Cybersecurity

RedLock, Barracuda Join Forces to Help Organizations With a Cloud Threat Defense Strategy

Grazed from RedLock and Barracuda

RedLock, the Cloud Threat Defense company, and Barracuda Networks Inc., a provider of cloud-enabled security and data protection solutions, today announced their joint efforts to help organizations fulfill their responsibilities in securing public cloud environments. The joint-solution approach offers enterprises the ability to implement a broad Cloud Threat Defense strategy across Amazon Web Services, Microsoft Azure, and Google Cloud environments that aligns with the National Institute of Standards and Technology's Cybersecurity Framework (NIST CSF). The two companies plan several go-to-market initiatives, including joint sales efforts, joint product demonstrations and joint solution collateral development.

"RedLock and Barracuda products fit together to address the security challenges in public cloud computing environments," said Varun Badhwar, CEO and co-founder at RedLock. "The solutions assist enterprises with addressing the four functions of NIST CSF, which include identifying assets, protecting against threats, detecting security events, and responding to incidents. We're privileged to work with Barracuda in helping organizations obtain the benefits of public cloud computing."

Portnox Brings Increased Network Visibility and Enforcement with TrapX Integration

Grazed from Portnox

Portnox, a market leader for network visibility, access control and device risk management solutions, and TrapX Security, the global leader in deception-based advanced cyber-security defense, announced today the integration of Portnox's cloud-based and on-premise network access control (NAC) solutions, Portnox CLEAR and Portnox CORE, with TrapX's DeceptionGrid product. The joint solution will give customers the ability to detect unauthorized activity on the network, as well as enforce security policies in real time.

The integration of Portnox's solutions with DeceptionGrid provides CISOs, CSOs, IT teams and network administrators with a complete view of the network, as well as increased visibility into devices - including BYOD, Internet of Things (IoT), mobile and managed devices, anywhere in the world. As DeceptionGrid identifies threats, it shares that information with Portnox to either allow or restrict device access. Portnox generates unique risk scores for each device based on whether a device is on or off premise, over wired, VPN or wireless networks and creates accurate risk profiles and authenticates devices according to score.

Ovum Places Ericom Shield "On the Radar" for Secure Browsing

Grazed from Ericom Software

Ericom Software announced today that leading global analyst firm Ovum has chosen to cover Ericom Shield in its "On the Radar" series. Ericom Shield leverages strong remote browser isolation technology to protect organizations against known and unknown web-borne threats including ransomware, drive-by downloads, zero-day attacks, and crypto-jacking.  

According to Ovum, every "organization with an online presence is susceptible to attack and their systems can be put at risk to browser-borne malware." In the "On the Radar: Ericom Shield provides secure browsing facilities" report, Ovum recommends Ericom Shield as an additional layer of protection against malware that "penetrates and attaches itself to business systems via inadequately protected browsers", in conjunction with firewalls, URL filtering and other traditional protection tools.

Ovum singles out Ericom Shield's centrally managed design, which requires "no on-browser or on-device software" as a key advantage of the solution. The report also highlights the pre-integrated content disarm and reconstruction (CDR) tools that are included in Ericom Shield, which sanitize files of potential malware before they are downloaded from the internet to endpoints.

Protecting Your Organization's Cloud

As organizations move to the cloud, the next evolution of Network Access Control takes shape to meet business demands.
 

What are the chances that your organization has moved some of its data, systems, programs and applications to the cloud? Quite high. According to a Synergy Research survey of IT professionals, spending on private cloud and cloud-enabled solutions grew by 16% between the second quarters of 2015 to 2017. During that same period, traditional, non-cloud data center hardware and software dropped 18%. It is easy to understand why these days, cyber security threats are coming in through many new channels and vulnerabilities that are not part of the traditional IT infrastructure such as, mobile devices and cloud-based applications. The following prevalent trends in the enterprise highlight why it is essential to monitor your network with a Cloud Network Access Control (Cloud-Based NAC). 

Company Networks Go Global

Organizations are becoming perimeter-less. Traditional IT perimeters have been torn down by the adoption of BYOD, IoT devices, telecommuting and cloud computing. Therefore, one can no longer look at the network as a defined infrastructure within a physical firewall. The network is essentially global without boundaries. According to a Gallop News Service poll from 2015, 37% of U.S. workers had telecommuted for work, and this was up by 30% from the last decade but four times greater than the 9% found in 1995. Perimeter-less companies require continuous risk-monitoring and risk-assessment that can match the ever increasing mobile and cloud-based reality and this can be performed best via the cloud. 

WhiteHat Security Delivers New Crash Course Series to Grow AppSec Expertise

Written by David Marshall

Today, WhiteHat Security, leading application security provider, launched its "Crash Course" series, which includes three webinars run by Kimberly Chung, who runs the Threat Research Center's WhiteHat Academy.

"WhiteHat has made a major commitment to educating and training the wider security and developer community. The WCSD program, Crash Course series and on-demand technical webinars-all provided for free-- demonstrate the company's long-term commitment to supporting industry professionals and helping them fulfill their potential," commented Eric Sheridan, chief scientist at WhiteHat and leader of the WCSD program.

The series complements the successful WhiteHat Certified Secure Developer (WCSD) program, which has enrolled more than 3,300 people and certified more than 500 developers in 2017 alone. The series is specifically tailored for application developers, security analysts, architects, managers or auditors and any security professionals interested in learning how web application security is key to vulnerability management. 
 

2 Ways To Keep Your Business More Secure

While it may be impossible to remain 100% protected at all times, it is increasingly important that every company is making the most of its security. The growing threat of cybercrime means that alongside the huge number of benefits that the internet offers, it also comes with some substantial risks. It is this reason why it has never been more important that you look at your online security and critically view it regarding its strengths. Identifying your weak security points is the first stage of addressing them, so here are the key ways that you can assess your business security and help to keep your business much more secure. 

Bitdefender Launches High Performance Virtualization Security for MSPs

Grazed from Bitdefender

Bitdefender, a leading global cybersecurity technology company protecting 500 million users worldwide, today announced its Security for Virtualized Environments (SVE) is now available for MSPs. Expressly designed to help service providers protect their customers' virtual desktops and servers without slowing performance or affecting users, it delivers full-fledged, multi-layered defense, including machine learning, anti-exploit and continuous process monitoring, all within a lightweight footprint.

To ensure maximum performance and protection, Bitdefender's SVE for MSPs offers a highly resilient virtual machine (VM) security architecture that offloads scanning to hardened, virtual appliances with load balancing and failover capabilities. Available as a monthly-billed service, it addresses challenges related to poor performance and user experience, inefficient security management, VM security and compliance gaps, which MSPs have been struggling with for years.

New Cloud Security Report Reveals Rising Cybersecurity Concerns and Lack of Expertise

Crowd Research Partners today released the 2018 Cloud Security Report revealing that security concerns are on the rise, exacerbated by a lack of qualified security staff and outdated security tools - while data breaches are at an all-time high.

Download the complete 2018 Cloud Security Report here.

"While workloads continue to move into the cloud, the study reveals that cloud security concerns are on the rise again, reversing a multi-year trend," said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn which commissioned the study. "With half of organizations predicting a rise in cloud security budgets, protecting today's cloud environments require more and better trained security professionals and innovative, cloud-native security solutions to address the concerns of unauthorized access, data and privacy loss, and compliance in the cloud."

Key takeaways from the report include:

Limelight Networks Helps Companies Defend against Cyber Threats with New Bot Management Solution

Grazed from Limelight Networks

With cyberattacks increasing in scope, sophistication and frequency, Limelight Networks, Inc., a global leader in digital content delivery, today announced a new Advanced Bot Manager option for its Limelight Web Application Firewall (WAF) solution for protecting digital content.

Global internet traffic generated from bots is higher than human-generated traffic, according to Mary Meeker's annual internet trends report. And more than half of bots are malevolent and engaging in destructive activities such as seeking vulnerabilities on websites and committing fraud, stealing corporate and personal data, and launching DDoS attacks. At the same time, the internet depends on beneficial bots that power search engines and digital assistants.

Box and Palo Alto Networks Strengthen Integration to Protect the Extended Enterprise

Grazed from Box and Palo Alto Networks

Box, a leader in cloud content management, and Palo Alto Networks, the next-generation security company, today announced the expansion of their existing integration to now automatically classify sensitive content and enforce policies to prevent users from accidentally or intentionally sharing confidential information.

The integration, offered through Box Governance, is the result of partnerships between Box and Palo Alto Networks, as well as other cybersecurity industry leaders. Palo Alto Networks Aperture SaaS security service delivers complete visibility and granular enforcement across all user and data activity within enterprise SaaS applications like Box, providing detailed analysis and analytics on usage without requiring any additional hardware or software.