Search results for: software


Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks

A coalition of cybersecurity and technology leaders announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema Framework (OCSF) project, revealed at Black Hat USA 2022, will help organizations detect, investigate and stop cyberattacks faster and more effectively. The OCSF project was conceived and initiated by AWS and Splunk, building upon the ICD Schema work done at Symantec, a division of Broadcom. The OCSF includes contributions from 15 … More


Kajeet and Samsung join forces to deliver 5G private network solutions

Kajeet has joined forces with Samsung Electronics America to deploy Kajeet’s Smart Private 5G Platform with Samsung’s Citizens Broadband Radio Service (CBRS) solutions. With this agreement, Kajeet becomes an authorized distributor of Samsung’s private RAN solutions in the U.S. The companies will collaborate to deploy 5G-ready solutions that bring next-generation services to a wide range of enterprises and public service organizations. This includes delivery of Samsung’s 5G-ready CBRS network solutions to industries where Kajeet has … More


Zentera Systems appoints Stephanie Fohn and Sreeni Kancharla to its Advisory Board

Zentera Systems board of directors has named Stephanie Fohn and Sreeni Kancharla to its advisory board. Together they bring business and technical acumen and years of security experience to Zentera. “Stephanie and Sreeni are each well-respected in the cybersecurity community for their technical expertise and accomplishments,” said Jaushin Lee, president and CEO of Zentera. “We are excited to have them join us to contribute to the next phase of our global expansion and product evolution.” … More


Deepfence ThreatMapper 1.4 empowers organizations to visualize cloud native threat landscape

Today, at Black Hat USA 2022, Deepfence announced the 1.4 release of its open source project ThreatMapper, cloud native offering that expands attack path visualization, adds cloud security posture management, and now includes the cloud native, YARA-based malware scanner. ThreatMapper is an open platform for scanning, mapping, and ranking vulnerabilities in running pods, images, hosts, and repositories. ThreatMapper scans for known and unknown vulnerabilities, secrets, cloud misconfigurations and then puts those findings in context. With … More


Gurucul’s poly-cloud and multi-cloud offering accelerates security teams’ ability to mitigate threats

In Las Vegas, at Black Hat USA 2022, Gurucul announced advanced Poly-Cloud architecture support, enhanced multi-cloud deployments, and cross-cloud detection and response across all common cloud stacks including Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Gurucul supports best of breed cross-cloud services for improved user experience, flexibility, availability, and reduced cost for faster detection and response and blazing fast searches for better threat hunting. Gurucul’s poly-cloud support allows organizations to be cloud-agnostic without … More


Veracode platform enhancements improve developers’ ability to secure software supply chains

At Black Hat USA 2022, Veracode announced the enhancement of its Continuous Software Security Platform with substantial improvements to its integrated developer experience. New features include extended integrations to support software composition analysis (SCA), a software bill of materials (SBOM) Application Programming Interface (API), and additional language and framework support for static analysis, further enhancing developers’ ability to secure software in the environments where they work. Brian Roche, Chief Product Officer at Veracode, said, “Modern … More


Cycode’s new software supply chain features identify vulnerabilities in all phases of the SDLC

Cycode has launched its software composition analysis (SCA) solution and the expansion of its platform to add static application security testing (SAST) and container scanning. Cycode’s platform makes AppSec tools better through its Knowledge Graph, which provides context of the software development lifecycle (SDLC) to improve accuracy and reduce mean-time-to-remediation (MTTR). Cycode’s capabilities have moved beyond existing solutions in terms of breadth and depth, while also providing net new capabilities, like Pipeline Composition Analysis to … More

cybersecurity investments

AppOmni receives funding from Cisco Investments to expand SaaS coverage

AppOmni announced that Cisco Investments has made a strategic investment in the company. This investment will help propel product development and accelerate the company’s roadmap. AppOmni is expanding its security capabilities to cover additional SaaS applications including Snowflake, HubSpot, Cisco’s Duo Security, and Veeva. The company is also adding functionality to the AppOmni Developer Platform, which enables universal coverage for any SaaS application or custom application and is currently in use by both customers and … More


SecurityScorecard provides a combination of services and platform to help CISOs manage cybersecurity risks

At Black Hat USA 2022, SecurityScorecard announced the integration of its Professional Services offering with its ratings platform to provide a single point of orchestration to manage cybersecurity risks. SecurityScorecard’s Professional Services team can help any customer manage cybersecurity risk in concert with the industry’s largest and most comprehensive global, cyber risk data set, setting the industry standard for how cyber risk is quantified, measured and reduced. SecurityScorecard delivers strategic, proactive and acute-scenario services paired … More

Kunal Modasiya

The challenges of managing the modern external attack surface

Qualys recently added External Attack Surface Management (EASM) capabilities to the Qualys Cloud Platform. In this interview for Help Net Security, Kunal Modasiya, VP of Product Management at Qualys, discusses how the new component, integrated into CyberSecurity Asset Management 2.0, adds the external attacker view to identify previously unknown internet-facing assets for a complete and accurate picture of the enterprise attack surface. What do the External Attack Surface Management (EASM) capabilities in the Qualys Cloud … More


36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet

A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking Cyber Risk and Readiness report has shown. Whether intentional or accidental, these exposures broaden the attack surface of any organization by providing cyberattackers an easy entry point into the network. Since the Russian invasion of Ukraine, governments and security experts around the world have noticed a significant increase in cyberattack activity. The … More