DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Red Sift Acquires Hardenize to Redefine Enterprise Attack Surface Protection

Red Sift | October 14, 2022 | Read time : 03:00 min

Red Sift
Red Sift today announced that it has acquired global Attack Surface Management (ASM) innovator, Hardenize. The strategic move enables Red Sift to enrich, extend, and improve its existing security solutions to also protect customers’ internet assets and infrastructure, offering a complete, best-in-class digital resilience solution. The integration of Hardenize’s unique ASM capabilities enables the Red Sift platform to gain a comprehensive view of an organization’s digital footprint, allowing customers to better understand and protect their entire critical attack surface area in the face of an ever-evolving threat environment.

While email security remains one of the greatest attack vectors for businesses on the internet, organizations understand that it is only one of many that hackers will look to exploit. From email and domains to web applications and the network perimeter, attackers will take advantage of any and all vulnerabilities across the ever-expanding attack surface. Rather than treating key email security risks individually, organizations must have a comprehensive understanding of and visibility into any and all assets, as well as the ability to secure these using best-in-class remediation based on globally recognized standards and protocols.

Recognizing that organizations often are left to fend for themselves once vulnerabilities have been identified, today’s acquisition goes beyond enhanced discovery to provide customers with the necessary tools to shut down phishing and ensure ongoing compliance with email and web security protocols. Hardenize’s deep and continuous knowledge of key security and network standards, protocols and configurations, paired with Red Sift’s sophisticated remediation capabilities, enables customers to gain complete control of their entire attack surface for the first time.

With today’s acquisition, Red Sift and Hardenize make this vision a reality for joint customers. Hardenize’s discovery capabilities will act as a magnifying glass into customers’ infrastructure, continuously identifying new and often unknown vulnerable assets across the attack surface. By enriching Red Sift’s discovery phase, customers can now uncover threats beyond email security, to discover lookalike domain abuse, and spot vulnerabilities across their network perimeter.

“This move gives us the purview to do more for cybersecurity than we ever have before, elevating the breed of solution available to enterprise businesses for full Attack Surface Management and resilience. “By acquiring Hardenize, an innovator in Attack Surface Management (ASM), we extend our leading security products beyond protecting email; enabling enterprise customers to see their full attack surface, solve the issues at hand, and secure their valuable assets in an ever-evolving threat continuum. Bringing Hardenize and Red Sift together presents an opportunity to redefine how we approach ASM, and in turn revolutionize how enterprises protect themselves comprehensively and effectively in the face of an ever-evolving attack landscape.”

Rahul Powar, CEO of Red Sift

“We’re excited to join Red Sift in bringing this best-in-class security solution to the market,” said Hardenize CEO and SSL Labs creator Ivan Ristic. “Hardenize’s ability to align organizations’ digital assets to recognized security frameworks and standards complements Red Sift’s advanced email security capabilities to provide a single solution that protects organizations from being vulnerable to attackers.”

“This is a significant moment in the fight against digital pollutants on the Internet. Modern cyber resilience is built on a foundation of good cyber hygiene. Hardenize adds best-in-class security to allow organisations to work out what they’re doing well and need to improve in some really critical areas of core protections. This adds to Red Sift's suite of gold-standard solutions,” said Ciaran Martin, NCSC founder and former Chief Executive, and Red Sift Special Advisor. “I’m excited to see how this improves the offerings available for enterprises looking to secure their infrastructure and digital ecosystem.”

“The combination of Red Sift and Hardenize makes a great deal of sense, given that organizations increasingly demand proactive approaches to security like Attack Surface Management,” said Rik Turner, Senior Principal Analyst at Omdia. “These proactive platforms seek to reduce an organization’s overall attack surface before threat actors discover issues like vulnerabilities or misconfigurations and launch an attack exploiting them. With Hardenize, Red Sift is approaching ASM holistically, to include external assets together with an organization’s infrastructure and the third-party landscape.”

“Having enjoyed a strong strategic partnership with Red Sift for some time now, it’s exciting to see them make the move towards greater attack surface protection,” said Chris Bailey, VP of Strategy and Business Development at Entrust. “The ways in which attackers look to infiltrate organizations are always multiplying, but the vectors they use remain largely the same. This solution offers enterprises a way to fight back, by detecting their most vulnerable assets in a widening threat landscape.”

About Red Sift
Red Sift's Digital Resilience Platform solves for the greatest vulnerabilities across the complete attack surface. By providing comprehensive coverage of an organization’s digital footprint through best-in-class discovery and monitoring, Red Sift enables users to proactively uncover threats within email, domains, brand, and the network perimeter. Paired with sophisticated remediation capabilities, Red Sift provides organizations with the tools to shut down phishing and ensure ongoing compliance with email and web security protocols.

Spotlight

Pendant des décennies, les architectures en étoile ont étendu le réseau d’entreprise aux utilisateurs et aux sites distants, y compris les filiales. Cependant, alors que de plus en plus d’employés travaillent à distance et que d’innombrables applications migrent vers le cloud, cette approche dépassée n’apporte que des difficulté


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

GreyNoise Intelligence Partner Network Launches in the Cybersecurity Arena

GreyNoise Intelligence | November 07, 2022

GreyNoise Intelligence, the cybersecurity company analyzing internet scanning traffic to separate threats from background noise, today announced the official launch of a mulit-faceted partner program to help customers defend against mass exploitation attacks. As an ecosystem for cybersecurity solution providers, the program offers an array of opportunities for technical alliances, channel resale and OEM partners. "Mass exploitation attacks like Log4j have become the attack vector of choice for cyber criminals and state actors. "Security teams are struggling to defend themselves against these kinds of attacks with tools and threat intelligence designed for last year's threats. By building partnerships with other leading cyber solution providers, we can help customers implement new security strategies to end mass exploitation attacks." Andrew Morris, Founder and CEO of GreyNoise Mass exploitation attacks leverage internet-wide scanning technologies to find and exploit vulnerable computer systems around the world in minutes. When a new internet-exploitable vulnerability like Log4j is announced, these attacks can start in a matter of hours, before security teams have a chance to put their defenses in place. The GreyNoise Intelligence Partner Network enables other cybersecurity solution providers to expand their reach, increase revenues and deepen customer relationships. The network has three primary components: 1) GreyNoise Technical Alliance Program. GreyNoise provides contextual data on noisy IP addresses that scan the Internet. Technical Alliance partners collaborate with GreyNoise to ensure that mutual customers can seamlessly leverage inter scanner intelligence in their existing workflows, tools and processes. Customers use this data to reduce their alert volumes by 25% and minimize alert fatigue. GreyNoise also sharpens threat detection fidelity for mutual customers by providing valuable context on known malicious internet-wide scanners, speeding up the triage process. With GreyNoise data, technical partners have real time visibility into mass exploitation IPs targeting specific vulnerability, which provides critical actionable data during an active emergent attack. “Whenever a vulnerability is disclosed the dinner bell sounds for good and bad actors alike, meaning organizations are already on their back foot,” explains Robert Huber, chief security officer and head of research, Tenable. “We know threat actors are monitoring disclosure programs in the same way we are, looking for newly announced vulnerabilities, studying all available information such as proof of concepts, but they’re looking to utilize the flaw. OUr partnership with GreyNoise gives our customers the tools to address these weaknesses when they’re publicly announced. In doing so, we reduce that intelligence gap and hand the advantage back to the good guys.” 2) GreyNoise OEM Partnership Program. GreyNoise provides an integrated out-of-the-box threat intelligence solution for security vendors, ISPs and technology firms to embed in their product and service offerings. Unlike other threat intelligence vendors, GreyNoise is solely focused on providing high fidelity data on IPs that are actively mass scanning, crawling and attacking the internet. Integrating GreyNoise data directly into the platform of OEM partners enables customers to intelligently rule out internet background noise, and helps them to prioritize emerging threats and targeted activity more effectively. “Modern security teams need a fast, flexible and scalable platform for threat detection capable of analyzing terabytes of data per day, with built-in threat intelligence to rule out activity from trusted sources, and immediately flag activity from known bad actors,” said Jack Naglieri, CEO and founder, Panther Labs. “With Panther and GreyNoise, security teams can cut through background noise, improve alert fidelity, speed up analyst workflows and ensure prioritization of the most critical alerts. By making detection and response faster and more accurate, security teams can better protect their organizations from disruptive cyberattacks.” 3) GreyNoise Channel Resale Program. GreyNoise is committed to developing partnerships with highly focused, security-dedicated channel partners to deliver the best results to mutual customers. Value-added resellers and distributors offer GreyNoise protection and intelligence solutions to meet the IT security needs of their enterprise customers. In addition to providing a unique data and automation security solution that is relevant to Incident Response, SOC and Threat Intel teams, GreyNoise has a transparent, simple and profitable, channel sales program with a generous deal registration and rebate structure. GreyNoise sales teams provide materials for channel partners to explain the value GreyNoise offers in improving analyst efficiency, leveraging customer investment in existing technologies, and reducing the overall risk landscape. About GreyNoise Intelligence GreyNoise is THE source for understanding internet noise. We collect, analyze and label data on IPs that saturate security tools with noise. This unique perspective helps analysts waste less time on irrelevant or harmless activity, and spend more time focused on targeted and emerging threats. GreyNoise is trusted by Global 2000 enterprises, government organizations, top security vendors and tens of thousands of threat researchers.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Blackpoint Cyber Launches Three Product Features

Blackpoint Cyber | November 11, 2022

Blackpoint Cyber, a leading technology-focused cybersecurity company, has released three product features this fall, as they look ahead to 2023. “I am consistently blown away by the Blackpoint Cyber team. Our desire to improve the security posture for our partners is an ongoing journey as we continue to expand an ecosystem of products which address the needs of MSPs and customers in todays’ dynamic threat landscape. As someone with previous experience in the MSP space, it is refreshing to see how much our team really loves the channel and strives to regularly provide additional value by helping MSPs to secure themselves as well as their customers,” said Justin Weller, Director of Business Development at Blackpoint Cyber. Blackpoint partners can stay ahead of cyberthreats with the following products: Security Configuration Benchmarks for M365 – Vulnerability Mapping to CIS Benchmarks for Cloud Environments CIS foundation benchmark for M365 and Azure provide prescriptive guidance for establishing a secure baseline configuration. Blackpoint has reviewed every control on your behalf and made recommendations on several to harden your customer environments. Now you can compare your security measures to Center of Internet Security Benchmarks directly in the Blackpoint portal. Assess your standing against these internationally recognized security standards and implement the recommended changes to reduce the attack surface in cloud tenants. MDE Vulnerability Report—Security Visibility Unlocked The capabilities of Blackpoint’s product bundle, Blackpoint Response, have grown. With Managed Defender for Endpoint, we've introduced internal vulnerability reporting to help you better assess your customers’ security posture, directly within the portal. The reports include recommendations for remediation and simplify the process to action them. Improvements based on the reports may pertain to expiring certificates, device exposure, or vulnerable software. macOS Agent—The Power of MDR Within Your Mac After many requests from their partner community, due to a lack of true Mac MDR, Blackpoint’s flagship MDR product, SNAP-Defense, is now available to monitor and respond to threats on Apple devices running macOS. As the macOS market share in business settings continues to grow, Blackpoint partners now have the capability to provide protection to those assets. About Blackpoint Cyber Blackpoint Cyber offers the only world-class, nation-state-grade cybersecurity ecosystem serving the MSP community. Using its own software and SOC, Blackpoint’s true 24/7 MDR service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep your and your clients’ networks safe from widespread damage.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY

Wib Raises $16 Million Investment to Accelerate Growth and Tackle Rising API Security Problem

Wib | November 08, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA. API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk. Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. "APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk. Gil Don, CEO and Co-Founder of Wib "What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security." A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach. About Wib Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

Balbix | November 17, 2022

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the general availability of support for Google Cloud Platform (GCP). Security teams can now use Balbix to easily quantify, prioritize and mitigate risks in their Google Cloud environments. With this announcement, Balbix has also extended its Cyber Asset Attack Surface Management (CAASM) solution to support multi-cloud environments that span both GCP and Amazon Web Services. The rapid move to the cloud has made IT environments more complex to manage and secure. As a result, security teams struggle to get a consolidated view of risk. Yet, 63 percent of organizations say they look at security posture in the cloud separately from on-premises, according to Cybersecurity Insiders' 2002 State of Security Posture Report. "Our customers' environments can include over 1 million assets, spread across multiple clouds and their own facilities. Managing an attack surface this large is no longer a human-scale problem. "With Balbix's new support for GCP, our customers can use automation to manage cybersecurity posture across more of their environment." Gaurav Banga, Founder and CEO of Balbix Cyber Security Posture Automation for Google Cloud Platform Balbix now provides support for popular Google Cloud services, including Compute Engine, Cloud Storage, Cloud SQL, Google Kubernetes Engine (GKE) Cluster & Deployments, Cloud Functions, Cloud Key Management Service (KMS), Pub/Sub and Secret Manager. As a result, Balbix customers with Google Cloud environments can use automation and advanced analytics to: Get comprehensive, near real-time visibility of their Google Cloud assets. Combine data from Google Cloud with their other IT and security tools to gain security and business context for their assets. Discover misconfigurations – the most exploited attack vector for the cloud – as well as unpatched software vulnerabilities, weak credentials and trust issues. Measure risk in terms of breach likelihood and business impact in order to prioritize remediation. Calculate and report on cyber risk quantified in dollars (or other currencies) instead of risk scores Cyber Asset Attack Surface Management for Multi-Cloud Environments The addition of support for GCP extends Balbix's CAASM solution to multi-cloud environments. Security practitioners no longer need to use multiple tools or combine data manually from these tools in a custom spreadsheet to understand their security posture. They can see the relationships between assets, applications and users no matter where the assets are in the cloud or on-premises. They can also identify any gaps in coverage for security controls. Balbix provides more than just visibility. Unlike other vendors, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) solutions so security teams are able to immediately take action to reduce their cyber risk. They can continuously identify, prioritize and mitigate security issues as they emerge, while quantifying and tracking residual cyber risk in dollars. Daily cybersecurity decisions – operational as well as executive – can be made using a unified and up-to-date view of cyber risk. "By adding support for Google Cloud, Balbix has broadened its risk model to be inclusive of multiple public cloud platforms and allowed organizations to better measure their overall cyber risk," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "Customers can leverage this unified risk model to quantify cyber risk by business unit, geography, site, asset type or business owner – and quickly remediate those risks." The API-based Balbix Connector for Google Cloud Platform collects asset inventory and misconfiguration data and is available now. Visibility into other types of vulnerabilities is provided by optional Balbix sensors. These sensors also catalog the software bill of materials (SBOM) of applications running in GCP. Data collected by Balbix connectors and sensors is automatically deduplicated, correlated and inferenced to provide security teams with an accurate and unified view of risk. About Balbix Balbix enables businesses to reduce cyber risk by identifying and mitigating their riskiest cybersecurity issues faster. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate inventory of their cloud and on-premise assets, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data not opinions.

Read More

Spotlight

Pendant des décennies, les architectures en étoile ont étendu le réseau d’entreprise aux utilisateurs et aux sites distants, y compris les filiales. Cependant, alors que de plus en plus d’employés travaillent à distance et que d’innombrables applications migrent vers le cloud, cette approche dépassée n’apporte que des difficulté

Resources