Author: bacohido

New York and Reston, Virg., June 27, 2023 — Quantexa, a global leader in Decision Intelligence (DI) solutions for the public and private sectors, and Carahsoft Technology Corp, The Trusted Government IT Solutions Provider^®, today announced a partnership.

Under the agreement, Carahsoft will serve as Quantexa’s Master Government Aggregator^®, making the company’s Decision Intelligence platform available to U.S. Government agencies and departments through Carahsoft’s reseller partners, NASA Solutions for Enterprise-Wide Procurement (SEWP) V, and Information Technology Enterprise Solutions – Software 2 (ITES-SW2) contracts.

Quantexa’s Fraud, Financial Crime, and Data Management solutions will enable Federal agencies to gain valuable insights from their data and make better-informed decisions in support of mission objectives. Quantexa’s DI platform and solutions can be deployed on-premise or in the cloud through Microsoft Azure, AWS and Google Cloud.

Goddard

“We are committed to providing Government agencies with the solutions they need to stay ahead of evolving threats and meet the challenges of today’s complex data landscape,” said Tiffany Goddard, Sales Director for Law Enforcement Technology Solutions at Carahsoft. “The partnership represents a critical step forward in addressing the complex data challenges Government agencies are experiencing, such as data duplication and security. We look forward to working with Quantexa and our reseller partners to make it easier and more efficient for agencies to procure the technology they need to combat financial crimes.”

Stacey

“We are dedicated to empowering U.S. Government agencies with the most advanced solutions to combat financial crimes and protect against evolving threats,” said Paul Stacey, Quantexa Regional Vice President – North America. “With Quantexa’s Decision Intelligence platform, data becomes a renewable resource, powering intelligent decision-making and unlocking new opportunities for organizations. Our partnership with Carahsoft and its reseller partners is integral to our long-term success in the U.S. Government market – enabling us to seamlessly provide our cutting-edge technology to Government agencies and amplify their mission impact.”

Quantexa’s Decision Intelligence platform is available through Carahsoft’s SEWP V contracts NNG15SC03B and NNG15SC27B and ITES-SW2 Contract W52P1J-20-D-0042. For more information, contact the Quantexa team at Carahsoft at (571) 591-6210 or Quantexa@carahsoft.com.

About Quantexa: Quantexa is a global data and analytics software company pioneering Decision Intelligence that empowers organizations to make trusted operational decisions by making data meaningful. Using the latest advancements in big data and AI, Quantexa’s Decision Intelligence platform uncovers hidden risk and new opportunities by providing a contextual, connected view of internal and external data in a single place. It solves major challenges across data management, KYC, customer intelligence, financial crime, risk, fraud, and security, throughout the customer lifecycle.

About Carahsoft: Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider^®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator^® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and Engagement, and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com.

Media contacts:

•Quantexa. Stephanie Crisp, Associate Director and Media Strategist, Fight or Flight??E: Quantexa@fightflight.co.uk; Adam Jaffe, SVP of Corporate Marketing, T: +1 609 502 6889
E: adamjaffe@quantexa.com

•Carahsoft. Mary Lange, Vice President of Public Relations. pr@carahsoft.com

Porto, Portugal, June 27^th 2023– Jscrambler, a leading solution for JavaScript protection and real-time webpage monitoring, today announces the launch and immediate availability of its free PCI DSS JavaScript Compliance Tool to ensure granular and flexible capacity to meet the stringent new requirements introduced by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0).

This free assessment tool provides organizations of all sizes with clarity and simple compliance coupled with proactive security measures to prevent web skimming and Magecart attacks.

Jscrambler is a PCI Security Standards Council Principal Participating Organization, and Pedro Fortuna, Jscrambler’s CTO and co-founder, was recently elected a member of the PCI SSC Board of Advisors attesting the relevance of Jscrambler’s 13+ years’ work on client-side security and its importance to the payment industry.

Jscrambler’s team of JavaScript experts has worked to create a solution that will directly ensure compliance with requirements 6.4.3 and 11.6.1 of PCI DSS v4.0. With the new PCI DSS v4.0 requirements already in the public domain, organizations need to prioritize this transition while simultaneously adopting proactive measures to protect their customer’s payment card information.

Although the new requirements in PCI DSS are not mandatory until April 2025, they are indicated as “best practices” until this date. Combining the trifecta of technology, people, and processes, Jscrambler’s solution provides teams with the flexibility and agility they require to meet these deadlines without compromising other priorities.

To meet the new anti-skimming requirements of PCI DSS v4.0, which includes ensuring script integrity, maintaining an up-to-date inventory of payment/parent pages’ scripts, and alerts for any tampering attempts, Jscrambler’s new tool offers advanced visibility to easily monitor and authorize vendors and scripts, while providing effortless and detailed reporting logs to demonstrate compliance to PCI Security Assessors (ISAs and QSAs) and internal compliance teams.

Fortuna

Web skimming attacks continue to plague organizations that have an e-commerce store, with attackers launching campaigns to hit as many targets as possible by injecting malicious code into websites via third-party providers. Jscrambler’s research has shown that in recent months the modus operandi for three of the most prolific cybercriminal groups has evolved as they seek more innovative ways to compromise targets. As a result, and if successful, these attacks can go undetected for months, potentially resulting in reputation damage and heavy fines.

Working with Jscrambler, organizations get peace of mind as security teams can configure and manage multiple websites and payment pages in one place, further streamlining compliance visibility and reporting. To stay one step ahead, and ensure that organizations maintain a secure environment, teams can react promptly due to immediate alerts on any modifications to HTTP headers, integrity breaches or adding of new vendors.

Pedro Fortuna, Co-founder and CTO at Jscrambler, comments: “With all organizations across the globe that take online payments needing to be fully compliant with the new PCI DSS v4.0 requirements by early 2025, it is imperative that they take action now to identify where any gaps in their security defenses are and take proactive steps to mitigate them. This is no small undertaking for any organization, however, with the release of this tool, backed up by the first-hand expertise of our team in JavaScript, and our experience in dealing with application security challenges in the payment industry, we are empowering organizations to make informed decisions and giving them unparalleled control over data protection.”

“Jscrambler is a trusted partner for businesses working to secure payment card data and to achieve PCI DSS compliance. Jscrambler’s resources allow organizations of all sizes to ensure client-side security is constantly safeguarded, effectively protecting organizations and their customers” says John Elliott, Jscrambler Advisor and one of the authors of PCI DSS v4.0. “I’m delighted to work closely with the team to ensure we’re developing one of the most advanced solutions in the market.”

To find out more about Jscrambler’s Free PCI DSS JavaScript Compliance Tool, please visit HERE.

About Jscrambler: Jscrambler is a leading authority in client-side security software. Its solution defends enterprises from revenue and reputational harm caused by accidental or intentional JavaScript misbehavior. Jscrambler makes first-party code that is resilient to tampering and prevents interference with third-party code. The solution works continuously, keeping organizations protected regardless of how frequently things change. From code to runtime, Jscrambler has companies covered with a level of visibility and control that supports business innovation. Jscrambler’s customers include the FORTUNE 500, retailers, airlines, banks and other enterprises whose success depends on safely engaging with their customers online. Jscrambler keeps these interactions secure so they can continue to innovate without fear of damaging their revenue source, reputation, or regulatory compliance. Jscrambler was recently recognized as a winner in the 2023 BIG Innovation Awards. Find out more at: https://jscrambler.com/ or check out our listing on the GitHub Marketplace.

Media Contacts: Kim Smith / Sydney Drayton, Code Red Communications for Jscrambler, E: Jscrambler@CodeRedComms.com

Westford, Mass., June 27, 2023 – The industry is vying for ever-increasing gigabyte capacities. And yet there are countless applications that only require a fraction of this storage space. Typical applications include green IIoT technologies like charging stations, smart meters, and PV inverters, for which only a small amount of memory is required to run boot software or to communicate with cloud applications.

In response to these demands, Swissbit is expanding its range of memory solutions with the introduction of e.MMC and SD memory cards with small capacities ranging from 4 to 8 GB. They are based on 3D-TLC-NAND and optimized for power failure protection, industrial reliability, and high endurance. Consequently, they rival the performance of more expensive SLC models and outperform corresponding MLC variants.

The proliferation of IIoT technologies is particularly evident in smart cities. Key factors here include smart meters, controllers for intelligent building management, or generating and using sustainable energy through charging stations.

For the most efficient operation of these green IoT applications, Swissbit now offers targeted small-capacity storage media. With capacities ranging from 4 to 8 GB, these are ideally suited as boot media or for data logging of small amounts of data, without sacrificing performance or durability. The models of the EM-30 and S-56(u) series, which are available as an embedded component in the form of an e.MMC or as flexible, interchangeable SD memory cards, offer maximum reliability due to proven firmware architecture. They also guarantee 100% data security.

Swissbit EM-30 and S-56(u) Series

The EM-30 product series (153 ball BGA) complies with e.MMC-5.1 specifications and is fully backward compatible. It is designed for an extended temperature range of -40°C to 85°C and is suitable for use in harsh environmental conditions.

Based on durable industrial-grade 3D-TLC-NAND and with storage capacities ranging from 4GB to 8GB, the range offers sequential data rates of up to 280MB/s read and 120MB/s write, as well as 11k IOPS random read and 16k IOPS random write.

The S-56(u) SD and microSD memory cards attain sequential read and write data rates of 95 MB/s and 74 MB/s, respectively. The cards are optimized for high-performance applications with random read IOPS of 2,200 and random write IOPS of 1,300. With advanced over-provisioning and pSLC technology, the S-56 series offers the highest endurance for write-intensive workloads. Combined with up to 100,000 PE cycles, its endurance for small data logging even surpasses that of an SLC card for the first time.

Other typical applications for small-capacity flash memory include white goods, payment devices and point-of-sale systems, industrial control systems, and medical diagnostic and patient monitoring devices.

About Swissbit AG:Swissbit AG is the only independent European manufacturer of storage and embedded IoT solutions for demanding applications. Swissbit combines its unique competences in storage and embedded IoT technology with its advanced packaging knowhow. This expertise allows Swissbit customers to reliably store and protect data in critical industrial, NetCom, automotive, medical and finance applications as well as across the Internet of Things (IoT).

Swissbit develops and manufactures industrial-grade storage and security products that are “Made in Germany”, offering high reliability, long-term availability, and custom optimization.

Swissbit’s storage range includes SSDs with PCIe and SATA interface such as mSATA, Slim SATA, CFast™, M.2 and 2.5” as well as CompactFlash, USB flash drives, SD Memory Cards, microSD Memory Cards and managed NAND BGAs like e.MMC. Security products are available in various application specific editions as USB flash drives, SD Memory Cards, and microSD Memory Cards.

Swissbit was founded in 2001 and has offices in Switzerland, Germany, USA, Japan and Taiwan. Swissbit owns the registered trademarks Swissbit® and Hyperstone®. Since 2020, the independent investment firm Ardian has held a majority stake in the company to support its growth. For further information, please visit www.swissbit.com

Media contact: Mr. Kim Sauer, Tel: +44 7906 019 022, Email: kim@miXimPR.com

Haifa, Israel, June 26, 2023 — DerSecur, which has developed DerScanner a comprehensive application security platform, has become one of the vendors whose products

“In order to work more effectively to improve software security, it is necessary to ensure continuous processes of code analysis and error correction throughout the entire product development lifecycle. And we develop DerScanner, adhering to this approach. The highly scientific technologies implemented in our product enable us to provide high quality code analysis and minimize the number of false positives. In addition, we are constantly improving the mechanisms that allow us to quickly and conveniently integrate DerScanner into secure development processes,” said Dan Chernov, Chief Executive Officer (CEO) of DerScanner.

Chernov

Launched on the market as a static code analyzer, DerScanner today is a comprehensive solution that combines SAST, DAST and SCA modules within a single interface. DerSecur’s solution is the world leader in the number of supported programming languages. At the moment DerScanner supports 36 of them. DerScanner can be used both as a separate tool for code scanning and as a central element of secure development processes. The news is published on the company’s website https://derscanner.com/news?post=38

About DerSecur: DerSecur has been engaged in advanced technology activities in the field of Application Security since 2011. Originating at the research institute for fundamental and applied research in computer science, our code analysis technologies are now used in 24 countries around the world. At the present time, our team consists of 70 scientists and researchers. DerScanner is a high-tech comprehensive application security solution that combines static (SAST), dynamic (DAST) and software composition (SCA) analysis methods in a single interface. DerScanner allows to identify vulnerabilities and undocumented features in the code of mobile and web applications. DerScanner is a unique tool that is able to analyze both source and binary code. It is the world leader in the number of supported programming languages (36 languages) that can also understand polyglot applications and significantly reduces false positives with its own Fuzzy Logic Engine patented technology.

Media contact: Carrie Grieg, pr@dersecur.com

Singapore, June 26, 2023 – Hardware cybersecurity solutions pioneer Flexxon today announced the appointment of Erik Nilsen, PhD, as its Chief Technology Strategist.

An industry veteran with almost three decades of experience, Nilsen will work closely with the Company’s executive management and Research and Development (R&D) team to design and deploy technological roadmaps for its value-driven cybersecurity innovations, with a focus on the US market. He will also advise on the Company’s ongoing work with its regional partners and customers to synthesize their needs and pain points with tailored solutions.

Nilsen

Nilsen commented:  “I am thrilled to be a part of the talented, world-class Flexxon team and look forward to being a fervent proponent for the Company’s unique approach to cybersecurity protection. Flexxon caught my eye several years ago when I started following the Company’s developments with great interest.

“Based on the strong value proposition and impact of Flexxon’s hardware-based solutions, I look forward to driving the adoption of this novel approach and supporting management, partners and customers in making this transition towards a safer and more secure digital footprint for businesses, governments and individuals globally.”

Chan

Camellia Chan, Co-Founder and CEO of Flexxon, said, “We are pleased to have Erik join the ranks of Flexxon’s executive management team, and believe that the Company will benefit greatly from Erik’s experience, expertise and passion for designing and building digital systems that fortify cybersecurity standards. As we move ahead with our plans to expand into the US market, Erik’s knowledge will also play an integral part in helping us hit the ground running.”

Nilsen, who holds a doctorate in physics as well as advanced degrees in electrical engineering and mathematics, is a strong advocate for the decentralized Internet and supports the advancement of innovative analog and digital methods to address the growing threat of cyberattacks. He holds over 14 patents and pending patents for advanced signal processing and cybersecurity applications.

Headquartered in Singapore and with offices across Asia, Flexxon is currently expanding its global footprint, with plans to open its US base of operations and kick off an extensive hiring effort in 2024.

About Flexxon. Founded in 2007 and headquartered in Singapore, Flexxon is a global company that specialises in next generation hardware cybersecurity solutions and industrial NAND storage devices. Rooted in its strong pedigree as a leading industrial NAND flash storage solutions provider, Flexxon introduced the X-PHY brand in 2021 to address the rising tide of cybersecurity concerns. Through the X-PHY suite of solutions, Flexxon is committed to protecting the basic rights of all citizens of the digital economy through constant innovation to address the evolving cybersecurity needs of today. With 30 patents and counting, Flexxon’s market-leading products and solutions aim to deliver the utmost security and confidentiality standards to users. 

About the X-PHY®. Flexxon’s flagship cybersecurity solution, the X-PHY® Cybersecure SSD, is the world’s first AI-embedded firmware-based cybersecurity solution. Unveiled in 2021, it detects anomalies in behavioural data access patterns and effectively shuts down potential incursions in real-time, with round-the-clock monitoring to prevent critical data loss and exposure. Building on the X-PHY’s market-changing technology, Flexxon is developing an entire suite of products and services that will address gaps in cybersecurity for individuals, SMEs and major enterprises. For more information, please visit: Flexxon: flexxon.com X-PHY: x-phy.com

Media contact: Samantha Wong, Director, Communications & Media, e. samantha@flexxon.com, m. (65) 9115 6968.

# # #

Mountain View, Calif. June 22, 2023 — Dasera, the premier automated data security and governance platform for top-tier finance, healthcare, and technology enterprises, is thrilled to unveil “Ski Lift,” a complimentary platform exclusively designed for Snowflake users.

With “Ski Lift,” Snowflake customers can gain a panoramic view of their Snowflake environment while scaling their data security and governance controls. Key features of “Ski Lift” include:

•Find: Discover real-time insights into data security posture with automated classification and tagging

•Flag: Continuously monitor threats with risk detection from user access, data usage, and misconfigurations

•Fix: Auto-remediate security and compliance violations throughout the data lifecycle

•Flow: Experience rapid risk assessments, automated alerts, and self-service deployment

In addition, Dasera is proud to announce its partnership with the Snowflake Partner Network. By joining forces, Dasera and Snowflake empower customers to address the increasing need for robust data protection in today’s interconnected world.

Chaudhuri

With advanced data security measures, comprehensive governance controls, and Dasera’s powerful query analysis engine, organizations can confidently leverage their data to drive insights, make informed decisions, and achieve their strategic objectives.

Dasera’s query analysis engine automatically finds flags and fixes unsafe queries in data warehouses, helping organizations proactively address data security and compliance concerns. By identifying potentially risky queries, Dasera minimizes the risk of unauthorized data access, ensuring data integrity and maintaining confidentiality.

With Dasera, organizations can unlock the full potential of their data while maintaining compliance with industry regulations. Attendees of the Snowflake Summit at the Caesars Forum Conference Center in Las Vegas from June 26-29, 2023, can visit Dasera at Booth 2941-A to explore this innovative solution.

“This partnership enables Snowflake users to harness the power of data security and governance automation, driving insights, ensuring regulatory compliance, and streamlining their data strategy,” said Ani Chaudhuri, CEO and co-founder of Dasera. “We’re excited to be part of the Snowflake Partner Network, delivering robust solutions that complement and enhance Snowflake’s capabilities.”

Snowflake customers can sign up for a 45-day “season pass” to “Ski Lift” at the Snowflake Summit or by filling out the form here.

About Dasera: Dasera is a comprehensive data security platform that automates data security and governance controls, safeguarding your company’s structured and semi-structured data throughout its entire lifecycle, both on-prem and in the cloud. Dasera offers continuous data usage and storage visibility, promptly detecting risks and aligning data security strategies with business objectives. For more information, visit www.dasera.com or contact us at info@dasera.com.

Media contact: Brenda Christensen, Stellar PR, 818/307-9942, brenda.christensen@stellar-pr.com

# # #

Eden Prairie, Minn., June 22, 2023 — Malicious emails have reached a crescendo in 2023 according to the latest report from cybersecurity software and services provider Fortra.

Email impersonation threats such as BEC currently make up nearly 99 percent of threats, and of those 99 percent of threats observed in corporate inboxes are response-based or credential theft attacks. Email impersonation threats are proving to be the most difficult to block as social engineering helps cybercriminals successfully deceive both end users and the security tools designed to protect them.

Other key findings from the research compiled by Fortra’s email security group, which includes Agari, Clearswift and PhishLabs, reveal:

•More than 60 percent of email threats impersonated a well-known brand name such as Microsoft or Google.

•36 percent of email display names are altered to a more granular level and pose as specific individuals.

•Google is the most abused email platform (67.5 percent of recorded attacks in 2023), with Microsoft following close behind (18.3 percent).

•BEC actors are moving toward intercepting payments. Instead of asking for an explicit amount, attackers ask for an unspecified sum owed

•Office 365 phishing attack volumes have doubled since Q4 2022

•The fundamentals of BEC attacks remain largely the same, but optimized tactics are improving success rates

•Generative AI is trending among cybercriminals. ChatGPT, and other such language models, are giving criminals the tools to craft well-written messages at scale and avoid the poor spelling and grammar that frequently mark phishing attacks.

Wilson

John Wilson, Senior Fellow, Threat Research at Fortra states, “It isn’t hard to find someone who has fallen victim to email impersonation attacks. Social engineering combined with advancing technology such as generative AI has made attacks more advanced and harder to spot. Organizations must rethink how to defend against such threats.

“For instance, consider if your security awareness training explores enough of current impersonation techniques, as well as how applying algorithms through machine learning can help to detect anomalies and patterns in order to accurately detect signatureless email threats at scale.”

# # #

Chicago, Ill., June 21, 2023 – NowSecure, the recognized experts in mobile security and privacy, announced today that it has completed its latest annual SOC 2 Type 2 security audit – the industry benchmark for independent auditing of security controls for software vendors.

This certification covers the NowSecure Platform for automated mobile app security testing. For the fourth consecutive year, NowSecure remains the only enterprise-grade mobile application security testing (MAST) provider with a SOC 2 certified cloud platform.

The SOC program is governed by the American Institute of Certified Public Accountants (AICPA), the national organization governing auditors with the CPA credential. Considered by the industry as the gold standard for data security, the program provides standards for meeting specific Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality or Privacy) and the procedures for auditors to review and report on the effectiveness of an organization’s controls in meeting these criteria.

By achieving SOC 2 Type 2, NowSecure has demonstrated its ongoing dedication and adherence to the highest security standards to ensure its employees, solutions and customers are compliant, safe and secure.

Snyder

“We have always ensured our platform’s security, but achieving this certification by a third-party auditor further validates that we are doing all the right things to protect our customers,” said Alan Snyder, NowSecure CEO. “Our customers are under increasing pressure to prove that they have the proper security controls in place, so it makes sense that they place their trust in NowSecure as the industry’s only SOC 2 validated vendor.”

Purpose-built to mitigate the mobile app threat landscape, NowSecure Platform provides a battery of 600+ automated tests using static, dynamic, interactive and API security for testing first party mobile apps in the DevSecOps pipeline and for vetting commercial 3rd party mobile app supply chain risk. Mobile app developers, QA, and security teams utilize NowSecure Platform to uncover security flaws, privacy issues, compliance gaps and app store blockers at scale.

NowSecure Platform identifies issues fast and helps developers fix them fast through embedded remediation including evidence, fix recommendations, code examples and links to Android and iOS documentation. NowSecure is committed to implementing strict internal security policies and procedures to safeguard customer data and protect the NowSecure Platform from threats to confidentiality, integrity and availability.

Learn more about the new NowSecure SOC 2 certification in our latest blog post by Ted Eull, VP of Privacy and Risk, and fill out this form to request the full report.

About NowSecure: NowSecure offers an award winning full solution suite of continuous security testing for DevSecOps, mobile app supply-chain monitoring, expert mobile pen testing as a Service (PTaaS) and training courseware.

Media contact: Hannah LaCorte, +1 202-240-7611, press@nowsecure.com