Author: cyberinsiders

Cogility today announced the commercial availability of TacitRed, a tactical attack surface intelligence platform. The SaaS solution delivers curated, prioritized, and detailed findings on active attacks and imminent threats such as command and control, malware, ransomware and persistent threats, and compromised credential and session use. The tool combines attack surface management, threat intelligence, and third-party risk assessment capabilities. The company is offering a free 30-day eval of TacitRed at https://www.tacitred.com/trynow.

Security analysts can instantly examine attack surface risks of over 18 million U.S. entities on demand, by simply entering a business domain name. TacitRed uniquely employs advanced Expert AI threat modeling and stateful event stream processing to monitor connections and threat activity between a company’s digital presence, cyber adversaries, and third-party entities. The approach applies Intelligence Synthesis that analyzes terabytes of streamed proprietary and public internet, threat traffic signal, and intelligence data sources to provide results with full traceability. Finding evidence, categorized by severity, threat type and cyber kill chain stage, would be used by secops teams to expedite investigation, containment, and resolution processes. TacitRed can feed findings into systems via API.

“Cogility TacitRed democratizes external attack surface risk assessment and significantly increases threat response efficiency. Analysts can focus on pertinent, validated issues faster and with the tools they already use to fortify their business,” said Jeremy Turner, head of cyber and risk at Cogility.

Cogility also announced that TacitRed was ranked a leading vendor with distinguished technology excellence in a new Digital Threat Intelligence Management Report produced by research firm Quadrant Knowledge Solution. Customers can see the competitive ratings and obtain the report by visiting https://tacticred.com/dtim2024/.

“Beyond TacitRed’s on-demand coverage and intuitive interface, customers highlighted the quality, depth, and speed of TacitRed’s curated threat intelligence findings. They observed its effective ability to identify serious issues when compared to other vendors,” said Riya Tomar, analyst at Quadrant Knowledge Solutions.

About TacitRed
Cogility TacitRed™ empowers security analysts to take immediate, decisive actions to mitigate impactful cyber exposures by taking advantage of unparalleled tactical attack surface intelligence – fully curated, prioritized, and detailed. The SaaS solution continuously analyzes global internet and threat intelligence of entities and adversaries to provide actionable insight of over 18 million U.S. businesses on-demand. Subscribers can examine compromised and at-imminent-risk assets with complete threat scoring, attack stage, and findings context. As a result, organizations can optimize resources, mitigate data breach exposure, proactively improve their security posture, and help reduce supply chain risk.

About Cogility
Cogility offers continuous intelligence software that provides integrated, real-time, and predictive decision advantage for government and commercial organizations. Cogility’s platform, Cogynt, delivers unified stream data analysis from massive and diverse signals. It leverages no-code modeling and patented Hierarchical Complex Event Processing to produce high-confidence results with full traceability. Cogynt is cloud-scalable, open system interoperable, and deployed non-disruptively. This Expert AI approach empowers subject matter experts to directly optimize product delivery and enable workflow efficiency – generating critical intelligence with rapid time to value. To learn more, visit www.cogility.com.

The post Cogility Launches TacitRed – Tactical Attack Surface Management appeared first on Cybersecurity Insiders.

By Holger Schulze, Scott Gordon

The increasing sophistication, targeting, and volume of cyber threats facing organizations, coupled with attack surface management dynamics, requires cybersecurity solutions to move towards curated findings that help security teams become more efficient in handling the increased likelihood of exposures, attacks and breaches. This does not necessarily mean building out a bunch of AI prompts.

Modern security tools like Extended Detection and Response (XDR) have significantly improved SOC capabilities over the years. These tools progress detection and response by integrating various data sources and providing a comprehensive view of the threat landscape. Additionally, advancements in Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms have streamlined security operations, allowing for enhanced incident management .

Today’s Cybersecurity Challenge

Despite substantial investments in cybersecurity tools, the number of successful attacks is increasing. Over 80% of cyber breaches result from external threat actors conducting phishing, session hijacking, account takeover, and malware attacks – putting organizations under mounting pressure to improve their security posture and automate cyber response. This increase in successful attacks stems from an ever-expanding attack surface combined with increasing coordination and advancement of attack methods.

Factors contributing to the expanding attack surface include the use of multi-cloud services, distributed applications, unaccounted-for internet-facing assets, siloed technology acquisitions across business units, and broader supply chain dependency – all introducing more potential attack points for cyber adversaries​​​. Criminal and state-sponsored adversaries are taking advantage of attack surface soft spots with increasingly AI-gen augmented attack methods to exploit susceptible users and vulnerabilities in systems to accomplish their objectives.

The sheer size, scope, and velocity of attacks and issues are inundating security analysts with alerts—often exceeding 11,000 per day for large organizations—leading to missed exposures, delayed action, and analyst burnout​. Conventional threat intelligence tools provide security teams with relevant information, but still requires analysts to exert consideration assessment, research, and inference workload. Even with alert reduction capabilities, analysts must exert effort to examine, investigate, and validate. This overload has real-world consequences, as seen in notable breaches where overwhelmed analysts were unable to prioritize and focus on the most serious threats. For example, in the case of the 2023 T-Mobile data breach, crucial threats were missed due to the SoC team struggling with prioritizing alerts and managing threats, leading to data exposure that affected millions of customers. Other breaches, such as the 2024 Mintlify and Acer Philippines, demonstrate threat actor sophistication and third-party risk.

Continuous Threat Exposure Management (CTEM)

Given this reality, organizations are adopting more proactive processes and advanced security tools that enable security operations teams to respond faster and enable their companies to become more resilient against rapidly evolving threats. One innovative approach is Continuous Threat Exposure Management (CTEM), which focusing on workflows processes to mitigate potential threats before they escalate.

Introduced by Gartner in 2022, CTEM addresses the limitations of reactive vulnerability management by proactively anticipating threats. In a nutshell, CTEM operates through a cyclical process of five key stages: Scope, Discover, Prioritize, Validate, and Mobilize. This structured methodology ensures that organizations not only identify and understand their attack surface but also respond to risks and remediate vulnerabilities in a more strategic and proactive manner.

  • Scope: Define the organization’s total attack surface and risk profile, including internal and external vulnerabilities.
  • Discover: Utilize advanced tools to identify potential threats and vulnerabilities within the defined scope.
  • Prioritize: Rank threats based on their likelihood of exploitation and potential impact on the organization.
  • Validate: Confirm the existence and severity of identified threats using techniques like automated penetration testing and breach simulation.
  • Mobilize: Implement remediation measures for validated high-priority threats, ensuring alignment with business objectives and effective communication across departments.

Balancing Security Posture and Defense

CTEM strikes an important balance between maintaining a robust security posture and being capable of dynamic response. This balance is crucial because a purely defensive stance may leave organizations vulnerable to novel attack vectors, while a focus solely on response may lead to unaddressed vulnerabilities and missed threats. By integrating posture and response, CTEM enables organizations to prioritize and address the most critical vulnerabilities in real time, aligning security efforts with business objectives and operational realities​.

The Need for a Better Approach

As discussed earlier, traditional threat intelligence sources and assessment tools fall short in refining the signal-to-noise ratio, covering the extended attack surface and managing threat volume and sophistication. This still leaves analysts coping with how to more efficiently triage and respond to the deluge of often irrelevant, inaccurate, and outdated alerts and intelligence data – often missing truly critical findings.

To bridge this gap, TacitRed was developed by continuous intelligence solutions provider Cogility to empower security teams with tactical attack surface intelligence. Unlike traditional tools that often overwhelm analysts with data, TacitRed delivers fully curated, prioritized, and detailed findings on pertinent cyber issues. This allows security teams to take immediate, decisive actions on compromised and at-imminent-risk assets to mitigate exposures.

Tactical Attack Surface Intelligence with TacitRed

TacitRed continuously monitors, maps, and analyzes an organization’s external attack surface, offering an on-demand assessment of an organization’s security posture and providing curated, valid, and detailed active threat findings.

As a turnkey, Software-as-a-Service (SaaS) solution, TacitRed automatically maps an organization’s external attack surface and correlates connections and threat activity between its digital presence, cyber adversaries, and third-party entities.

Security operations, security analysts, and risk analysts can instantly examine curated attack surface risks and active issues of over 18 million U.S. entities on demand by simply entering a business domain name. Users can examine compromised and imminent target assets and novel attack findings categorized by severity, threat type, and cyber kill chain stage. The on-demand, accurate, and actionable intelligence with full contextualization sets TacitRed apart from conventional, query-based external attack surface management tools.

Attack Surface Intelligence Process

TacitRed’s approach to attack surface intelligence can be summarized in five key steps that are closely aligned with the principles of Continuous Threat Exposure Management (CTEM) model discussed earlier, which serves to anticipate and mitigate potential threats before they can escalate:

  • Inventory: Continuously maps and analyzes internet-facing assets, while dynamically monitoring the connections and threat activity and active exploits.
  • Discover: Identifies compromised and at-imminent-risk assets, helping security teams understand the overall security posture of their organization’s external attack surface. A calculated Threat Score based on active threat actor activity informs analysts about the extent of assets that are compromised or are at imminent risk and require priority action.
  • Investigate: Provides comprehensive, curated findings enabling analysts to readily examine compromised and high target assets with full contextual details of affected machines and users, prioritized by severity and categorized within the cyber attack chain stage. This allows analysts to focus their investigation on valid security issues with high fidelity.
  • Respond: Expedites mitigation efforts by sharing curated findings with incident response teams, including asset severity rating and detailed exposure evidence. The system enables the integration of active attack surface asset enumeration and threat findings to existing SIEM, SOAR, and IT Asset Management tools via API.
  • Extend: Enables security teams to assess their extended attack surface of third-party entities, such as subsidiaries, partners, suppliers, agents, and service providers. By sharing threat scores and critical security insights, organizations can facilitate corrective actions to reduce supply-chain risk.

An Example of How AI Unleashes the Full Potential of Threat Intelligence

Leveraging Expert AI and event stream processing technologies, TacitRed is able to deliver accurate, actionable threat intelligence at scale. At the heart of TacitRed is Cogility’s patented Hierarchical Complex Event Processing (HCEP) analytic. It applies pattern-matching logic at machine speed to dynamically process billions of streamed records each hour through its cloud-scaled event stream processing engine – while maintaining state. By synthesizing available industry threat intelligence with proprietary sources, such as domain and internet routing registries, malware and botnet logs, bulletproof hosting, C2 node identification, and internet traffic sampling, TacitRed provides the best possible curated threat insights that can enable organizations to respond to and prevent incidents. The Expert AI behavioral analysis identifies active cyber attacks, including threat actors, targeted entities, exposed assets, compromised credentials and sessions, and malware activities. Additionally, TacitRed evaluates third-party risks and presents actionable results with similar details as first-party risk assessments.

This is presented in a simple, intuitive SaaS GUI allowing analysts to ascertain risk, examine active compromised and target assets, and mobilize mitigation efforts using detailed threat contextualization – or to push findings to other internal systems via API.

“The interface is straight-forward and purposely uncomplicated. The speed, depth, and usefulness of threat detail from TacitRed is astonishing – saving us considerable time and potential claim loss,” according to Ross Warren, VP of E&O and Cyber at ATRI Insurance Services.

CONCLUSION

In conclusion, TacitRed is a game-changer in delivering tactical attack surface intelligence that can help organizations realize the promise of Continuous Threat Exposure Management. The SaaS solution’s ability to provide continuous, curated, prioritized and detailed active security findings empowers security teams to assess active threats faster and mitigate them more efficiently. By enhancing security analyst capacity and capability, the tool can help fortify the way SOC operations manages external attack surface risk.

For more information, visit https://tacitred.com and check out their free 30-day trial at https://tacitred.com/trynow

The post Transforming SOC Operations: How TacitRed Curated Threat Intelligence Boosts Analyst Efficiency and Delivers Tactical Attack Surface Intelligence appeared first on Cybersecurity Insiders.

A robust IT infrastructure is non-negotiable in today’s digital age. Central to this infrastructure is structured cabling, the unsung hero ensuring that data flows securely and efficiently across networks. As cyber threats grow more sophisticated, the strategic importance of structured cabling in safeguarding sensitive information cannot be overstated. This backbone of modern IT not only supports the rapid transmission of data but also fortifies defenses against the ever-evolving landscape of cyber vulnerabilities.

1 – Enhanced Network Performance and Security

Reliable and swift network performance is essential in defending against cyber threats. Structured cabling ensures high-speed data transmission, crucial for the effective implementation of robust security protocols. Networks that operate efficiently are less likely to be compromised by attackers who exploit delays in data transfer, particularly during critical updates or security deployments.

Structured cabling’s organized architecture greatly assists in pinpointing and managing potential security breaches. Efficient data pathways reduce system complexity, facilitating quicker detection of irregular traffic patterns and swift response to potential threats. This rapid detection is key to stopping cyber attacks early, minimizing potential damage.

Additionally, the dependability of structured cabling systems guarantees the uninterrupted operation of security applications. Stable network conditions are vital for continuous operations of security measures like intrusion detection systems and ongoing data encryption, ensuring a fortified IT environment against cyber vulnerabilities.

2 – Efficient Problem Detection and Resolution

Structured cabling systems enhance an organization’s ability to quickly identify and address network issues, significantly impacting IT security management. The streamlined layout inherent in structured cabling services allows IT professionals to efficiently troubleshoot and resolve network faults. This rapid identification and correction of issues reduce the risk of security breaches that can occur when vulnerabilities are left unchecked.

This systematic organization not only aids in regular maintenance but also plays a critical role during security breaches. By enabling clearer visibility and easier access to the network’s physical and logical layouts, technicians can swiftly isolate affected areas, preventing the spread of potential security threats across the network.

Moreover, the predictability and order provided by structured cabling enhance monitoring efforts. IT teams can more effectively oversee network traffic, quickly spotting deviations from normal activity patterns that may indicate security threats. This proactive approach to network monitoring ensures that any irregularities are addressed before they escalate into major security concerns.

3 – Improved Risk Management with Scalability

The scalability of a structured cabling system is a cornerstone of effective IT security management. As businesses grow and their data needs evolve, the ability to expand network capabilities without compromising security is paramount. Structured cabling systems are designed to accommodate future growth seamlessly, enabling organizations to integrate new technologies and increase capacity without exposing new vulnerabilities.

This adaptability is crucial in maintaining security standards in a dynamic technological landscape. As organizations scale, structured cabling ensures that upgrades and expansions can be implemented swiftly and securely, reducing the exposure time during which systems are vulnerable to attacks. The infrastructure’s flexibility also means that security enhancements and new defensive technologies can be adopted as they become available.

Moreover, a scalable network underpinned by structured cabling minimizes disruptions during updates and expansions. Maintaining continuity of service is essential, as interruptions can lead to security lapses, providing openings for cyber attacks. By facilitating smooth transitions during scale-up phases, structured cabling protects against potential security breaches that could arise during critical growth periods.

4 – Minimized Network Downtime

The reliability of structured cabling systems plays a pivotal role in minimizing network downtime, a critical factor in maintaining continuous IT security. Downtime not only hampers productivity but also creates opportunities for cybercriminals to exploit system vulnerabilities. A well-designed structured cabling infrastructure ensures that networks are less prone to failure, reducing the frequency and duration of outages.

During an outage, the integrity of data and systems can be compromised as security measures may become temporarily inoperative. By establishing a stable and robust cabling system, the risk of unplanned downtime is significantly decreased, thus safeguarding sensitive information from being accessed or corrupted during these vulnerable periods.

Additionally, structured cabling facilitates faster recovery times when disruptions do occur. With a clear and organized cabling layout, IT personnel can quickly locate and address the source of a problem, restoring services more rapidly and securely. This prompt response is essential in preventing potential security breaches during downtime, ensuring that protective measures are quickly reinstated.

5 – Future-proofing and Security Compliance

Investing in a structured cabling system is an investment in future-proofing your IT infrastructure. As technology evolves and security demands intensify, the ability to adapt swiftly and seamlessly is paramount. Structured cabling provides a robust foundation that supports the integration of new technologies and compliance with emerging security standards.

Future-proofing through structured cabling ensures that an organization is not only prepared for current security challenges but also equipped for future developments. This adaptability is crucial for staying ahead of potential cyber threats that evolve with technological advancements. It also facilitates compliance with new regulations and standards, which often require updates to network infrastructure to ensure data protection and privacy.

Moreover, a future-oriented cabling infrastructure allows businesses to leverage the latest security technologies without extensive overhauls. This capability to upgrade and adapt with minimal disruption is vital for maintaining continuous security measures and protecting against both present and emerging cyber threats.

Wrapping Up 

The strategic implementation of structured cabling systems is integral to bolstering IT security management. By enhancing network performance, simplifying troubleshooting, supporting scalability, minimizing downtime, and future-proofing infrastructure, businesses can maintain a high level of security against evolving cyber threats. Investing in structured cabling is not just about upgrading technology; it’s about safeguarding your organization’s future in an increasingly digital world.

 

The post 5 Reasons Structured Cabling Networks are Critical for IT Security Management appeared first on Cybersecurity Insiders.

LayerX, the creator of the innovative LayerX Browser Security platform, has successfully closed $24 million in Series A funding. This round was spearheaded by Glilot+, Glilot Capital Partners’ early-growth stage fund, with contributions from Dell Technologies Capital and other backers. Lior Litwak, Managing Partner at Glilot Capital and Head of Glilot+, along with Yair Snir, Managing Partner at Dell Technologies Capital, are set to join LayerX’s board.

The influx of funds will bolster corporate development, enhancing talent recruitment and expanding the company’s global footprint. To date, the company’s funding total has reached $32 million. In today’s digital age, enterprise employees increasingly depend on browser-based tools and SaaS platforms. However, these essential tools also introduce significant security threats, such as data breaches, identity and password thefts, harmful browser add-ons, phishing websites, and more. Specifically designed to fortify browser-based operations on both managed and unmanaged devices, LayerX stands out in its field.

“We’ve transformed workforce protection for organizations without requiring the transition to a dedicated secure browser. Unlike other solutions, installed in a matter of minutes, the LayerX Browser Extension does not impact employee efficiency, speed, privacy or the browsing experience, ” said Or Eshed, co-founder and CEO, LayerX. “As the browser becomes more central to the employee, we anticipate it becomes more attractive to the attacker, particularly in the wake of GenAI tools used in browser-related activities,” he continues. “Today’s funding round is a testament to our increasing market opportunity and the innovation behind our platform’s user-friendly approach to a more secure browser experience.”

The LayerX Enterprise Browser Extension works seamlessly across all major browsers like Chrome, Firefox, and Edge, requiring no agents, VPNs, or changes to network settings. Upon deployment, security and IT departments can monitor user activities closely and address threats instantly, all without disrupting the user experience. LayerX effectively shields against all types of threats, whether they originate from user errors or external attacks. The platform’s AI technology meticulously examines browser-executed code, automatically generating detailed insights into user behavior.

“Since inception, LayerX showed super fast growth and adoption by the world’s leading enterprises. The company is at the forefront of defense for modern organizations. By protecting the browser, the central productivity application in organizations, from a wide range of new-generation security risks, LayerX can solve acute security problems that have remained unanswered until now,” said Kobi Samboursky, Founding and Managing Partner at Glilot Capital

“We believe that this novel solution for securing browsers will replace most SASE and SSE solutions prevalent today in organizations. At an estimated market size of $7 billion, the potential inherent in LayerX’s technology is tremendous.”

“Similar to other successful entrepreneurs in the cybersecurity field we’ve collaborated with, Or and David bring significant experience and knowledge in understanding the technical issues involved in threats to organizations and the motivations of attackers. Consequently, they recognize that effective security measures should adapt to real-world user behaviors, rather than the other way around,” said Yair Snir, Managing Director at Dell Technologies Capital.

“In a world where most computer operations are conducted through browsers, LayerX introduces a creative approach to corporate security that is user-friendly, robust, and easily implementable in large organizations. This approach transforms the browser from a major vulnerability to a strength, facilitating secure work across devices. Our investment in LayerX isn’t just driven by the promising opportunity but also by the potential impact of the company’s solution on organizations, regardless of where employees conduct their tasks.”

About LayerX
LayerX was founded in 2022 by Or Eshed, CEO, and David Weisbrot, CTO, who developed web attack and defense systems during their military service. In 2017, Eshed led the exposure of the largest attack campaign in history on the Chrome browser, which involved tens of millions of compromised browsers and even led to the capture and trial of the hackers. LayerX has Fortune 100 clients worldwide.

LayerX Enterprise Browser Extension natively integrates with any browser, turning it into the most secure and manageable workspace, with no impact on the user experience. Enterprises use LayerX to secure their devices, identities, data, and SaaS apps from web-borne threats and browsing risks that endpoint and network solutions can’t protect against. Those include data leakage over the web, SaaS apps and GenAI Tools, malicious browser extensions, phishing, account takeovers, shadow SaaS, and more.

The post LayerX Security Raises $24M for Innovative Browser Security Platform appeared first on Cybersecurity Insiders.

SAST is now an indispensable resource for maximizing source code security and mitigating cyber risk. SMEs can benefit immeasurably from writing, maintaining, and implementing static application security testing. 

Recall that open-source or first-party code is a high-priority target for hackers. Cybercriminals routinely probe apps for vulnerabilities, some known, others unknown. Indeed, a dramatic uptick in ransomware attacks has occurred since the pandemic. This resulted from a massive and unprecedented shift to remote work, offering many platforms on IoT devices and the accompanying security weaknesses.

Many SMEs are held hostage to ransomware syndicates, preferring to pay the extortionists than risk losing their valuable data, credibility, and clients. Indeed, there are lags between the time a vulnerability is detected and the patch is implemented. Cybercriminals exploit these windows to implement their nefarious schemes. When choosing a SAST tool for your business, it’s essential to understand precisely what it entails and what attack surfaces it protects. Security is sacrosanct, and all source code and software must be protected. 

SAST is defined as Static Application Security Testing. This type of service, or resource, is capable of deep-scanning your applications’ binary code or source code. It is a white box solution and scans the source code for security flaws and known weaknesses. Many of the top-ranking SAST solutions focus on threats based on severity. 

The more dangerous the threat to your source code and applications, the higher its priority. Remember, SAST does not analyze apps in runtime. This tool works with static code. Typically, they use AppSec (application security teams), but individual developers invariably use it. By offering solutions for line of coding weaknesses and vulnerability scanning, SAST allows developers to identify, detect, and correct problematic source code.

Making SAST Work

Identifying the right SAST tool in application security is crucial for strengthening the software development lifecycle against cybersecurity threats. The tool’s capability to seamlessly blend into Continuous Integration/Continuous Deployment (CI/CD) workflows is essential to this selection process. This facilitates automated security assessments without disrupting the development pace. 

For developers or security consultants seeking to deepen their understanding of SAST tools’ integration and automation features, the 2024 Ultimate SAST Guide for CISOs, AppSecs, and DevOps offers comprehensive insights. Available at a leading AppSec Knowledge Hub, this guide sheds light on the strategic role of SAST solutions. It is particularly effective in early vulnerability detection and mitigation, underscoring their importance in minimizing the attack surface and embedding security into the heart of development processes.

Practically speaking, SAST tools identify many false positives. Developers may ignore these and focus on a handful of outcomes. The time it takes to complete the scan varies from one SAST system to the next. Since they operate in a silo style fashion, along with other security systems like SCA, SAST tools are part of a hybrid security network for safeguarding company software, functionality, credibility, and data integrity. 

Viewed in perspective, it’s important to identify the key criteria when selecting a SAST system. We briefly examine several such elements, notably the accuracy of a SAST resource, the performance of SAST systems with other security tools, developer usage of SAST solutions and versatility in terms of language coverage etcetera.

The Accuracy of SAST Systems

Accuracy is sacrosanct with any security tool. Those generating a high rate of false positives should be avoided. Not only are they disruptive to security development, but they flag way too many potential faults, detracting from the efficacy of the security team’s performance. SAST resources incapable of identifying vulnerabilities and source code errors are doing a disservice to developers; they don’t identify the threats. However, those that flag too many non-errors are inefficacious to the extreme and wasteful of resources.

The Performance of SAST Systems

Recall, most of the source code that apps run on is from third parties. Many apps also use a variety of APIs for all sorts of services. Open-source repositories usually bundle data into packs. This practice delivers single lines of code, making it easier for developers who would otherwise spend excessive time integrating payment modules and GIS handling systems. 

Effective SAST systems work hand-in-hand with security tools to scan and monitor all parts of applications. Recall Software Composition Analysis as a case in point.

Developer Usage of SAST Solutions

It’s critical to have static application security testing systems that are easy to learn to use. The requisite number of users should use the tools to determine the overall difficulty level. Effective SAST tools should minimize repetition and maximize easy-to-understand workflow. Also, SAST tools offering too many false positives should be customized (or at least be able to be customized) to direct alerts to the appropriate security team members. Burdening everyone with false positives is a hard no.

Versatility and Language Coverage

App development teams typically use a variety of languages. Do the SAST resources provide coverage for all of these languages? Ideally, a single SAST tool is better suited to application security, but sometimes that’s not feasible. Beyond the number of languages in use, due consideration must be given to the quality of language coverage. 

Language includes Python and Java, .Net, and others. If your SME plans to add additional languages, they should be factored into the equation regarding SAST selection.  Naturally, other considerations are also important such as how quickly SAST systems complete scans, maintenance of these systems, ability of SAST systems to be updated, upgraded, integrated with other systems, etc.

Overall, there are many factors to consider when choosing the right SAST tool for your business. We have highlighted a handful of them in this guide.

The post What to Take into Consideration When Choosing a SAST Tool for Your Business appeared first on Cybersecurity Insiders.

Match Systems, a leading authority in crypto crimes investigations and crypto AML solutions provider, has published a comprehensive research report examining the potential implications of Central Bank Digital Currency (CBDC) implementation.

The report, crafted under the guidance of Match Systems CEO Andrei Kutin, meticulously examines the potential implications of Central Bank Digital Currency (CBDC) implementation on a global scale. It addresses the economic, regulatory, and societal impacts of adopting such digital currencies.

Match Systems, a leader in crypto crimes investigation and crypto AML solutions, has historically played a pivotal role in shaping the conversation around cryptocurrency regulations. With increasing incidents of crypto fraud and more sophisticated methods of asset theft, there is a pressing need for a balanced approach towards digital currency regulation.

In the report entitled “Analyzing the Prospects for CBDC Implementation,” Kutin explores the complex dynamics between freely circulated cryptocurrencies and centralized digital currencies governed by national banks. He proposes a middle-ground solution where global standards could harmonize the benefits of cryptocurrencies with the regulatory assurances provided by CBDCs.

“The dichotomy between free cryptocurrencies and centralized CBDCs presents society with two extremes,” remarks Andrei Kutin. “The optimal solution likely lies in a middle ground, where governments establish unified global standards for cryptocurrency circulation, safeguarding individuals while preserving economic autonomy.”

This report is especially significant at a time when the digital currency landscape is becoming increasingly contentious. It provides insights that could help inform policymakers, business leaders, and technologists about the potential routes forward in the evolution of global financial systems.

The full analytical report, titled “Analyzing the Prospects for CBDC Implementation,” is now available for public access on the Match Systems website: https://matchsystems.com/analyzing_the_prospects_for_cbdc_implementation/

The post New Report from Match Systems Sheds Light on Central Bank Digital Currencies (CDBC) appeared first on Cybersecurity Insiders.

Cyber GRC software provider Cypago has launched a new automation solution for AI governance, risk management, and compliance.

This includes implementation of NIST AI RMF and ISO/IEC 42001 standards, which are the latest frameworks for AI security and governance. As organizations increasingly incorporate AI into their business processes, daily operations, and customer-facing products and services, ensuring AI is used safely and within regulatory guidelines has become crucial.

The adoption rate of AI-powered tools and solutions is surging, fueled by the growing capabilities and accessibility of AI technologies, along with the significant advantages they offer to business operations. Yet, AI also introduces several risks such as the potential exposure of private data, opacity in operations, and escalating cyber threats. Moreover, companies must prepare for an evolving landscape of AI-related regulations within business contexts.

The optimal strategy for mitigating these risks and remaining compliant with AI regulations is to adopt robust cyber GRC practices, which continue to evolve rapidly. Cypago provides extensive risk management, around-the-clock automated monitoring, and tailored cybersecurity governance for AI applications, facilitating secure AI deployments for businesses.

“The world of AI is changing quickly, with new threats arising all the time and new regulations arriving frequently. We view it as our responsibility to help organizations maximize the benefits of AI while effectively mitigating the risks and ensuring compliance with best practices and good governance,” said Arik Solomon, CEO of Cypago. “These latest features ensure that Cypago supports the newest AI and cyber governance frameworks, enabling GRC and cybersecurity teams to automate GRC with the most up-to-date requirements.”

Cypago offers continuous visibility into an organization’s tools, applications, and models, while automating many of the processes required for effective risk evaluation and threat monitoring. The platform’s advanced security protocols for AI systems safeguard against cyber threats, data breaches, and compliance breaches.

Furthermore, Cypago has experience in deploying safe AI technologies, having integrated natural language processing models and generative AI command prompts into its offerings in 2023.

The platform enhances the management of security, risk, and compliance, streamlining the identification and rectification of gaps, which enables quicker response to new threats and vulnerabilities. It also ensures adherence to global, national, and industry-specific regulations, giving companies the confidence to navigate the intricate compliance environment related to AI use.

About Cypago

Cypago’s revolutionary SaaS-based Cyber GRC Automation (CGA) platform redefines the three lines model by eliminating friction and bridging the gap between management, security, and operations. It transforms GRC initiatives into automated processes, enabling in-depth visibility, streamlining enforcement, and significantly reducing overall costs. The platform leverages innovative technologies, including advanced analysis and correlation engines, GenAI, and NLP models, designed to support any security framework in any IT environment, both in the cloud and on-premises. Cypago was founded in 2020 by tech leaders and cybersecurity veterans with decades of combined experience in the development, operations, and commercialization of cybersecurity solutions. For more information, visit https://cypago.com/.

The post Cypago Unveils New Automation Support for AI Security and Governance appeared first on Cybersecurity Insiders.

Great news: By popular demand, we extended the deadline for the 2024 CYBERSECURITY EXCELLENCE AWARDS until April 27,2024.

In the complex and dynamic world of cybersecurity, excellence often goes unnoticed. That’s where the Cybersecurity Excellence Awards come in. This isn’t just another awards program – it’s an opportunity for your company, products, and teams to be globally recognized and celebrated for their innovation, leadership, and excellence in cybersecurity.

The Cybersecurity Excellence Awards are global to extend opportunity and reach to all who contribute to the cybersecurity space. To ensure a level playing field for all participants, all nominations are judged within their peer group defined by market segment, company size, and geography. Plus, our reasonable nomination fees make the Cybersecurity Excellence Awards one of the most accessible awards programs in the industry.

Benefits of Winning

Gain global, industry-wide acknowledgment and recognition for your achievements in cybersecurity. Showcase your success on the Cybersecurity Excellence Awards nomination page, through social media, featured news articles on the Cybersecurity Insiders news site, press releases, posts on our LinkedIn community of 600,000+ members, and with an award badge proudly displayed on your website or social profiles.

Who Can Enter?

Whether you’re a small startup or an established company, a cybersecurity professional or SOC team, these awards are for you. We offer categories tailored to your product, team, or organization, ensuring fair competition and recognition for all.

Submission Deadline

Make sure to submit your nominations no later than April 27, 2024 (end of day PST).

Easy Nomination Process

We are committed to making the nomination process as easy and seamless as possible. Whether you’re just starting to think about your nomination or perhaps you already have multiple nominations in mind, our user-friendly dashboard allows you to begin right away, save your draft, and return at your convenience.

The Cybersecurity Excellence Awards provide a platform for the industry’s best to shine. Don’t miss your chance to participate in this prestigious recognition program. Explore the categories, understand the process (don’t hesitate to contact us with any questions), and start your nomination today.

Start today: https://cybersecurity-excellence-awards.com

 

The post 2024 Cybersecurity Excellence Awards – Extended Deadline appeared first on Cybersecurity Insiders.

[By Claude Mandy, Chief Evangelist for Data Security at Symmetry Systems] 

The 15th of April, commonly referred to as Tax Day (15 April) in the US, is rapidly approaching. Tax Day brings with it the hope of refunds and the stress of deadlines for the unprepared. There is also unfortunately the cyber risk that taints tax season. It is well known as a prime time for cybercriminals’ to hunt for victims. In this crucial period, sensitive personal and financial data gets exchanged en masse. According to the IRS, over 213 million returns and other forms were filed electronically in 2022. This treasure trove attacks a range of  attackers, employing sophisticated scams aiming at individuals and tax professionals alike. Claude Mandy, chief evangelist at Symmetry Systems, delves into the heightened risk of tax-related cyberattacks, outlining actionable defenses to ensure a cyber-secure tax season.

The Bullseye on Tax Season

While individuals scramble to compile their financial records, and tax consultants crunch numbers and collect evidence, cybercriminals see a golden opportunity. The abundance of personal information and financial data being exchanged is irresistible bait. From phishing scams mimicking legitimate tax correspondence to sophisticated malware designed to compromise credentials, exfiltrate data or wreck havoc, the arsenal used by these criminals is both varied and dangerous.

Decoding the Threat: The How and Why

Individuals filing tax returns, tax software and tax preparation firms, find themselves under a form of siege. Cybercriminals exploit the hectic nature of tax season, with phishing attacks being particularly prevalent throughout the year, claiming 300 497 victims according to the FBI’s 2022 Internet Crime Report.  These methods aim to steal personal information, or gain unauthorized access to networks, and ultimately exfiltrate data or wreck ransomware havoc More sophisticated scams involving the offer of fraudulent tax preparation services will undoubtedly appear, seeking to swindle unsuspecting victims by promising to aid in their tax filings.

For Individuals: Protecting Your Personal Information

For individuals, a successful cyber attack could lead to identity theft, financial fraud, and a long-lasting impact on victims’ lives. Individuals should focus on protection of their own information and credentials, and in particular stay vigilant against phishing, take active steps to keep their computer and networks updated, and take steps to verify the legitimacy of communication with legitimate tax preparers. The IRS offers some great suggestions themselves.

Recognize Phishing Attempts

Phishing scams, particularly during tax season, can come in many forms. The IRS publishes an annual overview of the “dirty dozen” tax scams they have witnessed. Whether it’s a cybercriminal pretending to be from the IRS, tax companies, or other official entities, phishing can unfortunately be difficult to spot when you’re under stress. You can easily overlook the  generic greetings, typos, and suspicious links because it’s from the dreaded IRS. These communications might urge you to click on malicious links or provide personal information, purportedly to check the status of your refund or rectify an issue with your tax filing. Remember, the IRS does not initiate contact with taxpayers by email, text, or social media to request personal or financial information.

Secure Personal Computers and Networks

Individuals should ensure their computer is protected with up-to-date antivirus software, firewalls, and anti-spyware programs. Regular updating the software, including your network routers, that you use is crucial as they often include patches for newly discovered security vulnerabilities. It goes without saying that you should use strong, unique passwords for different accounts and consider a reputable password manager to keep track of them, and monitor for potential compromise.

Verify the Legitimacy of Tax Preparers

Before entrusting personal and financial information to a tax preparer, Individuals should conduct thorough research on the legitimacy of the preparers. You can verify their credentials (such as a Preparer Tax Identification Number), check reviews, and seek recommendations from trusted sources. Ideally you should ensure they have robust security measures in place to protect your data, including secure portals for document exchange rather than email. This helps verify ongoing communication with them is legitimate, and the data is secured.

For Tax Consultants and Organizations: Data Protection at Scale

For organizations, a successful cyber attack could lead to identity theft, financial fraud, and a long-lasting impact on their customers and employees’ lives.

Secure Access to W-2 Forms and Other Sensitive Documents

Organization’s should always limit access to sensitive tax information to only those who need it. The IRS is particularly concerned with the ongoing scams to obtain all the W-2’s of an organizations through a business email compromise scam.  You can simplify the management of access by employing role-based access controls, but still need to regularly audit who has access to what information. Although it is increasingly becomed outdated, physical documents are still printed for tax, and organizations should ensure physical documents are stored and transported securely and disposed of properly, using shredders for documents containing sensitive information.

Protect Tax information using securely configured Cloud Data Storage

Use strong encryption for storing and transmitting any personal information, especially Social Security numbers. For cloud storage solutions, organizations must select and configure providers that offer industry standard encryption of the data in transit and at rest. At a minimum, organizations must ensure that multi-factor authentication (MFA) is implemented for any users accessing the information. MFA provides an additional, but necessary layer of security, drastically reducing the chance of unauthorized access.

The Role of Technology in Protecting Tax Information

The battle against tax-season cyberthreats is not just about vigilance; it’s about leveraging cutting-edge technologies to secure data.

Data Security and Privacy Management (DSPM) Tools

DSPM solutions, like Symmetry Systems, offer a comprehensive approach to identifying, managing, and securing data across various environments. These tools can help tax professionals and organizations keep track of where sensitive tax information like Social Security Numbers resides, monitor access, and ensure compliance with privacy regulations.

Encryption and Advanced Cybersecurity Strategies

Encryption, both for data in transit and at rest, is a critical defense mechanism. Advanced encryption methods, like end-to-end encryption, ensure that data intercepted during transmission remains unreadable. Organizations should also consider employing comprehensive cybersecurity strategies, including regular security assessments, phishing simulation training for employees, and the adoption of secure communication platforms.

The Path Forward

As we navigate the complexities of tax season, the importance of cybersecurity cannot be overstated. By adopting a proactive stance, equipped with the right knowledge and tools, individuals and organizations can protect themselves against the lurking threats of cybercriminals. Protecting sensitive tax information not only safeguards personal and financial well-being but also contributes to the integrity of the tax system at large.

Bio: Claude Mandy is Chief Evangelist for Data Security at Symmetry Systems, where he focuses on innovation, industry engagement and leads efforts to evolve how modern data security is viewed and used in the industry. Prior to Symmetry, he spent 3 years at Gartner as a senior director, analyst covering a variety of topics across security, risk management and privacy, focusing primarily on what are the building blocks of successful programs, including strategy, governance, staffing/talent management and organizational design and communication. He brings firsthand experience of building information security, risk management and privacy advisory programs with global scope. Prior to joining Gartner, Mr. Mandy was the global Chief Information Security Officer at QBE Insurance – one of the world’s top 20 general insurance and reinsurance companies with operations in all the key insurance markets, where he was responsible for building and transforming QBE’s information security function globally. Prior to QBE, Claude held a number of senior risk and security leadership roles at the Commonwealth Bank of Australia, Australia’s leading provider of integrated financial services which is widely recognized for its technology leadership and banking innovation. He also spent five years at KPMG in Namibia and South Africa.

The post Safeguard Your Data and Financial Future This Tax Season appeared first on Cybersecurity Insiders.

Aembit, the Workload Identity and Access Management (IAM) Company, has been named one of the Top 10 Finalists for the RSA Conference™ 2024 Innovation Sandbox contest for its platform that manages and secures access between critical software resources, like applications and services. Aembit will present its technology to a panel of renowned industry judges and a live in-person audience on May 6 at RSA Conference 2024 at the Moscone Center in San Francisco.

Since 2005, the RSAC Innovation Sandbox contest has served as a platform for the most promising young cybersecurity companies to showcase their groundbreaking technologies and compete for the title of “Most Innovative Startup.” The competition is widely recognized as a catapult for success as the Top 10 Finalists have collectively celebrated more than 80 acquisitions and received $13.5 billion in investments over the last 18 years. Aembit will have three minutes to pitch the panel of judges before a question-and-answer round.

“The submissions for this year’s RSA Conference Innovation Sandbox contest were both dynamic and inspiring. Along with the rest of our entrepreneurial audience, I am excited to see these ideas come to life on stage,” said Linda Gray Martin, senior vice president of RSA Conference. “The evolution of global cyber threats is constant and there’s no better place to look for solutions and to help solve these challenges than in our own community.”

With the rapid expansion of automated software, cloud services, and APIs, enterprises are being met with an exploding number of workloads across their IT environments. Reflect on the now-outdated practice of jotting down user credentials on sticky notes. Similarly, the current method of securing interactions between workloads typically involves the use of static, long-lived credentials, which are prone to theft and often embedded directly within code.

This approach not only introduces security vulnerabilities but also complicates management and impedes prompt response during security incidents and compliance audits. Aembit shifts the model so enterprises can focus on managing access, instead of managing secrets.

“Aembit automates and secures the entire workload-to-workload access workflow, from discovery, to enforcement, to audit – at scale,” said David Goldschlag, co-founder and CEO of Aembit. “Instead of building another dashboard showing you problems due to secrets and keys, we proactively fix the root cause of these challenges by systematically improving the way workloads are authorized access to your most sensitive resources, without code changes. You can think of us as Okta (or Azure AD), but between workloads instead of between users and services. The RSA Conference presents the ideal platform for us to demonstrate the significance and impact of our solution to the global security community.”

The RSAC Innovation Sandbox contest kicks off at 10:50 a.m. PT on May 6, and winners will be announced at approximately 1:30 p.m. the same day. The panel of renowned expert judges includes Asheem Chandna, partner at Greylock; Dorit Dor, chief technology officer at Check Point Software Technologies; Niloofar Howe, senior operating partner at Energy Impact Partners; Paul Kocher, independent researcher; and Nasrin Rezai, SVP & CISO at Verizon. Hugh Thompson, RSAC executive chairman and program committee chair of RSA Conference, will return to host the contest.

For more information regarding RSA Conference 2024, taking place at the Moscone Center in San Francisco from May 6 to 9, users can visit https://www.rsaconference.com/usa.

To learn more about the Aembit Workload IAM Platform, watch this demo video.

About Aembit

Aembit is the Workload Identity and Access Management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access. For more information, visit www.aembit.io and follow us on LinkedIn.

About RSA Conference

RSA Conference™ is the premier series of global events and year-round learning for the cybersecurity community. RSAC is where the security industry converges to discuss current and future concerns and have access to the experts, unbiased content, and ideas that help enable individuals and companies advance their cybersecurity posture and build stronger and smarter teams. Both in-person and online, RSAC brings the cybersecurity industry together and empowers the collective “we” to stand against cyberthreats around the world. RSAC is the ultimate marketplace for the latest technologies and hands-on educational opportunities that help industry professionals discover how to make their companies more secure while showcasing the most enterprising, influential, and thought-provoking thinkers and leaders in cybersecurity today. For the most up-to-date news pertaining to the cybersecurity industry visit www.rsaconference.com. Where the world talks security.

The post Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest appeared first on Cybersecurity Insiders.