DATA SECURITY

To speed up the distribution of cyber insurance for small companies, Cowbell Cyber Partners with Mylo

prnewswire | November 05, 2020

Cowbell Cyber, the business' first AI-controlled digital protection supplier for little to moderate sized organizations (SMBs), today declared it has cooperated with Mylo – the advanced specialist dispatched by the world's biggest free merchant, Lockton – to empower expanded dispersion of Cowbell's independent digital protection to the private company market, a territory customarily underserved by digital protection.

Organizations of all sizes are getting more dependent on an advanced climate given the present far off setting, regularly leaving them presented to expanded online protection weaknesses including information penetrates, ransomware assaults, digital wrongdoing, and then some. Along these lines, the interest in digital inclusion has definitely expanded as organizations acknowledge digital protection is currently a need, not an extravagance.

Mylo chose Cowbell Cyber in light of the fact that Cowbell Prime – Cowbell's independent, conceded digital protection programs – addresses the difficulties looked by private companies while considering protection including:

Lucidity of the arrangement terms: entrepreneurs can now quickly comprehend the insurance they will get

Importance: Quote and strategies are adjustable in a couple of snaps for higher significance for the policyholder

Conceded program: Ensures that everything has been altogether verified by state level offices

Prevalent danger the board apparatuses: Free danger appraisal and moderation devices increase the value of private venture on the very first moment of the strategy
"We are excited to partner with Mylo to deliver on the promise of customized cyber coverage and easy-to-use risk management tools for their expanding client base," said Dan Law, Head of National Accounts at Cowbell Cyber. "Partnering with Mylo will allow us to better distribute cyber insurance to the currently underserved markets, ultimately helping customers with their cyber resilience."

"As an advocate for small business owners, we care about helping them prepare for a cyberattack that could threaten everything they've worked so hard to build," said Mylo COO, Belen Tokarski. "Mylo and Cowbell Cyber are a great fit because we both focus on using technology to give businesses the protection they need to anticipate and recover from serious risks."

The association carries critical efficiencies to Mylo's operators including:

Speed: Cowbell Prime empowers operators to set up different, tweaked cites in a couple of snaps

Usability and straightforwardness: Selling of digital protection is rearranged with inclusions that are introduced to policyholders in a straightforward way, alongside Cowbell Factors to recognize hazard deviation from the business normal

No coupling delays: Every statement gave by Cowbell Prime can be momentarily bound

About Cowbell Cyber
Cowbell Cyber is dedicated to providing standalone, admitted, individualized and easy-to-understand cyber insurance for small and mid-size businesses. In its unique AI-based approach to risk selection and pricing, Cowbell's continuous underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Cowbell Insurance Agency is currently licensed in 34 U.S. states and provides SMBs with admitted cyber insurance on AM Best "A" rated paper with up to $15 Million in coverage.
About Mylo
Mylo is a digital one-stop-shop that makes it easy for businesses and individuals to compare and purchase top-rated insurance products from multiple carriers, including business, small group benefits, home, auto, life and individual health. Launched in 2015 by Lockton, the world's largest privately held independent insurance broker, Mylo offers expert insurance recommendations online or on the phone with licensed agents. Mylo can be easily integrated into a partner's customer experience, providing a proven boost in customer engagement.

Spotlight

In today's ever-changing workplace, companies are challenged to keep up with mobile employees and constant connectivity. Does your team have what it needs to stay innovative and inspired? This eBook addresses how organisational psychology can help you understand what your teams need.


Other News
PLATFORM SECURITY

Palo Alto Networks Achieves FedRAMP Authorization for IoT Security Solution

Palo Alto Networks | April 22, 2022

Palo Alto Networks , the global cybersecurity leader, today announced that its IoT Security solution has achieved Federal Risk and Authorization Management Program (FedRAMP) Moderate Authorization. The company's sponsoring agency is the United States Department of Veterans Affairs (VA). U.S. federal agencies are increasingly focused on adopting a Zero Trust architecture to ensure their IoT devices meet federal security compliance requirements. With this authorization, Palo Alto Networks IoT Security can help federal agencies protect their unmanaged IoT devices with ML-powered visibility, threat prevention and Zero Trust enforcement with a single platform. "As cyberattacks become more frequent and sophisticated, the IoT Security solution helps automate Zero Trust security with quick, accurate discovery and best-in-class protection. We are committed to protecting the U.S. government and its federal agencies from all security threats with reliable solutions." Dana Barnes, senior vice president of Public Sector, Palo Alto Networks Digital transformation across all industries is driving massive growth in the use of IoT devices. Palo Alto Networks Unit 42 IoT Threat Report found that 30% of all devices on enterprise networks fall in the IoT category. Unfortunately, IoT devices and their inherent vulnerabilities are often overlooked, which can lead to enterprise-wide exposure to unseen cyber risk. Federal officials have adopted several provisions in recent years to increase overall protection and awareness of IoT device security vulnerabilities, including the Internet of Things Cybersecurity Improvement Act and the National Institute of Standards and Technology's (NIST) IoT Device Cybersecurity Guidance for the Federal Government. The IoT Security solution's Moderate Authorization extends the offerings Palo Alto Networks provides its U.S. government customers. This authorization adds to the portfolio of other authorized products already being deployed today. The IoT Security solution helps U.S. agencies leverage their current Palo Alto Networks Next-Generation Firewalls (NGFWs) to secure all unmanaged IoT devices at scale. Some of the key benefits for government agencies include: Quick and accurate discovery and insights into all devices, even those never seen before Best-in-class protection with behavior analysis to detect risk, compliance, and anomalous activity, and prevention of known and unknown threats Automated Zero Trust security with automated discovery, least-privileged access policies, and 1-click enforcement Workflow automation across existing IT and security solutions and simplified agentless and sensorless deployment About Palo Alto Networks Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.

Read More

WEB SECURITY TOOLS

Indusface Enhances its Web Application & API Protection (WAAP) platform AppTrana with Industry's First Risk-Based Protection to APIs

Indusface | May 19, 2022

Indusface, a leading application security SaaS company that continually detects security risks, provides real-time protection, and improves the performance of Websites and Applications, today announced that it is adding Risk-Based API Protection to its WAAP platform, AppTrana. APIs are the lifeline of the digital economy with many companies adopting the API-first approach. However, the growth of APIs is also opening up new risk vectors that they are not aware of. According to Gartner, more than 90% of applications have more attack surface exposed through API than UI and by 2022, API Abuse will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications. Indusface is revolutionizing the API security space by building on its API Protection capabilities. The company is doing so through the most comprehensive API protection to date by extending its risk-based approach to the same. "AppTrana's risk-based approach is unique and something that resonates with our customers. What customers are really interested in is knowing how well their application is protected based on the risk posture of their application. Building on this, we are now enhancing our API Protection capabilities by providing a risk-based approach to API security which we believe would revolutionize the market. With this, customers will be able to identify vulnerabilities found in their public APIs and quickly correlate how these are protected through API-specific policies and positive security policies applied in AppTrana providing the most comprehensive protection for APIs." Ashish Tandon, Founder and CEO, Indusface As with any security, you can protect only what you know and protection is as strong as the weakest link. The major challenges with APIs are discoverability and the ability to understand the context of APIs so that security can be tailored accordingly. It is to address these challenges that Indusface is enhancing its API protection in AppTrana. Collectively through a multi-step approach, customers get to discover APIs, understand risk posture and ensure comprehensive protection of APIs. With Indusface AppTrana's Risk-based API Protection, you get: To understand the risk posture of the APIs through unlimited automated API scans including manual tests for identifying business logic vulnerabilities. This enables organization to understand the weakest links of the APIs and get clear visibility around how these links are protected. Visibility into API traffic patterns and discovery of shadow APIs, so that you are no longer blindsided by what you don't know To protect APIs with API-specific rules written specifically to protect against OWASP Top 10 API vulnerabilities Behavioral-based protection against DDoS attacks on APIs by analyzing API traffic pattern Behavioral-based protection against BOT attacks Positive security for APIs through analysis of swagger (OpenAPI 2.0) files and creation of automated positive security policies Accurate, real-time view of vulnerabilities blocked by API specific rules, positive security policies, custom rules, and those that need fixes in the application About Indusface Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 3000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers' Choice' in all the 7 segments for Voice of Customer WAAP (Web Application and API Protection) Report 2022, is a "Great Place to Work" certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

Read More

SOFTWARE SECURITY

Sysdig Open Source Is Extended to Secure Cloud Services

Sysdig | May 16, 2022

Sysdig, the unified container and cloud security leader, announced that Sysdig open source, the incident response standard for containers, has been extended to the cloud. Using system calls, Sysdig open source (Sysdig OSS) traditionally offers deep observability into running applications, as well as file system access and network activity, which speeds incident response and troubleshooting. Teams can quickly filter information from Sysdig OSS and take action. With the announcement of this new integration, these capabilities have been extended beyond containers to any cloud environment. Today, Sysdig announced Edd Wilder-James has joined Sysdig from Google to lead the company’s open source ecosystem team. The complexity of cloud-native applications – with countless components and variables – makes it extremely difficult for security analysts and system administrators to quickly triage alerts and debug problems. Sysdig OSS captures process, file system, and network activity in real time and with a high degree of granularity. The tool, which has nearly two million downloads and 6,850 GitHub stars, surfaces everything from executed commands and file system activity to network activity. Sysdig OSS then offers advanced filtering and troubleshooting capabilities, supporting root cause analysis for security and performance issues.Using a new plugin framework – originally developed by the open source community for the CNCF project Falco – Sysdig extends the number of sources Sysdig OSS can be connected with to anything that generates logs or events, including Azure, Google, and AWS CloudTrail logs. Going forward, every plugin developed for Falco can also be leveraged by Sysdig OSS. Using one tool, like Sysdig OSS, to observe events from the entire cloud-native environment streamlines investigations. Using a different tool for each environment adds complexity, which makes it massively harder to troubleshoot. Sysdig’s Commitment to Open Source Sysdig was founded as an open source company and Sysdig Secure and Sysdig Monitor were both built on an open source foundation to address the security challenges of modern cloud applications. Both projects were created by Sysdig to leverage deep visibility as a foundation for security, and they have become standards for container and cloud threat detection and incident response. Falco, which was contributed to the CNCF in 2018, is now an incubation-level hosted project with more than 45 million downloads. Sysdig OSS and Falco can be used together as a powerful open source solution to reduce risk at runtime. Sysdig OSS acts as a flight recorder, capturing a detailed record for inspection. Falco acts as a security camera, continuously detecting unexpected behavior, configuration changes, intrusions, and data theft in real time. Teams can use Sysdig OSS and Falco together to detect and respond to threats. “If you want to see what is going on inside an application, Sysdig OSS gives you that record. “Sysdig open source was the inspiration for Falco. While Falco will monitor and alert based on your policies, Sysdig open source will tell you what happened at a particular time, before and after the event. Having the ability to use both open source tools in the cloud is extremely powerful.” Loris Degioanni, Founder and CTO of Sysdig About Sysdig Sysdig is driving the standard for cloud and container security. The company pioneered cloud-native runtime threat detection and response by creating Falco and Sysdig as open source standards and key building blocks of the Sysdig platform. With the platform, teams can find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions and compliance. From containers and Kubernetes to cloud services, teams get a single view of risk from source to run, with no blind spots, no guesswork, no black boxes. The largest and most innovative companies around the world rely on Sysdig.

Read More

ENTERPRISE SECURITY

SecurityScorecard and Marsh McLennan Collaborate to Elevate Cybersecurity in Challenging Risk Landscape

SecurityScorecard | January 28, 2022

SecurityScorecard, the global leader in cybersecurity ratings, today announced a collaboration with Marsh McLennan, the world's leading professional services firm in the areas of risk, strategy and people, to enable organizations around the world to improve their cyber resilience. As part of the collaboration, Marsh McLennan's Cyber Risk Analytics Center will leverage SecurityScorecard's data and analytics to gain real-time cyber risk insights and define risk mitigation strategies for the Company's global client base. The companies will also collaborate on joint research aimed at increasing awareness of cyber risk and educating the market on risk management strategies. "We are excited to work with Marsh McLennan, which understands that to stay competitive, you must stay innovative," said Prashant Pai, Senior Vice President and General Manager of Strategic Initiatives at SecurityScorecard. "Given how fast the cyber risk landscape evolves, it's essential that business leaders have access to the most up-to-date and complete view of a client's cybersecurity posture." "Cyber risk evolves minute-to-minute, making it challenging to build data-driven risk management strategies,SecurityScorecard's data and analytics are a valuable addition to our proprietary insights, furthering our ability to help our clients stay on top of emerging vulnerabilities and threats that may impact their businesses." Scott Stransky, Managing Director, Marsh McLennan Cyber Risk Analytics Center SecurityScorecard continuously monitors millions of entities worldwide and non-intrusively assesses their security posture across 10 risk categories including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security and patching cadence. About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More

Spotlight

In today's ever-changing workplace, companies are challenged to keep up with mobile employees and constant connectivity. Does your team have what it needs to stay innovative and inspired? This eBook addresses how organisational psychology can help you understand what your teams need.

Resources