DATA SECURITY

Vulcan Cyber Makes a New Cloud Security Module for Risk-Based Remediation Platform

Vulcan Cyber | July 26, 2021

The only risk-based remediation platform for developers for infrastructure, application, and cloud security, Vulcan Cyber®, has announced today that the new Cloud Security module of Vulcan Cyber provides a consolidated view across traditional IT infrastructure and cloud application environments cyber risks.

With various inputs from the AWS Security Hub Identity, Aqua Security, and Access Management (IAM) service, the module will enable IT security teams, to prioritize, consolidate, track, and remediate all cyber vulnerabilities. Within a single platform, Vulcan Cyber Cloud Security supports enterprise cloudsec teams to manage and remediate cloud configurations in container and Kubernetes deployments, Microsoft Azure, Amazon Web Services, Google Cloud, and more.

By adding cloud configuration data to the Vulcan Cyber risk-based remediation platform, the company is deepening the vulnerability and risk insights and control available to users, offering the only remediation orchestration capabilities for all sources of digital risk, including IT networks, infrastructure, application surfaces, and cloud. The update expands the reach of Vulcan Cyber customer risk remediation efforts to include any cloud environment for a full measure of cyber risk in enterprises.

IT security teams can identify and mitigate various risks and vulnerabilities generated by human error in cloud environments using Vulcan Cyber Cloud Security. The new Cloud Security module of Vulcan Cyber is available in beta now, and, in August, it will be generally available to Vulcan Pro and Vulcan Enterprise customers.

About Vulcan Cyber

Vulcan Cyber developed the industry's first risk-based remediation platform.  It was built to help businesses reduce cyber risk through the measurable and efficient cloud and application security programs and infrastructure. The Vulcan platform orchestrates and tracks the remediation lifecycle from scan to fix by curating and delivering the best remedies, prioritizing vulnerabilities, and automating processes and fixes through the last mile of remediation.

Spotlight

John Torres, president of Guidepost Solutions' Security & Technology Practice, talks about potential career paths for cybersecurity consultants in this clip from the Cyber Work podcast.


Other News
DATA SECURITY

Symphony Technology Group Announces the Launch of Skyhigh Security

Skyhigh Security | March 22, 2022

Symphony Technology Group (“STG”), a leading Menlo Park-based private equity firm focused on the software, data, and analytics sectors, today announced the launch of Skyhigh Security. The new portfolio company was created to satisfy the growing cloud security requirements for large and small organizations. Skyhigh Security’s unique approach extends security beyond data access to securing how the data is used. Its data-aware Security Service Edge (SSE) is built to meet the needs of the modern workforce with security that follows the data and users wherever they are. Earlier this year, STG announced it would be splitting McAfee Enterprise into two organizations—Trellix and Skyhigh Security—to better focus on the very distinct markets of Extended Detection and Response (XDR) and the SSE. At that time STG also announced that Gee Rittenhouse, who previously led Cisco’s cyber security business, would serve as CEO of the SSE business, bringing deep cloud security expertise. “Skyhigh Security has emerged as a dedicated cloud security company that is laser-focused on propelling businesses forward with a comprehensive and converged approach to data security. We’re committed to investing in this business, which is in one of the most important markets in security, SSE.” William Chisholm, managing partner, STG “With the majority of data in the cloud and users accessing it from everywhere, a new approach to security is needed,” said Rittenhouse. “Skyhigh Security has created a comprehensive security platform to secure both data access and data use via unified policies and data awareness. Organizations can now have complete visibility and control and seamlessly monitor and mitigate security risks—achieving lower associated costs, driving greater efficiencies and keeping pace with the speed of innovation.” “Organizations are at a crossroads navigating the hybrid workforce,” said Frank Dickson, vice president, IDC. “While the ‘work from anywhere’ model creates flexibility and agility, it can also be a point of security vulnerability, challenging perimeters and endpoints and opening new attack surfaces in the cloud. These organizations need a best-in-class cloud-native solution that simplifies the implementation of cloud security to protect data regardless of where it lies.” “Protecting the way data is used is as important as the way data is accessed—we must implement a powerful data-centric defense to meet the demands of how work is conducted today,” said Dan Meacham, chief information security officer, Legendary Entertainment. “Skyhigh Security’s platform approach is completely integrated and simple to use. With over 10 years focus on cloud security, they are a pioneer in the SSE space. Skyhigh Security’s innovations have been validated both by analysts and customers alike. It is truly one of the most solid and unique SSE solutions in the market today.” The Skyhigh Security SSE Portfolio includes Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), Cloud Data Loss Prevention (DLP), Remote Browser Isolation technology, Cloud Firewall and Cloud Native Application Protection Platform (CNAPP). The company was most recently named a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge and recognized in the 2022 Critical Capabilities for SSE for its MVISION Unified Cloud Edge (UCE) solution. About Skyhigh Security: Skyhigh Security protects organizations with cloud-native security solutions that are both data-aware and simple to use. Its market-leading Security Service Edge (SSE) Portfolio goes beyond data access and focuses on data use, allowing organizations to collaborate from any device and from anywhere without sacrificing security.

Read More

PLATFORM SECURITY

Trend Micro Unites Industry With Most Powerful and Complete Security Platform

Trend Micro | April 26, 2022

Trend Micro Incorporated , a global cybersecurity leader, announced the launch of Trend Micro One, a unified cybersecurity platform with a growing list of ecosystem technology partners that enables customers to better understand, communicate, and lower their cyber risk. Organizations are battling on all fronts to face mounting cyber risks from their complex and growing attack surface with stretched teams and siloed security products. The unified security platform approach delivers a continuous lifecycle of risk and threat assessment with attack surface discovery, cyber risk analysis, and threat mitigation and response. Inaugural partners of the Trend Micro One technology ecosystem include: Bit Discovery, Google Cloud, Microsoft, Okta, Palo Alto Networks, ServiceNow, Slack, Qualys, Rapid7, Splunk, and Tenable. "We are so proud that ecosystem partners value integrating into our platform. Collectively we help enterprises fight the bad guys known as cybercriminals. Alone we are strong, but together our industry is unstoppable in helping customers eliminate security gaps anywhere, identify internal and external enterprise assets, and take critical steps to mitigate them. Kevin Simzer, COO of Trend Micro According to Gartner®, "vendors are increasingly acquiring or developing these adjacent technologies and integrating them into a single platform. The benefits are best realized when this integration minimizes consoles and configuration planes and reuses components (e.g., endpoint agents) and information.1" "We all know that digital transformation is table stakes for the post-pandemic enterprise. But this comes with additional risks: a bigger target for threat actors to aim at and more visibility and security coverage gaps for them to hide in," said Jeremiah Grossman, CEO of Bit Discovery. "Trend Micro's approach stands out from the crowd — notably with its blend of multiple sources of asset and risk visibility, including external attack surface visibility powered by Bit Discovery. Trend Micro's platform helps customers quickly get a prioritized and comprehensive understanding of their attack surface." As a unified platform, Trend Micro One delivers powerful risk assessment capabilities, but the ecosystem partners extend that to make it the most complete in the industry. Joint customers benefit from truly connected visibility, better detection and response capabilities, and comprehensive protection across security layers and systems. Trend Micro One supports this approach by enabling customers to: Discover the attack surface: Identify, monitor, and profile cyber assets in customers' environments. Understand and continuously assess risk: Analyze risk exposure, the status of vulnerabilities, the configuration of security controls, and types of threat activity. Effectively mitigate risk: Ensure the right preventative controls and take swift action to mitigate risk and remediate attacks across the enterprise by leveraging Trend Micro's threat and risk intelligence. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.

Read More

DATA SECURITY

Axonius Unveils SaaS Management Solution to Combat Complexity, Cost, and Risk

Axonius | January 20, 2022

Axonius, the leader in cybersecurity asset management, today unveiled Axonius SaaS Management, a new comprehensive solution that helps security, IT, finance, and risk teams control the complexity, cost, and risk of software as a service (SaaS) with a single source of truth into their SaaS application landscape. As businesses rapidly increase consumption of SaaS applications, they face acute IT, security, and business challenges. The rate of SaaS adoption makes manual approaches to gaining a credible SaaS asset inventory woefully inadequate and exposes extremely difficult visibility challenges into both known and unknown SaaS applications. Compounding these visibility challenges, companies struggle to identify how data flows between apps, manage a myriad of configurations, and close security gaps, as well as track licensing and spend, across hundreds sometimes thousands of SaaS applications. Axonius SaaS Management lets customers address the operational and financial challenges of SaaS asset management, as well as the security and risk gaps, all via a seamless, nonintrusive deployment that delivers actionable insights from day one. This is the first product delivered by AxoniusX, the company’s innovation-focused business unit that launched in June 2021. “Over the past few years, we’ve seen tools emerge that address some aspects of SaaS management from either the business side or SaaS security posture management, but these approaches still leave companies with gaps in visibility and siloed information,We’ve built on our unique approach to cybersecurity asset management to deliver the same results for SaaS applications. With our rich history in building and maintaining API integrations with SaaS solutions, Axonius has the expertise and market traction to bring massive value to organizations struggling with the complexity of modern apps and infrastructure.” Amir Ofek, CEO and co-founder of AxoniusX Axonius SaaS Management uses adapters (API connections to data sources) and proprietary SaaS discovery tools to create a detailed inventory of all SaaS applications, permissions, and data flows. By connecting to all layers of the SaaS application stack, the solution discovers both the SaaS applications known to and sanctioned by organizations as well as shadow and unmanaged apps. This approach provides comprehensive visibility into all data types and interconnectivity flows, identifies misconfigurations and data security risks, and delivers actionable insights for better IT management and cost optimization. Axonius SaaS Management integrates with Axonius Cybersecurity Asset Management to provide a comprehensive platform that unifies all digital assets from SaaS apps to devices, user accounts, cloud assets, and more so customers can easily and effectively control complexity across the entire IT environment. About Axonius Axonius gives customers the confidence to control complexity by mitigating threats, navigating risk, automating response actions, and informing business-level strategy. With solutions for both cyber asset attack surface management (CAASM) and SaaS management, Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically validate and enforce policies. Cited as one of the fastest-growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of assets, including devices and cloud assets, user accounts, and SaaS applications, for customers around the world.

Read More

PLATFORM SECURITY

Cybersecurity Startup ActZero Partners with Measured Analytics and Insurance

ACTZERO | December 15, 2021

ActZero, a cybersecurity startup whose AI-driven platform makes best-in-class security accessible for businesses of all sizes, today announced a strategic partnership with Measured Analytics and Insurance, the data and analytics-driven cyber insurance company. The partnership will enable businesses to protect themselves against emerging security threats with an integrated risk management approach. Recent reports by lead researchers have found that a majority of organizations have experienced incidents of ransomware or phishing in the last 12 months, while other cybersecurity threats are also on the rise. This trend means that more and more businesses need to level up their cybersecurity posture, while also preparing for the ramifications of potential attacks with cybersecurity-specific insurance. The partnership between ActZero and Measured is among the first to holistically address a business's cybersecurity needs by combining sophisticated managed detection and response services designed to stop attacks and extortion with insurance services that position companies to mitigate potential losses. "We're pleased to be working with Measured, which will serve as the foundation of our integrated risk management distribution channel,Pairing our solution with insurance coverage to better protect customers represents another leap forward in our pursuit of making cybersecurity more effective and affordable for small and mid-sized enterprises." Chris Finan, ActZero's Chief Operating Officer The ActZero platform combines next-generation antivirus protection, endpoint detection and response, extended detection and response technologies, and 24/7 automated and managed threat hunting capabilities to detect and prevent all types of cybersecurity threats, from commodity malware to sophisticated, headline attacks across endpoints, network and cloud. The combined offering with Measured means that ActZero clients can now take advantage of streamlined access to cyber insurance at better rates. Measured Analytics and Insurance sells industry-leading comprehensive cyber insurance backed by the most reputable reinsurance companies in the world. Measured tackles the challenge of underwriting cyber insurance by combining proprietary data and machine learning algorithms to assess and price cyber insurance for small- and mid-sized businesses. In partnering with ActZero, Measured's clients gain access to a robust suite of cybersecurity technologies at preferred rates. "In this era of growing concerns and evolving threats, it's critical to complement our cyber insurance offering with innovative detection and response capabilities to stop problems before they start," said Jack Vines, CEO of Measured Insurance. "ActZero is the ideal partner to deliver on this promise, enabling our customers to implement sophisticated risk management strategies, thereby best positioning themselves against today's current threat climate." ABOUT ACTZERO ActZero is a cybersecurity startup that makes small- and mid-size businesses more secure by empowering teams to cover more ground with fewer internal resources. Our intelligent managed detection and response service provides 24/7 monitoring, protection and response support that goes well beyond other third-party software solutions. Our teams of data scientists leverage cutting-edge technologies like AI and ML to scale resources, identify vulnerabilities and eliminate more threats in less time. We actively partner with our customers to drive security engineering, increase internal efficiencies and effectiveness and, ultimately, build a mature cybersecurity posture. Whether shoring up an existing security strategy or serving as the primary line of defense, ActZero enables business growth by empowering customers to cover more ground. ABOUT MEASURED ANALYTICS AND INSURANCE Measured Insurance offers an analytics-based approach to cyber insurance, specifically quantifying specific exposure to ransomware attacks. Measured Insurance is bridging the gap between technology and insurance by using AI-powered analytics that tracks individual exposure in real-time to create smarter insurance products. Every policy is tailored to fit the individual client–clearly identifying pre-event exposure in seven fundamental areas and customizing post-event loss mitigation services with real experts, real people, and real help if ever needed.

Read More

Spotlight

John Torres, president of Guidepost Solutions' Security & Technology Practice, talks about potential career paths for cybersecurity consultants in this clip from the Cyber Work podcast.

Resources