DATA SECURITY

SYNNEX Corporation Adds Proofpoint to its Security and Networking Portfolio

SYNNEX | July 22, 2021

A leading provider of distribution, systems design, and integration services for the technology industry, SYNNEX Corporation (NYSE: SNX) has announced its expansion of networking and security portfolio with a leading cybersecurity and compliance company, Proofpoint products and services.

Through SYNNEX, resellers can have access to the whole Proofpoint line. They can leverage their combined suite of cloud-based solutions, assisting companies globally to safeguard their data, stop targeted threats,  and make their users stronger against cyber attacks and threats. This agreement boosts compliance solutions and SYNNEX's cybersecurity and guarding people on all channels, including web,email, social media cloud, and mobile messaging.

Through SYNNEX, many inclusive pre-sales support offerings will be accessible such as bill of materials design, assistance with opportunity qualification, access to complementary training, and proof of concept demonstrations. In addition, the dedicated team in SYNNEX Proofpoint can assist with product management and specialization, marketing, business development, and overall business management. With renewal automation, SYNNEX also offers rewarding financial assistance and incentives. This support is aimed to help clients upsurge their operational efficiencies and successfully grow their dealings in businesses.

About SYNNEX Corporation

Founded in 1980, SYNNEX Corporation (NYSE: SNX) is a Fortune 200 corporation. It is also a leading provider of systems design and integration services and a comprehensive range of distribution for the technology industry to many enterprises. It operates in several countries throughout South and North America, Asia-Pacific, and Europe

Spotlight

Effective cyber security defences are clearly a cornerstone of every financial service. As a differentiator, cyber security extends into an integrated, well-designed customer experience. Cyber security in the UK today As cybercrime rises and everyday services are increasingly digitalized, public opinions on cyber security are changing. Citizens are becoming more careful about how they share their information and more aware of organizations who might fail to protect it. To find out more, we surveyed over 3,000 UK citizens to explore how attitudes and behaviours around cyber security are evolving and what this might mean for the banking sector.


Other News
DATA SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

Legit Security Discovers and Helps Remediate Software Supply Chain Vulnerabilities in Google Firebase & Apache Open-Source Projects

Legit Security | September 16, 2022

Legit Security, a cyber security company with an enterprise platform to secure an organization’s software supply chain, today announced that it discovered software supply chain attack vulnerabilities in popular open-source projects from Google and Apache. The discovered vulnerability affects GitHub, an extremely popular Source Code Management (SCM) system at the heart of many organization’s software supply chains and used by software developers globally. The Legit Security research team found a new type of CI/CD vulnerability called “GitHub Environment Injection” that allows attackers to take control of the vulnerable project's GitHub Actions CI/CD pipeline. Any GitHub user could exploit this vulnerability to modify the project’s source code, steal secrets, move laterally and attack inside the organization, and ultimately initiate a SolarWinds-like supply chain attack. The vulnerability was found in the Google Firebase project and in a very popular integration framework project from Apache. Both Google and Apache acknowledged and fixed the vulnerabilities after an initial disclosure by Legit Security. Legit Security has published a technical disclosure blog on their website including guidance for organizations to remediate this vulnerability. Legit Security’s Research Team discovered that a specially crafted payload written to a GitHub environment variable called “GITHUB_ENV” could allow an attacker to execute code on the target pipeline and thereby modify the source code or compromise the repository itself. This attack can be initiated by any GitHub user and is very easy to implement just by creating a “pull request” or a proposed change to the source code. The mere act of submitting the pull request will trigger the vulnerable build action and carry out a successful compromise and the attacker does not need to be subjected a code review approval from the source code maintainer for it to take effect. The Legit Security team disclosed these issues to Google and Apache project maintainers, along with remediation guidelines, and verified that these vulnerabilities weren’t exploited by a malicious actor. Both projects have been fixed and are now safe. However, these are not the only projects susceptible to this kind of attack. Since using the GITHUB_ENV file is currently considered the “safe” way to change environment variables in GitHub Actions, many repositories are using workflows that write untrusted data into this file, leaving them exposed to supply chain attacks. “This type of vulnerability joins many other software supply chain vulnerabilities and attacks targeting popular open-source projects, including GitHub, which is the largest and the de facto host of most open-source projects. “We, as a security community, must build the tools and processes to address these threats and allow organizations to trust software and use it safely. Here at Legit Security our mission is to secure every organization’s software supply chain and we are active conducting security research and collaborating on initiatives to achieve this goal." Liav Caspi, CTO and co-founder of Legit Security According to Gartner®, nearly half of organizations worldwide will experience an attack on their software supply chains by 2025, a three-fold increase from 2021. There has been a huge rise in attempts to compromise open-source projects and CI/CD build services, including GitHub Actions, to enable wide ranging attacks through software supply chains. For in-depth analysis of the GitHub Environment Injection vulnerability, along with broader information and guidance on how to protect your organization from software supply chain attacks, please visit the Legit Security website and blog. About Legit Security Legit Security protects software supply chains from attack by automatically discovering and securing the pipelines, infrastructure, code and people so that businesses can stay safe while releasing software fast. Legit provides an easy to implement SaaS platform that supports both cloud and on-premises resources and combines automated discovery and analysis capabilities with hundreds of security policies developed by industry experts with real-world SDLC security experience. This integrated platform keeps your software factory secure and provides continuous assurance that your applications are released without vulnerabilities.

Read More

DATA SECURITY

ControlCase Partners with ConnectWise & FifthWall Solutions to Increase MSP Cybersecurity Maturity & Bridge Access to Cyber Insurance.

ControlCase | July 11, 2022

ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced its recent partnership with ConnectWise and FifthWall Solutions. Under this partnership, Managed Service Providers (MSPs) can now access the ConnectWise MSP+ security best practices framework from the ControlCase Compliance HubTM platform for both self-assessment and verification by ControlCase. This partnership also provides the rate-quote-bind assistance required for procuring insurance. ConnectWise’s MSP+ framework is derived from the NIST CSF framework and aims to help MSPs strengthen their cybersecurity program, increase cybersecurity maturity, and ultimately lower their risk of a data breach. MSP+ provides an affordable compliance framework that can be used as the foundation for an MSPs cybersecurity program. The MSP+ program is split into 3 parts: 1. MSP+ Self Assessment – Allows the MSP to access the framework and start implementing controls and closing gaps at their own pace. 2. MSP+ Advanced – Includes assistance with remediation and final verification by ControlCase. 3. MSP+ Mastery – Demonstrates a mature cybersecurity program and is also verified by ControlCase. “This partnership is a gamechanger for MSPs,” said Mike Jenner, CEO at ControlCase. “Security incidents involving MSPs, and their clients continue to rise. This rise necessitates stringent security controls to be implemented and the MSP+ framework provides a great place for MSPs to start learning about cybersecurity and implementing necessary controls.” Speaking on the achievement, Raffael Marty, General Manager -Cybersecurity at ConnectWise said “Cyber insurance is a critical element to help partners protect their legacy by building a more cyber-resilient business. This partnership will help MSPs increase their cybersecurity maturity, prepare for and procure insurance; eliminating dozens of steps they and their customers would otherwise have to take.” The ControlCase Compliance HubTM platform is integrated with ConnectWise Manage. MSPs can complete their MSP+ assessments without ever leaving their PSA. The MSP+ Advanced and Mastery offerings also include real-time compliance status and vital statistics such as risk rating and security milestone planning. “FifthWall is excited to be the dedicated Cyber Insurance & Risk Management Solution Provider,” said Reid Wellock, President, FifthWall Solutions. “We work with 35+ insurers to limit clients’ cyber exposure and give peace of mind for businesses of any size.” This partnership greatly simplifies MSPs and their clients' access to insurance.” For more information on this partnership and the related offerings, please contact Kimberly Simon at ksimon@controlcase.com About ControlCase ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premises and cloud environments. ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP. About FifthWall Solutions FifthWall works with 35+ carriers to limit your clients’ cyber exposure and give peace of mind for businesses of any size. With our policies, MSPs and their clients are covered from business interruptions, cyber crimes, and several of the consequences that follow. With breach prevention and response tools, MSPs and their clients avoid risk and minimize impact in the event of a security incident.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Barracuda recognized for industry-leading email security and data protection solutions

Barracuda | August 23, 2022

Barracuda, a trusted partner and leading provider of cloud-first security solutions, announced today that it is recognized as an innovator with two prestigious awards for email protection in the 2022 SC Awards and for data protection in the 2022 CRN Annual Report Card (ARC) Awards. 2022 SC Awards Barracuda Email Protection has been recognized as the winner of the Email Protection category in the 2022 SC Awards. Now in its 25th year, the SC Awards are cybersecurity's most prestigious and competitive program. Winners are recognized for outstanding solutions, organizations, and people driving innovation and success in information security. Barracuda Email Protection is a comprehensive, easy-to-use solution that delivers API-based inbox defense, phishing protection, incident response, gateway defense, data protection, and compliance capabilities. "We're thrilled that our solutions were named the best in the Email Protection category this year. "This win recognizes the value of our solutions, including our advanced ML capabilities, which enable our customers to fully automate detection and remediation. At Barracuda, it's our mission to deliver innovative security products that are easy to by, deploy, and use, and we see this award as a sign we are delivering on that." Don MacLennan, SVP of Engineering and Product Management, Email Protection, at Barracuda The 2022 SC Awards received a record 800 entries across 38 categories — a 21% increase over 2021. Entries for the SC Awards were judged by a panel of industry leaders, from sectors including healthcare, financial services, manufacturing, consulting, and education, among others. 2022 CRN Annual Report Card Barracuda was named the overall winner in the Data Protection Software category of CRN's 2022 Annual Report Card award. This award honors the industry's top technology vendors for success in providing high levels of satisfaction for channel partners through innovative products, services, and partner programs. Barracuda not only earned the highest score overall in the category, but also swept the four subcategories: Product Innovation, Support, Partnership, Managed & Cloud Services. With 37 years of history, CRN's ARC Awards recognize best-in-class vendors that are devoted to boosting IT channel growth through innovation in technology and partner strategy. Through the ARC Awards — known as one of the most prestigious honors in the IT industry — solution providers offer key feedback that commends technology manufacturers for designing channel-friendly product offerings, developing strong partner programs, and building long-term successful relationships with solution providers. This win recognizes both Barracuda Cloud-to-Cloud Backup and Barracuda Backup. Barracuda Cloud-to-Cloud Backup provides easy-to-use, cloud-native backup for Microsoft 365 data. Barracuda Backup combines storage, software, and inline deduplication, to ensure data is protected against loss no matter what happens. "We're honored by this recognition, and it is especially meaningful because it is based on input from channel partners," said Bill Fitzgerald, VP, Channel Sales, Americas. "I'd like to express my sincere thanks to all channel partners that participated in the CRN survey." The ARC Awards are based on an invitation-only research survey conducted by The Channel Company. Responses from 3,000 solution providers across North America were evaluated in this year's survey, rating 82 vendor partners across four criteria: product innovation, support, partnership, and managed cloud services. Scores were awarded in 25 major product categories in technology areas that are critical to channel partner success. About Barracuda At Barracuda we strive to make the world a safer place. We believe every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level.

Read More

DATA SECURITY,PLATFORM SECURITY

Orange and Netskope Partner on Carrier-class Connectivity and SSE Services for a Secure, Cloud-smart Platform

Orange Cyberdefense | September 23, 2022

Orange Business Services, a global network-native digital services company, Orange Cyberdefense, a leading cybersecurity services provider, and Netskope, a leader in secure access service edge (SASE), are partnering to deliver a new SSE (Security Service Edge) solution embedded into the Orange Telco Cloud Platform. The enhanced solution is designed to deliver optimal performance with maximized security, meaning enterprises will no longer need to find a compromise between the two. A decade of shifting to cloud and mobile computing, along with the ever-present demands of hybrid work environments, have put security and networking requirements on a collision course. While SSE addresses the security challenges, enterprises need to incorporate them into overarching connectivity strategies to realize the full benefits of SASE. The partnership will leverage Orange Cyberdefense’s security expertise and Netskope’s global security private cloud footprint and SSE leadership, enabling Orange Business Services to deliver consistent internet security on and off the network. This will help protect enterprise customers from data loss and the growing volume of sophisticated threats across cloud, web and private applications, with the full attributes of a cloud-native platform. The co-managed solution will reduce complexity for enterprises, providing continuously updated cloud security via the Orange Business Services Telco Cloud Platform. Telco Cloud Platform is a revolution in the way networks are built, run, and managed with enhanced performance. The software-defined approach optimized for telco workloads allows for greater agility and cost reduction. Securing an enterprise’s most important assets: people and data This innovative hybrid architecture embeds Netskope’s points-of-presence (POPs) within the Orange network, strengthening the Orange customer value proposition by delivering the benefits of the Orange network, including speed and agility, while enabling customers to tap into the power of Netskope Intelligent SSE. Netskope Intelligent SSE provides granular visibility and real-time data and threat protection for cloud services, websites, and private apps accessed from anywhere, on any device. “Cloud transformation and hybrid work models mean that traditional security architectures are no longer effective or efficient. Plugging our market leading platform into Orange’s network will enable Orange to significantly increase its offering to enterprises looking to secure data without limiting business productivity.” Sanjay Beri, CEO, Netskope “Increasingly enterprises are using the internet as their only WAN transport, even in a growing threat landscape. Working together we are delivering Orange customers a SASE-ready WAN edge while upgrading the security of the enterprise’s network without downgrading the user experience.” says Hugues Foulon, CEO, Orange Cyberdefense. “This innovative partnership is an important part of our Evolution Platform concept designed to simplify connectivity, cloud, and security and support business outcomes from end-to-end, providing real-time protection for our users, their applications, and data, wherever they are. It underscores our position as a trailblazer in SSE and managed services, providing the right balance of performance, speed, and protection to our customers,” adds Aliette Mousnier-Lompré, CEO, Orange Business Services. About Orange Business Services Orange Business Services is a network-native digital services company and the global enterprise division of the Orange Group. It connects, protects, and innovates for enterprises worldwide to support sustainable business growth. Leveraging its connectivity and system integration expertise throughout the digital value chain, Orange Business Services is well placed to support global businesses in areas such as software-defined networks, multi-cloud services, Data and AI, smart mobility services, and cybersecurity. It securely accompanies enterprises across every stage of the data lifecycle end-to-end, from collection, transport, storage and processing to analysis and sharing. About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

Spotlight

Effective cyber security defences are clearly a cornerstone of every financial service. As a differentiator, cyber security extends into an integrated, well-designed customer experience. Cyber security in the UK today As cybercrime rises and everyday services are increasingly digitalized, public opinions on cyber security are changing. Citizens are becoming more careful about how they share their information and more aware of organizations who might fail to protect it. To find out more, we surveyed over 3,000 UK citizens to explore how attitudes and behaviours around cyber security are evolving and what this might mean for the banking sector.

Resources