DATA SECURITY

Red Hat Unveils New Levels of Security from the Software Supply Chain to the Edge

Red Hat | May 11, 2022

Red Hat
Red Hat, Inc., the world's leading provider of open source solutions, today announced new security innovations and capabilities across its portfolio of open hybrid cloud technologies. Designed to help organizations mitigate risks and meet compliance requirements across increasingly complex IT environments that mix cloud services, traditional systems and edge devices, these enhancements are intended to minimize complexity, while helping customers improve their security posture and enable DevSecOps.

According to Red Hat’s 2021 Global Tech Outlook report, 45% of respondents put IT Security as their top funding priority. IT security, however, is not a static demand - regulatory controls, compliance demands and threat actors shift on an almost daily basis, requiring almost constant vigilance from IT security teams.

Red Hat has long been a leader in security for enterprise open source solutions, beginning with Red Hat Enterprise Linux, viewing security as a fundamental component and not an add-on. KuppingerCole Analysts recently recognized Red Hat as the Overall Leader in its Leadership Compass for Container Security. According to KuppingerCole’s evaluation, “With a massive market presence and proven expertise in container management, enhanced by the recent acquisition and integration of StackRox, a leading container security company, Red Hat is recognized as the Overall Leader in this Leadership Compass.”

With today’s news, Red Hat continues a relentless march of innovation to advance security across hybrid cloud environments—from on-premises to multi-cloud to the edge—across the entire technology lifecycle and software stack.

Enhancing software supply chain security
Securing applications from development through the entire lifecycle can be complex and frequently requires multiple components to work together. To help simplify the process of implementing security features throughout the complete build, deploy and run process, Red Hat is introducing a software supply chain security pattern.

Delivered via Red Hat OpenShift, patterns deliver complete stacks as code and define, build and test the necessary software configurations. Available as a preview, the software supply chain security pattern will bring together the necessary components to architect cloud-native applications from trusted components.

The pattern uses a Kubernetes-native, continuously-integrated pipeline through Red Hat OpenShift Pipelines and Red Hat OpenShift GitOps for version control, helping to reduce complexity and save time. Additionally, through Tekton Chains, the pattern will incorporate Sigstore, an open source project aimed at making cryptographic signing of code more accessible. This addition makes it easier for artifacts to be signed in the pipeline itself rather than after application creation.

In addition, in Red Hat Ansible Automation Platform 2.2, Red Hat is introducing a technical preview of Ansible content signing technology. The new capability helps with software supply chain security by enabling automation teams to validate that the automation content being executed in their enterprise is verified and trusted.

Enhancing application security lifecycle from the datacenter to the edge
As organizations adopt cloud-native architectures, the core enterprise needs for hardened environments, lowered attack surfaces and faster detection and response to threats remain. Applications running outside of traditional IT environments, including at the edge, introduce further security requirements that compound these already complex challenges.

Beyond the physical security requirements of edge devices, CIOs and IT decision-makers are increasingly seeing a need to protect the container workloads running on these devices. An example could be implementing strategies and capabilities to prevent the lateral movement of potential attacks or breaches across edge deployments. Red Hat Advanced Cluster Security for Kubernetes brings a deployment-ready answer to these concerns, with key capabilities to protect edge workloads, including:

  • Automated DevSecOps in the CI/CD pipeline to help protect the software supply chain for edge environments through vulnerability management, application configuration analysis and CI/CD integration
  • Threat protection provides threat detection and incident response capabilities at runtime for common threats
  • Network segmentation to enforce workload isolation, analyze container communication and detect risky network communication paths

Integrated security starts with the operating system
In the 2022 Gartner® Board of Directors Survey, 88% of board members classified cybersecurity as a business risk; just 12% called it a technology risk.1 The broad ramifications of a cyber attack or data breach have led to increased scrutiny across IT environments by investors and regulators alike. Fortifying IT environments against these potentially damaging incidents is critical, and Red Hat believes that this effort starts at the foundation, at the operating system level, with Red Hat Enterprise Linux.

Red Hat Enterprise Linux 9 lays the foundation for runtime integrity verification of the operating system and application files by providing file digital signatures within RPM packages. The platform uses integrity measurement architecture (IMA) at the kernel level to verify individual files and their provenance. IMA file verification specifically helps to detect accidental and malicious modifications to systems, providing more remediation capabilities for security teams in addressing potential issues or breaches.

Additional key security features in Red Hat Enterprise Linux 9 include:

  • Enhanced security around root privileges by disabling root login via SSH by default. This helps to prevent the discovery of root passwords through brute force attacks and improving baseline security postures of an operating environment.
  • Support for latest cryptographic frameworks with the integration of OpenSSL 3. This enables IT teams to enact new ciphers for encrypting and protecting sensitive information.
  • Bolstered security best practices by disabling the cryptographically-broken SHA-1 hash function by default for digital signature, driving improved security hygiene.

Additionally, Red Hat and IBM Research are collaborating around expanding the core security aspects of the Linux kernel, such as through support for signing and verifying elliptic curve digital signatures. This work expands the algorithms supported and reduces the size of digital signatures used throughout the Linux kernel.

About Red Hat, Inc.
Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.

Spotlight

Our Chief Operations Officer, Kevin Simzer, discussed how we ensure data protection and GDPR compliance for more than 500,000 commercial customers. Learn more by visiting: http://bit.ly/2HClIV2 The role is a formal one mandated by the GDPR — although not all companies automatically need to have one in place. But if they do, this person is to serve as an independent advocate for the proper treatment of the customer's information.


Other News
DATA SECURITY

Wipro to Acquire Edgile to Strengthen its Leadership in Strategic Cybersecurity Services

Edgile | December 24, 2021

Wipro Limited, a leading global information technology, consulting and business process services company, today announced it has signed an agreement to acquire Austin, Texas headquartered Edgile, a transformational cybersecurity consulting provider that focuses on risk and compliance, information and cloud security, and digital identity. Edgile is recognized by security and risk leaders for its unique business-aligned cybersecurity capability, deep understanding of the changing regulatory environment and enabling cloud transformations that help secure the modern enterprise. In addition, the company’s “strategy-first” approach and “Quick Start” solutions will allow the combined entity to deliver enhanced value in strategic cybersecurity services. Together, Wipro and Edgile will develop Wipro CyberTransform™, an integrated suite that will help enterprises enhance boardroom governance of cybersecurity risk, invest in robust cyber strategies, and reap the value of practical security in action. In collaboration with an extensive roster of alliance partners from Wipro and Edgile, Wipro CyberTransform™ will enable organizations to accelerate their digital transformation and operate in virtual, digital supply chains all in a highly secure manner. “Adding Edgile’s strategic consulting capabilities and launching Wipro CyberTransform™ are significant milestones on our journey to becoming the trusted partner to security leaders and boardroom stakeholders. I see the team blending very well with Wipro’s CyberSecurists to deliver transformational cybersecurity on a global scale.” Tony Buffomante, Senior Vice President & Global Head – Cybersecurity & Risk Services, Wipro Don Elledge, Chief Executive Officer, Edgile, said, “We are immensely thrilled to join Wipro, a company we admire for its values and deep technology capabilities. Our collective full spectrum of cybersecurity risk consulting and security management capabilities will help our global customers to continue to securely embrace their digital transformation journey and sustain their on-going risk management priorities.” Earlier this year, Wipro strengthened its cybersecurity business by acquiring Ampion, a leading provider of cybersecurity services in Australia, and the cybersecurity practice at Capco, a leading consultancy in the BFSI sector in Europe and the US. Additionally, through its Wipro Ventures arm, the company continues to invest in innovative cybersecurity start-ups, demonstrating the firm’s strong commitment towards providing industry leading cybersecurity solutions across sectors and regions. Abry Partners, a minority private equity investor in Edgile, will fully exit its investment in Edgile as a result of this transaction. Piper Sandler acted as financial advisor to Edgile and Stone Key Partners LLC acted as financial advisor to Wipro for the transaction. About Wipro Limited Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading global information technology, consulting and business process services company. We harness the power of cognitive computing, hyper-automation, robotics, cloud, analytics and emerging technologies to help our clients adapt to the digital world and make them successful. A company recognized globally for its comprehensive portfolio of services, strong commitment to sustainability and good corporate citizenship, we have over 220,000 dedicated employees serving clients across six continents. Together, we discover ideas and connect the dots to build a better and a bold new future. About Edgile Edgile is the trusted leader in cybersecurity transformation and risk services partnering with the world’s leading organizations, including 31% of the Fortune 100 and 20% of the Fortune 500. Our strategy-first model optimizes today’s enterprise journey to the cloud and modernizes identity and security programs through a risk lens and expert compliance knowledge. We secure the modern enterprise by transforming risk into opportunity with solutions that increase business agility and create a competitive advantage for our clients.

Read More

DATA SECURITY

NTT DATA Selects Swimlane to Deliver Low-Code Security Automation in EMEA

NTT DATA | June 01, 2022

Swimlane, the leader in low-code security automation, today announced its partnership with NTT DATA, a global leader in IT services and cybersecurity, to reduce risk for shared customers via Swimlane’s award-winning low-code automation platform. The partnership will help organizations in the Europe, the Middle East and Africa (EMEA) region address compliance and regulatory requirements and tackle the challenges associated with managing big data. In addition to extending low-code security automation to its customers, NTT Data has also chosen Swimlane to scale its own security operations. In a recent study, 55% of European enterprises reported struggling to recruit IT talent, citing a lack of advanced skills in job candidates. As the global cybersecurity talent shortage prevails, security administrators in the EMEA region are increasingly overburdened with manually performed repetitive and time-consuming tasks needed to track, mitigate and resolve security events across multiple security platforms. Without automation, security teams cannot realistically analyze and adequately prioritize security alerts at the rate necessary to protect networks while also ensuring their organization remains compliant with regulatory standards across countries operated in. Now, joint customers can leverage the power of Swimlane’s platform to respond quickly, innovatively, and effectively to today's complex challenges. They will gain visibility into the performance, capacity, and value of their security strategy with self-service dashboards, granular reporting, and extensive visualization capabilities. “We are excited to expand our investment in the EMEA market by partnering with a true leader in the region that carries immense credibility in the security space. “This partnership will enable enterprises across highly-targeted industries like financial services, critical infrastructure, healthcare and retail to harness their institutional knowledge to leverage security automation and build a system of record that transcends the entire security organization.” Toby Van de Grift, Vice President of EMEA for Swimlane Together, Swimlane’s low-code automation platform and NTT Data’s deep industry expertise deliver an offering that enables continuous compliance and prevents data breaches while helping security teams more efficiently manage the growing volume of alerts and complexity of processes. NTT Data will also create its own unique applications of the Swimlane platform to deliver continued value to customers. “The flexibility of the Swimlane platform makes it the ideal solution for both our company and our customers to harness the power of low-code security automation, allowing every team member to create response processes that align with unique business processes,” said Patrick Schraut, SVP CyberSecurity at NTT DATA. “This partnership will allow our customers to receive more value from their existing technology investments while making it easier for them to utilize automation to alleviate the stress security teams face today.” NTT DATA joins partners like Elastic, Guidepoint, Optiv, and Pareto Cyber, in Swimlane’s Medley Global Partner Program. Its addition reflects the program’s continued global expansion to meet the growing need for low-code security automation in the EMEA region. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Supporting use cases beyond SOAR, Swimlane improves the ease with which security teams can overcome process and data fatigue, as well as chronic staffing shortages. Swimlane unlocks the potential of automation beyond the SOC by delivering a low-code platform that serves as the system-of-record for the entire security organization and enables anyone within the organization to contribute their knowledge and expertise to the protection of the organization. About NTT DATA NTT DATA – a part of NTT Group – is a trusted global innovator of IT and business services headquartered in Tokyo. We help clients transform through consulting, industry solutions, business process services, IT modernization and managed services. NTT DATA enables clients, as well as society, to move confidently into the digital future. We are committed to our clients' long-term success and combine global reach with local client attention to serve them in over 50 countries.

Read More

PLATFORM SECURITY

SecurityScorecard Joins Snowflake Partner Network

SecurityScorecard | June 23, 2022

SecurityScorecard, the global leader in cybersecurity ratings announced today that it has joined Snowflake's Partner Network, enabling mutual customers to gain instant visibility into their own security posture and that of their third and fourth party software vendors. Catching Third-Party Risks Early Snowflake customers now have access to "call" security data within Snowflake, gaining direct access to SecurityScorecard Ratings data that can be correlated with various systems and processes including third party risk, identity and access and IT asset management to catch potential security risks early and create a unified view. "CISOs need to know the scale and scope of their cyber environment and that includes third and fourth-party vendors that can pose substantial risks to their organization," said Alex Rich, Vice President of Alliances at SecurityScorecard. "The insights gleaned from continuous monitoring with SecurityScorecard ratings data helps Snowflake data cloud customers get a broad view into their Third Party Risk Management, supply chain management, and business intelligence applications with continuous cybersecurity data." SecurityScorecard collects and analyzes global threat signals that give organizations instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture. The technology continuously monitors 10 groups of risk factors to instantly deliver an easy-to-understand A-F rating. The Snowflake Partner Network unlocks the potential of the Data Cloud with a broad array of tools and partners. Certified partnerships and integrations enable customers to leverage Snowflake's flexibility, performance, and ease of use to deliver more meaningful data insights. "With SecurityScorecard on the Snowflake Data Marketplace - organizations can now access and use robust vendor risk data directly in their Snowflake account. "Joint customers of Snowflake and SecurityScorecard can now easily combine, enrich, and contextualize vendor risk data with procurement, legal, IT, compliance, and security data, systems, and processes, accelerating the modern CIO and CISO's priority of data-driven, risk-based, and automated security and compliance." Joshua McKibben, Director Security Compliance & Risk Management at Snowflake "Our partnership with SecurityScorecard is delivering customers the detailed cybersecurity ratings data they need to refine and enrich data around numerous different use cases," said Tarik Dwiek, Head of Technology Alliances at Snowflake. "From third party risk and M&A due diligence, to cyber insurance, SecurityScorecard and Snowflake are helping global enterprises better manage their third-party risk management programs." About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.

Read More

DATA SECURITY

Flashpoint Acquires Vulnerability Intelligence Leader Risk Based Security

Flashpoint | January 13, 2022

Flashpoint, the trusted leader in threat intelligence and risk prevention, today announced it has acquired Risk Based Security (RBS), a Richmond, Virginia-based company specializing in vulnerability and data breach intelligence, as well as vendor risk ratings. The integration of RBS’s collections and technology into the Flashpoint platform offers a wide range of cybersecurity practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps, and vendor risk management teams—the contextual threat intelligence and automation they need to detect, prioritize, and thwart emerging cyber risks rapidly and holistically. “I am incredibly excited to welcome the RBS team to Flashpoint,This acquisition will enable our clients to rapidly detect critical vulnerabilities before they are widely known, and then automate how they prioritize and remediate these issues. This is a game changer for security teams and represents a vital step towards achieving Flashpoint’s vision of being the single vendor that enterprises can rely on to mitigate all types of security risks and protect critical assets.” Flashpoint CEO Josh Lefkowitz Since its founding in 2011, Risk Based Security has partnered with a diverse group of clients, including Microsoft, BlackRock, Northrop Grumman, Swisscom, American Electric Power, Amtrak, and numerous other enterprises across the technology, financial, insurance, and consumer goods sectors. To date, RBS possesses over 90,000 vulnerabilities in its collections that are not assigned CVE IDs and therefore do not exist in the National Vulnerability Database (NVD). RBS’s proprietary technology consistently identifies vulnerabilities before they are commonly known—and maps those vulnerabilities to an enterprise’s software—providing clients with a critical edge and head-start on potential adversaries. “We’re thrilled to join forces with Flashpoint,” said Jake Kouns, CEO of RBS. “It’s rare to find two organizations so similar in culture with a mutual drive to get things done. Our visions align perfectly, and we are excited to collaborate with them to bring a holistic, risk-based intelligence offering to a broad market.” AN ASSET-BASED APPROACH TO INTELLIGENCE AND RISK MANAGEMENT RBS’s extensive vulnerability, data breach, and proprietary vendor risk ratings empower security teams to quickly assess and remediate vulnerabilities based on their unique risk profile—making it the only vulnerability management tool on the market that provides scanless, real-time vulnerability intelligence with vendor and product risk ratings. With this technology, Flashpoint will be able to reveal a customer’s exposure to critical vulnerabilities and supply chain weaknesses, provide contextual awareness into how these vulnerabilities are being exploited by threat actors, and prioritize and automate the actions needed to remediate potential threats. In light of recent critical vulnerabilities like the highly-publicized disclosure of Log4j, early detection and rapid prioritization of risks is more important than ever. Moving beyond a reactive approach to threats, a combined Flashpoint and RBS solution will drive immediate and differentiated value to all types of security practitioners who are focused on protecting critical assets and infrastructure. ABOUT FLASHPOINT Trusted by governments and the Fortune 500, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks such as cyber threats, ransomware, fraud, physical threats, and more. Leading security practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps and vendor risk management teams—rely on Flashpoint's intelligence platform to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. ABOUT RISK BASED SECURITY Risk Based Security (RBS) provides detailed information and analysis on Vulnerability Intelligence, Vendor Risk Ratings and Data Breaches. Our product, the Risk Based Security Platform, combines VulnDB and Cyber Risk Analytics (CRA), providing organizations access to the most comprehensive security intelligence knowledge bases available, including advanced search capabilities, access to raw data via API, and email alerting to assist organizations in taking the right actions in a timely manner.

Read More

Spotlight

Our Chief Operations Officer, Kevin Simzer, discussed how we ensure data protection and GDPR compliance for more than 500,000 commercial customers. Learn more by visiting: http://bit.ly/2HClIV2 The role is a formal one mandated by the GDPR — although not all companies automatically need to have one in place. But if they do, this person is to serve as an independent advocate for the proper treatment of the customer's information.

Resources