How Data Risk Detection and Response Are Becoming Crucial Components of Cloud Security
With so many complex threats online, organizations need to be able to detect and respond to cloud breaches in a matter of minutes if they want to protect their mission-critical data. At a fundamental level, cloud security is data security. However, a lot of businesses are having trouble locating and...
Four Strategies for Reducing SaaS Security Threats
Big or small, Software-as-a-Service (SaaS) businesses continue to be a top target for cybercriminals. Because SaaS solutions are accessible around-the-clock and their systems store a variety of sensitive data, social engineering and data breaches are as prevalent as they are efficient. A SaaS company’s capacity to provide customers with uninterrupted service is crucial; therefore, a system failure (or, worse, a series of system failures) might be fatal.
Insight Strengthens Managed Security Service with New Extended Detection and Response Capabilities
Insight Enterprises, a Fortune 500 solutions integrator helping clients accelerate their digital journey, has expanded its managed security service with new extended detection and response (XDR) capabilities that help enterprises modernize and strengthen their security posture without adding overhead for internal IT teams. Insight Managed XDR is part of a...
Trellix Expands XDR Platform to Transform Security Operations
Trellix, the cybersecurity company delivering the future of extended detection and response (XDR) announced the expansion of its XDR platform. Trellix XDR enables the company’s 40,000+ customers to build greater cyber resiliency, maximize the value of their existing security tools, and reduce mean time to detection and response. “We...
Arcion Unveils Agentless Change Data Capture for Azure, SQL Server, Oracle, SAP HANA, and MySQL
Arcion, creator of the only cloud-native, CDC-based data replication platform, today announced agentless change data capture (CDC) for all of its supported databases and applications. Enterprises can now replicate data in real time, at scale, with guaranteed delivery — but without the inherent performance issues, security concerns, and administrative burdens associated with the installation of proprietary software on database servers.
Latest Delinea Product Update Releases DevOps Security
Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today announced the latest release of DevOps Secrets Vault, its high-speed vault for DevOps and DevSecOps teams. New enhancements include development support on the most recent Mac computers, and improved secrets management usability through automation, intended to reduce development time and increase visibility.
Forcepoint ONE Strengthens FedRAMP Authorization for CASB to include ZTNA and SWG to Offer a Single Security Service Edge platform
Global security leader Forcepoint announced that the Federal Risk and Authorization Management Program (FedRAMP®) has approved the Forcepoint ONE all-in-one cloud platform. FedRAMP is a U.S. government-wide program that certifies that cloud-based software can be trusted to secure and accelerate cloud adoption for federal agencies. Forcepoint’s “Authorized” designation from FedRAMP indicates that Forcepoint ONE meets 325 security controls for NIST 800-53 compliance requirements.
SafePaaS, sponsor of Dallas Cybersecurity Conference, unveils extended Identity Governance and Security capabilities
SafePaaS, the leading provider of enterprise access governance, announces cutting-edge enhancements to its Policy-Based Access Controls management SaaS platform at the Dallas Cybersecurity Conference. SafePaaS customers have unmatched advantage to control all identity risks across the enterprise and all data sources including, cloud infrastructure, ERP, vertical applications, ITSM, databases, and servers to protect businesses from continued insider external and cyber threats.
ICS/OT Security Services Launched by GuidePoint Security
Virginia-based GuidePoint Security, a provider of cybersecurity consulting services (OT) is offering a number of services like Industrial control systems (ICS) and other operational technology. The new ICS security services include penetration testing, Security Program Review, and Security Architecture Review. The SPR service is intended to assist organizations in determining...
BigID Launches Industry-First Data Deletion Capabilities to Accelerate Compliance and Reduce Risk
BigID, the leading data intelligence platform that enables organizations to know their enterprise data and take action for privacy, security, and governance, today announced native data deletion capabilities that make it easy for organizations to quickly and effectively delete personal and sensitive data across their data stores – including Snowflake, AWS S3, mySQL, Google Drive, Teradata, and more.
L2 Network Security Control Bypass Vulnerabilities Affect Numerous Cisco Products
This week, Cisco confirmed that bypass vulnerabilities in the Layer-2 (L2) network security controls affect tens of its enterprise routers and switches. By sending specially crafted packets that would cause a denial-of-service (DoS) or enable them to conduct a man-in-the-middle (MitM) attack, an attacker can get around the security measures offered by these enterprise devices. The Ethernet encapsulation protocols’ L2 network security controls contained a total of four medium-severity security flaws, according to an advisory from the CERT Coordination Center (CERT/CC) at Carnegie Mellon University.
Strategies to Reduce Attack Surface Areas
In today’s complex IT ecosystem and sophisticated malware, enterprises need to be vigilant in reducing the attack surface area to minimize the opportunities available to cybercriminals to exploit the business network. Businesses are exposed to various cyber threats and risks that CISOs need to address. It is crucial for...
Four Best Approaches to Encryption Key Management
Enterprise key management may look complex, but it doesn’t have to be that challenging or intricate. Enterprises can use strong policy development, reliable access control, and centralized management to provide effective encryption key management in even the most complicated contexts. The usage of encryption is expanding throughout businesses of...
SteelCloud Announced a Top Cloud Security Solutions Provider by Enterprise Security Magazine
SteelCloud LLC, a STIG and CIS compliance automation software developer, announced today that it has been recognized as one of the “Top 10 Cloud Security Solutions Providers – 2022” by Enterprise Security Magazine. A distinguished panel of experts, professionals, and technology leaders including board members of Enterprise...
Ethernet VLAN Stacking vulnerabilities allow for DoS and MitM attacks
Four vulnerabilities in the widely adopted ‘Stacked VLAN’ Ethernet feature allows attackers to perform denial-of-service (DoS) or man-in-the-middle (MitM) attacks against network targets using custom-crafted packets. Modern routers and switches have a feature called “stacked VLANs” or “VLAN Stacking” that enables businesses to combine multiple VLAN IDs into...
PolySwarm Presents Next-Generation Malware Intelligence Marketplace to Blockchain, Operating 100% on Mainnet to Combat Emerging Cybersecurity Threats
PolySwarm, a first-of-its-kind marketplace for malware intelligence, today announced it has moved all cybersecurity threat detection engines to its Mainnet. The malware intelligence provider is now transacting with its proprietary Nectar (NCT) tokens to unite a robust network of threat research experts such as Crowdstrike and SentinelOne with enterprise customers like Microsoft and Verizon that use the platform for protection from new and emerging online threats. In exchange for swiftly and accurately identifying threats, researchers in the PolySwarm network are rewarded with the NCT token, which operates on the Ethereum blockchain and is listed on Coinbase and other crypto exchanges.
IDnow Unveils Partnership with Adobe Document Cloud to Make Digital Signatures Simpler and More Secure
IDnow, a leading identity proofing platform provider in Europe, announces a global collaboration with Adobe Document Cloud, the world’s leading PDF and e-signature tools solution, to make identify verification for validated signatures simpler and more secure. Legally compliant signing with a qualified electronic signature (QES) requires users to identify...
WatchGuard Threat Lab Reports Decrease in Malware Volume, Surge in Encrypted Malware and Actively Exploited Office Vulnerabilities
The latest Internet Security Report from the WatchGuard Threat Lab, shows a reduction in overall malware detections from the peaks seen in the first half of 2021, along with an increase in threats for Chrome and Microsoft Office and the ongoing Emotet botnet resurgence. “While overall malware attacks in Q2...
Palo Alto Networks Chosen to Secure Cloud-Native 5G Networks in Canada
Palo Alto Networks (NASDAQ: PANW) today announced that it has been selected by communications technology company TELUS to assist with securing one of the largest and fastest 5G networks in Canada. “Securing 5G requires a Zero Trust approach to protect all elements of the mobile network across key network interfaces,...
Cloud Security Must be a Top Priority for Every C-Suite Leader
Business leaders need to put cloud security at the top of their priority list as companies move more of their data and apps to the cloud. Proactive measures, security as code, user-centric security, and C-suite involvement, are essential for protecting companies from emerging threats. Digitization is accelerating rapidly. But so...
