DATA SECURITY

Symphony Technology Group Announces the Launch of Skyhigh Security

Skyhigh Security | March 22, 2022

Skyhigh Security
Symphony Technology Group (“STG”), a leading Menlo Park-based private equity firm focused on the software, data, and analytics sectors, today announced the launch of Skyhigh Security. The new portfolio company was created to satisfy the growing cloud security requirements for large and small organizations. Skyhigh Security’s unique approach extends security beyond data access to securing how the data is used. Its data-aware Security Service Edge (SSE) is built to meet the needs of the modern workforce with security that follows the data and users wherever they are.

Earlier this year, STG announced it would be splitting McAfee Enterprise into two organizations—Trellix and Skyhigh Security—to better focus on the very distinct markets of Extended Detection and Response (XDR) and the SSE. At that time STG also announced that Gee Rittenhouse, who previously led Cisco’s cyber security business, would serve as CEO of the SSE business, bringing deep cloud security expertise.

“Skyhigh Security has emerged as a dedicated cloud security company that is laser-focused on propelling businesses forward with a comprehensive and converged approach to data security. We’re committed to investing in this business, which is in one of the most important markets in security, SSE.”

William Chisholm, managing partner, STG

“With the majority of data in the cloud and users accessing it from everywhere, a new approach to security is needed,” said Rittenhouse. “Skyhigh Security has created a comprehensive security platform to secure both data access and data use via unified policies and data awareness. Organizations can now have complete visibility and control and seamlessly monitor and mitigate security risks—achieving lower associated costs, driving greater efficiencies and keeping pace with the speed of innovation.”

“Organizations are at a crossroads navigating the hybrid workforce,” said Frank Dickson, vice president, IDC. “While the ‘work from anywhere’ model creates flexibility and agility, it can also be a point of security vulnerability, challenging perimeters and endpoints and opening new attack surfaces in the cloud. These organizations need a best-in-class cloud-native solution that simplifies the implementation of cloud security to protect data regardless of where it lies.”

“Protecting the way data is used is as important as the way data is accessed—we must implement a powerful data-centric defense to meet the demands of how work is conducted today,” said Dan Meacham, chief information security officer, Legendary Entertainment. “Skyhigh Security’s platform approach is completely integrated and simple to use. With over 10 years focus on cloud security, they are a pioneer in the SSE space. Skyhigh Security’s innovations have been validated both by analysts and customers alike. It is truly one of the most solid and unique SSE solutions in the market today.”

The Skyhigh Security SSE Portfolio includes Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), Cloud Data Loss Prevention (DLP), Remote Browser Isolation technology, Cloud Firewall and Cloud Native Application Protection Platform (CNAPP). The company was most recently named a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge and recognized in the 2022 Critical Capabilities for SSE for its MVISION Unified Cloud Edge (UCE) solution.

About Skyhigh Security:
Skyhigh Security protects organizations with cloud-native security solutions that are both data-aware and simple to use. Its market-leading Security Service Edge (SSE) Portfolio goes beyond data access and focuses on data use, allowing organizations to collaborate from any device and from anywhere without sacrificing security.

Spotlight

Locked down from deep in the hardware all the way up to the application layer, the Samsung KNOX Platform delivers a multi-layered approach to enhanced mobile security. See why KNOX is built ready for anyone from an individual, small business or large enterprise, a corporation, and even relied upon by government organizations with the most stringent security requirements.


Other News
SOFTWARE SECURITY

JFrog Integrates with ServiceNow to Improve Software Security Vulnerability Response Times with “ServiceOps”

JFrog | May 27, 2022

JFrog Ltd. , the Liquid Software company and creators of the JFrog DevOps Platform, today unveiled new integrations for JFrog Xray with ServiceNow’s Lightstep Incident Response and Spoke products for IT Service Management. Available immediately, the JFrog Xray integrations with ServiceNow (NYSE: NOW) provide IT leaders with real-time insights on security vulnerabilities and compliance issues to quickly engage necessary team members from across the organization for more immediate response and remediation. “Successfully securing the software supply chain at the speed of business is a team sport, requiring efficient, cross-team collaboration for timely security incident remediation. Our integration with ServiceNow aims to change the relationship between developers and the rest of the business, so they can maintain the speed and frequency of releases, while avoiding downtime and loss of trust from end customers." Shlomi Ben Haim, Co-Founder and CEO, JFrog The new integration enables IT teams to proactively address security issues before they become major concerns. The combination of JFrog Xray and ServiceNow delivers a robust software composition analysis (SCA) tool that can quickly scan binaries for vulnerabilities and license compliance issues, then share those insights with the appropriate parties across the organization. The JFrog Xray-ServiceNow solution is unique in that it helps DevOps engineers, site reliability engineers (SREs), IT system administrators, and others, more securely build, deploy, run, and monitor applications effortlessly, in a single view. It also enables real-time security alerts and insights with assigned actions across all the tools, people, and processes needed for timely resolution. JFrog Xray & ServiceNow: Delivering Incident Response & Enterprise-wide Workflow Design for Security Incidents Identifying and effectively responding to malicious attacks must transcend business units and operational functions. By improving real-time insight, collaboration, and communication amongst and between enterprise security and IT teams, the JFrog Xray-ServiceNow integrations ensure swift responses to emerging security threats. The JFrog Xray integration with Lightstep Incident Response enables developers, SREs, and Security Administrators to: Monitor, collect and respond to license compliance and security vulnerabilities impacting the software supply chain across all stages of the software development and release lifecycle. Streamline vulnerability response by pulling-in the right team members across the organization for faster remediation. The JFrog Xray Spoke for ServiceNow allows IT operations staff to: Generate violation reports, create ‘ignore rules’, re-scan builds, add custom item properties, and more. Automate workflows that meet audit demands and avoid penalties for improper use of code segments obtained from the open-source community. Identify problems earlier in the application development pipeline and incorporate change management solutions. For more information on the new JFrog Xray integrations for ServiceNow Lightstep Incident Response, read this blog or solution sheet. Further details on the JFrog Xray integration with Spoke can be found in this blog. You can also connect with JFrog and ServiceNow solution experts during swampUP 2022 taking place in San Diego, May 25 - 26, 2022. For more information and to register, visit https://swampup.jfrog.com/. About JFrog JFrog Ltd. , is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won’t go back.

Read More

DATA SECURITY

Armis Selects Radware to Deliver Cloud Security for AWS

Radware | December 30, 2021

Radware a leading provider of cyber security and application delivery solutions, today announced that Armis, a leading unified asset visibility and security platform provider, chose Radware’s Cloud Native Protector to safeguard its Amazon Web Services (AWS) environment. This born-in-the-cloud business adopted Radware’s solution to fortify its cloud security posture and identify potential vulnerabilities before they evolved into threats. Armis’ security platform enables companies to safely use and control IoT and other unmanaged devices without fear of compromise by cyberattacks. Armis was looking for a solution that would give its DevOps team full visibility and control of its public cloud environment. The company turned to Radware to make it easier for its team to remotely track assets, supervise access to sensitive resources, and detect suspicious activity. “The Radware team understands that we are a dynamic company with requirements that are constantly changing,” said Roi Amitay, head of DevInfra at Armis. “Radware’s Cloud Native Protector plays an essential role in securing our cloud environment. It helps us see our full cloud picture and focus on what matters most. Radware provides trusted products and support, making this the best solution for our company.” Radware’s solution enhances the visibility and control Armis has over its public cloud environment. It automates manual analysis and notifies Armis about any publicly exposed assets and potential cyberattacks to help the company prioritize its work. “Cloud-native companies like Armis have unique and constantly shifting security requirements that need specialized solutions,Our Cloud Native Protector not only secures Armis’ cloud workloads but also is continually assessing risks and improving visibility and governance of their cloud.” Gilad Barzilay, director of public cloud sales at Radware Radware’s Cloud Native Protector is an agentless solution that provides centralized visibility and reporting for workloads and accounts on AWS and Microsoft Azure. Its intuitive 360-degree centralized dashboard shows alerts across accounts and clouds with risk-prioritized alerting so that security teams know which alert to focus on first. Using a multi-layered approach that covers a wide security posture of the cloud and threats to individual workloads, the solution also identifies and prevents public exposure of public facing assets, cloud security misconfigurations, excessive permissions, and malicious activity in the cloud. About Radware Radware is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.

Read More

SOFTWARE SECURITY

Guidepost Solutions Acquires Significant Equity Interest in Cybersecurity Solutions Firm Truvantis, Inc.

Guidepost Solutions LLC | March 29, 2022

Guidepost Solutions LLC, a global leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting, announced that it has acquired a significant equity stake in Truvantis, Inc., a cybersecurity company formed in 2010. Truvantis provides best-in-class cyber and privacy services to secure infrastructure, data, operations, and products. This strategic partnership allows both Guidepost and Truvantis to offer a wide-ranging suite of cybersecurity solutions and consulting services, at a time when cybersecurity risks are evolving and affecting all business operations. Truvantis is led by its founder and CEO, Andy Cottrell. With more than 25 years of experience in IT and cybersecurity, Cottrell has designed and implemented security solutions, launched innovative security products to market, and helped countless small and large companies improve their security posture. “I am pleased to announce this partnership with Truvantis, as part of our firm’s continued efforts to grow its capabilities and footprint in the cybersecurity arena. We are committed to providing our clients with unique solutions to defend against one of the greatest risks facing their companies – cyber threats. This partnership significantly expands our ability to fulfill that commitment.” Julie Myers Wood, Guidepost Solutions CEO This new alliance enables clients to leverage comprehensive threat, risk, vulnerability management, privacy, and assessment services to protect against a full spectrum of cyber and physical security issues and address a variety of regulatory and business-critical requirements. Today’s companies are faced with an increasing number of requests for independent verification of their cybersecurity and privacy policies and practices. Whether it’s an assessment against a security framework like the NIST CSF, ISO 27001, or CIS Controls, addressing compliance with privacy laws and requirements like the PCI DSS, or preparing for a SOC2 or HITRUST audit, companies are seeking help from highly qualified, credentialed consultants who can help address these complex cybersecurity and privacy challenges. The Guidepost/Truvantis team will afford clients a depth of expertise as well as a breadth of services to address a broad range of risk mitigation needs. “Guidepost Solutions is a leader in investigations, compliance, and physical security consulting and we’re excited to bring these capabilities to our clients to provide comprehensive risk management solutions,” said Andy Cottrell, CEO, Truvantis. “As the market continues to evolve toward consolidated physical, personnel, and cybersecurity management, this partnership enables us to provide the most comprehensive solutions in the market.” Through this investment and partnership, Guidepost Solutions and Truvantis are positioned to enhance cyber and physical security defenses for clients and provide resiliency for their critical systems. Specific security services include risk assessments, security testing, cyber investigations, cybersecurity governance, data protection, privacy consulting, operational security design and project management, vCISO, and remediation services. About Guidepost Solutions LLC Guidepost Solutions is a leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting. We work wherever your needs take us – whether on the ground around the globe – or from one of our offices located in Bogotá, Boston, Chicago, Dallas, Honolulu, London, Los Angeles, Miami, New York, Palm Beach, Philadelphia, Phoenix, San Francisco, Seattle, Singapore, Walnut Creek, and Washington, DC. About Truvantis Inc. Truvantis® is a cybersecurity consulting organization providing best-in-class privacy and cybersecurity services to secure your organization’s infrastructure, data, operations, and products. We specialize in helping our customers improve their cybersecurity posture by implementing, testing, auditing, and operating information security programs.

Read More

SOFTWARE SECURITY

BlackBerry Helps Channel Partners Tap Exploding Managed Security Service Market

BlackBerry | June 09, 2022

BlackBerry Limited today announced a number of enhancements to the BlackBerry Partner Program to help Managed Security Service Providers (MSSPs) capture the exploding demand among small and medium-sized businesses (SMBs) for 24x7x365 Managed Extended Detection and Response (XDR) services, a market which industry experts expect will grow from $22.45 billion in 2020 to $77.01 billion by 2030. BlackBerry's 2022 Threat Report found SMBs experience 11-13 attacks every day. Amidst this growing threat landscape, the company has significantly increased its MSSP focus, launching new marketing incentives, a global hiring campaign to boost partner support and a revamped curriculum of training, tools and enablement resources to aid overall go-to-market efforts. Enhancements include: Greater Cybersecurity Protection for Customers & More to Sell – New products and services now available to MSSPs include CylanceGUARD®, CylancePERSONA™, and CylanceGATEWAY™. This will enable new service opportunities and help MSSPs secure their client environments. Increased Support & Field Seller Alignment – Commitment to significantly increase the size of BlackBerry's channel team, doubling employee headcount in roles such as partner management, customer success and channel enablement to ensure partners have the technical and sales support to compete and win in the crowded EDR/XDR market. BlackBerry has also introduced seller compensation on MSSP deals to encourage field alignment and to embrace MSSPs as a critical route to market. More Comprehensive Training – New BlackBerry Cyber Security Administrator (BCSA) technical training – aimed at MSSPs who will be configuring, managing, and troubleshooting BlackBerry UES products. Representing the next-generation evolution of the popular Cylance Security Professional Certification, the new program includes a blend of videos, instructor-led training, and online assessments on BlackBerry's industry-leading, AI-based, prevention-first solutions focused on preventing breaches before they happen. Lucrative Marketing Incentives – Expanded the generous 'Protect and Earn' partner incentive program that rewards MSSPs for uncovering and closing net-new BlackBerry logos. Partners earn cash-based rewards which are determined by the qualifying closed deal's Total Contract Value, with no limits. New Pricing – New flexible licensing and pricing options built to match the way MSSPs do business with customers. New MSSP-focused aid in partner business development including demand generation & sales support via proposal-based marketing funds, case studies, strategic Go-To-Market engagement and access to inside sales resources. The expanded investment and support for MSSPs comes following last month's joint warning from the Five Eyes Alliance of security authorities from the United Kingdom, Australia, Canada, New Zealand and the United States, highlighting an increase in malicious cyber activity targeting managed service providers (MSPs) and urging them to protect the IT supply chain with a fresh set of cybersecurity measures. "With headline-grabbing hacks and a cybersecurity talent gap showing no signs of letting up, SMBs have never been more under-staffed or ill-prepared to meet the challenges posed by the continuously evolving threat landscape. "Our top 20 MSSPs have grown more than 50 per cent year over year and demand for human threat experts is through the roof. To that end, BlackBerry is doubling down and increasing our focus on our MSSP partners to ensure they're set up for success." Colleen McMillan, VP, Global Channel Sales at BlackBerry About BlackBerry BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including over 195M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint management, endpoint security, encryption, and embedded systems. BlackBerry's vision is clear - to secure a connected future you can trust.

Read More

Spotlight

Locked down from deep in the hardware all the way up to the application layer, the Samsung KNOX Platform delivers a multi-layered approach to enhanced mobile security. See why KNOX is built ready for anyone from an individual, small business or large enterprise, a corporation, and even relied upon by government organizations with the most stringent security requirements.

Resources