ENTERPRISE SECURITY

SecurityScorecard Partners with Tenable to Deliver Complete Cyber Risk Monitoring

SecurityScorecard | August 23, 2021

SecurityScorecard, the global leader in security ratings, today announces a partnership with Tenable the Cyber Exposure company, to deliver a comprehensive view into an organization's risk posture by marrying Tenable's unmatched visibility and depth of analytics into enterprise environments with external cyber monitoring powered by SecurityScorecard. As a result of this partnership, CISOs, IT leaders and security teams are able to review their SecurityScorecard rating, assess their external cybersecurity health, and understand their risk posture directly within the Tenable Lumin dashboard.

"Understanding your up-to-date risk posture has become a necessity in a world that's increasingly more complex, dynamic and transient," said Ray Komar, vice president of technical alliances, Tenable. "We're excited to partner with SecurityScorecard to give customers complete visibility into the risks that exist inside and outside their environment, and guidance for how to most effectively reduce that risk, all in a single platform."

Point-in-time or periodic cybersecurity testing procedures have become antiquated. Today's cyber risks change by the minute and companies need a solution that keeps pace with the dynamic nature of cybersecurity by continuously monitoring for exposures and measuring the security posture and cyber resilience across the organization.

"Organizations must be proactive to address cyber breaches, and security ratings are the foundation to measuring and understanding security resilience in real time," says Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. "Together, SecurityScorecard and Tenable are advancing a new standard for continuous monitoring by blending external and internal risk assessments, which provide organizations with a holistic view into the risks that exist in their environments."

The integration pairs Tenable Lumin's advanced analytics capabilities for assessing risk alongside real-time visibility of external vulnerabilities from SecurityScorecard. This arms Tenable Lumin customers with the intelligence to develop external risk management and threat detection playbooks through real-time updates, allowing organizations to effectively identify and respond to threats and risks.

SecurityScorecard continuously monitors millions of entities globally, and uses non-intrusive proprietary methods to assess their security posture across ten risk categories to instantly deliver an easy-to-understand "A" through "F" rating; including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. On a daily basis, these ratings are updated based on objective, publicly-available data that, similar to credit ratings, provides an "outside-in" view of an entity's security posture.

About SecurityScorecard
Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital and others, SecurityScorecard is the global leader in cybersecurity ratings with tens of millions of companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 18,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Spotlight

The intelligent use of data is core to
achieving business success. There is,
therefore, an indisputable need to
safeguard the data centre, where most
data in its various forms is processed
and transited.


Other News
PLATFORM SECURITY

Resecurity® Brings Cyber Threat Intelligence to Microsoft Azure

Resecurity | July 01, 2022

Resecurity, a cybersecurity and intelligence company, today announced its award-winning cybersecurity threat intelligence and risk monitoring platform is now available on Microsoft's Azure Marketplace. Microsoft's Azure Marketplace is the most comprehensive marketplace on the planet, offering thousands of certified cloud applications and software to over four million active users and subscribers. With cyber-risk ranking as a top concern for CEOs and business owners1, enterprises are looking for additional support to secure and manage the evolving cyber threatscape. More importantly, they're looking for trusted vendors who provide scalable, secure solutions that can work inside existing operating systems. Today, nearly 70 percent of organizations worldwide use Microsoft Azure for their cloud services.2 By joining the Microsoft Azure marketplace, Resecurity's software solutions will be easily accessible to the millions of Microsoft Azure customers needing comprehensive cybersecurity management and monitoring. "Enterprises continue to battle increasing cyber threats emerging from the Dark Web and ransomware groups targeting cloud services. Trusted partners like Microsoft Azure have enabled organizations to confidently bring in the cybersecurity expertise and solutions they need to protect their ecosystems. "Resecurity is dedicated to helping organizations worldwide mitigate these risks with our reliable, scalable and accessible cybersecurity and threat intelligence software." Gene Yoo, CEO of Resecurity Resecurity's AI-powered solutions provide proactive alerts and comprehensive visibility of digital risks targeting the enterprise ecosystem. The innovative platform allows administrators to reduce potential blind spots and security gaps by quickly seeing in-depth analysis and specific artifacts obtained through the dark web, botnets activity, network intelligence and high-quality threat intelligence data. Microsoft Azure users who integrate Resecurity into their cybersecurity strategy will benefit from: Around-the-clock security monitoring of your cloud workloads and enterprise ecosystem, In-depth risk evaluation of the entire enterprise ecosystem (Dark Web, Compromised Accounts, Data Leaks, Network Hygiene, Cloud Security, etc.), A scalable software solution that can monitor a digital footprint of any size (Domains, Network Ranges, Cloud-based Nodes), AI-powered threat intelligence that leverages Rescurity's Dark Web intelligence repositories with over 3.4 billion records and cyber intelligence analysts deployed across all continents, Contextualized risk alerts and data-backed suggested actions to enable a proactive security strategy.Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). About Resecurity Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, Resecurity was named as one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California by Inc. Magazine. An Official Member of Infragard, AFCEA, NDIA, SIA and FS-ISAC.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

OneSpan Launches Virtual Room Enabling Secure Face-to-Face Transactions

OneSpan | September 19, 2022

OneSpan™ , the digital agreements security company, today announced the general availability of its secure Virtual Room cloud service which enables organizations to deliver live, high-touch assistance to their customers in a high-assurance virtual environment. This next-generation customer engagement solution gives organizations the ability to balance identity security, authentication, and e-signature solutions from the broader OneSpan portfolio with a high-assurance virtual experience that is the next best thing to entering a branch or meeting in person. Virtual Room complements digital-first transaction experiences by providing a unique opportunity for organizations to create personalized, high-touch, human-assisted interactions, and by improving the customer experience, increasing agreement completion rates, and reducing security risks and fraud. “Today, businesses requiring a high degree of security and regulatory compliance rely daily on a variety of technologies that use insecure, shared links and expose users to elevated risks including data breaches and compliance violations in the anywhere economy. This should not be the case. Organizations and their customers want to be confident that the person joining a virtual meeting is the person they claim to be. And multi-million dollar business agreements transacted digitally should not be subject to fraud fallout. “Today’s off-the-shelf video conferencing tools do not offer optimal security. As the complexity and value of transactions increase, customers want a live interaction rather than relying on a virtual assistant or self-service experience. We built Virtual Room for these scenarios to help our customers complete an agreement or transaction where they need a personal touch and where security is paramount.” Matthew Moynahan, President and CEO at OneSpan Combining OneSpan’s heritage in high-assurance identity verification and authentication with agreement co-browsing, web-enabled videoconferencing, rich collaboration features, and built-in e-signature, Virtual Room helps organizations engage and transact with customers with confidence. Virtual Room can be used for multiple high-value customer agreements, including account opening and maintenance, wealth management, and car financing. Virtual Room enables organizations to: Verify the identities of participants, utilizing OneSpan’s identity verification and mobile and hardware authentication solutions; Interact with signers remotely; Simultaneously review documents and address questions; Capture legally binding e-signatures in real-time; and Record virtual sessions to reinforce the electronic evidence captured in the audit trails. A recent report from Aragon highlighted the need for higher assurance within these processes. “It’s important for buyers to look for a provider that has global security compliance expertise in all aspects of the workflow, from the initial identity verification and authentication steps, to creating a secure virtual interaction environment and all the way through to securing the final output or artifact of the transaction, for compliance and enforceability purposes. Equally important, buyers should look for a vendor that has the flexibility to adapt any step in the digital workflow to meet local regulations for digital identity, secure customer authentication, transaction risk analysis, and the many other security requirements, which differ from one country to the next.” As a secure solution for customer-facing digital agreements where the integrity of the agreement is paramount, ​Virtual Room allows organizations to embrace a new way of working that’s more distributed, virtual, and dynamic, enabled by advancements in cloud technology. With the onset of the anywhere economy, and with more transactions being completed online, identity verification and authentication technologies are critical in the digital agreements process. This purpose-built, high-assurance digital agreement solution includes identification and authentication capabilities that enable organizations to increase the integrity and completion rates of agreements and transactions in a highly-secure and protected ecosystem without impacting user experience or productivity. About OneSpan OneSpan helps organizations accelerate digital transformations by enabling secure, compliant, and refreshingly easy customer agreements and transaction experiences. Organizations requiring high assurance security, including the integrity of end-users and the fidelity of transaction records behind every agreement, choose OneSpan to simplify and secure business processes with their partners and customers. Trusted by global blue-chip enterprises, including more than 60% of the world’s largest 100 banks, OneSpan processes millions of digital agreements and billions of transactions in 100+ countries annually.

Read More

SOFTWARE SECURITY

Windfall Recognized for Its Commitment to Data Security with Renewed SOC 2 Type 2 Certification

Windfall | September 02, 2022

Today, Windfall Data, Inc. , the most trusted and accurate provider of insights and democratized intelligence on people, announced that it has once again successfully completed the Service Organization Control (SOC) 2 Type 2 audit. This certification validates the company’s ongoing commitment to data protection and security. An industry recognized technical audit for technology & service organizations, SOC 2 Type 2 requires companies to establish and follow strict information security policies and procedures. The independent audit was conducted by Boulay PLLP, and has assessed internal controls involving security, availability, processing integrity, and confidentiality. The assessment applies to internal controls within the organization and encompasses the processing of data on behalf of its customers. As defined by the Trust Services Criteria set forth by the American Institute of Certified Public Accountants (AICPA), the SOC 2 Type 2 certification report is generally recognized as the gold standard for data security and re-validates Windfall’s commitment to protecting both company and customer data. “Security and privacy have always been core company values at Windfall. “By re-completing our SOC 2 Type 2 certification, we are demonstrating to our customers that Windfall is accountable to the highest standards of data protection and requirements.” Windfall CEO and Co-Founder, Arup Banerjee Windfall analyzes vast amounts of data with advanced technologies like artificial intelligence and machine learning in order to give organizations deep insights into their data, and to activate those insights into business workflows. Because this data is sensitive, Windfall has top security measures in place to protect critical data from being lost or stolen and developed detailed policies to safeguard customer data, as demonstrated through SOC 2 Type 2 re-certification. “We are intent on providing a platform that organizations can trust,” said Cory Tucker, CTO and Co-Founder of Windfall. “We’re excited to have achieved this security milestone for the second year in a row as it demonstrates the strength and seriousness of our commitment to privacy and security.” ABOUT WINDFALL: Windfall is a people intelligence and AI company that gives go-to-market teams actionable insights. By democratizing access to people data, organizations can intelligently prioritize go-to-market resources to drive greater business outcomes. Powered by best-in-class machine learning and propensity modeling, Windfall activates insights into workflows that engage the right people for each respective organization. More than 800 data-driven organizations use Windfall to power their business.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Absolute Software Adds Trellix Endpoint Security to Application Resilience Ecosystem

Absolute Software | September 20, 2022

Absolute Software™ , the only provider of self-healing, intelligent security solutions, today announced a partnership with Trellix, enabling Absolute Resilience® customers to extend its patented Absolute Persistence® technology to Trellix Endpoint Security (ENS). With this latest addition to the company’s Application Resilience™ ecosystem, joint customers can leverage the power of Absolute’s firmware-embedded connection to ensure Trellix’s leading endpoint protection solution remains healthy, installed, and working effectively. Anchored by its unique Persistence technology residing embedded in more than 600 million endpoints, Absolute provides an undeletable digital tether to every device to help ensure the highest levels of resiliency. Absolute Application Resilience leverages this unbreakable, two-way connection to monitor mission-critical security applications’ health and behavior; detect if missing, corrupted, or not running; and automatically repair or reinstall components when necessary - without requiring human intervention. “Our unique intelligence shows that today’s complex and widely distributed device environments have put endpoint agents at constant risk of colliding with other applications, or being disabled by malicious or negligent users. “By joining our Application Resilience ecosystem, Trellix is taking the critical steps needed to enable our joint customers to harden their mission-critical endpoint application and strengthen their overall endpoint security posture.” Edward Choi, SVP of Global Alliances at Absolute Software “We are proud to collaborate with leading software vendors to improve security outcomes for our customers,” said Britt Norwood, Senior Vice President, Global Channels & Commercial at Trellix. “Organizations across the globe rely on Trellix every day to protect, and adapt to, their changing business needs in a dynamic threat landscape. We’re thrilled to see Absolute Software support Trellix ENS in its Application Resilience ecosystem and extend this value to our joint customers.” Trellix Endpoint Security is part of an integrated suite of technologies that uses analytics and machine learning to provide effective protection—including the flexibility to connect to security products from other vendors. Trellix endpoint solutions enable organizations to apply proactive threat intelligence and defenses across the entire attack lifecycle. Absolute’s expansive Application Resilience catalog is comprised of more than 60 security and business applications needed to enable a secure, reliable, and resilient work from anywhere experience. About Absolute Software Absolute Software is the only provider of self-healing, intelligent security solutions. Embedded in more than 600 million devices, Absolute is the only platform offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network connections - helping customers to strengthen cyber resilience against the escalating threat of ransomware and malicious attacks. Trusted by nearly 18,000 customers, G2 recognized Absolute as a leader for the tenth consecutive quarter in the Summer 20022 Grid® Report for Endpoint Management and as a high performer in the G2 Grid Report for Zero Trust Networking.

Read More