Cloud Security

Cloud Security

Issued by: Dark Reading

In its fifth acquisition in 18 months, Snyk entered the cloud security sector via its announced acquisition today of cloud security and compliance firm Fugue. Snyk ultimately plans to fold Fugue’s cloud security posture and policy management technology into its Snyk Developer Security Platform. In the meantime, it will begin integrating Fugue’s technologies for DevSecOps,…

Cloud Security, Network Security

Issued by: Security Week

The Addison, TX-based company offers a SaaS-based, multi-tenant security analytics, operations and response platform that provides visibility and advanced detection and response. According to Securonix, the massive funding will allow it to make significant investments in talent acquisition across engineering, cloud operations, threats labs, and sales and marketing. “We solve a very tough problem that…

Software Security

Issued by: Security Week

“[The] community is defined by those who show up and do the work. Companies that build open source into their products rarely participate in their continued maintenance,” the ASF said in a position paper published ahead of a high-level White House meeting on open-source software security. “Only a tiny percentage of downstream companies (reusing the…

Malware & Threats

Issued by: Security Week

The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…

Application Security, Cloud Security, Network Security

Issued by: Security Week

With this transaction, Somerville, Mass.-based Recorded Future gets a direct entry into the competitive continuous Attack Surface Management (ASM) business and new technology to help organizations with real-time visibility into networks and servers exposed to malicious actors. The $65 million deal comes less than a year after Recorded Future announced an early-stage investment in SecurityTrails…

Application Security, Cloud Security, Vulnerabilities

Issued by: Security Week

Tracked as CVE-2021-22045 (CVSS score of 7.7), the security vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. In an advisory, VMWare said the security defect could be exploited by attackers with access to a virtual machine that has CD-ROM device emulation enabled. An attacker capable of combining the security error…

Cloud Security

Issued by: Security Week

Financial terms of the transaction were not released but reports out of Israel peg the price tag in the range of $500 million. Google plans to pair Siemplify’s SOAR technology with its own home-built Chronicle security analytics platform to “change the rules on how organizations hunt, detect, and respond to threats,” according to Sunil Potti,…

Network Security

Issued by: Security Week

The latest financing was led by WestCap, with additional investment from Dave DeWalt’s NightDragon. It comes exactly one year after the company (previously known White Ops) was acquired by the Goldman Sachs merchant banking division. HUMAN Security sells technology capable of differentiating between bots and human transactions on the internet, protecting enterprises from fraudulent e-commerce…