SOFTWARE SECURITY

One Identity Announces Innovations to Security Platform

One Identity | June 06, 2022

One Identity
Following the purchase of One Login last year, One Identity, a pioneer in unified identity security, today announced additional advancements to its Unified Identity Security Platform. In addition to One Identity's best-in-class offerings in Identity Governance and Administration (IGA), Identity and Access Management (IAM), Privileged Access Management (PAM), and Active Directory Management and Security (ADMS), the incorporation of OneLogin to the platform allows organizations to transition from a factionalized to a holistic approach to identity security.

The inclusion of Safeguard Alchemy, a seamless on-boarding for PAM through One Identity's Starling platform, as well as device-level MFA, which offers the capability of secure MFA login access to devices, to the Unified Identity Security Platform. These new capabilities complement the platform's comprehensive analytics, as does a new passwordless auto-login function in One Identity's Safeguard product. Organizations can enable Zero Trust enforcement of access rights by ensuring the proper access permissions are provided throughout the company using a new entitlement right-sizing function.

“The acquisition of OneLogin last year was a critical step for us to be able to deliver a complete and unified security strategy to our customers. Traditional identity and access management tools manage environments in a disjointed manner, leading to identity sprawl — a fragmented and inefficient approach to identity security. One Identity is transforming the way its customers are able to manage and protect access to their most valuable assets — people, identities and data — with a now complete powerful suite of identity security solutions that help simplify access management, reduce IT costs, improve security, and enhance user experience.”

Bhagwat Swaroop, President and General Manager at One Identity

Customers can now safeguard Windows workstations with industry-standard multi-factor authentication (MFA), leverage system-level checks to improve cybersecurity, and close security gaps in a distributed workforce and infrastructure by utilizing a combination of two powerful MFA solutions from OneLogin and One Identity. This desktop level multi-factor authentication is one of the core characteristics that distinguishes One Identity from other identity and access management suppliers, allowing enterprises to expedite cloud migration and easily scale, protect, and manage identities.

The integration of OneLogin and One Identity Manager also provides customers with a centralized and mature IAM and IGA on-boarding and full identity lifecycle solution, including SSO and MFA that addresses enterprise provisioning, user self-service, approval workflows, user access attestation, user access termination, time-based access, and compliance reporting.

As security breaches become more common and cybersecurity requirements get more stringent, One Identity assists clients in their transition to a Zero Trust security approach. With the integration of OneLogin into One Identity's Single Identity Security Platform, the firm provides enterprises with an united picture of users, accounts, machine identities, and accounts, transforming businesses from fragmented to unified. This platform uses identity intelligence and analytics to provide cybersecurity professionals with a clear picture of their risk profile and the ability to take remedial steps as required.

Spotlight

"Financial crimes can be complex, often spanning national borders. Combatting them involves a range of challenges, including: Correctly identifying a bank's ""customer""; Understanding hidden patterns and relationships among customers; Covering the cost of investigations and compliance reporting"


Other News
DATA SECURITY, PLATFORM SECURITY

BigID Wins “Compliance Software Solution of the Year” in 6th Annual CyberSecurity Breakthrough Awards Program

BigID | October 11, 2022

BigID, the leading data intelligence platform for privacy, security, and governance, today announced that it has been awarded “Compliance Software Solution of the Year” in the 6th annual CyberSecurity Breakthrough Awards program conducted by CyberSecurity Breakthrough, a leading independent market intelligence organization that recognizes the top companies, technologies and products in the global information security market today. “This recognition from CyberSecurity Breakthrough highlights our commitment to providing customers with security and compliance solutions that are designed for today and tomorrow’s data challenges. “We designed BigID to be an actionable data intelligence platform built for enterprise scale - all while meeting continuously shifting compliance requirements.” Dimitri Sirota, CEO and co-founder of BigID The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize the innovation, hard work and success in a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Email Security and many more. This year’s program attracted more than 4,100 nominations from over 20 different countries throughout the world. “Organizations need to be able to find, classify, inventory, and manage all of their sensitive data, regardless of where or what it is. It's a momentous task and requires addressing common challenges including, but not limited to: Siloed data, lack of visibility and accurate insight, and balancing legacy systems with cloud data. All while meeting a litany of compliance requirements,” said James Johnson, managing director, CyberSecurity Breakthrough. “BigID is purpose-built to discover and manage all enterprise data - business, regulated, sensitive, critical, and personal data. A hearty congratulations on winning the ‘Compliance Software Solution of the Year’ award.” With BigID, customers can automate alerts on cross-border data-sovereignty violations, and ensure compliance with CCPA, GDPR, HIPAA, PCI and other data privacy and protection regulations and security frameworks. About BigID BigID's data intelligence platform enables organizations to know their enterprise data and take action for privacy, security, and governance. Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. BigID has been recognized for its data intelligence innovation as a 2019 World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, the 2021 Inc 5000 as the #19th fastest growing company and #1 in Security, a Business Insider 2020 AI Startup to Watch, and an RSA Innovation Sandbox winner. Find out more at https://bigid.com. About CyberSecurity Breakthrough Part of Tech Breakthrough, a leading market intelligence and recognition platform for global technology innovation and leadership, the CyberSecurity Breakthrough Awards program is devoted to honoring excellence in information security and cybersecurity technology companies, products and people. The CyberSecurity Breakthrough Awards provide a platform for public recognition around the achievements of breakthrough information security companies and products in categories including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Web and Email Security, UTM, Firewall and more.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

OneSpan Launches Virtual Room Enabling Secure Face-to-Face Transactions

OneSpan | September 19, 2022

OneSpan™ , the digital agreements security company, today announced the general availability of its secure Virtual Room cloud service which enables organizations to deliver live, high-touch assistance to their customers in a high-assurance virtual environment. This next-generation customer engagement solution gives organizations the ability to balance identity security, authentication, and e-signature solutions from the broader OneSpan portfolio with a high-assurance virtual experience that is the next best thing to entering a branch or meeting in person. Virtual Room complements digital-first transaction experiences by providing a unique opportunity for organizations to create personalized, high-touch, human-assisted interactions, and by improving the customer experience, increasing agreement completion rates, and reducing security risks and fraud. “Today, businesses requiring a high degree of security and regulatory compliance rely daily on a variety of technologies that use insecure, shared links and expose users to elevated risks including data breaches and compliance violations in the anywhere economy. This should not be the case. Organizations and their customers want to be confident that the person joining a virtual meeting is the person they claim to be. And multi-million dollar business agreements transacted digitally should not be subject to fraud fallout. “Today’s off-the-shelf video conferencing tools do not offer optimal security. As the complexity and value of transactions increase, customers want a live interaction rather than relying on a virtual assistant or self-service experience. We built Virtual Room for these scenarios to help our customers complete an agreement or transaction where they need a personal touch and where security is paramount.” Matthew Moynahan, President and CEO at OneSpan Combining OneSpan’s heritage in high-assurance identity verification and authentication with agreement co-browsing, web-enabled videoconferencing, rich collaboration features, and built-in e-signature, Virtual Room helps organizations engage and transact with customers with confidence. Virtual Room can be used for multiple high-value customer agreements, including account opening and maintenance, wealth management, and car financing. Virtual Room enables organizations to: Verify the identities of participants, utilizing OneSpan’s identity verification and mobile and hardware authentication solutions; Interact with signers remotely; Simultaneously review documents and address questions; Capture legally binding e-signatures in real-time; and Record virtual sessions to reinforce the electronic evidence captured in the audit trails. A recent report from Aragon highlighted the need for higher assurance within these processes. “It’s important for buyers to look for a provider that has global security compliance expertise in all aspects of the workflow, from the initial identity verification and authentication steps, to creating a secure virtual interaction environment and all the way through to securing the final output or artifact of the transaction, for compliance and enforceability purposes. Equally important, buyers should look for a vendor that has the flexibility to adapt any step in the digital workflow to meet local regulations for digital identity, secure customer authentication, transaction risk analysis, and the many other security requirements, which differ from one country to the next.” As a secure solution for customer-facing digital agreements where the integrity of the agreement is paramount, ​Virtual Room allows organizations to embrace a new way of working that’s more distributed, virtual, and dynamic, enabled by advancements in cloud technology. With the onset of the anywhere economy, and with more transactions being completed online, identity verification and authentication technologies are critical in the digital agreements process. This purpose-built, high-assurance digital agreement solution includes identification and authentication capabilities that enable organizations to increase the integrity and completion rates of agreements and transactions in a highly-secure and protected ecosystem without impacting user experience or productivity. About OneSpan OneSpan helps organizations accelerate digital transformations by enabling secure, compliant, and refreshingly easy customer agreements and transaction experiences. Organizations requiring high assurance security, including the integrity of end-users and the fidelity of transaction records behind every agreement, choose OneSpan to simplify and secure business processes with their partners and customers. Trusted by global blue-chip enterprises, including more than 60% of the world’s largest 100 banks, OneSpan processes millions of digital agreements and billions of transactions in 100+ countries annually.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

LMG Security Introduces New Proactive Cybersecurity Solutions

LMG Security | September 30, 2022

LMG Security, an internationally recognized cybersecurity consulting firm, has expanded its popular selection of cybersecurity advisory, testing, and training services with a new line of cybersecurity solutions. These solutions are designed to reduce the burden organizations face from implementing or managing cybersecurity technology, as well as create fast, easy access to skilled cybersecurity staff to augment internal teams. LMG Security is pleased to announce it now offers the following new solutions and services: Virtual CISO and Staff Augmentation: Organizations struggle to find and retain cybersecurity talent. LMG Security provides staff augmentation services that enable organizations to quickly access the specialized cybersecurity skills they need on a fractional basis. Endpoint Detection and Response Implementation: LMG Security implements and seamlessly integrates an endpoint detection and response solution that helps organizations defend against zero-day attacks, supply chain vulnerabilities, and other common cybersecurity threats. Multi-Factor Authentication Implementation (MFA): Protect against attack vectors such as phishing, business email compromise, and cross-cloud attacks with a customized MFA implementation. Password Manager Implementation: A password manager is a simple, affordable way to decrease the risk of a data breach from weak or reused passwords. LMG Security's team implements the password manager and ensures that it is optimally configured. Managed On-Demand Employee Cybersecurity Training: Get experts to design and manage your cybersecurity training for you. An LMG Security cybersecurity specialist will plan and monitor your training program to ensure your employees have the skills to be an effective "human firewall." Continuous Attack Surface Monitoring: LMG Security's team implements and seamlessly integrates a solution that scans Internet-facing systems to help organizations identify assets that are exposed or vulnerable. All LMG Security cybersecurity solutions are implemented and managed by experts who ensure that each solution follows all cybersecurity best practices and is optimally integrated with each organization's existing tech stack. "Organizations are struggling to find and hire skilled cybersecurity talent. "We make it easy for our clients by offering expert virtual CISO and cybersecurity staff augmentation services, as well as implementation and management services for key cybersecurity solutions." Davidoff continued, "IT teams are stretched to the limit at most organizations. We're excited to launch these new cybersecurity solutions that will help organizations defend against the constantly changing threat landscape." Sherri Davidoff, president and CEO of LMG Security ABOUT LMG Security LMG Security is an internationally recognized leader in the cybersecurity consulting industry. This full-service cybersecurity firm provides one-stop shopping for a wide array of cybersecurity services. Specializing in technical testing, advisory and compliance services, and training for more than a decade, the LMG Security team's security testing services were featured on the Today show. In addition, the team has published cutting-edge research on cell phone intrusion detection and banking Trojans, written books on network forensics, data breaches, and an upcoming book on ransomware and cyber extortion, and routinely speak or train at Black Hat, RSA and many other security conferences. LMG Security is privately held and headquartered in Missoula, Montana.

Read More

DATA SECURITY, PLATFORM SECURITY, SECURITY AUDIT AND COMPLIANCE

CrowdStrike and EY Expand Global Alliance to Deliver Cloud Security and Observability Services

CrowdStrike | October 27, 2022

CrowdStri, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, and Ernst & Young LLP (EY US), a leading organization in cyber risk consulting services, today announced an expanded relationship to deliver Cloud Security and Observability services globally, powered by the CrowdStrike Falcon platform. This collaboration expands on existing services previously announced including: Ransomware Readiness and Resilience; Incident Response (IR), Recovery and Remediation; Identity Assessment; and Zero Trust capabilities. “The CrowdStrike-EY Alliance combines CrowdStrike’s leading cloud security and observability solutions with the transformational consulting capabilities and services provided by EY,” said Michael Rogers, vice president of global alliances at CrowdStrike. “Our expanded alliance now provides joint customers the ability to secure their cloud workloads with CrowdStrike Cloud Security, as well as ingest their log and event data at scale with CrowdStrike Falcon LogScale, providing real-time visibility to better understand and assess issues in their infrastructure environments.” “Cloud security and observability continue to be key priorities for our clients. Our expanded alliance with CrowdStrike is critical in helping organizations address new and emerging threats,” said Dave Burg, EY Americas Cybersecurity Leader. “As a result of this relationship expansion, EY will implement CrowdStrike Cloud Security and CrowdStrike Falcon LogScale to help clients confidently secure their cloud workloads and operationalize the data they are generating for increased visibility.” Cloud Security The EY Cloud Security service offering leverages CrowdStrike Cloud Security, a CNAPP solution with agent-based and agentless protection, with EY’s cybersecurity professionals to accelerate the journey of clients through alignment and implementation of appropriate controls as part of the shared responsibility model. This enables DevOps and infrastructure runtime scanning teams to: Securely move to the cloud: Build a secure and compliant path to production by assessing, architecting, implementing and optimizing key cloud security controls, whether hybrid or multi-cloud. Secure business-critical workloads: Reduce the overhead, friction and complexity associated with protecting cloud workloads, containers and serverless environments, and transform the lengthy risk and audit processes into automated and continuous ones. Shift left securely: Automate the secure development of cloud-native applications, delivering full-stack protection and compliance for containers, Kubernetes and hosts across the container lifecycle. Observability The EY NextGen SOC service offering utilizes CrowdStrike Falcon LogScale, a modern log management solution, with EY’s SOC transformation practice to help clients – such as Mondelēz International – transform and optimize their cyber risk management operations practices by assessing, designing, building, improving, operating and automating their security operations and cyber defense capabilities. This enables DevOps, SecOps and IT Ops teams to: Decrease mean time to detection (MTTD): Evaluate all security use cases with EY’s SOC Transformation services and optimize them with Falcon LogScale, which provides real-time streaming, searching and alerting. Reduce complexity and increase visibility: Spend less time managing and maintaining disparate environments and more time triaging incidents with Falcon LogScale, which centralizes all logs in a single dashboard and reduces the time spent filtering data. EY can guide clients in maximizing their most important resource – people. Lower total cost of ownership (TCO): Remove the limitations present in traditional logging solutions by leveraging Falcon LogScale’s index-free architecture, which provides seamless data ingestion, reduced infrastructure costs and lower operational costs. EY can help clients to reduce their TCO and drive relevant business insights by assisting in their identification and prioritization of their capital and operational investments. “EY and CrowdStrike Falcon LogScale have enabled a global, multi-functional log management solution for our growing IT, security and compliance requirements,” said Kostas Georgakopoulos, CTO & CISO at Mondelēz International. The Cloud Security and Observability services are generally available for customers. About CrowdStrike CrowdStrike, a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Read More

Spotlight

"Financial crimes can be complex, often spanning national borders. Combatting them involves a range of challenges, including: Correctly identifying a bank's ""customer""; Understanding hidden patterns and relationships among customers; Covering the cost of investigations and compliance reporting"

Resources