DATA SECURITY

Veza, the Data Security Platform Built on the Power of Authorization, Announces Blackstone as a Customer and Strategic Series C Investor

Veza | June 27, 2022

Veza
Veza, the data security platform built on the power of authorization, announced an investment in their Series C funding round from Blackstone Innovations Investments, along with participation from previous investors. To date, Veza has raised a total of $110 million from top-tier investors including Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, True Ventures, and others. Blackstone has also selected Veza to help modernize its data security and access governance.

Veza empowers organizations to address today’s greatest cybersecurity challenge: who can and should take what action on what data. As the world increasingly moves online, our changing behaviors are driving a transformational shift toward multi-cloud data systems, apps, computing, and infrastructure. This shift creates a complex, distributed web of human identities, accounts, apps, services, and access points that are constantly changing and susceptible to vulnerabilities. To address this, Veza takes a comprehensive approach that pulls together authorization data from disparate systems, giving customers a single source of truth to manage data access and controls.

“Having a world-class cybersecurity program that protects our brand, reputation, investors and intellectual property is of paramount importance to our firm, and we are continuing to incorporate innovative technology solutions,” says Adam Fletcher, Chief Security Officer at Blackstone. “Our team is always looking for ways to develop a more comprehensive view of access across all of our applications and cloud infrastructure to allow us to modernize the firm’s access controls. We are excited to partner with Veza to help us accomplish this.”

“Blackstone Innovations Investments is committed to investing in cutting-edge technology companies that we believe will have a meaningful impact on Blackstone, our portfolio companies, and the broader industry. We look forward to working with Veza and their impressive leadership team as they enter this next phase of growth,” comments Stevi Petrelli, Head of Blackstone Innovations Investments.

“Institutions across multiple industries view Blackstone as an example of exceptional technology deployment and cybersecurity expertise. “Veza has greatly benefited from Blackstone’s product feedback and market insights. We are thrilled to work with Blackstone’s Security team to further modernize data security for their hybrid and multi-cloud environment.”

Tarun Thakur, CEO and Co-Founder of Veza

Additional investment in Veza comes from notable entrepreneurs including Dheeraj Pandey, Co-founder & CEO, DevRev and former CEO, Nutanix, and Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO, SuccessFactors.

“Authorization is the source of truth when it comes to understanding who has access to what,” says Dheeraj Pandey, Co-Founder and CEO of DevRev. “Understanding authorization at scale is one of the hardest problems to address and I am excited to watch team Veza bring on a new era of identity, rooted in authorization. Veza is defining authorization as a standard for protecting data against ransomware and other forms of data breach.”

“Entrepreneurs will tell you that company building is one of the hardest, yet rewarding experiences, with real potential to make an impact,” says Lars Dalgaard, Founder Luv Ventures, Founder & Former CEO SuccessFactors. “When evaluating any company, I look for deep technical breakthrough for a massive market opportunity, deal composition and company traction, and passion amongst founders. And, I’m very excited to be partnering with Tarun and Veza on the mission to build an iconic company that will revolutionize the data security industry for decades to come.”

About Veza
Veza is the data security platform built on the power of authorization. Our platform is purpose-built for hybrid multi-cloud environments to help you use and share your data safely. Veza makes it easy to understand, manage, and control who can and should take what action on what data. We organize authorization metadata across identity providers, data systems, cloud service providers, and applications — all to address the toughest data security challenges of the modern era. Founded in 2020, the company is funded by top-tier investors including Accel, Bain Capital, Ballistic Ventures, Blackstone, GV, Norwest Venture Partners, and True Ventures. To learn more, please visit us at veza.com. Many Fortune 500, Fortune 1000 and smaller organizations use its data security platform for protection against ransomware, modernizing access governance for critical data and apps, and implementing data lake security for Snowflake and other solutions.

Spotlight

For too many IT organizations, complying with the Payment Card Industry Data Security Standard (PCI DSS) and corporate security policies has been far too costly, complex, and time consuming. Now, Vormetric offers a better way. Vormetric Tokenization with Dynamic Data Masking helps your security team address its compliance objectives while gaining breakthroughs in operational efficiency. With tokenization, you can remove databases from PCI DSS Scope and do so with minimal disruption and administrative overhead. Vormetric Tokenization is part of the Vormetric Data Security Platform, which delivers a comprehensive range of security and compliance controls that help IT teams efficiently address their requirements for encryption, privileged user access control, file access auditing, and more.


Other News
DATA SECURITY

Rubrik Launches Rubrik Security Cloud to Secure Data, Wherever it Lives, Across Enterprise, Cloud, and SaaS

Rubrik | May 18, 2022

Rubrik, the Zero Trust Data Security™ Company, today announced Rubrik Security Cloud to secure customers’ data, wherever it lives, across enterprise, cloud, and SaaS. Ransomware is on the rise and cyberattacks are getting more sophisticated. Despite investments in infrastructure security tools, cybercriminals are still getting through to the data. And when they take the data down, they take down the entire business. It’s time for a new approach. The next frontier in cybersecurity pairs the investments in infrastructure security with data security giving companies security from the point of data. Rubrik is a pioneer in data security and the Rubrik Security Cloud delivers three unique capabilities: Data Resilience: Safeguards data by providing immutable, logically air-gapped data protection with multi-factor authentication-based access control. Data Observability: Continuously monitors risks and investigates threats to data including Ransomware Monitoring and Investigation powered by machine learning to detect data anomalies, encryptions, deletions, and modifications; Sensitive Data Monitoring to find and classify the most sensitive data, and assess exfiltration risk; and Threat Monitoring and Hunting to identify indicators of compromise and find the last known clean copy of data. Data Recovery: Quickly contains threats and recovers data, whether it’s a file, application data or a mass recovery for the entire organization. Rubrik’s new Threat Containment capability quarantines malware and restricts user access to infected data to support safer recovery. As organizations continue to struggle with cyberattacks that compromise data, Rubrik also launched the Data Security Command Center to easily assess whether data is safe and capable of being recovered from a cyberattack. Now, customers can see which data is at risk and get recommendations to make their data more secure. “Every company in the world is vulnerable as cybercriminals get more savvy every day. With Rubrik Security Cloud, we are strengthening customers' defenses so they can secure their business across enterprise, cloud, and SaaS workloads. Our data security platform enables our customers to defend their data, recover quickly, and prevail in this new cyber landscape.” Bipul Sinha, Rubrik CEO and co-founder “INTEGRIS Health is proud to be the largest not-for-profit health care system in Oklahoma, with eighteen hospitals in our network and more than a million patients that rely on us every year for their health care needs. With the expansive network we support, it’s paramount that our data is resilient, and we maintain a strong data security posture to keep our hospital moving. As a CIO, I believe Rubrik is an important service and helps us provide excellent patient care. As a Rubrik customer, we’re thrilled to see the continued innovation with Rubrik Security Cloud and the company’s ongoing focus on keeping customer data safe and making it easy to recover in the face of cyber-attacks, like ransomware,” said Bill Hudson, CIO of INTEGRIS Health. "NJ TRANSIT delivered more than a quarter of a billion annual passenger trips before the pandemic and is responsible for our riders’ safety, mobility, and livelihoods every day. It’s imperative that nothing interrupts our business, so we’ve prioritized a strong data security strategy in partnership with Rubrik. We’re committed to the ongoing and necessary work that gives our data resilience and helps us reduce our risk as we face ever evolving, and inevitable, cyber threats,” said Rafi Khan, CISO of NJ TRANSIT. Research and Development Fuels Additional Capabilities As part of Data Observability, Sensitive Data Discovery for Microsoft 365 discovers and classifies sensitive data within Microsoft 365 to better assess risk and help maintain compliance with regulations. These latest integrations build on the joint collaboration between Rubrik and Microsoft. Last year, Rubrik Cloud Vault built on Microsoft Azure was launched to help customers better defend against cyberattacks using a fully managed, secure and isolated cloud vault service. Since launch, Rubrik has seen strong demand for Rubrik Cloud Vault across key industries including Healthcare and Life Sciences, Manufacturing, State and Local Government, and Financial Services as customers build Zero Trust solutions to defend against and recover from ransomware. “Businesses need a data resiliency strategy to keep their data secure in the face of escalating cyber threats,” said Jurgen Willis, Vice President Microsoft Azure. “Rubrik's Security Cloud, which builds on integrations with Rubrik Cloud Vault and Microsoft Azure, will help customers accelerate their Zero Trust journey.” Rubrik Security Cloud is available now and new enhancements will be available in the months ahead. About Rubrik Rubrik, the Zero Trust Data Security™ Company delivers data resilience, data observability, and data recovery for organizations. Rubrik keeps your data safe and easy to recover in the face of cyber attacks and operational failures. Now you can recover the data you need, however and whenever you need it to keep your business running.

Read More

PLATFORM SECURITY

Cybersecurity platform CrowdSec announces new Enterprise features

CrowdSec | July 13, 2022

CrowdSec, the French security startup enhancing the open-source and collaborative cyber security solution landscape, has today announced that its IP reputation tool has expanded its features in a paid version for enterprises. While CrowdSec's Community product remains available for individual users for free, the new Professional and Enterprise features will allow organizations to maximize scarce IT resources by crowdsourcing a higher volume of cyber threat intelligence (CTI). At a time where cyber attacks are on the rise and bad actors leverage vulnerabilities stemming from scarce IT budgets and talent pools, it is important that enterprises equip themselves with the right resources to increase their capacity. That is why CrowdSec, through crowd-power, compiles a collaborative IP reputation database from its tens of thousands of users in 160+ countries. With over 3.5 million malicious IPs reported and curated to date, CrowdSec makes cyber defense a collaborative effort and increases the capacity of individual defenders to protect themselves from the global network of bad actors. From $99 per month for the Professional tier (with custom pricing for the tailored Enterprise offering), users will benefit from: Data retention of 30 days compared to seven days in the free version Multi-user set up for organizations A brand new filter feature 500 IP intelligence requests per day The ability to subscribe to topic specific and verticalized IP blocklists (ecommerce, blockchain, TOR, VPN points, etc). Dedicated support service Filter internet background noise "Shifting to a collaborative approach is critical for enterprises to increase their capacity in light of skill shortages and scarce resources. Equipping enterprises of all sizes with crowd-sourced threat intelligence levels the playing field between small and large organizations and strengthens the resilience of the defense community as a whole. "Collaborative tools like CrowdSec are more important now than ever, which is why we've launched these enhanced offerings to strengthen what enterprises can do." CrowdSec founder and CEO Philippe Humeau About CrowdSec Based in Paris and founded in 2019, CrowdSec is an open-source & collaborative IPS generating crowd-sourced CTI. CrowdSec takes a collaborative approach to cybersecurity by analyzing behaviors, responding to attacks, and sharing signals across the community.

Read More

PLATFORM SECURITY

SecurityScorecard Joins Snowflake Partner Network

SecurityScorecard | June 23, 2022

SecurityScorecard, the global leader in cybersecurity ratings announced today that it has joined Snowflake's Partner Network, enabling mutual customers to gain instant visibility into their own security posture and that of their third and fourth party software vendors. Catching Third-Party Risks Early Snowflake customers now have access to "call" security data within Snowflake, gaining direct access to SecurityScorecard Ratings data that can be correlated with various systems and processes including third party risk, identity and access and IT asset management to catch potential security risks early and create a unified view. "CISOs need to know the scale and scope of their cyber environment and that includes third and fourth-party vendors that can pose substantial risks to their organization," said Alex Rich, Vice President of Alliances at SecurityScorecard. "The insights gleaned from continuous monitoring with SecurityScorecard ratings data helps Snowflake data cloud customers get a broad view into their Third Party Risk Management, supply chain management, and business intelligence applications with continuous cybersecurity data." SecurityScorecard collects and analyzes global threat signals that give organizations instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture. The technology continuously monitors 10 groups of risk factors to instantly deliver an easy-to-understand A-F rating. The Snowflake Partner Network unlocks the potential of the Data Cloud with a broad array of tools and partners. Certified partnerships and integrations enable customers to leverage Snowflake's flexibility, performance, and ease of use to deliver more meaningful data insights. "With SecurityScorecard on the Snowflake Data Marketplace - organizations can now access and use robust vendor risk data directly in their Snowflake account. "Joint customers of Snowflake and SecurityScorecard can now easily combine, enrich, and contextualize vendor risk data with procurement, legal, IT, compliance, and security data, systems, and processes, accelerating the modern CIO and CISO's priority of data-driven, risk-based, and automated security and compliance." Joshua McKibben, Director Security Compliance & Risk Management at Snowflake "Our partnership with SecurityScorecard is delivering customers the detailed cybersecurity ratings data they need to refine and enrich data around numerous different use cases," said Tarik Dwiek, Head of Technology Alliances at Snowflake. "From third party risk and M&A due diligence, to cyber insurance, SecurityScorecard and Snowflake are helping global enterprises better manage their third-party risk management programs." About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.

Read More

SECURITY AUDIT AND COMPLIANCE

NetWitness Launches Comprehensive XDR Offerings for Next Generation Security

NetWitness | June 08, 2022

NetWitness, a globally trusted provider of cybersecurity technologies and incident response, today announced NetWitness XDR, a family of products and capabilities delivering comprehensive detection and response on premise, in the cloud or as a hybrid of the two. This new offering and product architecture delivers the full range of deployment options enterprises seek today to meet their unique cybersecurity needs and use cases. NetWitness XDR delivers a robust set of capabilities enabling extended detection and response (XDR) and helping customers stay ahead of the most sophisticated cyber threats. These include: Unified collection, data, and visibility across multiple security layers Automatic enrichment of data using any technical or business source A wide toolset of detection technologies including, but not limited to, advanced behavioral analysis External and internal threat intelligence to identify known security risks and threat actors Truly insightful context, visualization, and investigation tools Threat hunting tools and methodologies to identify previously unknown threats Highly repeatable and measurable incident investigation and response processes A strong array of both automated and human response options “NetWitness has enjoyed the trust of some of the world’s most security sensitive organizations because of its unique ability to monitor the entire attack surface across the network, endpoint, cloud, IoT, logs and more,” said CEO of RSA and NetWitness, Rohit Ghai. “We have been delivering XDR capability to the market for several years and today we are delighted to announce new innovations in the platform and reintroduce it to the market as NetWitness XDR.” Under this new model, NetWitness XDR will be comprised of three main product lines that showcase its uniquely powerful support for all XDR use cases. NetWitness Platform XDR 12 is the newest major release of NetWitness Platform. This technology stack, typically deployed as customer-managed software or hosted by MSSPs, has been enhanced to focus on detection capabilities that identify threats faster and decrease their impact. The company’s new cloud-native SaaS version will be known as NetWitness Vision XDR and is currently in design preview. The third product line, NetWitness XDR Cloud Services, is a set of optional SaaS applications that take advantage of the cloud’s inherent elastic nature to deliver flexible and cost-effective components which can be used to augment either Platform XDR or Vision XDR. “Our network-forward approach allows us to stand out in this emerging space and highlights NetWitness XDR’s ability to detect across customers’ growing number of systems and devices. “We are embracing the belief that the best XDR must be consumable on prem, in the cloud, and hybrid.” Director of Product Management and Research, Kevin Bowers Developed initially in 1996, NetWitness began as a government-sponsored research project to inspect network packets for cyberthreats and tools to detect and respond to them. Since then, the technology has continuously evolved and been innovated to tackle today’s most complex attacks. NetWitness now features fully integrated components for network, log, endpoint and IoT detection and response that drive its threat intelligence and security orchestration platform, NetWitness Orchestrator. With its long history and global footprint, NetWitness XDR integrates directly with the world’s most critical and widely deployed tools, as well as many specialized and industry-specific solutions. NetWitness XDR will host demonstrations at its booth at RSA Conference this year for Platform XDR and Vision XDR. ABOUT NetWitness NetWitness, an RSA® Group Business, provides comprehensive and highly scalable threat detection and response capabilities for organizations around the world. The NetWitness Platform delivers complete visibility combined with applied threat intelligence and user behavior analytics to detect, prioritize, investigate threats, and automate response. This empowers security analysts to be more efficient and stay ahead of business-impacting threats.

Read More

Spotlight

For too many IT organizations, complying with the Payment Card Industry Data Security Standard (PCI DSS) and corporate security policies has been far too costly, complex, and time consuming. Now, Vormetric offers a better way. Vormetric Tokenization with Dynamic Data Masking helps your security team address its compliance objectives while gaining breakthroughs in operational efficiency. With tokenization, you can remove databases from PCI DSS Scope and do so with minimal disruption and administrative overhead. Vormetric Tokenization is part of the Vormetric Data Security Platform, which delivers a comprehensive range of security and compliance controls that help IT teams efficiently address their requirements for encryption, privileged user access control, file access auditing, and more.

Resources