BigID announces data deletion capabilities!

BigID, a leading data intelligence platform that enables businesses to understand their enterprise data and take action for privacy, security, and governance, today unveiled native data deletion capabilities that make it simple for businesses to swiftly and effectively delete sensitive and personal data from all of their data stores, including Snowflake, AWS S3, mySQL, Google Drive, Teradata, and others. 

Additionally, customers may use this new application to reduce attack surfaces, enhance data security posture, and comply with a number of privacy regulations while taking the required precautions to safeguard their data. 

BigID CISO Tyler Young  said, “Data deletion is typically an ‘I’ll do that later’ project – but as data volume explodes, it’s more critical than ever to be able to delete the right data at the right time – from the right systems and storage. BigID’s data deletion app changes the game, enabling data lifecycle management in a single platform so that companies can minimize their attack surface, achieve compliance, and improve their data hygiene.” 

Benefits of BigID’s data deletion are as follows: 

-          Accelerate data minimization initiatives  
-          Reduce cloud data risk  
-          Fulfill data deletion requests  
-          Initiate data deletion  

With BigID’s data intelligence platform organizations can learn about their company data and take action for privacy, security, and governance. BigID is used by customers to proactively find, manage, safeguard, and maximize the value of their regulated, sensitive, and personal data across their entire data environment. 

Read More : Cyble Partners With VirusTotal for Cybersecurity

Delinea released DevOps Secrets Vault enhancements

Delinea released the most recent version of its high-speed vault for DevOps and DevSecOps teams, DevOps Secrets Vault. In an effort to speed up development and increase visibility, the newest Mac computers are now supported for development and automation for improved secret management usability.  

Jason Michell, SVP of Engineering at Delinea “The exponential growth of machine identities as applications are modernized and architected as micro-services continues to place organizations at increased risk. Delinea’s ongoing focus on making security seamless for developers is reflected in these recent enhancements, enabling them to use DevOps Secrets Vault to dynamically insert credentials in their code, in line with security best practices.” 

For developers using Macs, it offers expanded support with the addition of support for the M1 chip, developers writing code on the most recent Macs can now take advantage of the command line interface (CLI) and DSV Engine (an agent supporting database dynamic secrets) of DevOps Secrets Vault. Delinea continues to remove the friction that frequently occurs when securing sensitive secrets and credentials, particularly in hectic DevOps environments, by building on its focus on seamless usability. 

The friction between DevOps teams is constantly being reduced. Continuous usability and flexibility improvements are made to both the CLI and the graphical interface, enabling developers to work without interruption in their preferred interface with their preferred tools and assisting businesses in lowering the risk of credentials being compromised. 

In both interfaces, new features have been added, for improved Security Information and Event Management (SIEM) functionality support along with an approved ansible plugin for use with ansible automation Hub and additional authentication techniques. 

Elevate Security launched a new SaaS offering to its cyber risk intelligence capabilities

Elevate Security launched a new SaaS offering building on Elevate’s cyber risk intelligence capabilities to deliver risk assessments, visibility to company-wide internal cyber risk, and the ability to deliver risk-adjusted security controls at the individual worker level. Elevate offers a comprehensive user risk analysis that is based on millions of independent data points. 

The need for aggressive management of internal threats is now gaining prominence, even though many organizations have implemented external security measures. With the current spikes in ransomware, malware, and supply chain attacks making headlines, several recent research reports identify worker risk as the new primary reason behind cyberattacks. 

Robert Fly, CEO at Elevate stated, “The inspiration for Elevate’s unique approach grew out of our own frustration identifying and deterring high risk workers. Our customers are now benefiting across security operations, governance and risk management, insurance, and strategy. Today’s announcement helps further address growing customer demand with easy to implement out-of-the-box solutions tailored for specific situations and cyber maturity levels.” 

Elevate reduces workforce risk by integrating data feeds from different parts of the company and outside sources to generate a unique risk score for each employee, which works a lot like a credit score. 

An ever-evolving Human Risk Score is created by combining risk factors like employee susceptibility to phishing, sensitive data handling, safe browsing, and password management with demographics and other traits. 

Elevate’s Human Risk Score can influence every aspect of an organization’s security posture, from zero trust to data protection and more, thanks to its close integration with security controls. 

Controls can then be tailored to each individual’s risk level, ensuring that the entire workforce is productive while also safeguarding high-risk individuals, the organization, and itself from employee-predator attacks. 

The Elevate platform was developed to address unintentional user risk: 

  • predicts when and how attackers will target risky users by identifying them 
  • uses risk-based safety measures to keep them and the company safe 
  • automates giving managers and users personalized feedback 
  • The idea for Elevate’s distinctive approach originated from our own 

ThreatLocker Adds Network Access Control to Company’s Zero Trust Platform

ThreatLocker, a cybersecurity company that provides businesses and managed service providers (MSPs) with enterprise-level tools to protect endpoints, announced the release of ThreatLocker Network Access Control (NAC), which controls inbound traffic to endpoints to add a new layer of security to the company’s zero trust platform. 

Danny Jenkins, CEO of ThreatLocker, said “With remote work as the standard practice, the local network is no more. Companies need to have full visibility of the traffic going to their endpoints, as nation-state threat actors and everyday cybercriminals are hitting targets across every industry. This is a pivotal moment in the battle to stop attacks that have been launched on remotely accessible servers, including MSPs RMM servers. 

Customers can now configure network access to endpoints using global policies thanks to ThreatLocker’s introduction of NAC. Whether it’s a local server or a remote laptop, the solution provides visibility into all permitted and denied inbound traffic within a single audit. Like a typical firewall, policies can be created. A centralized view of endpoints is offered to clients by the cloud-managed system. 

Neal Juern from Juern Technology, a Texas-based MSP stated, “We now have the ability to take RMM servers off the general internet while dynamically allowing agents to connect from where they are without a VPN… This gives us peace of mind knowing that we are protected against an RMM vulnerability that could allow an attacker to use our tools to push ransomware to clients.” 

Box Upgrades Box Sign To Make Digital Transactions Convenient!

Box Inc., the industry-leading provider of content clouds, unveiled a new set of features for Box Sign, its built-in e-signature functionality. This decision was taken to encourage clients to transfer more of their transactions to the cloud. Through this, users can publish documents for electronic signature, update signature requests in flight, enhance the signer experience, and more using these features, which are already available. 

Box additionally declared that starting right now, Box Sign is accessible to all Box users at no additional charge. 

Diego Dugatkin, Chief Product Officer at Box stated, “The future of work is digital-first and paper-based processes hold companies back from reaching their full potential. Since entering the e-signature space, our north star has been to deliver all customers with a simple, secure, and cost-effective e-signature solution. Today, we take another big step towards achieving that goal by expanding Box Sign’s core capabilities so that customers can do more with The Box Content Cloud without added costs. We are just getting started within this space, and customers can expect to see even more innovation for Box Sign in the future.” 

Features of the new box sign 

Box Sign, a feature included in all Box plans, enables users to complete employee, customer, and partner transactions digitally and gives them access to e-signature capabilities. Box Sign is already being used by more than 500,000 Box users to speed up digital transactions, and this number will increase as new use cases are opened by improved Box Sign features. With the enhancements made today, users of Box Sign can now streamline high-volume business procedures for standardized documents including NDAs, event registrations, liability waivers, and more. Businesses can now use the Box Content Cloud to quickly and securely complete more of their signature-based business operations, thereby lowering their IT costs.  

Read More : CFBD and Resecurity Collaborate to Provide Cyber Threat Protection

Resecurity announced partnership with ECOMIL SAS

Resecurity announced a partnership with ECOMIL SAS to offer its AI-driven cybersecurity solutions and threat intelligence services in Colombia. ECOMIL SAS is a Colombian company headquartered in Bogotá and offers networking, cybersecurity, and IT management solutions to business and government clients there.

In Colombia, the shift to a digital economy is happening quickly, and since the pandemic, remote work has increased by 400%. Cyberattacks have become more dangerous because of the shift to a digital economy; they rose by 59% in just the first half of 2020.

Gene Yoo, CEO of Resecurity, Inc. commented, “We are thrilled to partner with ECOMIL and to join forces to deliver our solutions across all market verticals in Colombia.”

With the help of Resecurity’s cutting-edge cybersecurity solutions, businesses can automate the detection, evaluation, and prioritization of potential cyber threats while avoiding being targeted by organized cybercrime using cutting-edge attack methods.

The AI-driven platform enables administrators to quickly view in-depth analysis and specific artifacts obtained through the Dark Web, botnet activity, network intelligence, and high-quality threat intelligence, thereby reducing potential blind spots and security gaps.

Edgar Ernesto Hernandez, CEO of Ecomil SAS stated, “Partnership with Resecurity will positively impact on Colombian cybersecurity market and will enable the delivery of cutting-edge solutions to protect critical sectors of the economy.”

Arcserve Extends its SaaS Offering to Protect Emerging Data Systems

Arcserve, a US-established full-scale ransomware protection provider in order to secure and scale data protection for Dynamics 365, Microsoft 365, Salesforce, Google Workspace, and Azure Active environments has expanded its SaaS Backup offering. 

Arcserve SaaS Backup provides control of imperative data by protecting against data loss and ascertaining regular availability of data with automated cloud-to-cloud backup. It also offers data recovery to small, medium, and large enterprises and channel partners.

SaaS backup features of Arcserve SaaS Backup are as follows-

Simple and easy to use: With initial setup taking less than five minutes, the system enables quick deployment, securing data across crucial SaaS workloads. Users may simply navigate data and have full control over protected data with the help of a simple interface.

Retrieval and restoration of data: Universal restore capability of Backup solutions provides a complete overview of entire backup sets. Throughout all historical data sets, a search can be performed to re-establish data deleted in the recent past or years ago. Search helps users track, preview, and restore the data. The secure preview features to aid in easy identification of the correct data that has to be restored, removing multiple restore iterations.

Security by design: SaaS Backup employing a blockchain-build algorithm offers unalterable cloud data backups and Multi-Factor Authentication (MFA) to ascertain the security and reliability of services.

Scalability to future-proof SaaS workloads: SaaS backup solution by offering unlimited storage capacity to meet industry, regional, and company policies scale effortlessly across millions of users. Data remains available as the solutions keep it in four different copies of the backups stored in at least two data centers in the same territory, assuring data durability throughout SaaS-based workloads. 

Many companies don’t understand their responsibility for their data when it moves to a data center of a SaaS provider, no matter where it’s located. Arcserve’s latest research revealed that around 44% of businesses believe safeguarding and recovering data stored in public clouds is the responsibility of the cloud provider. As such they don’t keep backup and allow cyber fraudulent to steal data and data loss thus happens by intentional deletion, human error, or programmatic issues.

Florian Malecki, Executive Vice President of Marketing at Arcserve, said, “As more organizations move critical data to SaaS-based applications for the flexibility and ability to scale, it is crucial to have the right data protection policies and solutions in place to keep that business-critical data secure. Arcserve SaaS Backup is the best weapon against data loss. It gives customers the peace of mind that their data is secure, easily retrievable, and always accessible with immutable backups for data protection.”

Deloitte Expands its Managed Extended Detection and Response Platform

Deloitte recently announced that it has expanded its managed extended detection and response (MXDR) platform by adding four new modules and improved intelligence. Adding to the earlier modules in the MXDR platform that included: identity, insider threat, proactive hunting, intelligence, attack surface and vulnerability management; and unified XDR log and analytics management, the new modules for dynamic adversary intelligence, digital risk protection, threat hunting and mobile device security are designed to provide enhanced cyber offerings to their customers.

Curt Aubley, MXDR by Deloitte Leader and a Deloitte Risk & Financial Advisory Managing Director, Deloitte & Touche LLP, said, “As the threat landscape continues to change rapidly, we want to offer our existing and future client’s access to what we call the ‘next generation’ of threat intelligence and threat hunting capabilities. With this new MXDR expansion, we focused on helping organizations take a more proactive defensive posture in their cyber programs—whether they choose to do so via our whole platform or use of just a few of our MXDR modules.”

MXDR by Deloitte now includes the following additional modules:

Dynamic Adversary Intelligence (DAI): This module assists businesses in expanding and increasing the relevance of the intelligence data they use to make security-related decisions. The DAI module helps clients in performing over-the-horizon adversary investigations by exploiting the open web without having to deploy sensors into a client environment and by gathering intelligence data from the dark web, ransomware, cryptocurrency, and network enumeration of malevolent cyber actors and nation states. The Splunk component of MXDR by Deloitte uses passive collection techniques for DAI investigations, leveraging global telemetry, industry-leading application programming interface (API) integrations, skilled tradecraft, proprietary analytics of publicly available information, and proprietary sources.

Cyber Security Intelligence (CSI): In order to provide actionable Indicators of Compromise (IoCs), threat notifications, threat actor profiles, industry landscapes, automated sandbox analysis, as well as threat briefings, CSI data has expanded the platform’s core intelligence body of knowledge to include Deloitte’s own proprietary sources and tools as well as CrowdStrike Falcon X automated threat intelligence (RFIs).

Digital Risk Protection (DRP): The DRP module provides a way for businesses to track their external “digital footprints” on the open, deep, and dark webs, as well as on mobile applications and social media. It warns businesses about dangers like possible intellectual property exposure and potential email, credential, brand, and other misuse so that security teams can concentrate on quickly stopping the fraudulent activities that put their employees, clients, and brand at risk.

Mobile Prevent, Detection, and Response (MPDR): Deloitte has increased the specialized hunt capabilities provided for mobile within the MPDR module, recognizing that mobile device management programs sometimes find it difficult to keep up with the security requirements for expanding and diversified on-network mobile devices. Additionally, CrowdStrike Falcon for Mobile Endpoint Detection and Response (EDR) and CrowdStrike’s mobile threat defense are now fully integrated with the module (MTD).

Active Hunt and Response (AHR): A new dissolvable, in-memory hunt sensor and next-generation active hunting capabilities are provided by the AHR module, which also includes Deloitte’s own analytics. For unique client mission requirements, such as high-latency, low-bandwidth, or physically segregated networks, AHR can be delivered across the entire platform or as a standalone on-site capability. The module expands on existing platform features that enable threat hunting that is speculative, escalating, and retrospective.

Secure Delivery from Haystack Ensures Protection of Sensitive Data!

Haystack unveiled Secure Delivery, a feature that protects sensitive information from unattributed and unauthorized sharing and keeps internal information intact. The company offers four solutions including internal communications protected by Secure Delivery.  

Cameron Lindsay, CEO, and Co-Founder, Haystack,stated, “Taking an email out of context can be disastrous. Leaking company information can be even more damaging. Organizations can now rest assured they’ve gone the extra mile to prevent internal communications from being shared haphazardly. With Haystack, organizations can communicate more transparently and confidently with their internal teams and not worry that info can be copied/pasted. Our design also deters screenshots by digitally painting content with viewer-specific watermarks.” 

Every company has confidential information i.e., it cannot be distributed to the public, and henceforth engineers of Haystack made a system that needs authentication before specific content gets viewable. Haystack’s proprietary technology enables company management to get reassurance that their data, be it executive memos, fundraising announcements, financial documents, HR policy updates, or news about mergers and acquisitions cannot be shared outside approved channels. 

Secure Delivery also makes it virtually impossible for employees to share accidentally as they have designed sensitive communications for that. 

Secure Delivery from Haystack is an innovative platform that works as a hub where employees access important announcements, know more about the firm, and connect with their colleagues. Haystack got SOC 2 Type 2 & ISO 27001 compliance this year only, giving reassurance to hiring managers, and executives that confidential information including data, is nurtured with the utmost security and care. Co-Founder Haibo Zhao’s product thinking at Google and Snapchat inspired the security focus of Haystack. 

On average, around 98% of employees at Haystack’s early adopters are nerdwallet, Chime, and Novo that use Haystack every month for internal communication and knowledge management inside their offices. 

Read More: Cyble Partners With VirusTotal for Cybersecurity


Cyble Partners With VirusTotal for Cybersecurity

Cyble announced that it has been added to the list of key contributors to VirusTotal’s risk analysis as a credible source. As a member of VT’s list of website/domain scanning engine contributors, Cyble will be able to expand its threat research beyond its client base and serve the entire cybersecurity community.

VirusTotal provides threat research insights and reputation data to help analyze suspicious files, risky URLs, malicious domains, and IP addresses to detect potential cybersecurity threats. VirusTotal reports are crowdsourced information compiled from multiple global security services.

Beenu Arora, CEO, and Co-founder of Cyble, commented, “We’re incredibly excited to join hands with VirusTotal. This gives us an opportunity to serve the cybersecurity industry globally. As part of such an extensive global threat information platform, we will continue to scale our tool to cater to a wider audience. This partnership will help us direct our efforts toward expanding our threat intelligence capabilities in lockstep with the growing security needs of the industry. Furthermore, being integrated into VirusTotal’s list of credible sources portrays our credibility as a trusted and reliable cybersecurity leader and cybercrime mitigation partner.”

Cyble aims to secure its clients and the global cybersecurity community at large with timely and actionable threat intel to pre-empt and avert potential future attacks, with a vision to democratize digital risk protection through a combination of automation and human analytics and innovation. Cyble alerts its users with sufficient context to understand cyber risks and prioritize them through real-time alerts and meaningful threat intelligence using proprietary threat hunting models based on a combination of big data, ML+AI, and cutting-edge threat research.

Cyble recently launched a dedicated Managed Security Service Provider (MSSP) Program to provide enhanced controls to industry leading MSSPs in order for them to provide, configure, and monitor all services offered by Cyble Vision as a software suite to their end customers. Cyble is deeply invested in expanding visibility into the dark web and upgrading its research models and technology to keep pace with the growing sophistication of cyber threats, in addition to providing a converged view of Threat Intelligence, Digital Risk Protection Services, and Darkweb and Cybercrime Monitoring capabilities.