Cisco’s Ash Devata on the Future of Secure Access
Authentication used to be binary: I give you access or I don’t give you access. But with the rise of remote/hybrid work and the growing number of cloud applications in use, organizations need an even more precise approach to authentication, says Ash Devata, vice-president and general manager of Cisco Zero Trust and Duo Security. “Every…
Twitter Fined $150M for Security Data Misuse
The Federal Trade Commission (FTC) has issued a $150 million fine against Twitter for misrepresenting its security and privacy practices. The FTC, in cooperation with the Department of Justice (DoJ), says that Twitter has been using the email addresses and phone numbers it collects from users to enable two-factor authentication to serve targeted advertising. In…
Tidelift Raises $27 Million to Tackle Open Source Supply Chain Security
High profile supply chain attacks like SolarWinds, Kaseya, Codecov, ua-parser-js and Log4j have put pressure on companies and governments to address the risks associated with open source and other software supply chain risks. President Biden’s May 2021 Executive Order includes supply chain attacks as an area of concern. More recently, on January 13, 2022, a…
Application Security Firm ForAllSecure Raises $21 Million
The funding round was co-led by Koch Disruptive Technologies (KDT) and New Enterprise Associates (NEA). Founded a decade ago, ForAllSecure is focused on automating software testing to improve security, and already serves Fortune 1000 companies in sectors such as aerospace, automotive, and high-tech, as well as the US military. Named Mayhem, the company’s autonomous security…
HelpSystems to Acquire MDR Services Firm Alert Logic
Terms of the agreement were not disclosed The company’s MDR solution augments customers’ existing cybersecurity resources to protect on-premise, cloud, SaaS, and hybrid environments, and meet regulatory requirements, including PCI DSS, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2, NIST 800-171 and 800-53, ISO 27001, COBIT, and more. Houston, Texas-based Alert Logic, which claims more than…
Darktrace Artificial Intelligence Stops Cyberattack at Italian Electronics Distributor
Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology, Antigena, successfully took action to stop a cyber-attack exploiting a GitLab vulnerability for the purposes of running crypto-mining malware at a major Italian electronics distributor. The GitLab vulnerability, which has been well reported, allows attackers to run arbitrary commands, including…
Dynatrace Launches DevSecOps Automation Alliance Partner Program
Software intelligence company Dynatrace (NYSE: DT) today announced the launch of its DevSecOps Automation Partner Program. This enables alliance and solution partners to extend the capabilities of their DevSecOps offerings through seamless integrations with the Dynatrace® platform. The program also provides DevSecOps teams with easy access to more than a dozen leading solutions, including Bitbucket,…
Google Cuts User Account Compromises in Half With Simple Change
More than 150 million Google users have seen their chance of compromise drop by half following the adoption of two-step verification, a process where users logging in to a Google service will be asked to respond to a push notification sent to a second device, the company said today. The result is an early sign…
When Multifactor Authentication Is Compromised: Fighting Back With AI
Multifactor authentication (MFA) became mainstream in 2021. Google began pushing to make MFA its default for all users. The Biden administration even required all federal agencies and contractors to implement MFA in its Executive Order on Improving the Nation’s Cybersecurity. MFA adds in extra layers of verifying a user’s identity so that attackers cannot compromise…
Keeper Security Acquires Glyptodon
Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software covering password management, dark web monitoring, digital file storage and messaging, today announced the acquisition of Glyptodon, the creator of Glyptodon Enterprise, a remote access gateway which provides DevOps and IT teams with effortless access to RDP, SSH, VNC and Kubernetes endpoints through a…
