Cloud Security

Qualys Expands Global Cloud Platform with Three New Secure Operations Centers (SOCs)

Grazed from Qualys

Qualys, Inc., a pioneer and leading provider of cloud-based security and compliance solutions, today announced the opening of three new Secure Operations Centers (SOCs) in the European Union (EU), India and North America. The addition of these new locations in Amsterdam, Pune, India and San Jose, Calif. marks a new milestone for Qualys' expanding global operations, which now includes six locations on three continents.

Organizations migrating services to the cloud must comply with new and changing global and regional regulations that impact where data resides. Qualys' expansion will provide its global base of customers worldwide with greater access to a broad suite of cloud-based security and compliance solutions, and enable customers to choose which region best suits their data governance needs. Each of these new SOCs adds the capacity to scan millions of IP addresses at once, significantly increasing Qualys' capabilities to support the largest organizations.

"This expansion of the Qualys Cloud Platform helps us better serve organizations across the globe and particularly within the EU and across Asia to compete in the new era of business, and increases our capacity to serve our North American customers," said Philippe Courtot, chairman and CEO, Qualys, Inc.

ServiceNow Resolves Real Security Threats Fast

Grazed from ServiceNow

ServiceNow, the enterprise cloud company, today announced integrations from leading cybersecurity companies into ServiceNow Security Operations solution. With ServiceNow customers can prioritize threats and use a structured response engine to resolve real security threats fast. Now security analysts can easily enrich threat information, map those threats to the underlying business service at risk, and easily collaborate with IT to automatically resolve them. This replaces the manual, slow and ineffective back-and-forth resolution process of the past.

While enterprises have invested heavily in protection and detection tools, security response is often left unaddressed. Determining whether an alert constitutes an actual threat can take hours. Security analysts use email, phone calls and spreadsheets to coordinate remediation with IT teams. These manual processes are error-prone and unwieldy, leading to lengthy breach containment times of 70 days on average, according to the Ponemon Institute.

ServiceNow Security Operations replaces the manual work patterns of the past with intelligent workflows of the future and just added several new automation integrations from leading security vendors. In as little as 20 seconds, Security Operations automatically enriches each security incident with threat intelligence, including information from potentially affected endpoints. This allows security analysts to spend less time on researching problems and to get to resolution faster. In addition, ServiceNow Security Operations eliminates the need for manual data collection by automatically generating a post-incident report for later analysis, reporting or audit.

Threat Stack Launches New Packaging Model to Scale with Customers' Cloud Security Maturity

Grazed from Threat Stack

Threat Stack, the leader in cloud-native security and compliance management, today announced the launch of its new packaging model for the Threat Stack Cloud Security Platform (CSP), strengthening the company's commitment to customers of all sizes throughout their cloud maturity. Each package is custom built to align with three Cloud Security Maturity phases: Auditing the environment; Continuously monitoring and alerting; Investigating events and remediation. This new model enables the security of a customer's journey from just getting started in the cloud to an approach focused on analysis, investigation and remediation.

"Traditionally companies amass several tools as security maturity evolves over time, becoming costly and resource intensive," said Brian M. Ahern, Chairman and CEO, Threat Stack. "The new Threat Stack Cloud Security Platform® packaging is designed to enhance security visibility, reduce operating costs and maximize company resources through flexible package selection aligning with company security maturity and infrastructure security requirements."

Threat Stack CSP is now available in three package options:

Cloud Security is Top Priority for IT in 2017 Says CompuCom Survey

Grazed from CompuCom Systems, Inc.

According to a new survey from CompuCom Systems, Inc. ("CompuCom"), a leading technology infrastructure services company, nearly half of IT professionals surveyed (47 percent) believe that cloud security is the most important technology for their organization this year, over Internet of Things (IoT), data analytics, third-party software support and robotics process automation (RPA). The online poll collected responses from 662 IT professionals across multiple industries from November 9, 2016 - January 12, 2017.

The cloud computing market is susceptible to threats including data breaches, data loss and insecure application programming interfaces (APIs). The world cloud security market is expected to reach $8.9 billion by 2020, according to a report by Allied Market Research, with a CAGR Of 23.5 percent from 2015 to 2020.

Bluelock Helps Clients Secure Cloud-Based Environments and Reduce Auditing Stress With Its Latest Portal Enhancements

Grazed from BlueLock

Bluelock, provider of Disaster Recovery-as-a-Service (DRaaS) for complex environments and sensitive data, is expanding its IT security footprint with a new series of features to enhance clients' overall security posture. The first of these initiatives is the launch of a comprehensive dashboard that increases visibility and auditability across clients' security services.

As cybersecurity threats continue to grow in the digital age, Bluelock Portfolio provides clients visibility into the depth of security with which their applications and services are guarded, with the ability to easily add additional protection services. Clients can access a comprehensive, searchable log of those who have accessed and modified systems, as well as quickly request documents for response to auditors.

Armor Named to 'Watch List' in Momentum Partners' 'Cybersecurity Market Review'

Grazed from Armor

Armor, a leading provider of managed cloud security, has been named by Momentum Partners, an advisor and dealmaker in cybersecurity, to Momentum's Watch List: Q4 2016. Each quarter Momentum identifies ten companies after carefully weighing feedback from their industry network and considering a variety of growth and innovation factors.

"Last year was significant in terms of expanding our product set to encompass an offering that would help our customers fulfill their shared security obligation on public cloud platforms," said Jared Day, president, Armor. "In addition to our secure hosting offering, we now provide a comprehensive approach to protecting a variety of cloud and virtualized environments. Being included in this list reinforces Armor's strategic direction and we look forward to sustaining and accelerating this momentum even further as we enter 2017."

 

Zscaler Attains EU-U.S. Privacy Shield Certification

Grazed from Zscaler, Inc.

Zscaler, Inc., the leading cloud security company, announced today that effective November 23, 2016, it has become certified under the EU-U.S. Privacy Shield Certification Framework (the "Privacy Shield"). Zscaler customers can be assured that any personal data transferred from the EU to the United States will be protected by the safeguards set by the Privacy Shield and fully compliant under EU law.

Following the invalidation of the Safe Harbor Framework, the Privacy Shield was jointly designed and approved by the U.S. Department of Commerce and the European Commission in July 2016 to provide companies with a mechanism to comply with EU data protection requirements when transferring personal data from the EU to the United States in support of transatlantic commerce.

CloudPassage Announces Slack Integration for Halo

Grazed from CloudPassage

CloudPassage today announced the release of a Slack integration toolkit for Halo, the company’s award-winning automated security platform. The open source community-supported tool, called Don-Bot, lets people use Slack to communicate with Halo using natural language queries and get replies as if Halo were another Slack user. Thousands of teams large and small including many DevOps and IT security personnel have made Slack their communication medium of choice. Implementing Don-Bot helps them streamline workflows and work more efficiently.

“Slack’s speed and convenience help DevOps teams communicate; now Don-Bot will help them work more efficiently,” said Sami Laine, principal technologist, CloudPassage. “The Slack integration provides users easy access to the most essential functions of Halo.”

Google launches cloud-based key management with new service

Grazed from CloudTech. Author: James Bourne.

Google has announced the launch of Cloud Key Management Service (KMS), which enables admins to manage their encryption keys in Google Cloud Platform without maintaining an on-premise management system. The news marks Google’s entry into this particular security arena, following Amazon Web Services (AWS) and Microsoft who launched such initiatives as far back as 2014 and 2015 respectively.

“Customers in regulated industries, such as financial services and healthcare, value hosted key management services for the ease of use and peace of mind that they provide,” wrote Maya Kaczorowski, Google Cloud Platform product manager in a blog post. “Cloud KMS offers a cloud-based root of trust that you can monitor and audit...

Dome9 Adds Native Support for Microsoft Azure, Enabling Unified Multi-Cloud Enterprise Security

Grazed from Dome9 Security

Dome9 Security, a leader in cloud infrastructure security, today announced native support for the Microsoft Azure public cloud platform. With this release, Dome9's Infrastructure-as-a-Service (IaaS) security platform provides built-in, API-enabled integration with Azure, the public cloud of choice for many global enterprises. Azure customers can now leverage the powerful control fabric offered by the Dome9 Arc platform to manage security and compliance across their Azure and Amazon Web Services (AWS) cloud infrastructure environments.

The Dome9 Arc platform allows security and operations teams to visualize the network security posture and exposure levels by analyzing network security groups and attached network-based assets like virtual machines, load balancers, and database services in their Azure environments. Customers can detect and audit changes to security policies across Azure subscriptions and regions, correlate security events in the Azure Security Center, and continuously monitor their state of compliance. This enables security operations teams to quickly identify and proactively resolve misconfigurations and vulnerabilities that could lead to downtime or costly breaches.