DATA SECURITY

Snowflake Launches New Cybersecurity Workload

Snowflake | June 08, 2022

Snowflake
Snowflake, the Data Cloud provider, announced today the release of a new Cybersecurity workload that helps cybersecurity teams to better secure their organizations using the Data Cloud. Cybersecurity teams can rapidly acquire visibility and automation at cloud-scale by using
Snowflake's platform and a wide ecosystem of partners offering security capabilities with linked apps.

According to Forrester*, 55% of security professionals said that their business encountered an incident or breach involving supply chains or third-party suppliers in the last 12 months. Current security architectures based on outdated security and information management systems (SIEMs) are really not intended to handle the amount and diversity of data required to keep up with cyberthreats. Legacy SIEMs impose stringent ingest fees, short retention periods, and proprietary query languages, making it difficult for security professionals to acquire the insight they need to safeguard their enterprises.

Customers that utilize Snowflake's Cybersecurity workload receive access to the platform's capability and adaptability to natively manage structured, semi-structured, and unstructured logs. Customers can store years of high-volume data effectively, search using scalable on-demand computing capabilities, and obtain insights utilizing universal languages like SQL and Python, which are now in private preview. Businesses can also use Snowflake to combine their security data with company data in a single source of truth, allowing contextual data from HR systems or IT asset inventories to feed detections and investigations for greater fidelity alerts and conducting quick queries on vast volumes of data. Teams receive unified insight into their security posture, removing data silos without incurring prohibitive data input or retention expenses. Aside from threat detection and response, the Cybersecurity workload covers a wide variety of use cases such as security compliance, cloud security, identity and access management, vulnerability management, and more.

TripActions, the premier all-in-one travel, corporate card, and expense management system, is using the Data Cloud to invest in its long-term cybersecurity data strategy.

Prabhath Karanth, Sr. Director of Security, Compliance & Trust, TripActions said that “With Snowflake as our security data lake, we are able to simplify our security program architecture and remove data management overhead. Snowflake has been vital in helping us gain a complete picture of our security posture, eliminating blind spots and reducing noise so we can continue to provide user trust where it matters most. Deploying a modern technology stack from Snowflake is a pivotal piece of our cybersecurity strategy.”

Spotlight

In this white paper, you will learn how to use adaptive authentication in your organization to solve the access control challenges that will lead to stronger ePHI protection and safer patient care. Read on to access a security service with stronger data protection, rapid deployment, and friendly integration.


Other News
PLATFORM SECURITY

SecurityScorecard Joins Snowflake Partner Network

SecurityScorecard | June 23, 2022

SecurityScorecard, the global leader in cybersecurity ratings announced today that it has joined Snowflake's Partner Network, enabling mutual customers to gain instant visibility into their own security posture and that of their third and fourth party software vendors. Catching Third-Party Risks Early Snowflake customers now have access to "call" security data within Snowflake, gaining direct access to SecurityScorecard Ratings data that can be correlated with various systems and processes including third party risk, identity and access and IT asset management to catch potential security risks early and create a unified view. "CISOs need to know the scale and scope of their cyber environment and that includes third and fourth-party vendors that can pose substantial risks to their organization," said Alex Rich, Vice President of Alliances at SecurityScorecard. "The insights gleaned from continuous monitoring with SecurityScorecard ratings data helps Snowflake data cloud customers get a broad view into their Third Party Risk Management, supply chain management, and business intelligence applications with continuous cybersecurity data." SecurityScorecard collects and analyzes global threat signals that give organizations instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture. The technology continuously monitors 10 groups of risk factors to instantly deliver an easy-to-understand A-F rating. The Snowflake Partner Network unlocks the potential of the Data Cloud with a broad array of tools and partners. Certified partnerships and integrations enable customers to leverage Snowflake's flexibility, performance, and ease of use to deliver more meaningful data insights. "With SecurityScorecard on the Snowflake Data Marketplace - organizations can now access and use robust vendor risk data directly in their Snowflake account. "Joint customers of Snowflake and SecurityScorecard can now easily combine, enrich, and contextualize vendor risk data with procurement, legal, IT, compliance, and security data, systems, and processes, accelerating the modern CIO and CISO's priority of data-driven, risk-based, and automated security and compliance." Joshua McKibben, Director Security Compliance & Risk Management at Snowflake "Our partnership with SecurityScorecard is delivering customers the detailed cybersecurity ratings data they need to refine and enrich data around numerous different use cases," said Tarik Dwiek, Head of Technology Alliances at Snowflake. "From third party risk and M&A due diligence, to cyber insurance, SecurityScorecard and Snowflake are helping global enterprises better manage their third-party risk management programs." About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.

Read More

SOFTWARE SECURITY

iboss Joins Microsoft Intelligent Security Association (MISA)

iboss, Inc. | June 02, 2022

iboss, a leader in Zero Trust Edge, announces the expansion of its relationship with Microsoft by joining the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors (ISV) and managed security service providers (MSSP) that have integrated their security products and services with Microsoft’s security products. Through this collaboration with Microsoft, joint customers benefit from secure, fast access to resources from anywhere, which also allows customers greater visibility and immediate response to threats. iboss has integrations with Microsoft Azure Active Directory, Microsoft Sentinel, Microsoft Defender for Cloud Apps and Microsoft Purview Information Protection to further enhance an organization’s value of their Microsoft 365 E5 investment. These solutions offer new capabilities that are fully integrated and simple to deploy. Identity: iboss forces modern authentication to all resources, including legacy applications under the Azure Active Directory (AAD) Umbrella. When users authenticate through Azure Active Directory, iboss grants or denies resource access on a per transaction basis, with real-time Conditional Access policies applied to reauthenticate or step-up Multi-factor Authentication with Azure Active Directory. Security: iboss integration with Microsoft Sentinel, now available in the Azure Marketplace, integrates high fidelity logs about users and resources being requested, also comes complete with real-time active defense workflows allowing SOC analysts fast automated responses to threats that matter. Deployment is live after only a few mouse clicks. In addition, iboss integration with Microsoft Defender for Cloud Apps extends visibility and protection with advanced CASB capabilities by automatically syncing policies and signatures from Microsoft Defender for Cloud Apps to enforce governance actions for secure cloud application access. Compliance: iboss detects and automatically prevents transfer of files tagged with Microsoft Purview Information Protection unified labels and leverages them with iboss Zero Trust DLP rules. In addition, full visibility into the denied transfer request between the user and resource is made available in Microsoft Sentinel to take additional steps as well as Conditional Access rules in Azure Active Directory Cloud: Protection of Azure resource workloads with iboss service being deployed and running directly inside the Azure on a per tenant basis is now available on Microsoft Azure Marketplace. With the ability of iboss service to now be deployed directly in Azure, allows for a customer’s unique IP address to be anchored to each Azure tenant ID, thus creating a tight Zero Trust linkage unmatched by any other Secure Service Edge vendor. “Our Zero Trust Edge platform enables Microsoft customers, and distributed workforces everywhere, to connect securely and directly to all applications from wherever they work. “We help Microsoft customers complete their Zero Trust journey by granting users secure access to critical resources on a per request basis. The depth and breadth of our integrations is unmatched and provides the most use-case protection scenarios. iboss is purpose-built to prevent breaches by shifting the focus from protecting the network perimeter to protecting resources, and we are proud to be expanding to cover Microsoft Security E5 applications through highly differentiated integrations.” Paul Martini, co-founder and CEO of iboss “Preventing unauthorized access to critical resources is essential for Zero Trust." said Desmond Forbes, General Manager of Business Development at Microsoft. "iboss capabilities ensure that trusted users are able to connect to protected resources from anywhere with advanced integrations across Microsoft’s Identity, Security and Compliance platform to help meet our joint customers’ Zero Trust objectives." The iboss Zero Trust platform is a purpose built, patented, cloud delivered security and has more than 100 points of presence globally. A Zero Trust Architecture built on iboss consolidates network security technologies (SWG, CASB, DLP, IPS, malware defense, browser isolation, firewall) into a single unified cloud platform and eliminates the need for a VPN while securing any device, regardless of location. By making all applications private, iboss eliminates the top three initial ransomware infection vectors as identified by Cybersecurity and Infrastructure Security Agency (CISA). With applications, data and services made only accessible through the iboss Zero Trust Edge, cyber risk is greatly reduced, breaches and data loss are prevented, and visibility and security are delivered consistently throughout an organization. About iboss, Inc. iboss is a cloud security company that enables organizations to reduce cyber risk by delivering a Zero Trust service designed to protect resources and users in the modern distributed world. Applications, data and services have moved to the cloud and are located everywhere while users needing access to those resources are working from anywhere. Built on a containerized cloud architecture, iboss delivers security capabilities such as SWG, malware defense, browser isolation, CASB and data loss prevention to protect all resources, via the cloud, instantaneously and at scale. This shifts the focus from protecting buildings to protecting people and resources wherever they are located. Leveraging a purpose-built cloud architecture backed by 230+ issued and pending patents and more than 100 points of presence globally, iboss processes over 150 billion transactions daily, blocking 4 billion threats per day. More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies. iboss was named one of the Top 25 Cybersecurity Companies by The Software Report, one of the 25 highest-rated Private Cloud Computing Companies to work for by Battery Ventures, and CRN’s Top 20 Coolest Cloud Security Companies of 2022.

Read More

SOFTWARE SECURITY

JFrog Integrates with ServiceNow to Improve Software Security Vulnerability Response Times with “ServiceOps”

JFrog | May 27, 2022

JFrog Ltd. , the Liquid Software company and creators of the JFrog DevOps Platform, today unveiled new integrations for JFrog Xray with ServiceNow’s Lightstep Incident Response and Spoke products for IT Service Management. Available immediately, the JFrog Xray integrations with ServiceNow (NYSE: NOW) provide IT leaders with real-time insights on security vulnerabilities and compliance issues to quickly engage necessary team members from across the organization for more immediate response and remediation. “Successfully securing the software supply chain at the speed of business is a team sport, requiring efficient, cross-team collaboration for timely security incident remediation. Our integration with ServiceNow aims to change the relationship between developers and the rest of the business, so they can maintain the speed and frequency of releases, while avoiding downtime and loss of trust from end customers." Shlomi Ben Haim, Co-Founder and CEO, JFrog The new integration enables IT teams to proactively address security issues before they become major concerns. The combination of JFrog Xray and ServiceNow delivers a robust software composition analysis (SCA) tool that can quickly scan binaries for vulnerabilities and license compliance issues, then share those insights with the appropriate parties across the organization. The JFrog Xray-ServiceNow solution is unique in that it helps DevOps engineers, site reliability engineers (SREs), IT system administrators, and others, more securely build, deploy, run, and monitor applications effortlessly, in a single view. It also enables real-time security alerts and insights with assigned actions across all the tools, people, and processes needed for timely resolution. JFrog Xray & ServiceNow: Delivering Incident Response & Enterprise-wide Workflow Design for Security Incidents Identifying and effectively responding to malicious attacks must transcend business units and operational functions. By improving real-time insight, collaboration, and communication amongst and between enterprise security and IT teams, the JFrog Xray-ServiceNow integrations ensure swift responses to emerging security threats. The JFrog Xray integration with Lightstep Incident Response enables developers, SREs, and Security Administrators to: Monitor, collect and respond to license compliance and security vulnerabilities impacting the software supply chain across all stages of the software development and release lifecycle. Streamline vulnerability response by pulling-in the right team members across the organization for faster remediation. The JFrog Xray Spoke for ServiceNow allows IT operations staff to: Generate violation reports, create ‘ignore rules’, re-scan builds, add custom item properties, and more. Automate workflows that meet audit demands and avoid penalties for improper use of code segments obtained from the open-source community. Identify problems earlier in the application development pipeline and incorporate change management solutions. For more information on the new JFrog Xray integrations for ServiceNow Lightstep Incident Response, read this blog or solution sheet. Further details on the JFrog Xray integration with Spoke can be found in this blog. You can also connect with JFrog and ServiceNow solution experts during swampUP 2022 taking place in San Diego, May 25 - 26, 2022. For more information and to register, visit https://swampup.jfrog.com/. About JFrog JFrog Ltd. , is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won’t go back.

Read More

SOFTWARE SECURITY

SentinelOne Integrates with Torq, Streamlining SOC Workflows with Automated Incident Response

SentinelOne | June 29, 2022

SentinelOne , an autonomous cybersecurity platform company, today announced a new integration with Torq, a no-code security automation platform. The combination of SentinelOne and Torq allows security teams to accelerate response time, reduce alert fatigue, and improve overall security posture. “SentinelOne’s powerful intelligence and protection helps security teams protect their employees and customers – no matter how complex the environment. “With Torq, security teams can extend the power of SentinelOne to systems across the organization to automate workflows, respond faster, maintain/boost compliance to benefit from a proactive security posture.” Eldad Livni, Chief Innovation Officer, Torq The SentinelOne integration with Torq combines SentinelOne’s powerful detection and protection with Torq’s no-code automation, enabling customers to limit alert fatigue, respond to threats at machine speed, and proactively identify and remediate risks. Torq makes it easy for security teams to create automated workflows, with a drag and drop workflow builder and hundreds of templates aligned with industry best practices and frameworks from MITRE and NIST. With robust data from SentinelOne, the Torq solution has access to more high-fidelity threat data for improved enrichment, accelerated response times, and alert fatigue reduction. Torq workflows can listen for SentinelOne alerts, and ingest these to trigger action in any security or operations tool. The solution deploys out-of-the-box in minutes with no coding, installation, or ‘connectors’ needed. Key benefits of the integration include: Real-time threat enrichment - automatically enrich alerts from any system with data directly from SentinelOne Singularity. Automated remediation - remediate threats with fully autonomous or partially autonomous remediation workflows to accelerate mean time to respond. Optimize SOC workflows - clearly and quickly orchestrate threat hunting, information sharing, and ticket creation for vulnerability management. Bot-driven collaboration - Create no-code interactive chat bots that allow users to perform critical actions, run deep visibility queries, or control SentinelOne endpoints from within Slack or other chat tools. “The SentinelOne-Torq integration provides joint customers with a powerful combination of best-in-breed automated security solutions,” said Ruby Sharma, Head of Technical Partnerships, SentinelOne. “Not only are customers utilizing industry leading endpoint protection and XDR, they also have access to innovative security automation tools that can accelerate workflow automation. We are pleased to make this integration available via the Singularity Marketplace, and we look forward to expanding our offerings to address even more use cases.” About SentinelOne SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Read More

Spotlight

In this white paper, you will learn how to use adaptive authentication in your organization to solve the access control challenges that will lead to stronger ePHI protection and safer patient care. Read on to access a security service with stronger data protection, rapid deployment, and friendly integration.

Resources