About Us

Ivanti Announces Partnership with Lookout

Lookout, a leader in endpoint-to-cloud security, and Ivanti, the provider of the Ivanti Neurons automation platform that discovers, manages, secures and services IT assets from cloud to edge, announced today that they have partnered to help organizations accelerate cloud adoption and mature their Zero Trust security posture in the “Everywhere Workplace.”

In this new hybrid work paradigm, businesses confront numerous security issues in terms of protecting organizational data and detecting and blocking threats. To begin with, enterprises frequently lack visibility and control over who is accessing enterprise resources hosted in both managed and uncontrolled cloud sites, making comprehensive access and security governance challenges. At the same time, hackers are increasingly targeting mobile devices by exploiting security flaws in company IT infrastructure.

The President and Chief Product Officer at Ivanti, Nayaki Nayyar stated, “We’re excited to partner with Lookout to help organizations solve these challenges. This partnership allows us to expand on the Ivanti Neurons for ZTA solution by adding CASB and SWG technologies via the Lookout Security Platform. Our three core technologies solve different, but equally important, security challenges. And when deployed together, they enable organizations to achieve secure cloud adoption, deliver a better end-user experience and a comprehensive Zero Trust security posture.”

Ivanti’s Neurons for zero-trust access and Lookout’s cloud access security broker (CASB) and secure web gateway (SWG) have partnered to enable customers to increase threat prevention and data protection on both on-premises and in the cloud while adhering to zero-trust access security standards.

CEO of Lookout, Jim Dolce commented, “We share Ivanti’s commitment to help customers modernize IT, detect, and mitigate threats, and provide a secure and productive environment for the hybrid workforce. Together, we deliver secure access and advanced data protection across all users, devices and applications. By joining forces with Ivanti, Ivanti customers now have a clear path to a Zero Trust security strategy backed by our innovative, data-centric cloud security solutions. Our solution is optimized to simplify security operations fit for remote work and digital transformation to the cloud.”

Software-Defined Perimeter- Everything you Need to Know in 2022!

Most firms previously relied on a perimeter-focused security strategy. This security paradigm assumes that all risks come from outside the company and that everyone who has access to the internal network is trustworthy. This security method inspects all inbound and outbound traffic and aims to keep attackers on the outside and sensitive data on the inside by placing security solutions at the network perimeter.

A software-defined perimeter solution, according to the specialists at Infosecurity Outlook, is designed to solve this difficulty. Limiting internal network access based on user identity significantly reduces the organization’s threat surface and cyber risk.

What is the Purpose of a Software-Defined Perimeter?

An SDP solution limits access to resources only to authorized users through a multi-stage process:

  1. SDP is an identity-driven access management solution with robust user authentication. An SDP solution will securely authenticate the user before granting access to any network information or resource. SDP strives to ensure that a user is who they claim to be by supporting multi-factor authentication and other advanced authentication techniques. This reduces the risk of a breach caused by poor credential security, such as weak passwords or those compromised through phishing attempts or other data breaches.
  2. Zero-trust is intended to replace companies’ previous too permissive access control practices. Rather than having complete access to an organization’s network, users are only allowed to access the resources they require to do their tasks. Access control lists are generated depending on their roles inside an organization to establish and enforce their level of access.
  3. The device authentication procedure of an SDP solution is not confined to the user requesting access. An SDP can also impose restrictions on the device used to connect. This can restrict access to sensitive data or resources to corporate devices or just those that comply with current security regulations.
  4. SDP establishes a direct link between an authorized user and the resource they’re accessing. Based on comprehensive threat intelligence, this link can be encrypted and subjected to complete content inspection to identify and stop potential attacks. This private, secure connection protects users’ connections to important resources from being monitored or hijacked by an adversary.

The benefits of a software-defined perimeter

In simplest terms, a software-defined perimeter is a corporate network security solution that is trusted, comprehensive, robust, and flexible which helps:

  • Improve end-user experience with connectors and automation  
  • Strengthen and simplify access restrictions
  • Reduce attack surfaces
  • Remove policy administration burden for admins

SDP implementation has long been regarded as best practice. It allows a company to design and enforce a zero-trust security paradigm successfully. Organizations drastically reduce their cybersecurity risk by doing so – and shifting away from the old perimeter-focused paradigm. Even if an attacker successfully compromises a user’s account, the permissions provided to that person limit their access and ability to move laterally across the organization’s network.

All these possible dangers to an organization’s security can be addressed with SDP. Before access to any network, the resource is provided, SDP guarantees that all endpoints attempting to access enterprise infrastructure are authenticated and approved. Hiding network resources from unauthorized or unlicensed users follows the concept of least privilege and decrease your attack surface.

Read more:

Quadrant Knowledge Solutions Market Insights on Software Defined Perimeter (SDP) for Zero Trust Network Security

Viakoo Launched Device Certificate Manager

To help enterprises expand Zero Trust to IoT Networks, Viakoo, the leader in IoT vulnerability remediation, launched Device Certificate Manager (DCM) as an addition to the Viakoo Action Platform. DCM can use 802.1x certificates to authenticate devices and TLS certificates to encrypt traffic. Automating the IoT certificate process ensures that approved IoT devices maintain consistent and secure network connectivity.

Organizations can achieve Zero Trust for their IoT infrastructure at scale with Viakoo DCM automation while improving efficiency. All software modifications, zero-trust certificate provisioning and administration, and password enforcement are managed by the Viakoo Action Platform, an automated, agentless, and scalable solution for enterprise IoT device rehabilitation and repatriation. It not only fixes IoT device vulnerabilities but also allows them to reconnect to the corporate network in a secure manner.

The CEO, and Founder of Viakoo, Bud Broomhead stated, “As more and more organizations leverage the power of IoT devices, the IoT attack surface simultaneously expands. Deploying certificates manually device by device across geographies and vendor systems is not efficient or secure. We’re at a point where it’s essential to automate IoT security processes to contend with the scale of these environments.”

In today’s rapidly developing IoT settings the process of installing and maintaining certificates for multiple IoT devices from several suppliers across countries is not feasible. Enumerable organizations protect their networks by manually verifying that every device connected to the network has valid 802.1x and TLS certificates. At nearly any scale, the Viakoo Action Platform with DCM provides centralized, automated, full life cycle management for 802.1x and TLS certificates.

HUB Security and Trilogy Networks formed partnership to provide a “Secure Edge” to the Rural Cloud Initiative

Hub Security Ltd. announced that it entered into a partnership with Trilogy Networks to join the Rural Cloud Initiative (RCI), a special coalition of over 70 network, technology, and application providers dedicated to encouraging and driving rural America’s digital transformation.

“Rural America represents the home of the majority of advanced technology assets associated with critical infrastructure like the oil and gas industry. These networks have never had more significant security exposure than today. Critical to both commercial and national security these networks require new, innovative and extremely secure security paradigms and platforms. Next-generation applications and services offered by 5G, AI, and the Internet of Things will bring massive operational and economic advantages to the rural markets, but further drive the concern. Securing the edge of the network is paramount which is why we are so excited to work with Trilogy and the RCI,”  said Eyal Moshe, Hub’s CEO.

“Agriculture and its two million U.S. farms are increasingly using these emerging technologies to drive autonomous trackers, drones for observation or spraying, automated irrigation further defines the need for secure, cloud native edge networks and underscores the value of working with the RCI,” said Andrey Laramenko, CTO of HUB

“HUB security’s zero-trust confidential computing approach for edge computing will deliver protection to support these critical assets. Building security into the edge, allows for a robust, fast, high performance, cloud native network allowing industry to capitalize on the value of these emerging technologies while minimizing the opportunity for catastrophic attacks. This relationship represents a winning combination to the RCI and the rural markets,” says George Woodward, Trilogy CEO.

Noblis Releases Run Solutions Suite to Offer New Levels of Automation and Insight to Complicated Federal Processes

Noblis, Inc., a leading provider of science, technology and strategy services to federal government, announced the launch of its Run with Noblis solutions suite, which is aimed at getting new levels of efficiency, visibility and insight throughout all complex federal processes. These digital solutions, when combined with Noblis’ decades of experience tailoring services to meet changing client needs, will assist government agencies in using automation and analytics to streamline complex workflows, expedite and enhance decision making to achieve greater IT modernization goals. 

The suite’s first solution, RunCyberAssurance is now available to assist federal agencies and cloud service providers (CSPs) in streamlining FedRAMP and other cybersecurity compliance processes. Additional Run solutions will be released in the future with the goal of simplifying complex federal work streams such as acquisition and grants management. RunCyberAssurance is a cloud-based solution that can be implemented as a private stand-alone or client-based application, depending on the objective of the organization.

“As a science and technology organization, Noblis is founded on strong research and development practices. The addition of scalable, digital solutions is a natural evolution that aligns to our clients’ transformation priorities and our strategic growth goals. RunCyberAssurance is the beginning of a long-term strategy pairing tailored software-as-a-service offerings with our government services expertise to best serve our customers as they modernize and innovate,” said Amr ElSawy, Noblis president and CEO.

RunCyberAssurance enables agencies to go to the cloud faster and more securely. As per the Biden Administration’s recent Cybersecurity Executive Order, which emphasises progress toward Zero Trust Architecture. Scalability is enabled by this solution, which enables agencies and cloud service providers to securely share and track their strategies as well as manage the complexity and progress of their cloud compliance with current teams.

“Our government clients are seeking digital solutions that enable faster, smarter service delivery to their stakeholders and constituents. We designed these solutions to meet the unique needs of our government clients and help them analyze information, automate manual processes and make data-driven decisions,” said Mile Corrigan, senior vice president of Noblis Federal Civilian Solutions.

Cyolo Raises $21 Million in Series A funding to Grow Zero-Effort Zero-Trust Solutions

Cyolo, a developer of a Zero Trust Network Access (ZTNA) 2.0 solution for businesses, announced that it has raised $21 million in a Series A funding round led by Glilot Capital Partners, with investments from National Grid Partners and Merlin Ventures, as well as current investors Flint Capital, Global Founders Capital, and Differential Ventures.

Organizations are more vulnerable than ever before to breaches and vulnerabilities, which can result in long-term financial and reputational loss. Many governments around the world are now acting quickly to improve cybersecurity by hastening the adoption of new security best practices based on Zero Trust connectivity. Cyolo’s solution offers a new and innovative method to link users to their workplace environment by eliminating transitive trust and continuously verifying and authorising every endpoint, user and identity before and after granting them access to any organizational resource or app.

Cyolo is the first Zero Trust solution that spans both IT and Operational Technology (OT). It has zero access or insight into client data, leaving no vulnerability and assuring that enterprises do not compromise on data or company secrets. The company’s ZTNA 2.0 enables IT and security teams, SASE providers, and MSSPs to quickly deploy the most secure Zero Trust connection solution into any existing environment without requiring any infrastructure changes, lowering the risk to an organization’s digital assets and data.

“Cyolo is solving a critical problem by giving organizations an agile and easy-to-integrate solution that allows them to have full visibility and control. The timing is right to expand into new markets, and this investment enables us to further execute our vision of transforming secure connectivity from network-based to identity-based, in order to provide organizations with a solution for their current and future needs. This round will allow us to accelerate growth and R&D efforts, and help new customers easily navigate the transition to Zero Trust,” said Almog Apirion, CEO and co-founder of Cyolo.

Glilot Capital is one of Israel’s top performing VC funds with a focus on cybersecurity and enterprise software, and the investment in Cyolo was made by Glilot+, Glilot Capital’s recently raised $180M early-growth fund. “We are very excited to join the journey of Cyolo. We have been tracking Cyolo and other Zero Trust technologies for quite some time and Cyolo’s product execution is the best we’ve seen. Cyolo has grown exponentially and its roadmap and vision for the future of secure connectivity aligns with market needs. We are excited to support the company as it enters its next phase of growth,” said Kobi Samboursky, Glilot Capital Partners Co-founder and Managing Partner.

“By simplifying complex environments and enabling organizations to secure their digital assets in a distributed and multi-cloud environment, Cyolo’s flexible model integrates with existing technologies to ensure the safety of sensitive data and digital processes. This cutting-edge solution enables organizations to create their own distributed cloud based on identities,” said Sergey Gribov, Flint Capital Partner.

Over the past year, Cyolo has doubled its value quarter-by-quarter and has been rapidly Cyolo has been aggressively establishing collaborations with worldwide clients and service providers over the last year, doubling its value quarter after quarter.

GroupSense and Airgap Partnership to Help Companies Defend Against Ransomware Attacks

GroupSense, a digital risk protection services company and Airgap, a cybersecurity vendor of the industry’s first agentless Ransomware Kill SwitchTM, announced a collaboration to assist clients prepare for and protect against ransomware attacks. Clients can microsegment their networks to automatically stop the spread of ransomware during the incident mitigation lifecycle and have a detailed and tested ransomware “playbook” for mitigating the damage caused by these cyberattacks by integrating GroupSense’s Ransomware Response Readiness Subscription (R3S) service offering with Airgap’s Ransomware Kill SwitchTM annual SaaS subscription.

The R3S service offering from GroupSense is supported by the company’s cyber intelligence team of ransomware professionals and includes three main features: an executive strategy session, a ransomware playbook that includes business, legal, and finance stakeholders, and 24/7 priority on call ransomware incident support with the negotiation process and cryptocurrency settlements.

Developed on Airgap’s Zero Trust Isolation platform, the Ransomware Kill Switch is a one-click switch that quickly stops all lateral data channels, lowering the attack surface to a single endpoint. Companies can also use the technology for post-exfiltration attack surface control and reporting. The partnership provides end-to-end cyber risk mitigation, placing control back in the hands of enterprise firms under attack and assisting them in reducing any negative effects on their operations.er

“Defending against and mitigating the damage from attacks has never been more critical as the ransomware epidemic continues to rage. By joining forces with GroupSense, we’re providing customers with a powerful, one-click solution for ransomware response, including the technical capability to kill the spread of ransomware instantly,” said Airgap CEO Ritesh Agrawal.

“Many companies think they’re prepared for a ransomware attack because they have a generic incident response plan, but that is just a false sense of security. Ransomware prevention needs to have a specific plan in place that includes a response playbook, so companies know exactly what protocol to follow as well as the technologies required to thwart any incoming attacks. That is why our partnership with Airgap is so important, because it combines these two key prevention areas for our customers, giving them the best protection possible against ransomware attacks.,” said Kurtis Minder, co-founder and CEO of GroupSense.

Infinipoint Launches First Device Identity as a Service (DIaaS) Solution

Infinipoint has released the first Device-Identification-as-a-Service (DIaaS), a comprehensive device identity and security posture solution that is an important component of a Zero Trust strategy to secure device access.

Infinipoint is the only solution that combines Single Sign-On (SSO) authorization with risk-based policies and one-click remediation for non-compliant and vulnerable devices in the DIaaS security category. This decreases the risk by securing access to a company’s data and services while also converting endpoints to support a world-class security posture. All of this can be accomplished by Infinipoint in a productive manner that ensures business continuity and minimal disturbance to the workforce.

JAL Ventures, Emerge and Hetz Ventures have invested $11 million in Infinipoint. Ron Myers, former Palo Alto Networks SVP of Global Channels; Pradeep Aswani, serial entrepreneur, US distribution and channel veteran, and cybersecurity investor; Issy Ben-Shaul, serial entrepreneur, cloud technologies expert, and Director of Engineering at Google; and Ravi Ithal, founder of Netskope and founding engineer of Palo Alto Networks are among the strategic investors and advisors.

“Today most of the workforce is working from anywhere and accessing remote services, potentially from multiple devices,” said Ran Lampert, co-founder and CEO, Infinipoint. “As a result, the device has become the weakest link in the organization’s IT security. It’s no use authenticating users if they are on a vulnerable device as this can open the door for an attacker to access your sensitive data and services.”

“Our customers understand the importance of Zero Trust and Identity working together. Leveraging device posture to achieve real-time continuous authorization is essential for any modern Zero Trust implementation. By leveraging the device visibility Infinipoint provides, ForgeRock’s Intelligent Access can dynamically adjust a user’s authentication experience and level of access to align with their degree of risk. Infinipoint can remediate issues of device risk before ForgeRock will allow access to a protected resource,” said Ben Goodman, senior vice president, global business and corporate development, ForgeRock.

Dikla Ramot, CISO, Appsflyer, a SaaS mobile marketing analytics and attribution platform leader and Infinipoint customer said, “We’re very impressed by what the Infinipoint team accomplished, the results so far have been far beyond our initial expectations.”

“Infinipoint gives our customers device-based conditional access to any service, enabling us to not only inventory and assess the vulnerabilities of all devices accessing the customers’ services, but also to allow users to remediate issues with one-click and seamlessly continue their workflow. Infinipoint delivers the missing piece of the puzzle, and together we are delivering an innovative solution for a recent and critical problem,” said Kai Mallmann, CEO, DTS Systeme, multinational IT services provider and Infinipoint partner.

Deloitte Acquires Zero Trust Network Access Provider TransientX

Deloitte Risk & Financial Advisory announced that it has acquired all of the assets of TransientX, Inc., a Hoboken, New Jersey-based Zero Trust Network Access (ZTNA) startup. Deloitte’s existing Zero Trust capabilities and solutions will be enhanced by TransientX’s staff and its innovative, dissolvable, cloud-native application networking technology for ZTNA.

“As organizations modernize their enterprise environments to deal with evolving business models and complex, hyper-connected IT ecosystems, they’re typically shifting from a perimeter-centric approach to the risk-based, Zero Trust approach that enforces the concept of least privilege. TransientX’s technology offers the unique capability to embed Zero Trust Network Access into Deloitte’s products and services, differentiating and evolving how we deliver our offerings to our clients — which will lend support to our clients’ Zero Trust adoption efforts as well,” said Andrew Rafla, a Deloitte Risk & Financial Advisory Zero Trust leader and principal, Deloitte & Touche LLP.

“Our cyber practice acquisition strategy — inclusive of the acquisition of TransientX’s business — is squarely focused on hyper-scaling to support our own services and solutions delivery, as well as to transform the way we help our clients build cyber resilience, enable agile operations and promote more resilient security practices. Acquiring TransientX’s business will help Deloitte truly differentiate how it delivers to the market by infusing ZTNA capabilities into a broad portfolio of products and services,” said Deborah Golden, Deloitte Risk & Financial Advisory Cyber and Strategic Risk leader and principal, Deloitte & Touche LLP.

“Zero trust transformation is not easy.  We created TransientX to help organizations adopt Zero Trust Network Access in a flexible, frictionless and expansive manner across a variety of use cases. In joining Deloitte, we’ll be able to offer our novel approach to ZTNA in a way that improves security for remote work and vendor collaboration,” Egemen Tas, CEO and founder of TransientX.

Deloitte’s acquisition of the TransientX business is the firm’s fourth cyber acquisition in 2021.

PC Matic picked by NIST’s National Cybersecurity Center of Excellence to Demonstrate Zero Trust Architectures

PC Matic, an American cybersecurity firm, announced that it has been approved to participate in the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence’s (NCCoE) (USA) Implementing a Zero Trust Architecture Project.

PC Matic will join seventeen other firms to create practical approaches to developing and deploying zero-trust systems as part of a cooperation with various cybersecurity industry experts. The NCCoE will issue a cybersecurity practice guide for government and enterprise businesses seeking to build a zero-trust architecture based on the methodologies developed by these organizations.

“Since inception, PC Matic has utilized a zero-trust approach to stop malicious cyber threats such as ransomware. Understanding just how effective this framework has been for our own customers, we are very grateful to the NCCoE for the opportunity to contribute to this project. We look forward to working together with the NCCoE and our other project partners to showcase the capabilities of and implementation strategies for zero trust architectures,” said PC Matic CEO Rob Cheng.

PC Matic’s participation in the initiative will help the NCCoE meet the program’s goals:

Showcase an example implementation(s) of a Zero Trust Architecture (ZTA) utilizing commercially available technology components that are developed and implemented using the zero trust ideas and tenets outlined in NIST Special Publication (SP) 800-207, Zero Trust Architecture.

Show different types of user access to enterprise resources (e.g., data sources, computing services, and IoT devices) across boundaries, from on-premises to numerous cloud environments, all governed by policy-based security constraints managed by zero trust concepts and methodologies.

Publish a NIST Cybersecurity Practice Guide, which is a publicly accessible explanation of the practical actions required to develop a cybersecurity reference design that addresses this problem.

“Implementing a zero-trust architecture has become a federal cybersecurity mandate and a business imperative. We are excited to work with industry demonstrating various approaches to implementing a zero-trust architecture using a diverse mix of vendor products and capabilities, and share ‘how to’ guidance and lessons learned from the experience,” said Natalia Martin, Acting Director of the NCCoE.

In response to an open call in the Federal Register, PC Matic submitted its capabilities as it relates to the Implementing a Zero Trust Architecture Project. Following such submission, PC Matic was invited to sign a Cooperative Research and Development Agreement with the National Institute of Standards and Technology (NIST), allowing them to participate in this project.