DATA SECURITY

Neosec Integrates its API Security Platform With Kong's API Gateway to Protect Enterprises from Business Abuse, Fraud and Data Theft

Neosec | December 07, 2021

Neosec_Integrates
Neosec, the pioneer in discovering and protecting APIs using behavioral analytics, today announced that it has formed a strategic partnership with Kong Inc. to integrate its API security platform with Kong Gateway to provide a complete enterprise-class solution for managing and securing APIs and microservices. Kong provides the world's most popular API gateway, built for hybrid, multi-cloud environments optimized for microservices and distributed architectures. Neosec enables Kong customers to easily gain enterprise API security capabilities to protect their critical business processes. Neosec continuously discovers all APIs, and using API behavioral analytics, detects abuse and automatically orchestrates conditional responses on specific consumer entities into the Kong API gateway. The technology integration is the first API security solution with closed loop feedback into an API gateway.

"As more enterprises embrace digital transformation initiatives and expose APIs, core aspects of business processes are increasingly put at risk. In this modern environment, API security cannot only create alerts for a security team to evaluate, but it must also work with existing API technologies in creating automated responses,Our strategic partnership with Kong enables the platforms to natively work together using their existing Kong Gateway Enterprise deployment without requiring any changes to the production pipeline."

Giora Engel, chief executive officer, Neosec

With this integration, Kong Gateway provides an excellent way to manage the complexities of deploying and using APIs, while the Neosec platform augments the security posture with API discovery, risk assessment, and AI-powered behavioral analysis, detection and response. As a result of security incidents, the Neosec integration automatically creates security policies in Kong Gateway and enables automated responses. Kong Gateway includes API authentication, authorization, logging, traffic control, caching and administration. Neosec ingests access logs from popular technologies like CDNs, Web app firewalls and API gateways. The Neosec platform enables API discovery and automatically flags meaningful anomalous behaviors within them. The combined solution enables enterprises to embrace the power of digital business while minimizing the risks without any changes to the production pipeline.

"The stakes for API exposure continue to climb as companies rely more heavily on open infrastructure and connecting applications, systems and data with each other as well as  with customers and partners," said Reza Shafii, vice president of products at Kong Inc. "We are excited to partner with Neosec and have its platform natively integrated with Kong Gateway and exclusively available to our customers with an Enterprise subscription. Offering the world's most popular API gateway and the leading service connectivity platform, Kong has vastly eased the burden of using microservices and APIs for distributed applications, and the combined solution now more fully addresses the risks and exposure running within APIs."

Neosec is strategically forming technology partnerships with leading providers of digital business infrastructure including CDNs and API gateways and management solutions. Neosec API Security is available for all Kong enterprise customers to protect their existing APIs.

About Kong Inc.
Kong creates software and managed services that connect APIs and microservices natively across and within clouds, Kubernetes, data centers and more using intelligent automation. Built on an open source core, Kong's service connectivity platform enables digital innovation by allowing organizations to reliably and securely manage the full lifecycle of APIs and services for modern architectures, including microservices, serverless and service mesh. By providing developer teams with unprecedented architectural freedom, Kong accelerates innovation cycles, increases productivity, and seamlessly bridges legacy and modern systems and applications.

About Neosec
Neosec is reinventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security.

Spotlight

Data center administrators face a significant challenge: They need to secure the data center without compromising the performance and functionality that new data center environments enable. Many are looking to secure the data center using solutions designed for the Internet edge, but these solutions are not enough.


Other News
ENTERPRISE SECURITY

M.C. Dean launches Enterprise Security SaaS

M.C. Dean | March 25, 2022

M.C. Dean, a leader in cyber-physical solutions and systems integrator for enterprise-class security systems, today announced the launch of its Enterprise Security software as a service (SaaS) on AWS commercial and GovCloud. "Our Enterprise Security SaaS offering provides integrated access control, intrusion detection, and video surveillance managed services with the ease, flexibility, and resiliency of the cloud." Eric Dean, M.C. Dean chief technology officer M.C. Dean's fully managed Enterprise Security SaaS runs on high availability AWS Cloud with leading commercial-off-the-shelf security systems combined with 24x7x365 service monitoring and customer support. The service supports web-based and client software access with enterprise-level system integrations such as single sign-on and standard or custom options. Flexible & Resilient: Benefit from cloud-enabled system self-restoration and managed database capabilities. Automated deployments can build and rebuild systems within seconds. Active directory integrations provide secure, seamless access. Take advantage of centralized support for low-cost, high-performance nationwide installation and maintenance. Highly Secure: Enterprise Security SaaS is designed to meet FedRAMP, FICAM, and other industry requirements. Keep application data separate and secure while accelerating cybersecurity authorizations for commercial and government clients. Time & Cost Effective: Replace costly CapEx with utility-based pricing and immediate availability. Streamline setup costs and timelines, while reducing the price per site and device. About M.C. Dean M.C. Dean is Building Intelligence®. We design, build, operate, and maintain cyber-physical solutions for the nation's most recognizable mission-critical facilities, secure environments, complex infrastructure, and global enterprises. The company's capabilities include electrical, electronic security, telecommunications, life safety, automation and controls, audio visual, and IT systems. M.C. Dean is headquartered in Tysons, Virginia and employs more than 5,100 professionals who engineer and deploy automated, secure, and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability.

Read More

NETWORK THREAT DETECTION

SecurityScorecard Ignites European Adoption of Security Ratings Through Partnership with Exclusive Networks

SecurityScorecard | April 07, 2022

SecurityScorecard, the global leader in cybersecurity ratings, today announced a Pan-European exclusive distribution agreement with Exclusive Networks, a global cybersecurity specialist for digital infrastructure, to accelerate adoption of security ratings throughout Europe. The partnership, with Exclusive Networks owned specialist value-added distributor Ignition Technology, enables European organisations to instantly rate, analyze and continuously monitor their security risk, to harden their security postures. "The evolving geopolitical landscape is causing CISOs throughout Europe to reevaluate their cybersecurity postures, requiring them to have greater visibility across their attack surface than ever before. As the threat landscape expands, Exclusive Networks' expertise in helping disruptive cybersecurity solutions like SecurityScorecard breakthrough in EMEA will dramatically scale the number of European organizations that will be able to instantly improve their security postures through much needed data, visibility and insights." Jan Bau, VP, EMEA Sales, at SecurityScorecard SecurityScorecard provides comprehensive security ratings, automated assessments, and guidance from industry experts, providing easy-to-understand A-F graded scorecards for improved communication, effective compliance reporting and more informed decision making. The solution allows organisations to automate and accelerate questionnaire exchange with over 20 compliance survey templates and questionnaires at scale. "Exclusive Networks is focused on meeting customer and partner demand across Europe for the most impactful cybersecurity solutions on the market today," said Sean Remnant, Chief Strategy Officer, Exclusive Networks. "SecurityScorecard provides our network of customers and partners with instant visibility into their security postures and that of their vendors and business partners, to fully understand their true cyber risk." Exclusive Networks is a global trusted cybersecurity specialist for digital infrastructure driving the transition to a totally trusted digital future for all people and organisations. Located in 43 countries, with the ability to service customers in over 170 countries across five continents, Exclusive Networks has a unique 'local sale, global scale' model, combining the extreme focus and value of local independents with the scale and service delivery of a single worldwide distribution powerhouse. About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors.

Read More

PLATFORM SECURITY

LogicBoost Labs' Latest Investment Enhances Cybersecurity Validation

LogicBoost Labs | March 09, 2022

LogicBoost Labs, a startup accelerator focused on promoting the growth of early-stage B2B SaaS startups, announced today an investment into Information Shield, a provider of products and services that help automate the process of building and validating a robust cyber security program. The investment package includes putting cash on the balance sheet for growth and expert advice in sales, marketing, customer success, and tech development from the in-house team of LogicBoost Labs experts. Supported by a panel of leading information security experts, Information Shield and its ComplianceShield software solution allow organizations to quickly validate cyber security readiness to customers, regulators, and insurance providers. Clients can save thousands of dollars and weeks of effort when addressing third-party risk assessments and preparing for external certifications for compliance frameworks, including ISO 27002, NIST-CSF, HIPAA, CMMC, among many others. "Having spent 15 years working in cybersecurity, I've seen firsthand how difficult it can be for companies and their IT teams to meet compliance mandates. Information Shield dramatically reduces the amount of time it takes to build, roll out, and validate your modern cybersecurity program to meet internal requirements and your client's needs." Jonathan Cogley, Founder and CEO of LogicBoost Labs David Lineman is president and CEO of Information Shield, Inc., a global provider of information security leading practices. Lineman has more than 25 years of software, security, and information technology management experience, and holds 3 patents on software technology, and has consulted on information security policy development for over 50 organizations. "If your business is handling information, you need to have a defensible cyber security program in place that addresses key industry standards," said Lineman. "Using our Security Wizard and Common Control Library (CCL), we have dramatically simplified the process by helping organizations quickly build programs that address key regulations and frameworks. Built-in security policy templates enable rapid documentation and key supporting evidence to support external audits, such as SOC II or ISO Certification. We have leveraged our experience with over 8000 customers in 100 countries to create a tool that is both robust and affordable." About LogicBoost Labs LogicBoost Labs is a startup accelerator designed to advance the growth for pre-revenue and early-stage B2B SaaS startups. As such, LogicBoost Labs offers a full-service line-up of resources and capabilities to further increase the likelihood of a young company's success. Each portfolio company has full access to LBL's talented pool of experienced executives whose sole job is to guide and mentor the start-ups on such matters as staffing, sales, marketing, technical support, and customer success. The ultimate goal: take the start-up from early revenue or pre-revenue to 1 million ARR. About Information Shield Information Shield provides customers with time-saving products and services to help build, update, and maintain a defensible information security and data privacy program. Based in Houston, Texas, Information Shield has over 10,000 satisfied customers in 100 countries, covering a variety of markets including financial services, healthcare, non-profits, government, and retail.

Read More

SOFTWARE SECURITY

ColorTokens Launches Xcloud, Autonomous Cloud Security Protection for All Enterprise Environments

ColorTokens | April 06, 2022

ColorTokens Inc., a leading innovator in autonomous Zero Trust cybersecurity solutions, announced the launch of its new product, Xcloud. Xcloud's agentless, automated, and deep scanning technology finds the most elusive threats across cloud and container environments fast and without disruption. Xcloud combines vulnerability management, malware detection, and compliance monitoring all in one platform, saving time, resources, and cost. Customers worldwide can now gain access to Xcloud directly from AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS). Today's enterprises are leveraging cloud technologies at a hyper-scale. According to the Gartner® Hype Cycle™ for Cloud Security, 2021, "By 2023, 70% of all enterprise workloads will be deployed in cloud infrastructure and platform services, up from 40% in 2020. By 2025, more than 99% of cloud breaches will have a root cause of preventable misconfigurations or mistakes by end-users." To address the unique challenges of cloud security — shortages of skilled staff, tools not designed for the cloud, limited or no visibility, and the inability to control cloud security — enterprises need simple, fast, agentless, and autonomous tools to provide the support they need. "In today's cloud era, it is widely embraced that cloud environments require agentless tools. But current tools for cloud security follow a fragmented approach, and these siloed point security tools cannot deliver end-to-end visibility on the comprehensive security posture of the enterprise business," says Rajesh Khazanchi, chief executive officer of ColorTokens. "ColorTokens now uniquely solves enterprise cloud security challenges, combining Xcloud with our comprehensive platform to bring unparalleled risk visibility, essential insights, and automation into the risks that threaten cloud and container environments." With nothing to install, deploy, or configure, Xcloud keeps you secure automatically. Xcloud uniquely allows security teams to find and fix the deepest risks in their cloud: Uncover more critical risks. Xcloud's ShadowScan™ dives deeper into workloads and containers at the OS level to detect vulnerabilities and risky configuration issues that are often missed. ShadowScan™ creates and scans a complete replica of workloads to eliminate disruptions, downtime, and impact to applications. Prevent supply chain attacks. Xcloud's ChainScan™ uncovers hidden vulnerabilities in critical application libraries and scans container and cloud workloads for all software dependencies. This allows enterprises to identify the risks introduced in third-party packages throughout their entire application software supply chain. Detect the latest threats. Xcloud automatically tracks the latest vulnerabilities and malware from multiple threat intelligence and vulnerability sources. Every security scan of environments uses a real-time database to find the latest threats so businesses can continuously detect and remediate new threats. "When compared to the two other leading solutions in the cloud security market, ColorTokens' Xcloud uniquely delivers brilliant ease of use and unmatched deep visibility into the cloud," says Harish Akali, CTO of ColorTokens. "As a result of Xcloud's automated, agentless, customer-obsessed approach, combined with its availability in AWS Marketplace, Xcloud delivers instantaneous onboarding and results and without any disruption." Ravi Pattabhi, VP of cloud security at ColorTokens To access Xcloud today, visit ColorTokens in AWS Marketplace. ABOUT COLORTOKENS ColorTokens Inc. is a leading innovator in SaaS-based Zero Trust cybersecurity solutions that provides global enterprises with a unique set of products and services for securing applications, data, and users across cloud and hybrid environments. Through its award-winning Xtended ZeroTrust™ Platform and context-aware machine learning-powered technologies, ColorTokens helps businesses accurately assess and improve their security posture dynamically.

Read More

Spotlight

Data center administrators face a significant challenge: They need to secure the data center without compromising the performance and functionality that new data center environments enable. Many are looking to secure the data center using solutions designed for the Internet edge, but these solutions are not enough.

Resources