersecurity measures, aiming to achieve substantial and measurable business outcomes:
Reduce Phishing Risks with Anti-Cloaking Capabilities:
Strengthen Compliance and Trust with SSL Monitoring
Secure Brand Identity with Favicon Search
Improve Operational Efficiency with Enhanced Subdomain Coverage
Enhance User Experience (UX) with Weblog Monitoring
Mike Price, Chief Technology Officer of ZeroFox, said,
ZeroFox has been detecting and disrupting phishing attacks for the last decade, constantly enhancing our solution to protect our customers from changing phishing techniques used by threat actors, including the widespread use of malicious cloaking and subdomains techniques.
[Source – Globe Newswire]
Price stated that the enhanced capabilities being announced represented their ongoing commitment to tackling the increasing phishing challenge encountered by security teams. He emphasized that as phishing continued to evolve, ZeroFox would remain a trusted anti-phishing partner dedicated to safeguarding customers from both current and future phishing techniques.
About ZeroFox
ZeroFox, a prominent enterprise software-as-a-service provider in the field of external cybersecurity, has revolutionized security beyond the corporate perimeter on the internet, where businesses conduct their operations and threat actors are active. Their platform seamlessly integrates cutting-edge AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust set of breach, incident, and takedown response tools. This enables them to uncover and disrupt various threats, including phishing and fraud campaigns, botnet exposures, impersonations, credential theft, data breaches, and physical threats that target domains, brands, personnel, and assets.
Read More
Software Security
Keeper Security, Inc. | September 25, 2023
Keeper Security, a prominent cybersecurity software provider specializing in zero-trust and zero-knowledge solutions safeguarding credentials, privileged access, secrets, and remote connections, has announced the unveiling of a new, contemporary User Interface (UI) for the Keeper Password Manager application on Android. This awaited release introduces enhanced usability, intelligent search capabilities, and quicker synchronization times. With a focus on a polished appearance and user-friendly interactions, these enhancements are designed to simplify the utilization of Keeper's robust password and passkey management features, offering improved clarity and search functionality.
Keeper has adopted an incremental approach to enhancing the user experience, consistently refining the appearance, usability, and overall feel of its applications while staying mindful of the importance of consistency, familiarity and the world-class security and functionality that Keeper users have come to expect. With this update, Keeper's new user experience has been effectively implemented across all platforms, encompassing desktop, web browsers, and iOS. Android users can also anticipate an upcoming dark mode experience soon.
Android users of Keeper will encounter refreshed themes, including a default Light Mode and improved user-selectable themes. Additionally, new features include:
Streamlined Usability
Friendlier Interface
Accessibility and Inclusion
Advanced Search
Craig Lurey, CTO and Co-Founder of Keeper Security, said,
We are excited to introduce these enhancements to our Android app, completing the rollout of our stunning new user interface (UI) to every Keeper user.
[Source – Cision PR Newswire]
Lurey stated that the update represented their ongoing commitment to delivering the best possible user experience while maintaining the highest security standards. He mentioned that with the improved usability, modernized interface, and lightning-fast sync times, Keeper Password Manager for Android continued to be a go-to solution for organizations and individuals looking to secure their digital identities.
About Keeper Security
Keeper Security is revolutionizing the way to secure passwords, confidential data, and secrets for individuals and organizations worldwide. The company's user-friendly cybersecurity platform is built on the foundation of zero-trust and zero-knowledge security, providing protection for users on all devices. Its solution is quick to deploy and seamlessly integrates with any technology stack, effectively preventing breaches, lowering help desk expenses, and ensuring compliance. Trusted by millions of individuals and numerous global organizations, Keeper leads in top-tier password management, privileged access, secrets management, secure remote access, and encrypted messaging solutions.
Read More
Enterprise Security
Skybox Security | September 14, 2023
Skybox Security, a leading Exposure Management solutions provider, has unveiled the next generation of its prestigious Continuous Exposure Management Platform. This 13.0 release introduces significant enhancements to its solution for Attack Surface and Vulnerability Management, which revolutionizes the manner businesses manage and mitigate cyber exposure risk.
Attack Surface Management Delivers Complete Visibility
Skybox's Surface Management solution provides an extensive inventory and map of users' assets and applications. It evaluates and simulates attack paths. The result is a dynamic security model for the hybrid attack surface. Version 13.0 introduces significant new features, including:
New Attack Surface Map
Enhanced Attack Path Analysis
LDAP Integration
Cloud Infrastructure Integration
Vulnerability Management Deepens Exposure Insights
Skybox's Vulnerability Management solution combines more than 25 third-party threat intelligence feeds with its own Skybox Threat Intelligence feed in order to prioritize threats based on exposure risk and remediate vulnerabilities with prescriptive guidance. With Version 13.0, businesses are able to:
Import Vulnerability Data
New Business-Focused' Solutions View'
Celebrity Vulnerabilities
SOAR Integration
Mordecai Rosen, CEO of Skybox Security, said,
In today's complex threat landscape, organizations need to continuously manage their threat exposure based on the prioritized risks to their business.
[Source – Business Wire]
Rosen stated that the Skybox platform now supports every stage of an enterprise's continuous exposure management (CEM) program, from mapping the attack surface through contextualization and risk-based prioritization to final remediation. It was also mentioned that the latest enhancements enable organizations to further improve their security posture and substantially reduce the risk of a successful attack.
About Skybox
Skybox is trusted by over 500 of the world's largest and most security-conscious enterprises for providing insights and assurance to stay ahead of dynamically changing attack surfaces. Its Exposure Management Platform provides complete analytics, visibility, and automation to quickly prioritize, map, and remediate vulnerabilities across organizations. The vendor-agnostic solution optimizes security policies, actions, and change processes across all cloud environments and corporate networks. With Skybox, security teams can emphasize the most strategic business initiatives while ensuring enterprises remain protected.
Read More