SOFTWARE SECURITY

Radware Expands its Partnership with Presidio

Radware | March 21, 2022

Radware, a global leader of cyber security and application delivery solutions, today announced that it has signed a multi-year agreement to expand its partnership with Presidio, Inc, a global digital services and solutions provider that helps businesses modernize their security technology. Presidio is expanding its cyber security package to include Radware's application and API security solutions, bots management, DDoS protection, and Cloud Native Protector to secure its clients' on-premise, cloud, and hybrid infrastructures.

“Preparation to protect against cyberattacks is more critical than ever before, and we help our customers every step of the way. Through this partnership, we are combining Radware’s industry leading technology along with our team’s extensive expertise to create a force in fighting emerging cyber threats.”

Chris Cagnazzi, senior vice president and general manager at Presidio

For applications hosted in cloud settings, Radware delivers 360-degree, real-time security. Radware defends the application surface against malicious traffic as well as the underlying cloud infrastructure against intrusion. Radware offers a web application firewall (WAF), bot management, API security, and DDoS protection for application security. The security is built on proprietary behavioral-based algorithms that learn genuine behavior traffic patterns and then differentiate between harmful and legal traffic to provide a greater degree of protection with reduced false positives.

Radware's Cloud Native Protector provides comprehensive, multi-layered workload protection against cloud-native threat vectors for cloud workload security. Glitches in the cloud, excessive permissions, malicious conduct, and other issues fall under this category.

Bob Simpson, vice president of North American sales at Radware said that “As one of the leading AWS service providers, Presidio has built an industry reputation as a trusted advisor. Customers trust what they bring to the table. We look forward to continuing to work with Presidio to provide state-of-the-art protection to their customers and through the AWS Marketplace.”

Radware's solutions continue to be recognized throughout the industry. Radware was ranked second among 11 providers for API security and high security use cases in Gartner's 2021 Critical Capabilities for Cloud Web Application and API Protection report. In their research "The Forrester Wave: DDoS Mitigation Solutions, Q1 2021," Forrester named Radware a worldwide leader. In its 2021 SPARK Matrix: Bot Management report, Quadrant Knowledge Solutions named Radware the leader.

Customers, as well as the industry, recognize Radware's technological competence. In the Gartner Peer Insights "Voice of the Customer:" Web Application Firewall report for 2021, Radware was named a Customers' Choice.

Spotlight

Threat actors are more sophisticated, with more detailed knowledge not only about critical and proprietary control system components, but also about the actual physical process that is being controlled. Some threat actors are also increasingly able to demonstrate that they have access to extensive skills, financial backing and resources. Norwegian businesses depend on the ability to implement strategies to improve cyber security urgently in an ongoing process. Cyber security attacks on industrial automation and control systems can in the worst case have physical consequences. The industry is meeting the new challenges when critical systems that were isolated before are now connected to networks, possibly also to the Internet.


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Noname Security Announces Ambitious EMEA Channel Strategy to Capitalise on Accelerating Demand for API Security

Noname Security | November 02, 2022

Noname Security, the leading API security company, today shared its EMEA channel strategy, which builds on significant momentum achieved in the past six months and is led by Ides Vanneuville, recently appointed EMEA Channels & Alliances Director. Vanneuville is an experienced leader in the cybersecurity market with a strong track record in cybersecurity and solutions engineering, having held a number of senior positions at organisations such as Palo Alto Networks, Nutanix, and Aviatrix. Demand for API security solutions is accelerating throughout EMEA as businesses continue to transition to public cloud and are increasingly adopting cloud-native development strategies. High-profile API breaches have underlined the critical nature of API security and the need for advanced solutions such as the Noname API Security Platform that accelerate digital transformation while addressing API security risks and vulnerabilities. This offers a new and growing market for established cybersecurity resellers and new entrants alike. "I am excited to join Noname Security at a time when the channel is transforming to meet growing demand for the powerful yet easy-to-use API security that our platform delivers," comments Vanneuville. "We are building productive partnerships with traditional cybersecurity companies seeking to expand their offering into the DevSecOps market, along with the innovative application-centric resellers that are carving out opportunities in this space." Noname Security operates a 100% indirect sales model, and its channel strategy focuses on building out presence across EMEA by securing key partnerships with a range of cybersecurity resellers, consultancies, systems integrators, and distributors. Since March 2022, Noname Security has signed new partnerships with Oblivion, part of Xebia (Netherlands, Denmark & Germany), NewGens Pte (Singapore, Malaysia, Indonesia and Thailand), CyberGate Defense (UAE), Evanssion (Middle East & Africa), Aditinet (Italy), iSOC24 (Benelux) and HighPoint (UK & NL) . These partners join a diverse group of existing partners across Europe, the Middle East, and Africa. These partners will be supported by Noname Security's global partner program, which provides the resources they need to address key customer pain points in their region and build sizable revenue opportunities in the API security market. The program is tailored to reflect the variations in maturity and background of the API security market in each geographic area. "API security is a rapidly evolving area that wraps around the ways APIs are being used in different territories," adds Vanneuville. "For example, the increase in open banking in emerging regions like Turkey is driving demand for API security in that region, and we have new Noname Security partners in place to meet that need. Similarly, the booming m-commerce market in Africa is a valuable target for our partners to focus on. Our program helps partners target these key vertical markets and build a reputation for excellence." API Security Workshops Provide Essential Partner and Market Education Noname Security is running a series of workshops to educate the market and channel partners about the importance of protecting APIs against attacks and how to go about it. These are currently available, both virtually and in-person in a variety of worldwide cities, and will help Noname's channel partners as well as their end-users to understand: The underlying security risks when deploying APIs Emerging threats facing applications and APIs Techniques used to exploit vulnerable APIs How Noname Security monitors API traffic for anomalies. "These educational workshops form an important part of Noname's go-to-market strategy," concludes Vanneuville. "An educated market is a receptive market, and with these workshops we aim to ensure that customers and partners fully understand the urgency of securing APIs in order to protect core revenue streams against disruptive attackers. This is a relatively new area, but one that is of critical importance for the success and stability of modern enterprises as the cloud transition continues and born-in-the-cloud businesses ramp up innovation and expansion." About Noname Security Noname Security is the only company taking a complete, proactive approach to API security. Noname works with 20% of the Fortune 500 and covers the entire API security scope across three pillars: posture management, runtime security and API security testing. Noname Security is privately held, remote-first with headquarters in Palo Alto, California, and offices in Tel Aviv and Amsterdam.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Contrast Security Launches Expanded Security Testing Tools for JavaScript and Popular Angular, React and jQuery Frameworks

Contrast Security | October 07, 2022

Contrast Security (Contrast), the leader in code security that empowers developers to secure as they code, today announced the expansion of its Secure Code Platform's static application security testing (SAST) capabilities to include JavaScript language support along with support for Angular, React and jQuery frameworks, which will allow developers to quickly find and fix security defects in their client-side code. With this new Contrast Scan addition, application security and development teams leveraging the Contrast Secure Code Platform can scale security across the entire application stack, from client-side to server-side, with industry-leading speed and accuracy. JavaScript is the most popular coding language in the world with modern frameworks such as Angular, React and jQuery being ubiquitous in web development. However, since JavaScript is executed on the user's browser, this exposes sensitive application data on the client-side, leaving JavaScript applications susceptible to vulnerabilities like cross-site scripting (XSS) or Broken Access Control. Contrast prioritizes real, exploitable vulnerabilities in client-side code by performing analysis on vulnerable entry points within the application, allowing developers to rely on accurate scans that take just seconds. Contrast's extended capabilities help DevSecOps organizations achieve the following benefits: Early detection of client-side vulnerabilities. This is achieved through analyzing client-side source code within routine development pipelines, complemented by easy-to-follow remediation guidance directly within the developers' pipeline environment. Full visibility into client-side code risk. Contrast's pipeline-native SAST engine coupled with security rules tailored for JavaScript finds up to 63% more exploitable vulnerabilities than superficial tests run within the IDE. False positive rates as low as 1%. A significant reduction in false positive rates compared to leading commercial SAST tools. Ability to safeguard each layer of the software stack. Contrast Scan works in tandem with Contrast's runtime code security solution to secure front-end code and back-end code within a centrally managed platform "A growing concern for AppSec and Development Managers is how to embed security within the development pipeline. Regardless of whether you specialize in front-end, back-end, or full-stack development, we want to help enable developers to deliver secure code from the start. "Fortunately, with the new expansion of our Secure Code Platform language coverage to include client-side JavaScript with Angular, React and jQuery, AppSec and Development managers and their teams can now find and fix security defects in their client-side code with industry-leading speed and accuracy. This is a testament to Contrast's mission to further invest in tools that allow customers to embed code security testing through each stage of the SDLC [software development lifecycle]." Steven Phillips, Vice President of Product Marketing at Contrast Security Client-side JavaScript support is now available to enterprise customers through existing Contrast Scan subscriptions. Individual developers can also immediately start analyzing code for vulnerabilities with just a few clicks for free with CodeSec. About Contrast Security: Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive code security platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform

SaaS Alerts | September 12, 2022

SaaS Alerts, the cybersecurity company purpose-built for Managed Service Providers (MSPs) to protect and monetize their customers' core business SaaS applications, announced today that it has secured a $22 million growth investment from global software investor Insight Partners to accelerate the growth of its SaaS Security monitoring and response platform. The accelerated rate of SaaS Application adoption by businesses, driven by the need to provide collaboration and productivity tools to remote workforces and for more centralized and tightly controlled business data resources, has elevated awareness and critical concern for major threat vectors and security gaps that exist in SaaS Application security. These security concerns present opportunities for MSPs to better safeguard their clients while offering SaaS security services that drive profitable new revenue streams. SaaS Alerts was designed to help MSPs monitor and protect their customers' usage of today's most popular SaaS applications such as Microsoft 365, Google Workspace, Salesforce, Dropbox and more – and to safeguard against security threats to a business' SaaS environment such as data theft, data that's at risk due to unintentional employee mishaps and actions taken by bad actors. "We couldn't be more excited to partner with Insight Partners and we see their investment in SaaS Alerts as a monumental endorsement for what we have built and what we intend to build as we collaborate going forward. "I'm very proud of our team for reaching this milestone and look forward to working with Insight to continue to build value for our MSP partners and stakeholders." Jim Lippie, CEO of SaaS Alerts "SaaS applications have become essential for businesses of every size and MSPs need the ability to better protect those applications on behalf of their customers. SaaS Alerts has pioneered SaaS security for MSPs and has a clear vision for how detecting and correlating abnormal user behavior can greatly impact the MSP industry," said Philine Huizing, Principal at Insight Partners. "We're excited to partner with SaaS Alerts as the company scales to address this unique opportunity." About SaaS Alerts SaaS Alerts is the cybersecurity company purpose-built for MSPs to protect and monetize customers' core SaaS business applications. SaaS Alerts offers a unified, real-time monitoring platform for MSPs to protect against: data theft, data at risk and bad actors and integrates with the most popular SaaS Applications. Learn more at www.saasalerts.com. About Insight Partners Insight Partners is a global software investor partnering with high-growth technology, software, and Internet startup and ScaleUp companies that are driving transformative change in their industries. As of June 30, 2022, the firm has over $80B in regulatory assets under management. Insight Partners has invested in more than 700 companies worldwide and has seen over 55 portfolio companies achieve an IPO. Headquartered in New York City, Insight has offices in London, Tel Aviv, and Palo Alto. Insight's mission is to find, fund, and work successfully with visionary executives, providing them with practical, hands-on software expertise to foster long-term success. Insight Partners meets great software leaders where they are in their growth journey, from their first investment to IPO.

Read More

DATA SECURITY, PLATFORM SECURITY

Orange and Netskope Partner on Carrier-class Connectivity and SSE Services for a Secure, Cloud-smart Platform

Orange Cyberdefense | September 23, 2022

Orange Business Services, a global network-native digital services company, Orange Cyberdefense, a leading cybersecurity services provider, and Netskope, a leader in secure access service edge (SASE), are partnering to deliver a new SSE (Security Service Edge) solution embedded into the Orange Telco Cloud Platform. The enhanced solution is designed to deliver optimal performance with maximized security, meaning enterprises will no longer need to find a compromise between the two. A decade of shifting to cloud and mobile computing, along with the ever-present demands of hybrid work environments, have put security and networking requirements on a collision course. While SSE addresses the security challenges, enterprises need to incorporate them into overarching connectivity strategies to realize the full benefits of SASE. The partnership will leverage Orange Cyberdefense’s security expertise and Netskope’s global security private cloud footprint and SSE leadership, enabling Orange Business Services to deliver consistent internet security on and off the network. This will help protect enterprise customers from data loss and the growing volume of sophisticated threats across cloud, web and private applications, with the full attributes of a cloud-native platform. The co-managed solution will reduce complexity for enterprises, providing continuously updated cloud security via the Orange Business Services Telco Cloud Platform. Telco Cloud Platform is a revolution in the way networks are built, run, and managed with enhanced performance. The software-defined approach optimized for telco workloads allows for greater agility and cost reduction. Securing an enterprise’s most important assets: people and data This innovative hybrid architecture embeds Netskope’s points-of-presence (POPs) within the Orange network, strengthening the Orange customer value proposition by delivering the benefits of the Orange network, including speed and agility, while enabling customers to tap into the power of Netskope Intelligent SSE. Netskope Intelligent SSE provides granular visibility and real-time data and threat protection for cloud services, websites, and private apps accessed from anywhere, on any device. “Cloud transformation and hybrid work models mean that traditional security architectures are no longer effective or efficient. Plugging our market leading platform into Orange’s network will enable Orange to significantly increase its offering to enterprises looking to secure data without limiting business productivity.” Sanjay Beri, CEO, Netskope “Increasingly enterprises are using the internet as their only WAN transport, even in a growing threat landscape. Working together we are delivering Orange customers a SASE-ready WAN edge while upgrading the security of the enterprise’s network without downgrading the user experience.” says Hugues Foulon, CEO, Orange Cyberdefense. “This innovative partnership is an important part of our Evolution Platform concept designed to simplify connectivity, cloud, and security and support business outcomes from end-to-end, providing real-time protection for our users, their applications, and data, wherever they are. It underscores our position as a trailblazer in SSE and managed services, providing the right balance of performance, speed, and protection to our customers,” adds Aliette Mousnier-Lompré, CEO, Orange Business Services. About Orange Business Services Orange Business Services is a network-native digital services company and the global enterprise division of the Orange Group. It connects, protects, and innovates for enterprises worldwide to support sustainable business growth. Leveraging its connectivity and system integration expertise throughout the digital value chain, Orange Business Services is well placed to support global businesses in areas such as software-defined networks, multi-cloud services, Data and AI, smart mobility services, and cybersecurity. It securely accompanies enterprises across every stage of the data lifecycle end-to-end, from collection, transport, storage and processing to analysis and sharing. About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

Spotlight

Threat actors are more sophisticated, with more detailed knowledge not only about critical and proprietary control system components, but also about the actual physical process that is being controlled. Some threat actors are also increasingly able to demonstrate that they have access to extensive skills, financial backing and resources. Norwegian businesses depend on the ability to implement strategies to improve cyber security urgently in an ongoing process. Cyber security attacks on industrial automation and control systems can in the worst case have physical consequences. The industry is meeting the new challenges when critical systems that were isolated before are now connected to networks, possibly also to the Internet.

Resources