Data Security

The latest release of Cyber Observer provides new visibility into the risk posture of cybersecurity

Digital Observer, the chief Continuous Controls Monitoring (CCM) arrangement, today declared a significant upgrade to its foundation that empowers CISOs and other security and danger the board heads to acquire new, constant, bound together perceivability into the viability of online protection instruments that are executed all through their endeavor. By ceaselessly recovering and examining Critical Security Controls (CSCs) from applications on-premises and in-cloud, Cyber Observer's CCM stage improves consistence, lessens mean opportunity to location and reaction, and advances hazard act the executives.

Network protection groups are overpowered with multifaceted nature of overseeing many unique security apparatuses that have been executed across their mixture ventures. In spite of best endeavors to actualize security controls to limit dangers and dangers, venture heads are finding that misconfigured or failing apparatuses are time after time a vulnerable side and probably the most fragile connection in their security guards. Digital Observer's CCM stage disposes of this issue and now empowers ventures to keep a finger on the beat of how their security instruments are performing.

Digital Observer associates and pulls information from a venture's on-premises and in-cloud apparatuses to make a complete perspective on the security instruments executed. Notwithstanding persistently examining in excess of 5,000 CSCs and giving controls status with regards to the executives, consistence prerequisites and different structures, Cyber Observer delivered a bunch of new highlights, including:

Ongoing dashboards. Effectively show the status of each apparatus, status of the distinctive security regions, organize weaknesses, total danger act scoring, and alarm on deviation from ordinary conduct.

Nonstop revealing. New announcing module robotizes gives an account of an association's network safety instruments status and digital stance sees.

Open API upgrades. Empower endeavors to effortlessly share information gathered by Cyber Observer with outsider devices that give security data and occasion the executives (SIEM), mechanization (SOAR), and man-made consciousness.

“Managing risks requires more than implementing security tools and checking the box,” said Shimon Becker, Cyber Observer Co-founder and VP Product. “It requires continuous monitoring, management, and oversight to ensure that people, processes, and technology are in fact protecting your data and your enterprise.”

“The new release offers quick and easy remote implementation,” said Moti Ram, Cyber Observer Co-founder and VP R&D. “We support hybrid on-premises and in-cloud connectivity and deployment.”

Cyber Observer is backed by Merlin Ventures, which strategically invests in and scales innovative cybersecurity companies. “Things like misconfigured or unpatched security tools are such easy targets for adversaries to exploit,” stated Seth Spergel, Vice President of Emerging Technology at Merlin Ventures. “Implementing a simple solution like Cyber Observer's Continuous Controls Monitoring platform should really be a part of any organization’s cyber hygiene protocol and a standard practice for all enterprises.”

About Cyber Observer

Cyber Observer is the premier Continuous Controls Monitoring (CCM) solution that reduces business losses and audit costs by continuously monitoring and auditing critical security controls and applications. The Cyber Observer platform integrates dozens of the most popular security tools into a single interface, enabling security and risk management executives to monitor tool performance in alignment with cybersecurity, business, and regulatory frameworks. This equips security and risk management executives with unprecedented visibility, control, and strategic oversight that empowers security and risk executives to proactively identify and close critical security gaps while demonstrating the effectiveness and maturity of their security programs and investments.

About Merlin Ventures

Merlin Ventures is a strategic investment firm that rapidly scales visionary companies and introduces disruptive solutions designed to help enterprises address today’s most critical cybersecurity challenges. Merlin Ventures’ unique business model combines robust infrastructure and capital, onboarding and market readiness acceleration, cybersecurity engineering leadership, and deep-rooted customer and market relationships to enable its portfolio of cybersecurity companies to accelerate growth and flourish.

Spotlight

Organizations are losing IT and security control Once upon a time, IT and security teams focused mostly on managing their organization’s on-prem environment. But as business requirements changed, customer bases became global, and remote work took root, these technology teams were handed responsibility across more domains: cloud


Other News
Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

API Security

Cequence and Vercara Partner to Combat Cyber Threats and Revolutionize API Security

Cequence Security | January 25, 2024

Cequence Security is proud to announce a new partnership with Vercara, a leading provider of cloud-based services that secure the online experience. This collaboration aims to fortify the cybersecurity landscape by pairing Vercara’s network and application protections with Cequence Security's innovative Unified API Protection (UAP) platform. Security teams encounter substantial hurdles in safeguarding API applications from cyber-attacks, including the rapid development and deployment of API applications across diverse cloud providers. The unmanaged and unprotected nature of these APIs can harbor critical vulnerabilities, making them susceptible to exploitation. Moreover, the lack of a clear and consistent security posture across the application footprint introduces further complexities. To address these challenges, Cequence Security's UAP platform provides a comprehensive discovery of the entire API attack surface, encompassing both external and internal APIs. It ensures compliance with security and governance best practices, eliminating unknown and unmitigated API security risks. Furthermore, the solution offers native real-time inline protection, blocking API attacks before they reach applications. "The absence of API protection puts you at risk of potential theft, fraud, non-compliance, and business disruptions,” said Carlos Morales, SVP Solutions at Vercara. “Our partnership with Cequence combines our collective best-in-class services to address the evolving demands of the cybersecurity landscape, ensuring that businesses can confidently deploy needed applications and successfully navigate the complexities of API security with advanced, holistic protection.” Arun Gowda, VP, Business Development at Cequence Security, said, “In the evolving landscape of cybersecurity, the extensive risk of data compromise in API breaches goes beyond external APIs to internal ones. These often-overlooked internal APIs can access sensitive data not intended for public exposure. APIs have changed the game for attackers, making it imperative to prioritize the security of all assets accessible through APIs, including those not expected to be publicly exposed.” He added, “We are pleased to combine our innovative API security solutions with Vercara's innovative WAF and DDoS services to deliver advanced, holistic API protection. This collaboration reinforces our commitment to provide unparalleled security measures for businesses reliant on APIs.” Cequence Security's UAP platform is unparalleled in addressing all phases of the API security lifecycle. It provides: Discovery: A continuous API attack surface discovery management product that assesses your application footprint, offering a complete inventory of external APIs. Compliance: A security posture management product that identifies security risks in APIs, ensuring compliance with specifications, security test requirements, and governance best practices. Protection: Detects and prevents sophisticated automated API attacks and business logic abuse using advanced machine learning rules, providing real-time protection without relying on third-party components. About Cequence Security Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection across all internal and external APIs to defend against attacks, targeted abuse, and fraud. Requiring less than 15 minutes to onboard an API without requiring any instrumentation, SDK, or JavaScript integration, the flexible deployment model supports SaaS, on-premises, and hybrid installations. Cequence solutions scale to handle the most demanding Fortune and Global 2000 organizations, securing more than 8 billion daily API calls and protecting more than 3 billion user accounts across these customers. To learn more, visit www.cequence.ai. About Vercara Vercara is a purpose-built, global, cloud-based security platform that provides layers of protection to safeguard businesses’ online presence, no matter where attacks originate or where they are aimed. Delivering the industry’s highest-performing solutions and supported by unparalleled 24/7 human expertise and hands-on guidance, top global brands depend on Vercara to protect their networks and applications against threats and downtime. Vercara’s suite of cloud-based services is secure, reliable, and available, delivering peace of mind and ensuring that businesses and their customers experience exceptional interactions all day, every day. Pressure-tested in the world’s most tightly regulated and high-traffic verticals, Vercara’s mission-critical security portfolio provides best-in-class DNS and application and network security (including DDoS and WAF) services to its Global 5000 customers and beyond. For more information, visit vercara.com.

Read More

Platform Security

SentinelOne to Expand Cloud Security Capabilities with Acquisition of PingSafe

SentinelOne | January 05, 2024

SentinelOne (NYSE: S), a global leader in AI-powered security, today announced that it has agreed to acquire PingSafe. The acquisition of PingSafe’s cloud native application protection platform (CNAPP), when combined with SentinelOne’s cloud workload security and cloud data security capabilities, is expected to provide companies with a fully integrated platform that drives better coverage, hygiene and automation across their entire cloud footprint. The planned integration of PingSafe’s CNAPP into SentinelOne's Singularity™ Platform signifies a paradigm shift in cloud security. Rather than relying on point solutions or a standalone cloud security platform, companies can now access a unified, best-of-breed security platform complete with advanced, real-time, AI-powered security operations to protect the entire enterprise across endpoints, identities, and clouds. “With the addition of PingSafe, we intend to redefine cloud security by fusing best-of-breed cloud workload protection, AI and analytics capabilities with a modern and comprehensive CNAPP,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “This new approach to cloud security will eliminate the need for companies to navigate the complexity of multiple-point solutions, triage and investigate with incomplete context, or pipe data between disparate data silos. Instead, they can comprehensively manage their entire attack surface from a single platform that, unlike legacy CNAPP and standalone providers, delivers the full context, real-time interaction and analytics needed to correlate, detect and stop multi-stage attacks in a simple, automated way.” Transforming Cybersecurity SentinelOne has been steadily extending its cloud security capabilities beyond cloud workload security, and the acquisition of PingSafe will accelerate this strategy. The move also aligns with the Singularity Unity Release strategy SentinelOne announced in November to transform security operations centers. “SentinelOne is a pioneer and leader in AI-powered security, and we share a common mission to secure the cloud and make the Internet a safer place,” said Anand Prakash, founder and CEO of PingSafe and one of the world’s top five white hat hackers. “The combination of our cutting-edge CNAPP capabilities with SentinelOne’s market-leading AI security platform will supercharge cloud security by providing world-class protection for multi-cloud infrastructure, from development to deployment.” Leading Cloud Security with Enterprise-Wide AI and Analytics PingSafe is a robust CNAPP solution that delivers dynamic, real-time monitoring of multi-cloud workloads, simple setup and configuration and low false positive rates. And customers view it as superior to alternative solutions in the market. “With more than $100 billion in transactions flowing through our network, nothing is more important than ensuring the security of our environment,” said Ashwath Kumar, Principal Security Engineer at Razorpay, one of the largest payment processors in India. “With PingSafe, we can cut through the noise delivered by many CNAPP solutions to identify and prioritize the most critical threats and take an offensive approach to preventing them before they impact our business.” “We operate in a regulated but growing industry. It is an industry where one needs to adapt to change at lightning speed, and ensuring compliance in doing so is a key requirement,” said Prajal Kulkarni, CISO Groww. “We must be able to quickly identify, prioritize and respond to cloud misconfiguration seamlessly and correlate issues across our large cloud environment, and PingSafe provides us with a centralized dashboard that makes this easy and cost-effective to do.” With the acquisition of PingSafe, SentinelOne will offer differentiated capabilities such as advanced secrets scanning of runtime and build-time environments and an attack surface management rules engine that runs breach and attack simulation scenarios against Internet-exposed cloud assets to identify how an adversary could compromise those assets. These capabilities will be in addition to core CNAPP capabilities like cloud security posture management, Kubernetes security posture management, agentless vulnerability scanning, and shift-left Infrastructure as code scanning. “Combined with our Singularity Data Lake, Purple AI, endpoint security, and identity security capabilities, PingSafe will enable us to provide a compelling and cost-effective alternative to standalone CNAPP offerings unlike anything else in the market and a superior, more integrated user experience,” Smith said. About SentinelOne SentinelOne is a global leader in AI-powered security. SentinelOne’s Singularity™ Platform detects, prevents, and responds to cyber attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with speed, accuracy and simplicity. Over 11,500 customers, including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments, trust SentinelOne to secure the future today. To learn more, visit www.sentinelone.com

Read More

Network Threat Detection

Flashpoint and Scale AI Forge Strategic Partnership to Empower Government Clients With AI-Enhanced Threat Intelligence

Flashpoint | December 11, 2023

Flashpoint, the leader in high-fidelity threat intelligence and data-driven insights, and Scale AI, whose proprietary data engine powers the most advanced large language, generative, and computer vision models with high-quality data, announced today a groundbreaking partnership that unites Donovan, Scale’s AI-powered decision-making platform, with Flashpoint's pioneering open-source intelligence. This strategic alliance promises to advance intelligence and security operations for government agencies, including the U.S. Department of Defense and Intelligence Community, substantially enhancing their ability to tackle complex global security challenges with advanced threat detection and in-depth analysis. “Merging Scale’s advanced AI technology with Flashpoint's unparalleled intelligence and data isn't just about setting a new industry standard; it's about revolutionizing how government agencies manage national security challenges in today's digital landscape," said Andrew Makridis, the former COO of the Central Intelligence Agency who serves on the advisory boards of both Scale and Flashpoint National Security Solutions (FNSS), a dedicated Flashpoint business unit that serves the unique needs of national security organizations. "This partnership will enable agencies to quickly adapt to emerging threats and leverage data-driven insights for strategic operations.” "Flashpoint's collaboration with Scale AI represents a significant expansion of our capabilities in national security intelligence," said Flashpoint CEO Josh Lefkowitz. "Our tailored, actionable intelligence perfectly complements Scale’s AI technology, enhancing our ability to help organizations in the public sector identify and address evolving security challenges effectively." “Our partnership with Flashpoint is a game-changer. Through our Donovan LLM platform, we are helping analysts in the cyber and infrastructure security domain take advantage of the data trove Flashpoint delivers. We are enhancing decision-making and security frameworks for our government clients," said John Brennan, General Manager of Scale AI’s Public Sector business unit. "We chose Flashpoint for their unparalleled cyber intelligence depth and actionability, a cornerstone in our joint efforts to fortify national and homeland security through artificial intelligence." Flashpoint will discuss the advanced capabilities from our partnership with Scale AI at booth #1937 during 2023 DoDIIS Worldwide Conference in Portland, Oregon, starting December 12. Visit our booth to learn about how this partnership will equip national security teams with the essential data, intelligence, and insights needed for mission success. Flashpoint National Security Solutions (FNSS) FNSS is a dedicated Flashpoint business unit that serves the unique needs of national security organizations. FNSS partners with teams across defense, federal law enforcement, federal civilian agencies, state and local government, and the intelligence community, to enhance global situational awareness and drive mission success through industry-leading technology and intelligence expertise. About Flashpoint Trusted by governments, commercial enterprises, and educational institutions worldwide, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks. Leading security practitioners—including physical and corporate security, cyber threat intelligence (CTI), fraud, vulnerability management, national security, and vendor risk management teams—rely on Flashpoint’s Ignite platform and its team of intelligence analysts to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. Discover more at flashpoint.io or join the conversation on LinkedIn, Twitter, and YouTube. About Scale Scale unlocks AI for every industry. Our proprietary data engine powers the most advanced large language, generative, and computer vision models with high-quality data. Our experience partnering with leading AI companies allows us to provide the blueprint for any organization to apply AI. Scale is trusted by industry leaders including Meta, Microsoft, U.S. Army, DoD's Defense Innovation Unit, Open AI, Cohere, Anthropic, Stability AI, General Motors, Toyota Research Institute, Brex, Instacart and Flexport.

Read More

Spotlight

Organizations are losing IT and security control Once upon a time, IT and security teams focused mostly on managing their organization’s on-prem environment. But as business requirements changed, customer bases became global, and remote work took root, these technology teams were handed responsibility across more domains: cloud

Resources