NETWORK THREAT DETECTION

Solvo ReInvents Cloud Identity and Access Management with IAMagnifier

Solvo | November 30, 2021

Solvo-ReInvents
Solvo, a security automation enabler for cloud development and production environments", announced today the availability of its "IAMagnifier" – a cloud SaaS security platform, enabling developers, DevOps and cybersecurity stakeholders working in cloud development environments to reduce potential cybersecurity threats caused by misconfigured access permissions to cloud assets.

To truly enable a secured, yet productive development environment, a "least-privileged" permission mechanism should be employed – by using this methodology, the access level for each asset is defined by answering the question "How can I prevent access to that asset from anyone or anything other than anyone or anything that is supposed to access it to perform their intended task?".

Today, security-minded developers and security stakeholders within the organization had to manually inspect security permissions configurations for each asset, compare the permission levels found within the specific asset's configuration to the permission level stated by the relevant organizational policies, and if the actual permission level is too lenient – rectify the situation by updating the asset's permission configuration.

In addition to the need to perform these set of activities for each individual asset, a task which might entail an enormous waste of time and effort, the permission level to which the "wrong" configuration should be updated to may not be the best one according to the specific characteristics of each individual asset.

"Solvo's IAMagnifier turns this cumbersome, lengthy, inefficient, and error-prone process of managing cloud assets' access permissions, into an automated, centralized, fast and decision-assisted experience,It does so by constantly inspecting the assets' access permissions configurations, analyzing gaps between the current and desired permission level, suggests the needed changes to the configuration, and performs these changes if approved by the user."

Solvo's Co-founder and CEO, Shira Shamban

To present the most relevant and updated data about permission levels and potential risks derived from permission level gaps, Solvo's IAMagnifier offers visual experience, which turns boring tables and records into easy to comprehend mapping of connections and dependencies between Roles, Policies, assets and users. The IAMagnifier also highlights what its analyzer has declared as "excessive permissions", and suggests an alternative, least-privileged permission policy, which can then be enforced by the user just by approving the suggestion.

Unlike traditional infrastructure default definitions or human-set definitions, the "excessive" permission status definition and the alternative permission suggestion the IAMagnifier highlights and suggests are derived from analyzing actual real behaviour of the application and finding the balance between preventing unrequired access by irrelevant stakeholders, and keeping an uninterrupted workflow for relevant stakeholders (i.e least-privileged).

Sylvie Veilluex, Solvo's advisor and former CIO of Dropbox, added: "The team has been offering early access to the IAM Magnifier to selected customers, and the feedback has been nothing short of amazing. One of the CEO whose company was using the IAMagnifier went on to declare the ability to easily see the company's security posture, and effortlessly enhance it, made scaling the company's cloud and business infrastructure frictionless and even enjoyable."

Solvo's team will present IAM Magnifier during AWS' Re:Invent conference, which takes place in Las Vegas, NV, between November 29th and December 3rd, 2021. Solvo will also be providing a free AWS S3 Bucket policy auditing during the conference, and visitors can schedule a meeting with the team for a chance to get back from Vegas with a win.

About Solvo
Solvo allows security teams to empower software developers and accelerate their cloud delivery. The developer-centric security platform creates and maintains a least-privilege security policy for cloud native applications. It adapts the security configuration to every environment, creates it from scratch and monitors for changes, integrating with existing workflows seamlessly and automatically.

Spotlight

Any business can be a target; those most susceptible will be businesses that maintain customer records or that consumers frequent most, such as restaurants, retail stores and hotels. The risk is even greater for brand name chains. Areas of focus for 2012 include employee security awareness, anti-virus software and legacy firewalls. By learning from others’ misfortunes or vulnerabilities, and applying tactical and strategic change outlined in this report, any organization will be better able to reduce the likelihood of incidents and resultant data loss


Other News
SOFTWARE SECURITY

GTT Launches Secure Connect to Enhance Enterprise Cloud Security

GTT | March 23, 2022

GTT Communications, Inc., a leading global cloud networking provider to multinational clients, has announced its new Secure Connect offering to extend and strengthen the protection of the enterprise network connecting to the internet and accessed by users from any location. The new service is based on the SASE framework and integrates with GTT Managed SD-WAN. GTT Secure Connect leverages a single cloud platform for agile and ubiquitous delivery of network security, offering a range of features that include CASB (Cloud Access Security Broker), SWG (Secure Web Gateway), ZTNA (Zero Trust Network Access) and FWaaS (Firewall as a Service) capabilities. GTT Secure Connect addresses the growing requirement for secure access to enterprise resources in an environment characterized by the widespread use of digital technologies, broad adoption of cloud applications and a remote workforce. GTT Secure Connect utilizes a cloud delivery model that provides centralized policy control at a site and user level for improved scalability and extends the security perimeter to any network endpoint. Additionally, the integration of security with the functionality of GTT Managed SD-WAN improves performance and simplifies network management. The comprehensive SASE-based feature set can be tailored to meet individual enterprise requirements for anti-virus, firewall and anti-malware protections, more effective blocking of malicious sites, augmented cloud security monitoring, and prevention of unauthorized access to network resources in a work-from-anywhere model. With GTT Secure Connect, network access is based on user, device and application identity — rather than the physical location or IP address — enabling seamless and secure networking between users, private, SaaS and public clouds, and the enterprise data center. “In an enterprise environment where digital business and the use of cloud applications has become more critical, coupled with the challenge of supporting a hybrid workforce and an intensifying cyber-threat landscape, customers are demanding network integrated security solutions that are comprehensive with an improved user experience. GTT Secure Connect has been designed to meet these customer requirements, leveraging our industry-leading SD-WAN capability combined with state-of-the-art, cloud-based security technologies, delivering a more effective and efficient solution that provides next-generation connectivity and protection managed all in one place.” Don MacNeil, GTT COO According to industry research firm Omdia, only 15 percent of enterprises globally have a fully developed approach to cybersecurity and digital risk. Further research by the firm shows that when SD-WAN is combined with security, enterprises report an extra boost in perceived value over just SD-WAN. “Omdia finds securing networks a consistent area of enterprise concern and investment. Enterprise network transformation needs to address the complexity of securing internet VPNs, cloud applications and a remote workforce,” said Cindy Whelan, practice leader, enterprise network services at Omdia. “GTT’s new Secure Connect brings together network and security, supported by professional services, to help enterprises with their security and performance needs in a period of rapid digital transformation and an intensifying cyber-threat landscape.” The underlying technology platform of GTT Secure Connect is Prisma® Access provided by Palo Alto Networks, an industry leader in global cybersecurity. GTT Secure Connect integrates Prisma Access with GTT’s software-defined networking solutions and global Tier 1 IP network. GTT Secure Connect is complemented by GTT Professional Services, which offers the technical expertise and operational experience to support the complete solution from initial design to installation and ongoing service management. This includes project management, technical management and incident management support. Through EtherVision, GTT’s unified customer management portal, GTT Secure Connect provides customers with the insights and control they need to operate their network and manage their security environment. About GTT GTT provides secure global connectivity, improving network performance and agility for your people, places, applications and clouds. We operate a global Tier 1 internet network and provide a comprehensive suite of cloud networking and managed solutions that utilize advanced software-defined networking and security technologies. We serve thousands of businesses with a portfolio that includes SD-WAN and other WAN services, internet, security and voice services. Our customers benefit from a customer-first service experience underpinned by our commitment to operational excellence.

Read More

PLATFORM SECURITY

LogicBoost Labs' Latest Investment Enhances Cybersecurity Validation

LogicBoost Labs | March 09, 2022

LogicBoost Labs, a startup accelerator focused on promoting the growth of early-stage B2B SaaS startups, announced today an investment into Information Shield, a provider of products and services that help automate the process of building and validating a robust cyber security program. The investment package includes putting cash on the balance sheet for growth and expert advice in sales, marketing, customer success, and tech development from the in-house team of LogicBoost Labs experts. Supported by a panel of leading information security experts, Information Shield and its ComplianceShield software solution allow organizations to quickly validate cyber security readiness to customers, regulators, and insurance providers. Clients can save thousands of dollars and weeks of effort when addressing third-party risk assessments and preparing for external certifications for compliance frameworks, including ISO 27002, NIST-CSF, HIPAA, CMMC, among many others. "Having spent 15 years working in cybersecurity, I've seen firsthand how difficult it can be for companies and their IT teams to meet compliance mandates. Information Shield dramatically reduces the amount of time it takes to build, roll out, and validate your modern cybersecurity program to meet internal requirements and your client's needs." Jonathan Cogley, Founder and CEO of LogicBoost Labs David Lineman is president and CEO of Information Shield, Inc., a global provider of information security leading practices. Lineman has more than 25 years of software, security, and information technology management experience, and holds 3 patents on software technology, and has consulted on information security policy development for over 50 organizations. "If your business is handling information, you need to have a defensible cyber security program in place that addresses key industry standards," said Lineman. "Using our Security Wizard and Common Control Library (CCL), we have dramatically simplified the process by helping organizations quickly build programs that address key regulations and frameworks. Built-in security policy templates enable rapid documentation and key supporting evidence to support external audits, such as SOC II or ISO Certification. We have leveraged our experience with over 8000 customers in 100 countries to create a tool that is both robust and affordable." About LogicBoost Labs LogicBoost Labs is a startup accelerator designed to advance the growth for pre-revenue and early-stage B2B SaaS startups. As such, LogicBoost Labs offers a full-service line-up of resources and capabilities to further increase the likelihood of a young company's success. Each portfolio company has full access to LBL's talented pool of experienced executives whose sole job is to guide and mentor the start-ups on such matters as staffing, sales, marketing, technical support, and customer success. The ultimate goal: take the start-up from early revenue or pre-revenue to 1 million ARR. About Information Shield Information Shield provides customers with time-saving products and services to help build, update, and maintain a defensible information security and data privacy program. Based in Houston, Texas, Information Shield has over 10,000 satisfied customers in 100 countries, covering a variety of markets including financial services, healthcare, non-profits, government, and retail.

Read More

SOFTWARE SECURITY

ZeroEyes Announces Partnership with Veteran-Owned Cybersecurity Firm Layer 8 Security

Layer 8 Security | February 02, 2022

ZeroEyes, Inc., creators of the only AI-based video analytics platform focused solely on gun detection, is proud to announce its partnership with Philadelphia-based company, Layer 8 Security. Layer 8 Security is a cybersecurity consulting and technical services firm that arms organizations with practical security, compliance, and privacy strategies. Starting in 2022, Layer 8 Security will assist ZeroEyes with the company's information security certifications. Both companies are veteran-founded, owned, and operated, and are part of the Veterans Business Referral Network with over 200 members in the Greater Philadelphia area. In addition to the local connections, both companies are well-known on the national stage for being leaders in their respective disciplines. "I've known members of the ZeroEyes team for years,ZeroEyes' focus on gun detection and physical security complements our focus on being the 'sheepdogs,' protecting people in any way we can. In our case our focus is on data privacy and protecting businesses from hackers. I'm excited to leverage our shared goals as veterans helping veterans." Kevin Hyde, President and Co-Founder at Layer 8 Security "Layer 8 Security and ZeroEyes are both focused on security and building veteran-owned businesses," adds ZeroEyes' Chief of Staff, Kieran Carroll. "We're excited to support Layer 8 Security in their mission and appreciate their services in securing our own business." About ZeroEyes ZeroEyes is the industry's leading AI-based weapons detection solution. Our software integrates into existing security camera systems and sends out a series of alerts when a verified gun is detected via our best-in-class weapons detection algorithms. Founded by a team of Navy SEALs and military veterans with over 50 years of military experience with deep special operations and intelligence community expertise, ZeroEyes is the trusted weapons detection provider of numerous clients, including the US Department of Defense, leading public K-12 school districts, commercial property groups, Fortune 1000 corporate campuses, shopping malls, and big-box retail. About Layer 8 Security Layer 8 Security is a cybersecurity consulting, advisory, and technical services firm that arms organizations with practical security, compliance, and privacy strategies. Today's business environment requires seamless integration with third-party vendors, clients, and partners. Layer 8 Security ensures your information ecosystem is secure, compliant, and resilient to the severity and frequency of a disruption resulting from a cyber attack.

Read More

DATA SECURITY

SentinelOne Expands Partner Ecosystem with New Zero Trust, CNAPP, Patch Management, and Threat Simulation Integrations

SentinelOne | January 15, 2022

SentinelOne an autonomous cybersecurity platform company, today announced integrations with Remediant, Blue Hexagon, Keysight, and Automox, expanding the set of capabilities available via SentinelOne’s Singularity Marketplace. With comprehensive integrations across enterprise use cases, the Singularity Marketplace enables customers to unify leading technologies to autonomously protect against threats at machine speed. Enable Zero Trust with Remediant SentinelOne’s joint solution with Remediant enables organizations to enforce Zero Trust solutions across cloud, hybrid, and on-premises infrastructure with a single agent. With the rise of credential stuffing attacks and ransomware, endpoints and identities are two of the most exploited attack vectors today. SentinelOne captures behavioral telemetry across user endpoints, cloud workloads and IoT, feeding process and file activities to Remediant. This enables administrators, auditors, and incident responders to identify malicious sessions and activity in a single workflow. “This partnership with SentinelOne marks one of the first, and best, examples of what becomes possible when leading identity and endpoint security solution providers align their capabilities,” said Paul Lanzi, Co-founder, Remediant. “As partners, we are both aware that today's remote workforce has to be secured by a new generation of tools that secure endpoints and privileged access. We're launching this partnership because EDR and identity vendors working together is one of the most powerful things we can do for our customers to ensure they can defend against attacks." Strengthens Cloud Ransomware Security with Blue Hexagon SentinelOne’s integration with Blue Hexagon enables the rapid detection and prevention of malware and ransomware in the cloud. As the first line of defense, SentinelOne secures endpoints, cloud workloads and IoT devices with AI powered protection, detection and response. The integration shares Blue Hexagon’s awareness of malware and ransomware reducing the time to respond through automated remediation. In addition, cloud misconfigurations are shared with SentinelOne. “We are excited to partner with SentinelOne, a leader in XDR, to provide a threat detection and response solution that unifies endpoint, cloud, and network security.With Singularity XDR and Blue Hexagon, joint customers can use leading solutions to seamlessly share ransomware intelligence and automate response across cloud environments.” Nayeem Islam, CEO and Cofounder, Blue Hexagon Proactive Threat Simulation with Keysight SentinelOne’s integration with Keysight allows joint customers to safely simulate threats in order to validate threat detection and remediation. Keysight’s Threat Simulator attacks both network and endpoints from a ‘Dark Web’ environment. Attacks are validated against Singularity XDR’s protection and detection models using SentinelOne’s rich API functionality, identifying gaps in the cyber kill chain and suggesting updates to organizational security infrastructure. “The integration of Keysight Threat Simulator with SentinelOne is exciting because it allows our joint customers to automate validation of their security processes and defenses before actual threats occur,” said Greg Copeland, Director of Technical Alliances, Keysight. “Cyber defense groups can test and train their operations teams using realistic scenarios, to sharpen their skills and procedures proactively.” Automate Vulnerability Management with Automox SentinelOne and Automox’s joint solution delivers end-to-end vulnerability discovery and remediation. As corporate networks become more technically diverse, organizations often struggle to keep up with patch management and cyber hygiene, forcing security teams to adopt multiple tools that require heavy training, dedicated on-site resources, and multiple dashboards. SentinelOne and Automox provide the visibility and workflows needed to significantly reduce the time to remediation and the burden on in-house resources. “As corporate IT environments become more distributed and overwhelmed with multiple operating systems and a vast inventory of third-party software, organizations are left wide open to cyber attacks,” said Jay Prassl, founder and CEO at Automox. “SentinelOne mirrors our mission to proactively reduce security exposure. Through our partnership, enterprise and government organizations benefit from a powerful, cloud-enabled solution to detect and remediate vulnerabilities, seamlessly and at scale.” About SentinelOne SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Read More

Spotlight

Any business can be a target; those most susceptible will be businesses that maintain customer records or that consumers frequent most, such as restaurants, retail stores and hotels. The risk is even greater for brand name chains. Areas of focus for 2012 include employee security awareness, anti-virus software and legacy firewalls. By learning from others’ misfortunes or vulnerabilities, and applying tactical and strategic change outlined in this report, any organization will be better able to reduce the likelihood of incidents and resultant data loss

Resources