Software Security

Syscoin Launches Network Rollup Facility

Syscoin
Syscoin, a cutting-edge base layer protocol that incorporates the composability of Ethereum-style smart contracts with the Bitcoin Network's industry-leading security, announced today the upcoming release of Rollux, a suite of developer-ready scaling solutions for developing decentralized applications at the speed of Web2 architectures.

“At Syscoin, we are constantly improving the architecture of our platform to offer the most capable solution for developers who want to build with Bitcoin’s security, Ethereum’s flexibility, and, beginning today, Syscoin’s own scaling solutions. The launch of our in-house Layer 2 rollup suite marks a major milestone in the evolution of the Syscoin Network toward being the ultimate foundation for applications aimed at individuals, global enterprises and even governments around the world.”

Jag Sidhu, Syscoin Foundation’s lead developer and president

Moreover, Syscoin uses its unique Proof-of-Data-Availability (PoDA) breakthrough with Rollux to secure accessible off-chain data for rollups. Apart from Ethereum, Syscoin will be one of the first chains to host optimistic rollups and the only one to use Bitcoin's gold-standard proof-of-work hashing for its own security. As Ethereum evolves toward a proof-of-stake consensus paradigm, this difference will become more relevant.

Syscoin's development plan is divided into three segments. The first phase concluded in December with the release of Syscoin's Network-Enabled Virtual Machine (NEVM). Syscoin's NEVM parallel Layer 1 chain allows developers to construct Ethereum-compatible, smart-contract-based decentralized apps on the Syscoin Network. Rollux is Syscoin's in-house Layer 2 rollup suite and marks the next step in the company's evolution.

Rollux will provide scaling solutions to applications that use the Syscoin Platform foundation layer in order to provide decentralized services at Web2-like speeds. Furthermore, the Rollux suite will be a comprehensive Layer 2 solution that covers the full range of scaling methods. Rollux will first provide Optimistic rollouts before extending to include ZK rollups when they become practicable.

When it is released, Rollux's optimistic rollup utility will use modular scaling technologies to provide the most efficient, cost-effective, scalable, and secure Layer 2 available. Syscoin will unleash performance and scalability 50 times that of existing Layer 2s and 5000 times that of the Ethereum mainnet with direct EVM counterparts like Arbitrum's Nitro and Optimism's Cannon. This powerful platform will continue to progress the sector for many years to come, ultimately ushering in stateless Layer 2 systems that offer a significant advancement in scalability and security.

Syscoin Rollux will represent the cutting edge of scaling technology for Solidity-based smart contracts, with Layer 2 scaling coupled to Bitcoin's security standard. Moreover, since the smart contract layer is entirely EVM-compatible, it will be straightforward to onboard applications from Ethereum that want to add Bitcoin's security at scale. Finally, since the non-profit Syscoin Foundation is releasing the Rollux suite, the project will avoid charging excessive fees and using token schemes that add friction and costs to consumers.

Spotlight

Other News
Software Security

Lacework and Snowflake Expand Their Alliance to Secure Cloud Business

Lacework | September 15, 2023

Lacework, a company specializing in data-driven cloud security, and Snowflake, a prominent Data Cloud company, have jointly announced an expanded partnership. This partnership aims to propel the evolution of cloud infrastructure while enhancing cloud security automation at scale. Through this extended collaboration, security teams gain direct access to their Lacework cloud security data using Snowflake's secure data sharing, thus enabling unified visibility and tailored automation. Ulfar Erlingsson, Chief Architect, Lacework, said, Snowflake has been a dedicated platform partner as Lacework has scaled our business to support over 900 customers — ranging from small, early-stage startups to some of the most sophisticated enterprises running in the cloud space today — whose operations result in tremendous volume, variety, and velocity of security-relevant data. [Source – Cision PR Newswire] Erlingsson mentioned that, over the past seven years, Lacework had successfully conducted timely and efficient data processing by utilizing the Snowflake Data Cloud, even among a highly skewed set of customers. He further explained that their extended partnership with Snowflake would enhance their ability to serve joint customers at a cloud scale. This would apply whether customers needed them to handle only a small amount of security data or data processing at rates as high as 10s of gigabytes per second. As generative AI advances and becomes more accessible across various industries, the frequency and severity of cybersecurity threats are on the rise. This trend is driven by businesses accelerating their development processes and increasing cloud data generation. Addressing this new era of cloud security necessitates a fundamentally fresh approach, and Lacework's platform is designed to efficiently manage the substantial volume of data within an organization's cloud ecosystem. This includes data related to code, identities, containers, and multi-cloud infrastructure, with Snowflake serving as a critical platform partner. Through the combined capabilities of Lacework's security platform and Snowflake's Data Cloud, customers gain the ability to extend the value of cloud security data throughout their organization. This enables organizations to thoroughly assess their security and compliance status. Head of Cybersecurity Strategy at Snowflake, Omer Singer, said, Among the many potential advantages of generative AI is the ability for enterprises to deploy new applications faster, which places even more emphasis on the need to have scalable infrastructure and solutions. The combination of Snowflake and Lacework will continue to assist organizations scale their cloud businesses securely in the new era. [Source – Cision PR Newswire] About Lacework Lacework protects organizations in the cloud, enabling them to innovate with greater speed and assurance. Lacework's platform is designed to scale with the variety, volume, and velocity of cloud data across an organization's cloud environment, including code, containers, identities, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a connected and prioritized end-to-end view that identifies the most significant hazards and security events. About Snowflake The Snowflake enables all organizations to mobilize their data with its Data Cloud. Customers utilize the Data Cloud to integrate disparate data sources, power data applications, discover and securely share data, and implement a variety of AI/ML and analytic workloads. Snowflake provides a singular data experience that transcends multiple clouds and geographies, regardless of where data or users reside. Snowflake Data Cloud is used by thousands of customers across numerous industries, including 639 of the 2023 Forbes Global 2000 as of July 31, 2023.

Read More

Cloud Security

Checkmarx Announces Technology Partner Program to Enable the Industry's Most Extensible, Code-to-Cloud Enterprise AppSec Ecosystem

PR Newswire | October 19, 2023

Checkmarx, the industry leader in cloud-native application security for the enterprise, today announced its Checkmarx Technology Partner program, enabling organizations to easily extend the leading AppSec platform with a wide range of technology partner capabilities. The combination of best-of-breed technology partners with the leading enterprise AppSec platform helps organizations shift everywhere, from code to cloud, with a unified AppSec posture integrated into the software development life cycle (SDLC). Checkmarx' Technology Partner Program helps organizations simplify management across their AppSec programs, get more value out of existing AppSec solutions and drive better security outcomes. Providing broad support for greater AppSec maturity throughout the entire SDLC, the Checkmarx Technology Partner program enables partners and their customers to centralize and simplify discovery in these key areas through Checkmarx One: Vulnerability and risk management systems: Aggregate, normalize and prioritize vulnerabilities and risks with a unified, holistic view with partners like ArmorCode, Brinqa and ServiceNow. SDLC tools: Integrate AppSec at all stages of the software development lifecycle within the environments and tools used daily by analysts, developers and testers with partners like GitLab, JetBrains and Security Compass. Cloud and runtime security: Match cloud assets at runtime with application source code projects so that vulnerabilities found in the developer source code are enriched with runtime context, and runtime cloud security inventories are enriched with AppSec findings – all possible through partners like AWS, Cisco Panoptica and Sysdig. Emerging technologies: Work with the most innovative startups and technologies including AI and GenAI to shape tomorrow's AppSec solutions landscape with partners like Mobb.ai. Expanding this ecosystem simplifies the process of mitigating AppSec risk for our partners' customers, making their applications exponentially more secure during a time of escalating threats, said Kobi Tzruya, Chief Research and Development Officer at Checkmarx. From protecting AI-generated code to helping build trust between developers and security teams, Checkmarx One is already the AI-driven, enterprise-ready AppSec platform of choice. Now working with other leading technology companies to meet the need for streamlined, consolidated solutions will make life easier and applications safer for everyone. Checkmarx recently announced Sysdig as its latest technology partner, bringing runtime container insights into Checkmarx One so organizations can prioritize vulnerabilities associated with container packages that are actually running and that pose the most risk. "The top application security vendors have a responsibility to team up to provide more robust and complete solutions for the world's enterprises," said Bryan Smoltz, VP of Technology Alliances at Sysdig. "By delivering runtime insights within Checkmarx One, customers have clear visibility into the workloads that are running in production so they can make better-informed security decisions. Together, we're helping to bring maximum protection at cloud speed." Technology partners also benefit from the program with new marketing and sales opportunities, and by making their solution readily accessible to Checkmarx' more than 1,800 customers, including 60% of the Fortune 100. The Checkmarx One platform scans more than 100 billion lines of code monthly and its world-renowned Checkmarx Labs security research team provides ongoing threat intelligence to inform product development and to advise customers of their best defenses in today's threat landscape. For more information about becoming a Checkmarx Technology Partner, visit this page. Click here to explore the Checkmarx One partnership ecosystem. About Checkmarx Checkmarx is the enterprise application security leader and the provider of Checkmarx One™, the industry-leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Powered by the intelligence from our industry-leading AppSec security research team, and our AI-driven technology and services, our platform is designed to enable CISOs, AppSec and development leaders to prioritize their teams' focus on what impacts their business. Our offerings secure every phase of development for every application, from the very first line of code through production, while simultaneously balancing the dynamic needs of security and development teams. It's no longer just about shifting left or right - it's about shifting everywhere. We are honored to serve more than 1,800 customers, which includes 60 percent of all Fortune 100 organizations. We are committed to moving forward with unwavering dedication to the safety and security of our customers, and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.

Read More

API Security

Salt Security, CrowdStrike Expands Partnership with New Integration

Salt Security | September 20, 2023

Salt Security, a prominent API security company, has announced the expansion of its partnership with CrowdStrike, a leading cybersecurity technology company providing cloud workload and endpoint security, cyberattack response, and threat intelligence services. This expansion involves the integration of the Salt Security API Protection Platform with the widely recognized CrowdStrike Falcon Platform. Roey Eliyahu, Co-founder and CEO of Salt Security, stated, Protecting against API threats requires deep visibility and robust runtime protection. We’re excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organizations with extended runtime protections and posture management across the cloud and application landscapes. [Source – Cision PR Newswire] Through this integration, customers gain access to a comprehensive 360-degree view of API security risks, particularly focusing on the application-layer attack surface. This integration is accessible via the CrowdStrike Marketplace and provides valuable API threat intelligence. It also enhances cross-organization API security capabilities by streamlining and enhancing the workflows related to API auditing, monitoring, and enforcement. The partnership between Salt Security, offering top-notch API runtime monitoring and AI-driven insights, and CrowdStrike, renowned for its award-winning AI-powered protection, provides organizations with complete visibility into their API attack surface. This integration also offers valuable context regarding the severity of threats in relation to business-critical aspects. With this partnership, customers benefit from: API vulnerability and threat context API threat mitigation API threat management automation The patented Salt API security platform stands out for its utilization of cloud-scale big data, artificial intelligence (AI), and machine learning (ML). These technologies work in tandem to automate the process of discovering and cataloging an organization's entire set of APIs. Salt plays a crucial role in pinpointing areas where APIs might expose sensitive data. This proactive approach aids enterprises in recognizing and mitigating potential API threats while also reinforcing their overall API security. Gur Talpaz, Head of Falcon Fund and Vice President of Corporate Development at CrowdStrike, said, With APIs now a prime target for malicious actors, securing them requires a comprehensive and diligent approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organizations complete visibility into their application-layer attack surface and a detailed understanding of their application threat landscape. [Source – Cision PR Newswire] About Salt Security Salt Security is a leading API security company that safeguards the APIs at the core of all modern applications. Its API Protection Platform is the sole API security solution that integrates the power of cloud-scale big data with time-tested machine learning and artificial intelligence to detect and prevent API attacks. Salt provides extensive context, real-time analysis, and continuous insights for API discovery, hardening APIs, and attack prevention by correlating the activities of millions of APIs and users over time.

Read More

API Security

Wallarm Announces Policy Integration with MuleSoft AnyPoint Platform

Wallarm | October 13, 2023

Wallarm has announced the availability of Application and API Security policies seamless integration with the MuleSoft AnyPoint Platform, providing essential protection for apps and APIs in various deployment scenarios. This integration of Wallarm and MuleSoft presents a compelling choice for organizations dedicated to comprehensively safeguarding and managing their API security management, ensuring robust protection for their digital assets. In the digital age, enterprises heavily depend on APIs to facilitate application connections and drive their digital transformation. Wallarm's latest offering seamlessly integrates with the MuleSoft API management and integration platform, bolstering cloud security and compliance to meet the evolving needs of modern businesses. Effective API management is paramount for organizations, and the market offers numerous commercial solutions, each with its unique features. Whether opting for well-known platforms such as MuleSoft, Kong, or Apigee, or exploring external tools like Akamai Edge and Azion Edge, the decision on how to deploy and manage crucial APIs depends on factors such as scalability, performance, and existing infrastructure. Regardless of the chosen approach, the demand for robust API security that effortlessly aligns with these varied deployment methods remains a top priority. CEO and Co-founder of Wallarm, Ivan Novikov, said, Wallarm is keen to unveil a cutting-edge cloud-based security policy that is agile and fully integrated with MuleSoft, a leading integration and API management platform in the market. [Source – Business Wire] About Wallarm Wallarm is a leading provider of robust protection for APIs, microservices, web applications, and serverless workloads in cloud-native environments. Trusted by numerous Security and DevOps teams, Wallarm excels in comprehensive web app and API endpoint discovery, shielding against emerging threats across their API portfolio, and automating incident response for enhanced risk management. The platform is designed to support modern tech stacks, offering a myriad of deployment options in both cloud and Kubernetes-based environments, including a full cloud solution. Based in San Francisco, California, Wallarm is backed by prominent investors like Y Combinator, Toba Capital, Partech, and others.

Read More