CoreStack and Nirmata Secure Kubernetes

Nirmata, a software solutions provider for policy-based security and automation of production Kubernetes workloads and clusters, and creators of Kyverno, the leading policy engine designed for Kubernetes, revealed their strategic partnership with CoreStack, an AI-powered next-generation multi-cloud governance solution. CoreStack and Nirmata Collaboration Secure Kubernetes. The CoreStack platform includes a well-architected architecture for multi-cloud governance and as well as robust SecOps, FinOps, and CloudOps solutions. This agreement will enable and enhance CoreStack to secure Kubernetes resources with autonomous security and compliance governance.

Customers can use CoreStack’s SecOps solution to achieve security, compliance, improve cloud operational efficiencies, and lower costs. It is a strong tool that allows businesses to self-manage security operations and maintains continual cloud compliance with changing regulatory and business principles.

The Vice President of Strategic Alliances at CoreStack, Parul Chheda, stated, “In today’s cloud-first world, governing security operations proactively and autonomously is of paramount importance to build a secure, compliant, and resilient cloud. We are thrilled to partner with Nirmata to extend our robust SecOps offering to autonomously govern security and compliance for Kubernetes containers.”

The Nirmata Kubernetes Policy Manager uses policy-as-code, admission controls, and runtime best practices to ensure continuous compliance. Nirmata automates the construction, deployment, and lifecycle management of policy-based Intelligent Guardrails, allowing Kubernetes DevSecOps teams to assure the security, compliance, and operational readiness of their Kubernetes workloads and clusters. CoreStack and Nirmata Collaboration Secure Kubernetes. A customer receives insights, alerts, and reports, which also enable effective collaboration across development and operations teams, by automating the creation, deployment, and lifecycle management of policy-based Intelligent Guardrails.

Co-founder and VP of Products, Nirmata, Ritesh Patel, commented, “Businesses are challenged with application reliability, security, and efficiency. DevSecOps teams need to gain visibility into Kubernetes clusters and implement necessary guardrails as the organization scales. We have partnered with CoreStack to leverage their next-gen SecOps solution to address this at scale, given the complexity of cloud-native environments.”

Viakoo Launched Device Certificate Manager

To help enterprises expand Zero Trust to IoT Networks, Viakoo, the leader in IoT vulnerability remediation, launched Device Certificate Manager (DCM) as an addition to the Viakoo Action Platform. DCM can use 802.1x certificates to authenticate devices and TLS certificates to encrypt traffic. Automating the IoT certificate process ensures that approved IoT devices maintain consistent and secure network connectivity.

Organizations can achieve Zero Trust for their IoT infrastructure at scale with Viakoo DCM automation while improving efficiency. All software modifications, zero-trust certificate provisioning and administration, and password enforcement are managed by the Viakoo Action Platform, an automated, agentless, and scalable solution for enterprise IoT device rehabilitation and repatriation. It not only fixes IoT device vulnerabilities but also allows them to reconnect to the corporate network in a secure manner.

The CEO, and Founder of Viakoo, Bud Broomhead stated, “As more and more organizations leverage the power of IoT devices, the IoT attack surface simultaneously expands. Deploying certificates manually device by device across geographies and vendor systems is not efficient or secure. We’re at a point where it’s essential to automate IoT security processes to contend with the scale of these environments.”

In today’s rapidly developing IoT settings the process of installing and maintaining certificates for multiple IoT devices from several suppliers across countries is not feasible. Enumerable organizations protect their networks by manually verifying that every device connected to the network has valid 802.1x and TLS certificates. At nearly any scale, the Viakoo Action Platform with DCM provides centralized, automated, full life cycle management for 802.1x and TLS certificates.

Security Automation & Orchestration (SOAR)

What is SOAR?

SOAR (Security Orchestration, Automation, and Response) is a set of software solutions and tools that allow businesses to automate security operations in three major areas: threat and vulnerability management, information security, and cybersecurity automation.

Security automation, to put it another way, is the automated management of security operations-related duties. It is the process of carrying out these duties without the need for human interaction, such as scanning for vulnerabilities or looking for logs. A way of connecting security tools and combining diverse security systems is known as security orchestration. It is the interconnected layer that automates security operations and streamlines security activities.

Why is SOAR important?

Your security staff is most likely drowning in a sea of notifications, many of which are false positives or repetitions of earlier alarms. Each week, the average security team receives upwards of 175,000 notifications. There are very genuine hazards hidden among all that noise, many of which go completely unnoticed if security experts manually handle each one.

That’s where SOAR comes in, freeing up your security team to focus on more essential tasks by automating many of the repetitive, monotonous tasks.

SOAR enables you to:

  • Make security, IT operations, and threat intelligence tools work seamlessly. To reach a more thorough degree of data collecting and analysis, you can integrate all of your different security solutions – even ones from different suppliers. Security teams can no longer juggle many consoles and tools.
  • See everything on one site. Your security team has access to a single console that contains all of the data it requires to investigate and resolve incidents. Security teams can obtain all of the information they require in one location.
  • Quick response to incidents. SOARs have been shown to decrease the meantime to detect (MTTD) and the meantime to respond (MTTR). A substantial percentage of events may be dealt with instantly and automatically because many actions are automated.
  • Prevent time-consuming activities. SOAR helps security analysts save time by reducing false positives, repetitive jobs, and manual processes.
  • Gain access to more information. SOAR solutions combine and evaluate data from threat intelligence platforms, firewalls, intrusion detection systems, SIEMs, and other technologies, providing additional insight and context to your security team. This makes resolving concerns and improving processes much easy. When problems develop, analysts are better able to undertake deeper and broader investigations.
  • Improve communication and reporting. Stakeholders can get all the information they need, including clear analytics that helps them find ways to enhance workflows and minimize reaction times because all security operations activities are pooled in one location and displayed in intuitive dashboards.
  • Boost capacity to make decisions. SOAR platforms seek to be user-friendly, even for less experienced security analysts, because they may include features such as pre-built playbooks, drag-and-drop functions for creating playbooks from scratch, and automated alert prioritizing. A SOAR tool can also collect data and provide insights that make it easier for analysts to review issues and perform the appropriate remediation activities.

What are some examples of SOAR applications?

Before you start talking to vendors regarding SOAR platforms, consider how your company will use the solution. Use cases should highlight your biggest problems and show how technology can help you solve them. The typical use cases vary greatly depending on your industry. Here are some ideas to get you thinking about how you could implement SOAR in your own company.

  1. Automated incident response to combat cyberattacks: SOAR platforms can automatically detect and investigate the sources of these types of attacks. They may, for example, detect and evaluate a suspected phishing email, search for copies elsewhere on the network, quarantine or destroy them, and block IP addresses and URLs to prevent these dangerous emails from reaching other people’s inboxes.
  2. Threat hunting: Security teams typically spend hours each day responding with a flood of alerts, leaving little time for threat hunting, investigation, and long-term planning. Many previously known malicious risks are promptly addressed thanks to automation, giving security professionals more time to work on projects that improve overall network security.
  3. Improving overall vulnerability management: A SOAR solution can help your security team prioritize and manage the risk posed by newly found vulnerabilities in your environment. As a result, they may be proactive, obtaining more information on weak points and properly researching them, while also putting measures in place to prevent breaches or other threats.

The Bottom Line

SOAR optimizes security operations

SOAR allows you to shift from a reactive to a proactive strategy by relieving your team of false positives, recurrent alerts, and low-risk cautions. Rather than putting out fires, security analysts may put their skills and considerable training to greater use, thereby boosting the overall security posture of your company. It’s feasible to accomplish more in less time with efficient security orchestration, automation, and response (SOAR) solutions while still allowing for human decision-making when it’s most important.

Immuta Announced the SaaS for Modern Data Stacks

Immuta SaaS allows data teams to automate data access control throughout their cloud data systems while avoiding maintenance and infrastructure expenses.

Immuta, the leading company in universal cloud data access control, announced  the availability of Immuta software as a service (SaaS) deployment. Immuta SaaS, which recently obtained SOC 2 Type 2 Certification, allows data teams to automate data access control while removing the need for self-management and deployment maintenance.

Immuta’s SaaS deployment is a managed cloud service designed to boost data security by allowing data teams to register data from one or more cloud data systems and be fully functional within minutes, ensuring clients a 99.9 percent SLA uptime for core functions.

Immuta’s SaaS deployment is currently available in North America and EMEA for Snowflake, Azure Synapse, Amazon Redshift, Databricks, Starburst, and Google BigQuery and Trino, with Google BigQuery and Trino coming soon. It includes Immuta’s full suite of capabilities, including:

  • Universal data cloud compatibility
  • Scalable, attribute-based access controls
  • Dynamic policy enforcement and auditing

Data masking, anonymization, and advanced privacy-enhancing technologies (PETs)

“We’re seeing huge demand from global customers who are migrating data analytics to the cloud and looking for a fully hosted data access control platform that enables them to establish controls for sensitive data to meet their regulatory and internal security requirements. Immuta’s SaaS deployment offers customers the opportunity to experience the power of fine-grained data access control and unlock the full potential of their data safely and securely with zero maintenance or infrastructure costs,” said Matt Carroll, CEO, Immuta.

PumpJack Dataworks is also one of Immuta’s early SaaS customers. They manage fan data for the NBA’s Dallas Mavericks and MLS’s Inter Miami CF.

“Our Customer Data Platform is tuned specifically for the sports industry to help teams, leagues, and federations unify and manage all of their fan data across their entire ecosystem. Our customers demand strict requirements across governance, user access controls, anonymization, and audit capabilities, ensuring that a layer of trust and protection is extended across their global fan communities. In this dynamic privacy environment, Immuta’s SaaS deployment enables us to provide the highest standards of protection for fan data,” said Tom Tercek, co-founder and chief strategy officer, Pumpjack Dataworks.

Billie, a fast-growing fintech organization based in Berlin that is reinventing how small-and-medium-sized businesses (SMBs) handle invoices, adopted Immuta’s SaaS deployment to rapidly automate data access control and data protection. According to Igor Chtivelband, Billie’s co-founder and VP of data and CRM, “If we didn’t have Immuta, then Billie’s expansion as a business wouldn’t be possible. I’m not sure how we could do it without Immuta.”

With Immuta’s SaaS deployment, users can start experiencing the power of dynamic, fine-grained access control faster than ever. A recent GigaOm report found that Immuta’s attribute-based access controls require 75x fewer policy changes and offer significant cost savings compared to competitive solutions. Immuta was also the first data access control solution to be included on Snowflake Partner Connect.

Billie, a Berlin-based fast-growing fintech company that is trying to reinvent how small and medium-sized businesses (SMBs) manage invoices, chose Immuta’s SaaS deployment to quickly automate data access control and data protection. “If we didn’t have Immuta, Billie’s expansion as a business wouldn’t be possible, I’m not sure how we’d manage without Immuta,” says Igor Chtivelband, Billie’s co-founder and VP of data and CRM.

With Immuta’s SaaS deployment, users can experience the intense power of dynamic, fine-grained access control faster than ever before.  Particularly in comparison to competing solutions, Immuta’s attribute-based access controls require 75 times fewer policy changes and provide significant cost savings, according to a recent GigaOm report. Snowflake Partner Connect featured Immuta as the first data access control solution.

Customers can begin with a free trial and quickly convert to a production deployment, making it simpler to handle complex use cases and enjoy maintenance-free deployment. Immuta’s fully containerized self-managed deployment option allows customers to control their own cloud system if they are unable to use Immuta SaaS.

Rezilion Secures $30 Million In Series A Funding to Automate DevSecOps

Rezilion, a cyber startup that uses automation to change DevSecOps, today received $30 million investment in Series A funding led by Guggenheim Investments. Current and former cybersecurity professionals and luminaries from Google, Microsoft, CrowdStrike, IBM, Cisco, PayPal, JP Morgan Chase, Nasdaq, eBay, Symantec, RedHat, RSA, and Tenable contributed to the round, as did new investment partners JVP and Kindred Capital.

With DevOps, code development has become fully automated, yet there is now a crippling bottleneck between engineering and security teams. Understanding, mitigating, and limiting the risk associated with the huge lines of code published by corporations every day is a constant problem, and it still involves extensive manual work by highly skilled engineers. As a result, businesses must choose between remaining secure and distributing products quickly.

Rezilion makes security as agile as DevOps by automating repetitive security bottlenecks. It is the only approach that significantly minimizes the amount of security effort necessary to deploy new digital products while maintaining the security of software platforms. Clients who use Rezilion’s vulnerability validation technology have decreased their patching backlog by more than 70% on average, freeing up important engineering resources to focus on product expansion.

“Rezilion’s product suite is a game changer for security teams. It creates a win-win, allowing companies to speed innovative products and features to market while enhancing their security posture. We believe Rezilion has created a truly compelling value proposition for security teams, one that greatly increases return on time while thoroughly protecting one’s core infrastructure,” said Rusty Parks, Senior Managing Director of Guggenheim Investments.

“At Rezilion, we are deeply committed to helping organizations drive their own innovation by reducing the resource drain, inaccuracies and operational friction created by manual security work. We know there’s never been a better time for organizations to experience what we call ‘trust in motion,’ or the peace of mind that comes from moving fast while staying safe and secure,” said Liran Tancman, co-founder and CEO of Rezilion. “

“Our technology brings developers and security teams together. This funding round will allow us to dramatically accelerate our vision by advancing product development and driving growth on a global scale,” says Shlomi Boutnaru, co-founder and CTO of Rezilion.

“Rezilion’s pioneering approach generates a host of benefits to meet the needs of CEOs, CIOs and CISOs, from expediting digital transformation, faster product rollouts and enhanced productivity and compliance to the adoption of state-of-the-art development best-practices and the guarantee of better security and improved ROI. Under the proven leadership of Liran and Shlomi, we look forward to expanding Rezilion’s markets and offerings to provide more value based on its unique technology,” stated Yoav Tzruya, General Partner at JVP.

The funds will be utilized to rapidly accelerate Rezilion’s go-to-market strategy, including partnering with other DevSecOps solution providers and expanding operations across the US and Europe. Additional product development attempts to bridge the gap between security and engineering, increasing the productivity of both teams so that software can be delivered on time and businesses can innovate more quickly.

Neosec raises $20.7 Million in Series A Funding To Protect APIs Against Business Abuse And Data Theft

Neosec announced that it has emerged out of stealth mode and closed a $20.7 million Series A funding round led by True Ventures, New Era Capital Partners, TLV, and SixThirty, as well as security gurus Mark Anderson, Gary Fish, Mickey Boodaei, Rakesh Loonkar, and Shailesh Rao.

The firm is taking a different approach than today’s traditional application security products, which often rely on signature-based approaches to secure a perimeter. Instead, Neosec uses known XDR (Extended Detection and Response) security approaches, such as precise behavioural analytics, to uncover vulnerabilities and business abuse hidden within APIs.

“Today’s new applications are all API-driven, which creates a new attack surface that puts business fundamentals at risk. Traditional application security techniques are scarcely relevant in a cloud and API-first world,” said Brian Sack, principal at TLV Partners.

APIs are the foundations of digital business, and they enable to accelerate innovation and software development by allowing organisations, partners, and services to communicate seamlessly. While several security solutions promise to secure APIs today, the majority rely on traditional signatures, allowing API calls to proceed without any practical checks of their usage. These systems have no way of detecting bad conduct in APIs, so they let authenticated clients engage with them as they see fit, presuming they’re safe and allowed. 

“Today, APIs contain both money and data as well as govern key interactions within a business and to customers, partners and suppliers. Every API is a window into an organization’s business systems and potentially exposes key business logic and processes. Ignoring this blind spot is no longer an option, so the need for a new approach to API security is critical,” said Puneet Agarwal, partner at True Ventures.

Neosec learns every API user’s and client’s baseline behaviour automatically, correlating and profiling different entities such as users, customers, business processes, and partners. It allows users to see, investigate, and hunt for threats utilizing precise timelines of each user entity’s activities.

“One of the greatest challenges facing cybersecurity is the severe lack of logical visibility and behavioral assessment of APIs. Existing technologies were not created to address the incredible exposure organizations now have through their APIs. We created an entirely new approach based on data analytics to provide a complete understanding of all API interactions. It is fully automated, SaaS delivered and able to protect increasing exposure through digital business,” said Engel.

Black Kite Introduced Aviator Partner Program to Expand Deployment Cyber Risk Ratings Solutions

Black Kite launched the Black Kite Aviator partner program. Black kite is a recognized cyber risk ratings firm. Aviator allows IT solutions providers to expand their cyber risk services portfolio and assist clients in securing their supply chains. The Aviator program has reached an agreement with more than 50 companies.

Members of the Aviator partnership program will have rights to use Black Kite’s industry-leading platform, which streamlines third-party risk management, uses open-source intelligence and non-intrusive scans, provides automated and continuous monitoring, and measures third-party technical, financial, and compliance risk. Members of the program will also have access to Black Kite’s partner site, which has a repository of sales and marketing materials, a formal deal registration procedure, and other enablement tools.

“Every organization needs third-party risk visibility and a means of determining the financial, brand, and reputational costs,” said Paul Paget, CEO of Black Kite. “The Aviator partner program will make Black Kite’s unique cyber risk and ransomware rating tools available to companies in the healthcare, financial services, manufacturing, and automotive verticals.”

The Ransomware Susceptibility IndexTM (RSITM), the OpenFairTM Tool, and a scalable that system reduce vendor evaluation times from weeks to hours are among the cyber risk solutions offered by Black Kite.

The RSI is a tool that calculates incident susceptibility and detects ransomware-prone companies. The OpenFair System is the first automated risk-assessment software for C-suite executives that calculates the financial implications of cyber breaches in quantified, convenient commercial terms. The Black Kite software continuously monitors for modifications across 20 cybersecurity categories, keeping vendor risk evaluations up to date.

Hexa Data and Rampiva formed a strategic partnership in Latin America

Rampiva Global, LLC, a global software company developing automation, reporting and business process management software for data processing and review platforms, today announced a strategic partnership with Hexa Data S.R.L. (HexaData), a reseller and solution provider for leading technology products in the areas of digital forensics, mobile forensics, eDiscovery, cybersecurity, data deduplication systems, and network forensics based in Central and South America.

Rampiva Global, LLC (Rampiva), a leading technology firm specializing in automation, reporting and business process management software for data processing and review platforms, announced collaboration with Hexa Data S.R.L. (HexaData), a reseller and solution providing firm for technology products in the areas of digital forensics, eDiscovery, cybersecurity, mobile forensics, and data deduplication.

For digital forensics teams in South America, Rampiva Automate is a game changer: there is much more workload every day, and investments in process, automation, and reporting improve productivity.

Users can utilise Rampiva with the Nuix data processing engine to automate workflows, licencing management and reporting. Rampiva Automate will be used by HexaData’s clients in their digital forensics and eDiscovery environments to improve quality, speed to results, and process maturity.

HexaData, founded by Juan Carlos Jarandilla Torres, a Nuix alum, offers the competence to assist companies use automation to address problems.

“Rampiva Automate is a game changer for digital forensics teams in South America — there’s more work every day, and investments in process, automation, and reporting drive productivity,” said Torres.

“HexaData is an exciting partner for Rampiva. We founded Rampiva to help make digital forensics and data analytics more accessible. Juan Carlos’ tenure in the industry, HexaData’s consultative focus, and the priority they place on training aligns with our vision of enabling clients to harness the value of data,” shared Daniel Boteanu, CEO of Rampiva.

“This new partnership between Rampiva and HexaData is a great example of why Nuix invests in our Partner Ecosystem. Without partners like HexaData, our clients in Central and South America would struggle to evaluate and onboard technology partners like Rampiva. We’re excited to see the success of this new effort,” stated Chris Pogue, Head of Strategic Alliances.

DRT Cyber, a VersaBank subsidiary based in Washington, DC, has signed an agreement with EzoTech to expand its Cybersecurity offering with AI Penetration Testing

VersaBank announced that DRT Cyber Inc. (“DRT Cyber”), its wholly-owned Washington, DC-based subsidiary, has signed a reseller and development agreement with EzoTech Inc. (“EzoTech”), the creators of the world’s first AI-powered Autonomous cybersecurity penetration testing platform. Penetration testing is the process of imitating a cyber cyberattack on a company’s assets and infrastructure in order to find both strengths and vulnerabilities in security systems and processes so that real-world cyber attacks can be avoided.

DRT Cyber will expand its solutions to present and new customers throughout the United States, Canada, and Europe with an AI-powered, automated, on-demand penetration testing platform under the reseller component of the arrangement. DRT Cyber will use EzoTech’s advanced AI Cyber Security technology and prowess to develop and rollout what it anticipates to be the world’s first AI-powered, automated, and continuous cyber security posture reporting platform for businesses of all types and sizes, as part of the development component of the agreement.

“Our agreement with EzoTech is a significant step forward in our strategy to expand DRT Cyber’s suite of cybersecurity offerings to complement existing services to our clients, as well as attract new clients, as we leverage our acquisition of Digital Boundary Group (DBG) last November. DRT Cyber’s acquisition of DBG provided a tremendous platform to build one of the pre-eminent cybersecurity businesses in North America; DRT Cyber boasts a client roster of national and multinational corporations, as well as government entities, including infrastructure assets, numerous police departments in the U.S., national retailers, and many others.  The addition of AI-powered, automated penetration testing, followed by a continuous, automated cyber security reporting solution, designed for organizations large and small, will significantly help expand DRT’s client roster, as the identification of cyber security vulnerabilities moves to the top of the priority list for IT departments globally,” said David Taylor, President and CEO of VersaBank and DRT Cyber.

“We are very pleased to be working with the team at DRT Cyber. Our fully autonomous, AI-driven penetration testing platform is licensed and deployable in a number of ways: as a stand-alone testing platform, as an autonomous test in combination with manual testing resources, and also ultimately as the engine for continuous reporting at the executive and working levels, to deliver a high level of confidence to organizations that their systems, networks and assets are well positioned to thwart cyber threats that are growing globally at an accelerating rate,” said Xristos Silaidis, President and CEO, EzoTech. 

“Businesses, governments and other entities are especially vulnerable to cybersecurity breaches due to a number of factors including, but not limited to, continuous changes in infrastructure, patch management issues and incorrect or stale security configurations, all of which can result in unforeseen security consequences that may not be readily apparent. In today’s IT environment, in which systems are being continuously deployed, updated or moved, continuous cyber security testing is essential to ensure that an organization’s IT systems are resistant to adversarial attacks 24/7, every week of the year. Our goal is to provide an automated and continuous cyber security reporting solution that not only is best-in-class for large organizations but also fits the IT budgets for the mass market of small-to-mid-size businesses and government entities,” said Gurpreet Sahota, Chief Operating Officer, DRT Cyber. 

Alion, a cybersecurity and R&D firm, acquired by Huntington Ingalls for $1.7 billion

Huntington Ingalls, a shipbuilding and defence contractor, will pay $1.7 billion to acquire cybersecurity and research and development firm Alion.

Huntington said in a statement that the agreement will allow it to extend its work to support Navy simulation and training as well as military intelligence, surveillance, and reconnaissance activities.

Huntington Ingalls is the largest military shipbuilding business in the United States and provides professional services to the government and commercial sector. Its cybersecurity and digital intelligence practice has grown in response to increased demand from the federal government for such services.

Huntington’s technical solutions section, which was created in 2016 to concentrate on cybersecurity and autonomous systems, is likely to grow as a result of the deal, according to the company.

“Today’s announcement, coupled with our previous investments in leading-edge technologies, such as cybersecurity and autonomous systems, reflects our commitment to stay on the cutting edge of critical, high-growth national security solutions and generate significant long-term value for our shareholders,” said HII’s chief executive, Mike Petters.