Search results for: software

People

Unearth offboarding risks before your employees say goodbye

Saying goodbye is never easy. That’s especially true when it comes to employee offboarding – but not due to sentimentality. In our increasingly digital workplace, offboarding interns, contractors or full-time employees too often ends up with them still having access to some applications and sensitive information after they leave companies. Our research has found that 76% of IT leaders believe offboarding is a significant security risk for their organization. Why? Because there are too many … More

Eileen Walther

Fine-tuning Germany’s cybersecurity strategy

Recently, Eileen Walther, Northwave’s Country Manager for Germany and specialized in information security, was elected the new Vice President of the Cyber Security Council Germany (Cyber-Sicherheitsrat Deutschland). Before joining Northwave, she was head of the Dutch High Tech Crime Team and strategic advisor at the German Federal Criminal Police Office (BKA – Bundeskriminalambt). The Cyber Security Council Germany was founded in August 2012. The Berlin-based association is politically neutral and advises companies, authorities and political … More

handshake

Pradeo acquires Yagaan, strengthens its cybersecurity services unification strategy

Pradeo, a global leader in mobile fleet and application security enters into exclusive negotiations for the acquisition of Yagaan, an application security software company based in France. Thus, the mobile security leader is strengthening his path towards unifying cybersecurity services by providing comprehensive expertise and solutions in the fast-growing mobile security market. In 2021, the global mobile security market was valued at $3.96 billion and the global application security market was valued at $6.95 billion, … More

security platform

Verica ProwlerPro SaaS strenghtens security posture for companies running software on AWS

Verica launched ProwlerPro SaaS, providing companies running software on AWS with free AWS security solution. ProwlerPro SaaS gives customers access to parallelized processing for faster results, preconfigured dashboards, and a holistic view of your infrastructure no matter the region you use. Engineers and developers can take advantage of the power of Prowler without having to install or operate it themselves through a convenient software as a service (SaaS) solution. ProwlerPro SaaS makes it easy to … More

security platform

Contrast Scan empowers developers to analyze front-end code for vulnerabilities

Contrast Security announced the expansion of its Secure Code Platform’s static application security testing (SAST) capabilities to include JavaScript language support along with support for Angular, React and jQuery frameworks, which will allow developers to find and fix security defects in their client-side code. With this new Contrast Scan addition, application security and development teams leveraging the Contrast Secure Code Platform can scale security across the entire application stack, from client-side to server-side, with speed … More

Money

Eclypsium raises $25 million to protect businesses from breaches through supply chains

Eclypsium has raised $25 million in Series B financing led by Ten Eleven Ventures, the original cybersecurity-focused, global, stage-agnostic investment firm. Global Brain’s KDDI Open Innovation Fund (KOIF) and J-Ventures are also participating investors in the round. New investors are joined in the round by prior lead investors Andreessen Horowitz and Madrona Venture Group, and existing investors Alumni Ventures, AV8 Ventures, Intel Capital, Mindset Ventures, Oregon Venture Fund (OVF), Translink Capital and Ubiquity Ventures. This … More

Acquisitions

ServiceNow acquires Era Software to extend unified observability workflows

ServiceNow announced it has signed an agreement to acquire observability and log management innovator, Era Software. Following ServiceNow’s acquisition of Lightstep in 2021, Era Software will help provide customers with a unified observability solution at scale. Customers will be able to gather actionable insights that deliver value across the business, all within a single solution purpose-built for the era of digital business. Observability is foundational to digital transformation as it provides developers with the necessary … More

CISA

CISA orders federal agencies to regularly perform IT asset discovery, vulnerability enumeration

A new directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) is ordering US federal civilian agencies to perform regular asset discovery and vulnerability enumeration, to better account for and protect the devices that reside on their networks. About the Directive “Over the past several years, CISA has been working urgently to gain greater visibility into risks facing federal civilian networks, a gap made clear by the intrusion campaign targeting SolarWinds devices,” the agency … More

Dissect framework

Dissect: Open-source framework for collecting, analyzing forensic data

A game changer in cyber incident response, the Dissect framework enables data acquisition on thousands of systems within hours, regardless of the nature and size of the IT environment to be investigated after an attack. Dissect framework development Fox-IT developed and has used Dissect over the past 10 years as a critical framework in incident response investigations for customers. Now it is available on GitHub to the security community as open source software to help … More

Nathan Hunstad

To avoid insider threats, try empathy

In this interview with Help Net Security, Nathan Hunstad, Deputy CISO at Code42, explains the importance of addressing insider threats, how to make sure your employees are aware of the problem and how to make them proactive. SOC analysts are well-prepared to deal with external threats. Why are internal threats more complex for them? Insider risk is a fundamentally different problem than malware or external threats for security teams, which means that protecting data from … More

CIS Controls v8

CIS Controls v8: Safeguards to mitigate the most prevalent cyber-attacks

The CIS Critical Security Controls (CIS Controls) are a prioritized set of safeguards to mitigate cyber-attacks against systems and networks. They are mapped to and referenced by multiple legal, regulatory, and policy frameworks. In this Help Net Security video, Joshua Franklin, Senior Cybersecurity Engineer at Center for Internet Security (CIS), discusses CIS Controls v8, enhanced to keep up with modern systems and software.

security platform

Pentest People SecurePortal 2.0 enables users to identify vulnerabilities as they appear

Pentest People, has made a number of senior appointments to support a range of new managed services. The company has also re-engineered its SecurePortal product to provide customers with continuous, cloud-based vulnerability monitoring and penetration testing as a service (PTaaS). Organizations commission Pentest People’s cybersecurity consultants to test their websites, applications and IT networks for any weaknesses that could allow cybercriminals to steal information, damage systems, or hold data to ransom. Consultants’ manual assessments are … More