DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Safe Security | December 19, 2022
Safe Security Inc., global leader in cyber risk quantification and management (CRQM), today launched SafeInside Insurance, the first cybersecurity Managing General Agent (MGA) leveraging API-based cyber risk telemetry and quantified insights to underwrite cyber insurance.
Backed by an AM Best “A-rated” carrier and panel of prominent, global reinsurance partners, SafeInside is introducing dynamic insurance policies for companies hosted in one or a combination of the leading public cloud service providers and leading SaaS solutions. For example, Amazon Web Services, Microsoft Azure and Microsoft Office 365, Google Cloud Platform and Google Workspace, Salesforce, and Zoom.
“Safe Security is thrilled to become the world’s first MGA for cyber insurance using actual cyber telemetry for underwriting. Our vision is to establish a new, de-facto industry standard for how cyber insurance is underwritten, and to provide more transparency between the investment in cybersecurity and cyber insurance. “We are paving the way for a sustainable, profitable cyber insurance ecosystem based on trust and certainty for all stakeholders. Safe Security looks forward to helping insurance buyers get the right cyber insurance policy at the right price for their organization’s specific requirements, as well as assisting brokers and underwriters make more informed decisions and dynamically adjust their portfolios.”
Saket Modi, co-founder and CEO, Safe Security
The underwriting process through SafeInside takes less than 20 minutes to assess an organization. All insureds also receive access to the SAFE CRQM platform, winner of the 2022 CISO Choice Award for Risk Management, which simultaneously accumulates signals using APIs from existing cybersecurity products, external threat intelligence, and business context to provide unprecedented visibility into possible areas of cyber exposure, and the exact financial risk associated with those cyber exposures.
With an objective of improving underwriting standards across the industry, Safe Security will also provide access to its cyber risk quantification platform to other carriers and reinsurers. Safe Security recently announced a partnership with Mosaic Insurance to offer real-time cyber risk evaluation.
“Safe Security’s inside-out approach is differentiated from existing market offerings by focusing on the most common techniques used by attackers and examining how attackers think and behave, not how internal IT teams think they behave,” added Steven Schwartz, VP of Insurance Strategy and Underwriting, Safe Security. “This approach removes subjectivity, allowing companies to answer questions about their security controls with precision instead of guess work, at all times. We are working with the entire insurance ecosystem to improve the standards of cyber underwriting.”
About Safe Security
Safe Security Inc. is a leader in cyber risk quantification and management (CRQM), with a mission to build a safer digital future. Safe Security’s CRQM platform – SAFE – enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Absolute | December 01, 2022
Absolute Software™ , the only provider of self-healing, intelligent security solutions, today announced new product innovations, empowering customers with deeper visibility and intelligence, expanded software integrations, and a refreshed user experience through its latest updates to Absolute Secure Endpoint and Absolute Secure Access.
These product releases continue the company’s investment in bringing together the combined power of Absolute Secure Endpoint and Absolute Secure Access with our unique, firmware-embedded self-healing capability, enabling customers to achieve truly resilient Zero Trust environments and deliver an optimal user experience. This announcement builds on the launch of Absolute ZTNA – the industry’s first self-healing Zero Trust Network Access (ZTNA) solution – and Absolute Insights™ for Endpoints and Network, providing unparalleled intelligence into device, application, and network performance.
Embedded in more than 600 million devices, Absolute is the only intelligent security solutions provider capable of delivering visibility, control, and resiliency across endpoints, applications, and network connections. The Absolute Platform enables IT and security teams to ensure their endpoints remain compliant and mission-critical applications remain operational, and empowers them to transition from traditional VPNs to a resilient Zero Trust approach without hindering security or user productivity.
A recent 451 Research report validates Absolute’s differentiated platform approach and capabilities, saying: Too often, organizations don’t fully consider the resilience of the deployed zero-trust environment, and network access and device security are handled independently. It’s a situation that complicates security operations and one that can impact employee productivity.
“Our common platform addresses a wide range of market needs, as we have the unique ability to apply self-healing capabilities to devices, applications, and network access. “Organizations are acknowledging that they need resilience-focused Zero Trust approaches, capable of integrating endpoint and access assessments at every step. By providing the critical components needed to achieve that resiliency - deep visibility, intelligence, and firmware-embedded Persistence - we are enabling them to not only protect devices, data, and users but also ensure critical controls are operating at maximum efficacy.”
John Herrema, EVP of Products and Strategy at Absolute
New capabilities available to Absolute Secure Endpoint customers in the latest product release include:
Public API Expansion: The latest Absolute Secure Endpoint release adds new Public APIs to our existing library, allowing customers and partners to integrate our device actions into their existing workflows - significantly improving the efficiency of their existing workflows and enhancing automation capabilities.
Absolute Connector for ServiceNow™: The Absolute Connector for ServiceNow enables joint customers to access Absolute’s comprehensive asset intelligence and single source of truth within their ServiceNow platform environment – enabling them to efficiently respond to service requests, supplement their ServiceNow workflows, and rapidly demonstrate compliance.
Expanded Application Resilience™ Catalog: The Absolute Application Resilience catalog now includes support for more than 60 critical security applications that IT and security administrators can self-heal across their endpoints. Recent additions include WinMagic® MagicEndpoint™, Dell™ Trusted Device, Deep Instinct™, Norton 360™, OPSWAT™, UNOWHY™, Aranda Software™, and Pixart® MDM.
The company also announced upcoming server and client enhancements to Absolute Secure Access, including:
New Look and Feel: The names, status icons, fonts, and colors have been updated to reflect new product names and refreshed corporate brand; the core functionality and upgrade experience remain smooth and easy.
SaaS Enhancements: The SaaS offering adds native NAT capabilities and enhanced alerting.
Enhanced 5G Telemetry and Detection: Insights for Network dashboards that display cellular coverage, signal quality, and usage now include the 5G mid-band spectrum, and reflect improved 5G sensitivity.
Deeper Visibility: The Secure Access/webService API has been enhanced, offering programmatic access to key pool performance metrics, including status information for our Active/Active server infrastructure.
Faster NAC Checks: NAC capabilities are optimized, significantly reducing the time it takes for the VPN to connect and begin tunneling traffic.
Android Client Enhancements: Collecting network telemetry on Android devices can now be done with the screen off to improve battery life, ensuring that administrators have actionable device and network information even if a device is in sleep mode. The Android cryptographic libraries providing FIPS 140-2 cryptography are also updated.
The features included in the latest Absolute Secure Endpoint release are available now. For additional details, including which are available to Control, Visibility, or Resilience tier customers, visit here. The company expects to make Absolute Secure Access updates available to customers in January 2023.
About Absolute Software
Absolute Software is the only provider of self-healing, intelligent security solutions. Embedded in more than 600 million devices, Absolute is the only platform offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network connections - helping customers to strengthen cyber resilience against the escalating threat of ransomware and malicious attacks. Trusted by 18,000 customers, G2 recognized Absolute as a leader for the eleventh consecutive quarter in the Fall 2022 Grid® Report for Endpoint Management and as a high performer in the Grid Report for Zero Trust Networking.
Read More
PLATFORM SECURITY
SecureIT | December 14, 2022
Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a strategic partnership with SecureIT to accelerate its go-to-market momentum across the Nordics region. Based in Iceland, SecureIT is a leading provider of cybersecurity compliance, consulting and managed services to international financial institutions, airlines, large retailers, utility, biotech and healthcare, as well as multiple entities in the critical infrastructure and the government.
In the wake of its recent launch and $16 million funding, Wib is actively investing in building out an international channel ecosystem of specialist cybersecurity partners to expand its reach, drive growth and leverage growing market demand for API security. The partnership with SecureIT gives access to Wib's industry-first holistic API security platform and recently launched API PenTesting-as-a-Service (PTaaS) capabilities, helping organisations across the region identify API vulnerabilities, defend against the growing tide of API based attacks and meet increasingly API centric regulatory compliance standards such as PCI DSS.
"Building out our channel ecosystem is a strategic priority for Wib as we look to scale our go-to-market presence across key international territories, SecureIT has a trusted brand and strong reputation across the Nordics region with a dynamic team of qualified and experienced security and compliance professionals. Its consultative-led approach, strong compliance expertise and managed services capabilities made them the ideal partner for us and we're looking forward to a mutually beneficial relationship."
-Ran Ohayon, CRO at Wib.
The Nordic countries are synonymous with innovation and entrepreneurship, with an early-adopter mentality and pioneering spirit when it comes to new technologies,"explained Magnús Birgisson, CEO at SecureIT. However, where innovation leads insecurity tends to follow. APIs are critical in driving the modern applications and innovative new web services many organisations use today, but many are undetected, unmanaged and unprotected, creating vulnerability and risk. Our mission is to deliver cyber resilience to our customers across the region and our partnership with Wib is a great addition to our portfolio and will help us achieve this mission.
Wib's holistic API security platform provides complete visibility across the entire API landscape, from code to production. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. Wib's new PTaaS solution combined with its API security platform, is the only offering that provides complete visibility, automatic inventory, auto-generated API documentation, and simulated attacks against test and/or production systems.
About SecureIT:
SecureIT is a leader in cyber security consultation, compliance and managed security services. Founded in early 2017, SecureIT has worked with multiple international financial institutions, airlines, large retailers, utility, biotech and healthcare, as well as multiple entities in the critical infrastructure and the government. SecureIT focuses on providing exceptional quality services, and to help the customer reach and maintain the desired and necessary security posture. SecureIT offers tailored consultation, assessments and audits, security testing and verification services, risk management and cyber threat intelligence services, along with extensive 24/7 monitoring, detection and response services, managed endpoint protection, API security and DDoS mitigation assessments and simulations. Meeting compliance, contractual and regulatory requirements is critical in today's business environment.
About Wib:
Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety. Wib's elite team of developers, attackers, defenders and seasoned cybersecurity professionals draw on real-world experience and expertise to help define and develop innovative technology solutions that enable customers with the identity, inventory and integrity of every API, wherever it may be within the development lifecycle, without compromising development or stifling innovation.
Read More
SOFTWARE SECURITY
ANGLEPOINT | December 08, 2022
Anglepoint, the leading Software Asset Management (SAM) services provider for the Public Sector and the Global 2000, has launched the Software Supply Chain Security (SSCS) offering. As mandated by Executive Order 14028, federal government agencies must complete a full audit of their software as part of widespread efforts to improve the nation's cybersecurity. The SSCS offering encompasses a pre-packaged suite of tools and support for agency compliance with the new requirements as set forth by the Office of Management and Budget (OMB) in accordance with the National Institute of Standards and Technology (NIST) under publication 800-218.
"More than ever before, the government's mission to safeguard information and systems against threats and vulnerabilities sits firmly at the forefront of every agency Chief Information Security Officer (CISO). Anglepoint stands ready to assist Federal agencies in meeting all requirements as specified by the OMB security regulations in accordance with NIST 800-218 within the designated time frames. We are excited to collaborate with government agencies to meet these important milestones."
-Philippe de Raet, Anglepoint's Vice President of Business Development for Public Sector clients.
SSCS addresses the three major areas of the regulations that agencies must meet, including: 1) completing a software inventory, 2) developing process and training plans, and 3) attaining self-attestation from all software vendors. Anglepoint's Chief Product Officer, Kris Johnson, says, Anglepoint understands the unique security concerns faced by the US government. SSCS was carefully crafted to offer agencies a level of service in achieving compliance with these complicated regulations that is not available anywhere else. Rather than relying on already over-burdened internal teams or a patchwork of outside consultants, Anglepoint's SSCS experts take agencies through each step necessary to achieve compliance while adhering to the quick succession of deadlines.
ABOUT ANGLEPOINT:
Anglepoint is the leading provider of SAM & ITAM services to the Fortune 500 & Global 2000. Anglepoint's services drive cost optimization, risk mitigation, strategic planning within the cloud, SaaS, enterprise software and hardware estates of complex hybrid IT environments. We deliver comprehensive managed services including SAM strategy, execution, process automation, technology selection and implementation.
Read More