Software Security
Business Wire | September 27, 2023
Today, Cyolo, provider of the fastest and most secure zero-trust access and connectivity solution for hybrid organizations with IT and OT, in partnership with KuppingerCole, released an industry analysis focused on zero trust and remote access for operational technology (OT) environments.
The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks.
OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and Supply Chains as vectors – while experiencing expanded OT-specific threats. While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions.
Cyolo can help organizations with OT infrastructure to define and manage access control to those complex environments, said John Tolbert, Lead Analyst at KuppingerCole.
Overall key insights include:
OT Threat Landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being.
Core Cybersecurity Regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework.
OT Security Architectures and Key Functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol level threats.
As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and making the product easier than ever to use for both administrators and end users in the industrial space.
With Cyolo 4.3, industrial organizations will be able to extend their multi-factor authentication (MFA) across environments through an integration with Duo Security to support their physical tokens as required. Additionally, the company has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. Cyolo is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using SCIM.
“Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organizations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O'Donnell, Vice President ICS/OT of Cyolo. “With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defenses against evolving cyber threats.”
The announcement of Cyolo 4.3 highlights the company’s commitment to advancing zero-trust capabilities and it comes on the heels of Cyolo being listed as a Representative Vendor in the 2023 Gartner® “Market Guide for Zero Trust Network Access” report for the second consecutive year and recognized by Frost & Sullivan with the 2023 North American New Product Innovation Award for Secure Remote Access to Operational Infrastructure and Industrial Control Systems (OT/ICS).
As the threats to critical infrastructure continue to evolve, Cyolo zero-trust access solution continues to provide the utmost protection and ease of use. To learn more about Cyolo 4.3, visit here. Access the report for a full view of the industry here.
Register here to attend the joint webinar from Cyolo and KuppingerCole on how to achieve secure remote access for OT environments, to be held on Tuesday, October 10 at 7 a.m. PT.
About Cyolo
Cyolo helps hybrid organizations in the IT and OT spaces to stay safe, secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.
Read More
API Security
Business Wire | October 25, 2023
Data Theorem, Inc., a leading provider of modern application security, today introduced an industry-first attack path analysis of APIs and software supply chain exploits to its Cloud-Native Application Protection Platform (CNAPP) called Cloud Secure. The new release includes machine learning (ML)-based hacker toolkits and improved visualizations that boost discovery of potential data breaches in first-party APIs and third-party software supply chain assets hosted in multi-cloud environments.
As a result of today’s launch, organizations can now leverage an advanced ML-based CNAPP solution to best secure their cloud-native apps and discover weaknesses which could lead to data breaches. Previously, organizations had to rely on cloud security posture management (CSPM) and agent-based cloud workload protection platforms (CWPP) that lack the ability to accurately detect attack surfaces such as first- and third-party APIs that lead to the critical path hackers utilize to successfully exploit vulnerabilities and extract sensitive data.
Data Theorem’s new release of Cloud Secure now delivers Cloud Hacker Toolkits powered by a new set of visualization features and ML enhancements for exploit prioritization, helping organizations focus on the most critical vulnerabilities that hackers can take advantage of for a cyberattack to extract data from cloud-native apps. In addition, Cloud Secure now offers ML-powered optimized Cloud Assets inventory with new visualizations for organizations to better understand the relationships between applications (mobile and web), APIs (first and third party), and the myriad of cloud resources. As a result, organizations for the first time can have an accurate inventory of their cloud-native and cloud-hosted applications, and visualize the growing attack surfaces including APIs they develop themselves and APIs that come from leveraging open-source software, third-party software development kits (SDKs), and public cloud services within their software supply chains.
As we have seen, machine learning, and particularly generative language learning model (LLM), offers a new set of innovations and creativity for both security practitioners and attackers, said Doug Dooley, Data Theorem COO. Data Theorem is pleased to offer the industry’s first CNAPP solution which leverages some of the more useful elements of machine learning combined with run-time analysis, observability, and active protection. Cloud Secure continues to lead the industry as the most application-centric CNAPP offering helping organizations uncover new attack vectors in cloud-native applications and APIs that ultimately prevent large-scale data breaches. ML-powered Hacker Tool Kits and Optimized Cloud Assets, in addition to Cloud Secure’s other advancements in this new release, uniquely protect organizations’ cloud applications in multi-cloud environments.
Cloud Secure now also offers a new UI design that improves the end-to-end CNAPP workflow for organizations with new dashboard, inventory, security testing, and cloud-native protection sections. For example, the Cloud-Native Protection visualization graph with Cloud Abuse highlights priority events, actors, and attack path analysis that uniquely helps organizations diagnose near real-time data breaches and attempts at exfiltration attacks. In addition, Cloud Secure’s Enhanced Compliance Summary section with status and on-demand reporting downloads automates the audit processes to help organizations prove compliance.
Cloud Secure, powered by Data Theorem’s award-winning Analyzer Engine, helps organizations secure their cloud-native applications and address regulatory compliance for cloud monitoring and reporting. It is the industry’s first solution delivering full-stack attack path analysis for cloud-native applications that starts at the client layer (mobile and web), protects the network layer (APIs), and extends down through the underlying infrastructure (cloud services). Its combination of attack path analysis and run-time active protections enables both offensive and defensive security capabilities to best prevent data breaches of cloud-native applications, embedded APIs, and serverless cloud functions.
Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its award-winning Analyzer Engine which leverages a new type of dynamic and runtime analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation. Data Theorem is one of the first vendors to provide a full stack application security analyzer that connects attack surfaces of applications starting at the client layers found in mobile and web, the network layers found in APIs, and the infrastructure layers found in cloud services.
About Data Theorem
Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security, cloud (serverless apps, CSPM, CWPP, CNAPP), mobile apps (iOS and Android), and web apps (single-page apps). Its core mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously analyzes APIs, Web, Mobile, and Cloud applications in search of security flaws and data privacy gaps. The company has detected more than 5 billion application incidents and currently secures more than 25,000 modern applications for its enterprise customers around the world. Data Theorem is headquartered in Palo Alto, Calif., with offices in New York and Paris. For more information visit www.datatheorem.com.
Read More
Software Security
PR Newswire | October 17, 2023
Axiado, a leading innovator in AI-enabled hardware secure solutions, today announced its readiness to deploy its TCU (Trusted Control/Compute Unit) platform security solution for the world of cloud, 5G and network switching technologies.
"Cloud security is going through an inflection point. Axiado's comprehensive approach to secure platforms at the hardware level and their commitment to collaborative partnerships position them as a key player in shaping the future of this space," said Patrick Moorhead, CEO and Chief Analyst, Moor Insights & Strategy.
Axiado's is responding to today's disruptive market landscape by offering a turnkey solution by showcasing the following key milestones:
Open Compute Project (OCP)-compliant modules: Axiado has launched innovative DC-SCM 2.0 (Data Center Secure Control Module) modules in both horizontal and 1U vertical form factors – an industry first. The portfolio also includes network compute modules (NCMs) to accelerate secure network processing. This offering enables complex hardware interoperability, making it easier and more efficient for engineers to develop and deploy secure solutions.
ODM/OEM strategic partnerships: Axiado has worked closely with ODM/OEM industry leaders to build complete systems integrated with essential security and control features, ensuring that Axiado's solutions meet the full requirements of end customers. Demos of these TCU-based ODM/OEM systems for each of the target applications (cloud, 5G and enterprise switching) will be unveiled at the OCP Global Summit.
Collaboration with trusted firmware players: Axiado is collaborating with industry-leading software companies such as Insyde and AMI, ensuring integration of Axiado solutions into the software ecosystem.
Engagement with the OCP community: Selected by OCP to be part of its new Startup Program, Axiado is actively engaging with the OCP community to introduce a vertical version of DC-SCM2.0 / 1U. In addition, Axiado is adopting Caliptra Silicon root of trust (RoT) as an option on its TCU platform and will demonstrate the use of Caliptra to perform silicon RoT with a CPU host.
Go-to-market acceleration: Turnkey kits, including full software for management and security running on the TCU while interfacing to a host CPU, are available now for proof-of-concept, system integration and key security implementation.
Axiado's mission is to provide engineering excellence and innovative solutions that empower the industries of tomorrow, said Gopi Sirineni, President and CEO, Axiado. We believe that by addressing the complex challenges faced in the cloud, 5G and network switching markets, we are enabling our customers to achieve their goals more efficiently and securely.
Demonstrations at OCP Summit 2023
Axiado, in collaboration with its partners AEI, AMD, Gigabyte, Sanmina, Senao, Tyan, VVDN and Wiwynn, will demonstrate its full platform security solution at the 2023 OCP Global Summit on October 17-19. In addition, at Station 4 at the OCP Experience Center, Axiado will showcase a DC-SCM2.0 demonstration for Caliptra silicon RoT alongside Tyan and AMD.
Supporting Quotes: What Industry Leaders are Saying about Axiado's Platform Security Solution
Harry Soin, Senior Director of Technical Marketing, Advanced Energy
"Employing the latest advances in security is mandatory to protect next generation cloud computing. I've seen Axiado, with its TCU building block, be a good match with our power products to enhance the level of security and protection of our customer's server power systems."
Srivatsan Ramachandran, Vice President and General Manager, Global Strategic Business, AMI
"AMI has been a driving force behind modern compute environments, providing scalability, security, and sustainability. We're thrilled to team up with the cybersecurity innovators at Axiado, integrating AI-infused hardware solutions to embrace the next wave of technological change. Together, we're shaping the future of tech."
Daniel Hou, General Manager, Giga Computing
"The enterprise server market is demanding advanced security features that require a new breed of chip solutions and AI-driven approaches. The Axiado TCU AX2000/AX3000 family offers a fresh and new approach to platform security. Early adoption of innovative technologies like Axiado's will enable a continued leadership position for GIGABYTE with our enterprise customer base."
Stephen Gentile, Chief Marketing Officer, Insyde Software
"As a leading independent firmware supplier, Insyde Software fully understands the evolving security and management landscape and the importance of continual innovation in this area. That's why we are thrilled to collaborate with innovative newcomers like Axiado, ensuring our mutual customers have best-in-class platform security solutions."
Bou Lin, President, Senao
"Our clients consistently express the need for enhanced security protection in our next-generation product line, including enterprise-class top-of-rack switches. By integrating the Axiado TCU into Senao's leading enterprise switches, we can deliver the enhanced security features our clients demand today."
Eric Kuo, Vice President of MiTAC Computing Technology Corporation's Server Infrastructure Business Unit, Tyan Computer Corporation
"TYAN is a strong believer in modularized server systems for enterprise customers as well as cloud service providers. We therefore work closely with silicon players like Axiado to ensure a new wave of platform security solutions can fit well within OCP's DC-SCM2.0 specifications. Our engineering teams collaborate to ensure interoperability between TCU - based DC-SCM and TYAN's industry leading Host Processor Modules."
William Lin, President of Enterprise & Networking Business Group, Wistron Corp.
"Wistron is a key proponent for OCP based initiatives such as DC-SCM as it aligns well with our end customers in the Enterprise and CSP markets. We are therefore excited to look for opportunities to collaborate with chip-level disruptors such as Axiado which complement our go-to-market vision and provide new innovations in platform security.
Steven Lu, Executive Vice President, Wiwynn
"The collaboration between Wiwynn and Axiado signifies a critical leap forward for the cloud service provider and enterprise markets. This shift toward modular systems aligns perfectly with the industry's trajectory and reinforces Wiwynn's position as a Tier 1 player."
About Axiado's TCU
The Axiado AX3000/AX2000 TCUs represent a new category of forensic-enabled cybersecurity processors designed to enhance existing zero-trust models. TCUs combine silicon, AI and data collection, and software into a compact, power-efficient SoC with unique AI functionality explicitly designed for security. The single-chip solution is rooted in real-time and proactive AI with pre-emptive threat detection and comprehensive protection provided by a dedicated coprocessor that allows manufacturers to build safe, secure, and resilient solutions by design and default.
The TCU relies extensively on AI-based real-time threat mitigation with forensic-enabled hardware fingerprints as well as platform monitoring and optimization (clocks/voltages/temperature) using AI and machine learning (ML). The TCU solution includes root of trust (RoT), baseboard management controller (BMC), trusted platform module (TPM), hardware security module, SmartNIC, firewall, and AI and ML technologies.
About Axiado
Axiado is a cybersecurity semiconductor company deploying a novel, AI-driven approach to platform security against ransomware, supply chain, side-channel and other cyberattacks in the growing ecosystem of cloud data centers, 5G networks and other disaggregated compute networks. The company is developing new class of processors called the trusted control/compute unit (TCU) that redefines security from the ground-up: its hardware-anchored and AI-driven security technologies include Secure Vault root-of-trust/cryptography core and per-platform Secure AI pre-emptive threat detection engine. Axiado is a San Jose based company with a mission to protect the users of everyday technologies from digital threats. For more information, go to axiado.com or follow us on LinkedIn.
Read More
Software Security
ZeroFox | September 22, 2023
ZeroFox, an industry-leading provider of enterprise software-as-a-service for external cybersecurity, has announced the unveiling of multiple anti-phishing product enhancements. These updates solidify ZeroFox's position as the world leader in digital risk protection. Developed using cutting-edge AI/ML technologies and designed by a team of top-tier security experts, these new anti-phishing features boost escalated alert volume, reduce the occurrence of false positives, and expedite the process from threat identification to initial disruption and successful takedowns for all our customers.
The importance of these new features cannot be overstated, especially given the rising threat landscape. In the first half of 2023, ZeroFox Intelligence has recorded a substantial increase in the volume and complexity of phishing attacks, including a 30% surge in domain takedowns compared to the first half of 2022. New ZeroFox phishing trend research also highlights the adoption of evasion techniques like cloaking alongside emerging tactics such as SEO poisoning and phishing-as-a-service. These developments underscore the critical role of these new capabilities in safeguarding against evolving cyber threats.
Continuous and Complete Protection Against Domain-based Threats
ZeroFox adopts a unique approach to phishing compared to email security and conventional anti-phishing providers. Its strategy revolves around the identification, disruption, and elimination of the domains necessary for launching phishing campaigns. With daily monitoring of over 65 million domains, ZeroFox combats various threats like typo squats, subdomain spoofs, homoglyphs, and other malicious domain and URL-based attacks, effectively shielding customers and preventing any disruptions to business operations.
Incorporate advanced domain protection capabilities to enhance their cybersecurity measures, aiming to achieve substantial and measurable business outcomes:
Reduce Phishing Risks with Anti-Cloaking Capabilities:
Strengthen Compliance and Trust with SSL Monitoring
Secure Brand Identity with Favicon Search
Improve Operational Efficiency with Enhanced Subdomain Coverage
Enhance User Experience (UX) with Weblog Monitoring
Mike Price, Chief Technology Officer of ZeroFox, said,
ZeroFox has been detecting and disrupting phishing attacks for the last decade, constantly enhancing our solution to protect our customers from changing phishing techniques used by threat actors, including the widespread use of malicious cloaking and subdomains techniques.
[Source – Globe Newswire]
Price stated that the enhanced capabilities being announced represented their ongoing commitment to tackling the increasing phishing challenge encountered by security teams. He emphasized that as phishing continued to evolve, ZeroFox would remain a trusted anti-phishing partner dedicated to safeguarding customers from both current and future phishing techniques.
About ZeroFox
ZeroFox, a prominent enterprise software-as-a-service provider in the field of external cybersecurity, has revolutionized security beyond the corporate perimeter on the internet, where businesses conduct their operations and threat actors are active. Their platform seamlessly integrates cutting-edge AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust set of breach, incident, and takedown response tools. This enables them to uncover and disrupt various threats, including phishing and fraud campaigns, botnet exposures, impersonations, credential theft, data breaches, and physical threats that target domains, brands, personnel, and assets.
Read More