SOFTWARE SECURITY

ZeroEyes Announces Partnership with Veteran-Owned Cybersecurity Firm Layer 8 Security

Layer 8 Security | February 02, 2022

ZeroEyes, Inc., creators of the only AI-based video analytics platform focused solely on gun detection, is proud to announce its partnership with Philadelphia-based company, Layer 8 Security. Layer 8 Security is a cybersecurity consulting and technical services firm that arms organizations with practical security, compliance, and privacy strategies.

Starting in 2022, Layer 8 Security will assist ZeroEyes with the company's information security certifications. Both companies are veteran-founded, owned, and operated, and are part of the Veterans Business Referral Network with over 200 members in the Greater Philadelphia area. In addition to the local connections, both companies are well-known on the national stage for being leaders in their respective disciplines.

"I've known members of the ZeroEyes team for years,ZeroEyes' focus on gun detection and physical security complements our focus on being the 'sheepdogs,' protecting people in any way we can. In our case our focus is on data privacy and protecting businesses from hackers. I'm excited to leverage our shared goals as veterans helping veterans."

Kevin Hyde, President and Co-Founder at Layer 8 Security

"Layer 8 Security and ZeroEyes are both focused on security and building veteran-owned businesses," adds ZeroEyes' Chief of Staff, Kieran Carroll. "We're excited to support Layer 8 Security in their mission and appreciate their services in securing our own business."

About ZeroEyes
ZeroEyes is the industry's leading AI-based weapons detection solution. Our software integrates into existing security camera systems and sends out a series of alerts when a verified gun is detected via our best-in-class weapons detection algorithms. Founded by a team of Navy SEALs and military veterans with over 50 years of military experience with deep special operations and intelligence community expertise, ZeroEyes is the trusted weapons detection provider of numerous clients, including the US Department of Defense, leading public K-12 school districts, commercial property groups, Fortune 1000 corporate campuses, shopping malls, and big-box retail.

About Layer 8 Security
Layer 8 Security is a cybersecurity consulting, advisory, and technical services firm that arms organizations with practical security, compliance, and privacy strategies. Today's business environment requires seamless integration with third-party vendors, clients, and partners. Layer 8 Security ensures your information ecosystem is secure, compliant, and resilient to the severity and frequency of a disruption resulting from a cyber attack.

Spotlight

HP reveals that the Internet of Things (IoT) is far from secure. According to an ongoing HP IoT study series, home security systems are not nearly as secure as you may think.


Other News
PLATFORM SECURITY

Red Sift Partners with SMX to Provide End-to-End Cloud Email Security to Organizations in Australia and New Zealand

Red Sift | May 09, 2022

Red Sift, provider of the only integrated cloud email security and brand protection platform, today announced a strategic partnership with SMX, the cybersecure email specialist, to help enterprises in Australia and New Zealand strengthen their email security posture and threat protection. Through this exclusive arrangement, Red Sift’s best-in-class Reporting Platform integrates with SMX’s new Domain Protection Service (DPS) to deliver a new joint DMARC implementation offering, helping customers improve email threat monitoring and agility in responding to threats. Red Sift and SMX will be showcasing their joint offering at AusCERT 2022 in Broadbeach, Australia, May 10-13 (booth #B19). SMX’s DPS service enables enterprises to maintain an effective DMARC implementation, using Red Sift’s best-in-class Reporting Platform to identify, quantify, and respond in real-time to dynamic threats. Red Sift’s real-time reporting provides vital data that allows SMX to deliver their expertise in refining the security profile and manage SMX DPS deployments effectively across an enterprise’s domains. SMX’s expertise, coupled with Red Sift’s reporting capabilities, provides the level of agility and monitoring required to keep up with today’s email threat landscape. “Every company in Australasia has a unique threat environment and clients increasingly want a region-specific, locally designed and supported approach to cyber security,” says Richard Fraser, CEO of SMX. “Our DMARC managed service, DPS, made possible through this strategic partnership with Red Sift, provides clients with the tailored protection profile required to respond in real-time to dynamic threats, and will enhance email cyber-security throughout Australia and New Zealand.” According to Gartner, 90% of the Global 2000 will have DMARC in place by 2026. As email threats continue to evolve and become increasingly complex, it is more important now than ever before that enterprises establish a streamlined and sustainable DMARC implementation process that can be easily updated to reflect today’s dynamic digital environment. With the Red Sift and SMX partnership, enterprises now have access to an end-to-end email threat monitoring service, powered by real-time reporting with actionable insights that enable them to maximize their agility in quantifying and responding to threats. As a result, customers have greater confidence in their DMARC implementation and overall email security posture. “SMX shares our mission to provide enterprises with the solutions necessary to proactively protect their business and brand reputation from email security threats, rather than ‘mopping up’ after an attack. Our partnership with SMX enables us to help more organizations in Australia and New Zealand strengthen their DMARC implementations, and we’re excited to continue to scale globally in partnership with SMX.” Cameron McLean, Regional Manager, Asia Pacific, Red Sift Experts from Red Sift and SMX will be on hand at booth #B19 at AusCERT 2022 to showcase their joint DMARC managed service for enterprises. About Red Sift Red Sift enables security-first organizations to successfully communicate with and ensure the trust of their employees, vendors and customers. As the only integrated cloud email and brand protection platform, Red Sift automates BIMI and DMARC processes, makes it easy to identify and stop business email compromise, and secures domains from impersonation to prevent attacks. Founded in 2015, Red Sift is a global organization with international offices in the UK, Spain, Australia, and North America. It boasts a client base of all sizes and across all industries, including Wise, Telefonica, Pipedrive, ITV, Dominos, and top global law firms. Find out how Red Sift is delivering actionable cybersecurity insights to its global customers at redsift.com. About SMX SMX is a cyber security company with specialist expertise in email. It’s all we do. That means you get local expertise to help you secure your organisation’s email. And when you protect your email, you’re also protecting your brand reputation. For more than 17 years, our in-house development team has been delivering that to hundreds of public and private sector businesses, offering training, support and the latest in tech solutions.

Read More

SOFTWARE SECURITY

Whistic Announces Support of Google’s Minimum Viable Secure Product Framework

Whistic | May 23, 2022

Today, Whistic, the proactive vendor security network for both buyers and sellers, announced support for the Minimum Viable Secure Product (MVSP) framework, a security baseline developed by Google in a collaborative effort with Okta, Slack, and Salesforce. Until the introduction of MVSP, there was no commonly accepted baseline available among security professionals that indicated the importance of security controls. With MVSP, vendors can demonstrate to their customers that they are meeting, at a minimum, the baseline of security as outlined by some of the industry’s top security professionals. “We believe a vendor-neutral security baseline is an important step in establishing minimum acceptable security requirements for enterprise software and services. “By assuring enterprise solutions include the core security building blocks, we can work to reduce third-party risk, and promote security as a key part of the product development lifecycle.” Chris John Riley, Senior Security Engineer at Google Vendors that utilize Whistic to share security documentation via the MVSP help streamline and accelerate the security review process for their customers, helping them to rapidly understand the vendor’s security posture. “Enabling companies to showcase their security posture using the MVSP and other industry frameworks is a key step toward ensuring transparent relationships between vendors and their customers,” stated Nick Sorensen, Whistic CEO. “In addition to announcing support of MVSP, we recently launched Whistic Basic Profile that enables any business regardless of size to proactively share their security posture with customers and publish it to the Whistic Vendor Security Network for free.” Basic Profile allows vendors to self-assess against industry standard frameworks, including MVSP. It also includes a limited number of Profile shares, and the ability to publish to the Whistic Trust Catalog, enabling Whistic customers to conduct Zero-Touch Assessments of the vendor’s security posture. “Okta has already added MVSP to our Whistic Profile and we look forward to seeing more and more of our vendors adopt this baseline in their Profiles,” said Gen Buckley, Director, Customer Assurance Customer Trust at Okta Security and founding committee member of MVSP. “We are always looking for ways to streamline our vendor security reviews and drive a more secure ecosystem, and MVSP helps accomplish that while also promoting transparency and collaboration between vendors and customers.” Marat Vyshegorodtsev, Enterprise Security JAPAC representative at Salesforce adds, “Organizations of all sizes often purchase dozens of software products managed by third parties. The onboarding process alone can take weeks or months, especially when it comes to vetting the security posture for each. MVSP helps solve this—it standardizes this process and eliminates overhead, complexity, and confusion for both parties while ensuring the minimum-security requirements.” About Whistic Located in the heart of the Silicon Slopes in Utah, Whistic is the network for assessing, publishing, and sharing vendor security information. The Whistic Vendor Security Network accelerates the vendor assessment process by enabling businesses to access and evaluate a vendor’s Whistic Profile and create trusted connections that last well beyond the initial assessment. Make security your competitive advantage and join businesses like Airbnb, Okta, Betterment, and Atlassian who are leveraging Whistic to modernize their vendor security programs.

Read More

DATA SECURITY

ITC Secure and Cassava Technologies Announce Joint Venture to Expand Industry Leading Security Operations and Microsoft Cloud Security Expertise

ITC Secure | December 16, 2021

ITC Secure (ITC), a leading advisory-led cyber security services company and a Microsoft Gold cyber security partner, and Cassava Technologies, the pan-African technology leader, announced today that they have entered into a Joint Venture (JV) to build and launch an extensive portfolio of cyber security services, powered by Microsoft Azure cloud technologies in Africa. Hardy Pemhiwa, the CEO of Cassava Technologies said: “Digital transformation in Africa is accelerating the adoption of cloud services which is creating an urgent need to better protect users and business-critical data. Cassava Technologies footprint covering more than 15 countries in Africa, we are well-positioned to meet the growing needs of businesses and individuals and expand access to cybersecurity and other digital services. We look forward to bringing ITC’s world-class cyber expertise, coupled with Microsoft’s industry-leading technology, to build Africa’s digital future.” “The strategic partnership between ITC Secure and Cassava Technologies, as a pan-African technology leader, will bring Microsoft’s cutting-edge cloud security solutions to the African market to drive the growth of the technology sector and innovation across Africa.” Andre Pienaar, the Chairman of ITC Secure Admiral Mike Mullen, the Chairman of ITC Secure USA said: “The combination of ITC Secure and Cassava Technologies will help guide us to the future while addressing the growing needs of individuals and organisations in the African market for a secure digital world, built on the best solutions and delivered by the best experts.” Replicating best practice of a leading UK SOC to build a cutting-edge SOC in Africa ITC’s 24/7 Operations Centre, based in London, is at the forefront of delivering managed security services. As part of the JV, ITC and Cassava Technologies will build a state-of-the-art SOC in Africa. The centre will leverage Cassava Technologies’ in-depth knowledge of the African continent and ITC’s extensive experience in cybersecurity, to enable the rapid delivery of cyber services and operations on the continent. Steering the future ITC’s mission to ‘make the digital world a safer place to do business’ echoes Cassava Technologies’ vision of a digitally connected future that leaves no African behind. This JV addresses the growing need to ensure that individuals and organisations are safe and secure online and will further demonstrate how cyber security can be a business enabler, helping to drive growth and create jobs across Africa. Facilitating knowledge transfer locally The skills gap in the cyber security industry continues, with recruitment and retention an ongoing challenge. The JV will facilitate access to experts globally and close collaboration and knowledge transfer locally. This will enable faster on the ground response, the sharing of cyber security best practice and streamlined sharing of internal resource. Extended portfolio of cyber security services ITC’s integrated delivery model provides access to the best cyber security skills, technology, and governance. Encompassing a unified suite of solutions that start with an advisory-led approach, including Identity and Access Management capabilities and managed security services like Managed Detection and Response. At the heart of ITC’s integrated delivery model is PULSE, an extended detection and response platform powered by Microsoft Sentinel, that integrates specialist knowledge and expertise. ITC is a Microsoft Gold partner in Security and Cloud and a member of the Microsoft Intelligent Security Association. Organisations will gain access to a level of expertise recognised by Microsoft as the “highest, most consistent capability” – underpinned by a cohesive set of services that scale. About ITC Secure ITC Secure is an advisory-led cyber security services company. We have a 25+ year track record of delivering business-critical services to over 300 blue-chip organisations - bringing together the best minds in security, a relentless focus on customer service and advanced technological expertise to help businesses succeed. With our integrated delivery model, proprietary platform and customer-first mindset, we work as an extension of your team throughout your cyber journey and always think not only about you, but also your customers and the reputation of your brand. ITC Secure a certified Great Place to Work® and is headquartered in London, UK. With a dynamic balance of the best in people, technology, and governance, we make cyber resilience your competitive advantage. About Cassava Technologies Cassava Technologies is a pan-African technology leader providing a vertically integrated ecosystem of digital solutions, designed to significantly accelerate connectivity and drive digital transformation across the African continent. Cassava Technologies creates the enabling digital infrastructure with cross-border fibre, renewable energy solutions, and a state-of-the-art network of data centres that provides access for millions to complementary digital services of Wi-Fi, Cloud, cybersecurity and fintech solutions. This ecosystem aims to transform the lives of individuals and businesses across the continent by enabling social mobility and economic prosperity.

Read More

DATA SECURITY

Flashpoint Acquires Vulnerability Intelligence Leader Risk Based Security

Flashpoint | January 13, 2022

Flashpoint, the trusted leader in threat intelligence and risk prevention, today announced it has acquired Risk Based Security (RBS), a Richmond, Virginia-based company specializing in vulnerability and data breach intelligence, as well as vendor risk ratings. The integration of RBS’s collections and technology into the Flashpoint platform offers a wide range of cybersecurity practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps, and vendor risk management teams—the contextual threat intelligence and automation they need to detect, prioritize, and thwart emerging cyber risks rapidly and holistically. “I am incredibly excited to welcome the RBS team to Flashpoint,This acquisition will enable our clients to rapidly detect critical vulnerabilities before they are widely known, and then automate how they prioritize and remediate these issues. This is a game changer for security teams and represents a vital step towards achieving Flashpoint’s vision of being the single vendor that enterprises can rely on to mitigate all types of security risks and protect critical assets.” Flashpoint CEO Josh Lefkowitz Since its founding in 2011, Risk Based Security has partnered with a diverse group of clients, including Microsoft, BlackRock, Northrop Grumman, Swisscom, American Electric Power, Amtrak, and numerous other enterprises across the technology, financial, insurance, and consumer goods sectors. To date, RBS possesses over 90,000 vulnerabilities in its collections that are not assigned CVE IDs and therefore do not exist in the National Vulnerability Database (NVD). RBS’s proprietary technology consistently identifies vulnerabilities before they are commonly known—and maps those vulnerabilities to an enterprise’s software—providing clients with a critical edge and head-start on potential adversaries. “We’re thrilled to join forces with Flashpoint,” said Jake Kouns, CEO of RBS. “It’s rare to find two organizations so similar in culture with a mutual drive to get things done. Our visions align perfectly, and we are excited to collaborate with them to bring a holistic, risk-based intelligence offering to a broad market.” AN ASSET-BASED APPROACH TO INTELLIGENCE AND RISK MANAGEMENT RBS’s extensive vulnerability, data breach, and proprietary vendor risk ratings empower security teams to quickly assess and remediate vulnerabilities based on their unique risk profile—making it the only vulnerability management tool on the market that provides scanless, real-time vulnerability intelligence with vendor and product risk ratings. With this technology, Flashpoint will be able to reveal a customer’s exposure to critical vulnerabilities and supply chain weaknesses, provide contextual awareness into how these vulnerabilities are being exploited by threat actors, and prioritize and automate the actions needed to remediate potential threats. In light of recent critical vulnerabilities like the highly-publicized disclosure of Log4j, early detection and rapid prioritization of risks is more important than ever. Moving beyond a reactive approach to threats, a combined Flashpoint and RBS solution will drive immediate and differentiated value to all types of security practitioners who are focused on protecting critical assets and infrastructure. ABOUT FLASHPOINT Trusted by governments and the Fortune 500, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks such as cyber threats, ransomware, fraud, physical threats, and more. Leading security practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps and vendor risk management teams—rely on Flashpoint's intelligence platform to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. ABOUT RISK BASED SECURITY Risk Based Security (RBS) provides detailed information and analysis on Vulnerability Intelligence, Vendor Risk Ratings and Data Breaches. Our product, the Risk Based Security Platform, combines VulnDB and Cyber Risk Analytics (CRA), providing organizations access to the most comprehensive security intelligence knowledge bases available, including advanced search capabilities, access to raw data via API, and email alerting to assist organizations in taking the right actions in a timely manner.

Read More

Spotlight

HP reveals that the Internet of Things (IoT) is far from secure. According to an ongoing HP IoT study series, home security systems are not nearly as secure as you may think.

Resources