PLATFORM SECURITY, SOFTWARE SECURITY
Netpluz | October 12, 2022
Netpluz, a one-stop Managed Communications Service Provider in the region, has teamed up with two leading security platforms, Stellar Cyber and Ridge Security, to provide more comprehensive cybersecurity services for Small and Medium-sized Enterprises (SMEs) across the Asia Pacific.
Netpluz eSentinel™ is a cloud-based, all-in-one managed cybersecurity platform that offers comprehensive protection of confidentiality, integrity, and availability of computer systems and networks against cyber-attacks and unauthorized access. The partnerships with Stellar Cyber and Ridge Security will significantly enhance the cyber defence capabilities of eSentinel™ in two main areas, namely Managed SOC (Security Operations Centre) and VAPT (Vulnerability Assessment and Penetration Testing).
With the adoption of Stellar Cyber's Open XDR platform and ingestion of data from multiple different sources, eSentinel™ Managed SOC service will offer high-fidelity threat detection and incident correlation through AI, automated threat hunting and response. MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond) will also improve tremendously by more than eight and twenty times, respectively.
Ridge Security's pioneering product, RidgeBot®, is an intelligent risk-based vulnerability management and automated pentest robot that value-adds to eSentinel™ VAPT service. RidgeBot® acts like human attackers, relentlessly locating exploits and documenting the findings. Unlike humans, RidgeBot® comes armed with dynamic attack strategies to exploit before moving on to the next target.
"With digitalization accelerated by the pandemic, adopting technology as part of strategic growth is now at the forefront of many organizational agendas, even for SMEs. In fact, we see SMEs looking at digitalization for business and growth opportunities in the long term – driving stronger demand for managed cybersecurity services. "Responding to this demand, we are thrilled to work with Stellar Cyber and Ridge Security to deliver enterprise-grade and cost-effective managed cybersecurity services to businesses in the Asia Pacific."
Mr Lau Leng Fong, Chief Executive Officer of Netpluz
Such collaborations extend Netpluz's comprehensive selection of business-focused solutions and align with the company's vision to be the top Managed Communications Service Provider in the Asia Pacific.
With the evolving digital landscape, cybersecurity is now an integral part of communication services and an even more significant concern for SMEs. Unlike large enterprises, SMEs are often more vulnerable to cyber-attacks due to the lack of strong technological defences, less awareness of threats, and a shortage of talents and resources to invest in cybersecurity.
This is where Netpluz comes in. With an increasing focus on offering managed cybersecurity services, Netpluz has established a high-availability Security Network Operation Centre (SNOC) spanning its regional operations, to provide round-the-clock monitoring, detection and response of its customers' IT devices, systems, and network infrastructure. To further strengthen its cybersecurity capabilities and processes, Netpluz has also attained certifications, including CREST Certification, CSA Cyber Trust mark (Advocate), ISO/IEC: 27001:2013, and MTCS Standard. Netpluz is also a Cybersecurity Service Provider (CSP) licensed by the Cyber Security Agency of Singapore (CSA), enabling the company to provide secure and reliable services to customers in Singapore and across the Asia Pacific region.
Netpluz is a transforming Managed Communications Service Provider that helps clients become more agile by simplifying their Information and Communications Technology (ICT) needs. With humble beginnings in 2015 serving business internet connectivity, acquisition of MediaRing business assets and merger of Y5Zone Singapore in 2016, Netpluz has evolved from an Internet Service Provider (ISP) to providing Managed Data, Cloud, Cybersecurity, Voice, Video, and Mobility services to over 2,000 clients over a single, converged network with uncompromising availability, scalability and service standards.
Backed by decades of industry expertise, experience and global technology partners, Netpluz managed services are designed and operationalized with cost efficiency to fit business needs. With an unwavering dedication to delivering quality services to its clients, Netpluz aspires to become the top Managed Communications Service Provider in the Asia Pacific.
About Stellar Cyber
Stellar Cyber's Open XDR platform delivers Everything Detection and Response by ingesting data from all tools, automatically correlating alerts into incidents across the entire attack surface, delivering fewer and higher-fidelity incidents, and responding to threats automatically through AI and machine learning. Its XDR Kill Chain™, fully compatible with the MITRE ATT&CK framework, is designed to characterize every aspect of modern attacks while remaining intuitive to understand. This reduces enterprise risk through early and precise identification and remediation of all attack activities while slashing costs, retaining investments in existing tools and accelerating analyst productivity. The company is based in Silicon Valley.
About Ridge Security
Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems. The management team has years of networking and security experience. Ridge Security's robotic security validation system RidgeBot, fully automates the penetration testing process and emulates adversary attacks to validate an organization's cybersecurity posture.
DATA SECURITY, ENTERPRISE IDENTITY
Cybeats | September 29, 2022
Cybeats Technologies Inc., a leading software supply chain risk and security technology provider announces a strategic partnership with Veracode, a leading global provider of application security testing solutions.
The partnership will leverage complementary expertise to ensure customers receive the highest standard of cybersecurity solutions. Cybeats' software supply chain security product, SBOM Studio, will be available to customers through Veracode Partners, and the companies will explore joint commercial opportunities. Once generated within the Veracode Continuous Software Security Platform, a Software Bill of Materials (SBOM) can enable greater software security by offering a full inventory of the third-party components used within an application. Cybeats SBOM Studio is an enterprise-class solution that helps companies understand and track third-party components that are an integral part of their own software.
Veracode will provide advice and guidance around the commercial deployment of SBOM Studio within its existing customer base. The partnership aims to enable both companies to continue to expand their existing presence in the global cybersecurity market. Through this alliance, the companies' joint customers will be able to maximize their technology investments and procure, develop, and deploy secure software, while reducing the risk of a security breach resulting from weak links in their software supply chain.
"As a Veracode Elite Technology Alliance Partner, Cybeats brings additional expert solutions to the frictionless developer experience already offered by our Continuous Software Security Platform," said Laurie Haley, Vice President of Strategic Alliances at Veracode. "By complementing our existing software composition analysis capability, Cybeats' integrated solutions will allow customers to maximize SBOM (Software Bill of Materials) utility and simplify their workflow for greater ROI."
"We are honoured to partner with Veracode to expand each other's presence in the global cybersecurity market. As the cyber risk related to software supply chain attacks continues to mount, deep visibility and universal transparency using SBOMS is necessary for resilient cybersecurity defense."
Yoav Raiter, CEO, Cybeats
"In this modern era of rapid development, the importance of time to market and automation is paramount. Together, Veracode and Cybeats offer a substantial contribution to enabling our customers to align with the SBOM market needs and seamlessly support practices mentioned in SSDF NIST 800-218 framework without increasing the overhead on their development and product security teams," said Dmitry Raidman, CTO, Cybeats
Through a single, centralized platform offering comprehensive visibility into vulnerabilities using all software security testing types, Veracode delivers one of the industry's only cloud-native solutions that allows partners to onboard quickly and seamlessly, so companies can securely move AppSec to the cloud. As a result of this partnership, Veracode can easily integrate the full breadth of Cybeats' software solutions into their customers' environments. The partner program provides market-leading solutions and services to get partners up and running straight away, with minimal impact to their existing business.
Cybeats SBOM Studio
SBOM Studio provides organizations with the capability to efficiently manage SBOM and software vulnerabilities, and provides proactive mitigation of risks to their software supply chain. Key product features include robust software supply chain intelligence, universal SBOM document management and repository, continuous vulnerability, threat insights, precise risk management, open source software license infringement and utilization, and secure SBOM exchange with regulatory authorities, customers and vendors, at reduced cost.
Cybeats is a leading software supply chain intelligence technology provider, helping organizations manage risk, meet compliance and secure software from procurement, development through operation. Our platform provides customers with deep visibility and universal transparency into their software supply chain, as a result enables them to increase operational efficiencies and revenue. Cybeats. Software Made Certain.
DATA SECURITY, PLATFORM SECURITY, SECURITY AUDIT AND COMPLIANCE
CrowdStrike | October 27, 2022
CrowdStri, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, and Ernst & Young LLP (EY US), a leading organization in cyber risk consulting services, today announced an expanded relationship to deliver Cloud Security and Observability services globally, powered by the CrowdStrike Falcon platform. This collaboration expands on existing services previously announced including: Ransomware Readiness and Resilience; Incident Response (IR), Recovery and Remediation; Identity Assessment; and Zero Trust capabilities.
“The CrowdStrike-EY Alliance combines CrowdStrike’s leading cloud security and observability solutions with the transformational consulting capabilities and services provided by EY,” said Michael Rogers, vice president of global alliances at CrowdStrike. “Our expanded alliance now provides joint customers the ability to secure their cloud workloads with CrowdStrike Cloud Security, as well as ingest their log and event data at scale with CrowdStrike Falcon LogScale, providing real-time visibility to better understand and assess issues in their infrastructure environments.”
“Cloud security and observability continue to be key priorities for our clients. Our expanded alliance with CrowdStrike is critical in helping organizations address new and emerging threats,” said Dave Burg, EY Americas Cybersecurity Leader. “As a result of this relationship expansion, EY will implement CrowdStrike Cloud Security and CrowdStrike Falcon LogScale to help clients confidently secure their cloud workloads and operationalize the data they are generating for increased visibility.”
The EY Cloud Security service offering leverages CrowdStrike Cloud Security, a CNAPP solution with agent-based and agentless protection, with EY’s cybersecurity professionals to accelerate the journey of clients through alignment and implementation of appropriate controls as part of the shared responsibility model. This enables DevOps and infrastructure runtime scanning teams to:
Securely move to the cloud: Build a secure and compliant path to production by assessing, architecting, implementing and optimizing key cloud security controls, whether hybrid or multi-cloud.
Secure business-critical workloads: Reduce the overhead, friction and complexity associated with protecting cloud workloads, containers and serverless environments, and transform the lengthy risk and audit processes into automated and continuous ones.
Shift left securely: Automate the secure development of cloud-native applications, delivering full-stack protection and compliance for containers, Kubernetes and hosts across the container lifecycle.
The EY NextGen SOC service offering utilizes CrowdStrike Falcon LogScale, a modern log management solution, with EY’s SOC transformation practice to help clients – such as Mondelēz International – transform and optimize their cyber risk management operations practices by assessing, designing, building, improving, operating and automating their security operations and cyber defense capabilities. This enables DevOps, SecOps and IT Ops teams to:
Decrease mean time to detection (MTTD): Evaluate all security use cases with EY’s SOC Transformation services and optimize them with Falcon LogScale, which provides real-time streaming, searching and alerting.
Reduce complexity and increase visibility: Spend less time managing and maintaining disparate environments and more time triaging incidents with Falcon LogScale, which centralizes all logs in a single dashboard and reduces the time spent filtering data. EY can guide clients in maximizing their most important resource – people.
Lower total cost of ownership (TCO): Remove the limitations present in traditional logging solutions by leveraging Falcon LogScale’s index-free architecture, which provides seamless data ingestion, reduced infrastructure costs and lower operational costs. EY can help clients to reduce their TCO and drive relevant business insights by assisting in their identification and prioritization of their capital and operational investments.
“EY and CrowdStrike Falcon LogScale have enabled a global, multi-functional log management solution for our growing IT, security and compliance requirements,” said Kostas Georgakopoulos, CTO & CISO at Mondelēz International.
The Cloud Security and Observability services are generally available for customers.
CrowdStrike, a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Sentra | November 04, 2022
Sentra, a cloud data security company, today formally announced that it has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Backed by Bessemer Venture Partners and Zeev Ventures, Sentra enables security teams to gain full visibility and control of cloud data, as well as protect against sensitive data breaches across the entire public cloud stack.
The company was recently recognized by Gartner® as a Sample Vendor for Data Security Posture Management in the Hype Cycle™ report for Data Security 2022.1
"As enterprise cloud adoption has accelerated across industries over the past two years, data security has become an inevitable challenge for all organizations –– Sentra's platform takes the guesswork out of what data needs to be protected. "We look forward to collaborating with CSA's extensive network of industry peers to create a secure cloud environment for all organizations. With Sentra's new North American headquarters in New York City, we're eager to align our product mission and security expertise with CSA's initiatives as we expand our global customer base."
Yoav Regev, co-founder and CEO of Sentra
"We're excited to welcome Sentra as a member of CSA," said Jim Reavis, co-founder and CEO of the Cloud Security Alliance. "Sentra's visibility-driven data security platform and its founders' decades of cyber security experience are an asset to our organization. We look forward to collaborating with Sentra to increase awareness of the importance of data protection in the cloud."
GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Sentra is a cloud data security platform that helps organizations discover and remediate the top data security risks in their public cloud. Sentra automatically detects if sensitive data is vulnerable due to misconfigurations, over-permissions, unauthorized access, data duplication or other security issues. The company was founded in 2021 in Tel Aviv, Israel, and has raised $23 million in seed funding to date. The company is now co-headquartered in New York City and Tel Aviv.
About the Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.