About Us

Become A Contributor

Linkedin Twitter Youtube

Tag: Zero Trust Solutions

Netskope Improvised Netskope Private Access

Posted on by admin

Netskope announced significant improvements to Netskope Private Access, the zero-trust network access (ZTNA) foundation of its security platform. Customers of Netskope can now apply zero trust principles to the broadest range of hybrid work security requirements, including SaaS, IaaS, private applications, web, e-mail, and endpoint devices.

In hybrid work environments, enterprises are rapidly adopting Secure Access Service Edge (SASE) technology architecture. ZTNA is critical to SASE, it enables organizations to transition from legacy remote access VPN infrastructure to a modern, efficient, and secure infrastructure.

Netskope Private Access, which provides ZTNA services, is an essential component of the Netskope Intelligent SSE platform. It connects users to corporate resources anywhere, using any device, and continuously evaluates context and adapts to reduce risk. This context has now been extended to the enterprise data layer, leveraging Netskope’s unified DLP capabilities. Netskope provides advanced data protection capabilities, which are highlighted as an area where other SASE and SSE vendors fall short.

John Martin, Chief Product Officer at Netskope stated, “Enterprises need data-centric ZTNA—period. Private applications often house some of an organization’s most valuable information, including trade secrets and code repositories, and are an absolute must for comprehensive data protection capabilities. These key enhancements to Netskope Private Access extend Netskope’s award-winning zero-trust data protection capabilities that much further, offering enterprises multiple options to protect the information, from inspecting private application traffic to applying DLP in risky use cases such as third-party access and BYOD.”

A hybrid work environment needs the ability to apply zero trust principles to govern user, device, network, application, and data behavior, thereby increasing confidence in policy enforcement everywhere. Under zero trust, technology resources no longer implicitly trust any entity seeking to connect. The resource can determine an appropriate level of confidence, or trust, only for that specific interaction and by evaluating several contextual elements such as user role and identity, device identity and security posture, time of day, data sensitivity level, and more. Businesses become more agile, reduce risk, and streamline application deployment and ongoing maintenance because of using Netskope Intelligent SSE with zero trust data protection throughout.

Chris Rodriguez, Research Director of Security & Trust at IDC stated, “Zero trust network access is all about optimizing the balance of enabling access and mitigating risk, and the most effective ZTNA solutions, including Netskope Private Access, help reduce the risk and exposure associated with legacy remote-access VPNs. Enterprises should be pleased to see that Netskope continues to innovate and has now added capabilities to strengthen data protection policies across the widest range of use cases, from SaaS to private apps.”

Read more articles:

Everything you need to know about Zero Trust Security in 2022!

SecZetta & Active Cyber Partnered for Identity Governance

Posted on by admin

SecZetta has collaborated with Active Cyber, a cloud consultancy firm that specializes in the implementation of cloud-based Identity & Access Management (IAM) solutions. SecZetta’s Third-Party Identity Risk solution will be sold by Active Cyber. It will also offer consulting and implementation services to organizations interested in implementing a comprehensive, zero-trust solution to their third-party non-employee challenges.

Kishore Vankayalapati, CIAM Practice Leader at Active Cyber commented, “Organizations are investing heavily in cybersecurity programs to make them more resilient against cyber-incidents and enable them to detect attacks in a shorter timeframe to minimize the costs associated with breaches.”

Almost every industry relies on a growing and increasingly diverse number of third parties to provide the elasticity required to respond to operational needs quickly and cost-effectively. Most organizations, however, lack a centralized way to track and manage their relationships with this growing number of non-employees, as well as the access to enterprise assets that they require.

SecZetta bridges the technological gap in third-party identity governance by providing third-party identity risk solutions that are simple to use and purpose-built to assist organizations in implementing risk-based identity access and lifecycle strategies for third-party non-employee populations. SecZetta adds the most value when combined with industry-leading IGA solutions like Okta and SailPoint.

Active Cyber adds value throughout the sales and delivery process by consulting with and advising customers on a complete, zero-trust solution to their third-party challenges, which includes SecZetta in addition to these other industry-leading identity solutions.

Jeremy Rohrs, SVP, global channel, alliances, and corporate development, SecZetta stated, “Active Cyber’s expertise uniquely positions them to advise clients around a true zero-trust approach to identity, ensuring both internal and external workforce needs are met for trusted, authoritative identity data that is essential for end-to-end identity governance. Non-employee identity governance is critical to limiting the attack surface of organizations relying on third-party services. We look forward to collaborating with Active Cyber to empower customers to maximize their use of third-party resources to support their business needs by managing the identity lifecycle and risk of third-party users and strengthening their resilience to identity-related cyber incidents.”

Read more articles:

Identity and Access Management in 2022!

Everything you need to know about Zero Trust Security in 2022!

Posted on by admin

Before being permitted or maintaining access to applications and data, all users, whether inside or outside the organization’s network, must be verified, authorised and continually checked for security configuration and posture. Zero Trust presupposes that there is no typical network edge; networks can be local, cloud-based, or a blend of the two, with resources and workers located anywhere.

For today’s modern digital transformation, Zero Trust is a framework for safeguarding infrastructure and data. It specifically addresses today’s business concerns, such as securing remote workers, hybrid cloud systems, and ransomware attacks. While several suppliers have attempted to define their own terms.

Why adopt a zero-trust security model?

Cybercriminals targeting business-critical and sensitive data, such as personally identifiable information (PII), intellectual property (IP), and financial information, may find cloud settings appealing targets.

Even though all data breaches will never be completely eradicated, and no security plan is perfect, zero trust remains one of the most effective security solutions today. Zero trust minimizes the attack surface and negates the effect and intensity of cyberattacks, saving time and money in the aftermath of a breach.

Benefits of zero trust

1. Minimize company and organizational risk

Zero trust solutions prevent all apps and services from communicating until their identity attributes—immutable qualities that comply with predefined trust rules like authentication and authorization—are confirmed.

As a result, zero trust decreases risk by revealing what’s on the network and how those assets communicate. After baselines are established, a zero-trust strategy reduces risk by eliminating overprovisioned software and services and reviewing the “credentials” of every communication asset on a regular basis.

2. Take command of cloud and container environments.

Security professionals’ biggest concerns about going to the cloud are access management and visibility loss. Despite improvements in CSP security, workload security is still a shared responsibility between your company and the CSP. However, you can only influence so much within the CSP’s cloud.

Security policies are imposed depending on the identity of communicating workloads and are related directly to the workloads themselves in a zero-trust security architecture. This keeps security as close to the assets that need to be protected as feasible, independent of network constructions like IP addresses, ports, and protocols. Protection follows the workload and remains consistent when the environment shifts. 

3. Reduce the possibility of a data breach

Every entity is assumed hostile based on the concept of least privilege. Before “trust” is provided, each request is examined, users and devices are authenticated, and permissions are evaluated. As the context changes, such as the user’s location or the data being accessed, this “trust” is regularly reviewed.

An attacker who gains access to your network or cloud instance via a compromised device or other vulnerability will be unable to access or steal your data if you lack trust. Furthermore, the attacker will have nowhere to go because the zero-trust architecture produces a “safe section of one” with no way to move laterally.

Keeper Secrets Manager, the First Zero-Trust, Zero-Knowledge and Cloud-Native Solution for Securing Infrastructure Secrets

Posted on by admin

Keeper Security, a global leading provider of zero-trust and zero-knowledge cybersecurity software that includes password management, dark web monitoring, digital file storage, and messaging, has launched Keeper Secrets Manager, a new cloud-based, zero-knowledge solution for securing infrastructure secrets such as API keys, certificates, database passwords, access keys, and other types of private information.

“Over 80% of successful data breaches involve compromised credentials, and to a cybercriminal, the most desirable credentials are the ones with full access to an organization’s most sensitive data. Yet these highly sensitive and privileged credentials are almost always hardcoded into source code, CI/CD systems or config files. Keeper Secrets Manager enables organizations to protect these ‘hidden’ credentials across all of its infrastructure,” says Darren Guccione, CEO and Co-founder of Keeper Security.

Keeper Secrets Manager is a completely managed and cloud-based security solution that leverages an innovative patent-pending security architecture. Keeper’s top-rated enterprise password management (EPM) technology also uses the same zero-knowledge security methodology. Keeper Secrets Manager seamlessly integrates into nearly any data environment without requiring additional hardware or cloud-hosted infrastructure, whereas competing secrets management solutions require customers to buy special hardware, install a proxy service, or use a specific cloud services provider. It integrates with a range of DevOps tools out of the box, including Github Actions, Kubernetes, Ansible, and others.

“Fast and seamless integration into organizations’ existing tech stacks is where Keeper Secrets Manager shines. Organizations can get Keeper Secrets Manager up and running in about 20 minutes, which is less than the time it would take just to download competing solutions’ appliances.  Keeper Secrets Manager is an elegant and secure solution for managing infrastructure secrets, without any added complexity, maintenance or security issues,” notes Craig Lurey, CTO and Co-founder of Keeper Security.

Keeper Secrets Manager is a logical complement to Keeper Enterprise Password Management (EPM). Keeper’s Advanced Reporting and Alerts Module (ARAM), BreachWatch, Webhooks, SIEM connectivity, and compliance tools are all integrated within the Keeper Web Vault, Desktop App, and Admin Console.

Prosimo and AWS Bring New Advanced Services to Simplify Cloud Networking

Posted on by admin

Prosimo, an Application Experience Infrastructure firm, announced new cloud networking features developed on Amazon Web Services (AWS) innovations to ease hybrid and multi-cloud networking. Clients who want to develop an elastic and scalable transit with AWS Cloud WAN for cross-region connectivity can use the Prosimo Application eXperience Infrastructure (AXI) platform, which includes cloud-native integrations. Furthermore, the availability of Containers Everywhere in the AWS Marketplace allows businesses to deploy Prosimo AXI edges across their hybrid architecture using a single AWS portal. Businesses prefer a secure and optimised network transit that utilises cloud-native constructs, auto-scales as the footprint tends to grow as business requirements change, and continues to work consistently across multiple cloud regions, edge locations, and co-locations.

“AWS is delighted to work closely with Prosimo as we share a common vision in helping customers simplify and automate cloud networking to support distributed workforces and digital transformation strategies. This work delivers tightly integrated services that leverage Prosimo AXI for comprehensive hybrid and multi-cloud networking with industry-leading cloud services from AWS to simplify the onramp, migration and management of the enterprise journey in the cloud of our customers,” said Chris Grusz, Director of Business Development, AWS Marketplace.

Hybrid architectures and multi-cloud networks have become progressively complex and dynamic as a result of the heterogeneous nature of enterprise cloud adoption. For enterprises to support distributed workplaces and deliver excellent customer experience, enterprises must provide a consistent, reliable, and secure experience throughout all business-critical and latency-sensitive applications for clients in any location. Moreover, as more organisations use cloud-native architectures to revamp application frameworks and deliver applications faster, ‘application to application’ networking offers a simplified, elastic, and scalable solution.

Prosimo AXI is a self-contained multi-cloud networking solution built on cloud-native frameworks that provide complete and accurate observability as well as ML-insight-driven recommendations and orchestration. Prosimo AXI provides enterprises with fine-grained command over routing for optimised application performance, as well as the capacity to create security policies based on a Zero Trust framework.

“Our work with AWS makes it easy and seamless for any enterprise to simplify and realize autonomous cloud networking at any stage of the multi-cloud journey from hybrid cloud, multi-cloud and to the edge. We are ecstatic to be working closely with AWS on go-to-market, collaborating on product integrations and delivering compelling new services to customers,” said Ramesh Prabagaran, CEO and co-founder of Prosimo.

“With these new features and functionality on the AXI Platform, Prosimo will be ideally suited to meet our goals:  enable modern infrastructure capabilities using newer AWS networking constructs such as CloudWAN, built-in observability for applications, and remove as much complexity as possible,” said Kevin Paige , CISO, Flexport.

 Clients can now orchestrate Transit Gateway, Virtual Private Cloud peering and PrivateLink, as well as AWS CloudWAN, using the Prosimo AXI platform, which utilises cloud-native connectivity frameworks. Clients can also easily migrate to the favoured cloud-native networking option, such as AWS CloudWAN, and create detailed, accurate and contextual policies while offering a fast, secure, and smooth on-demand application experience for users worldwide with no disruption to end-users using Prosimo AXI.

CrowdStrike Acquires SecureCircle to Extend Zero Trust Data Protection

Posted on by admin

CrowdStrike Holdings, a leading company in cloud-delivered endpoint and workload protection, announced the acquisition of SecureCircle, a SaaS-based cybersecurity service that extends Zero Trust security to endpoint data. CrowdStrike will strengthen its leading Zero Trust endpoint security device and identity capabilities to incorporate data with this takeover. The all-cash deal is expected to complete in the fourth quarter of CrowdStrike’s fiscal year.

By securing the hub of enterprise risk — the endpoint – CrowdStrike has transformed security for the cloud era. CrowdStrike will enhance data protection with SecureCircle’s technology, allowing customers to implement Zero Trust at the device, identity, and data levels. CrowdStrike intends to resolve complex problem that all organisations face, data protection, with a simple solution – enforcing Zero Trust control at multiple levels, all deployed through CrowdStrike’s lightweight Falcon agent on the endpoint – by combining forces and leveraging SecureCircle’s innovative capabilities.

Zero Trust Data Protection Reimagined

In 2021, the market for data loss prevention (DLP) and related technologies is expected to reach $3 billion. Even billions of dollars are invested in legacy DLP technologies, data breaches via inadvertent leaks, ransomware, sophisticated cyberattacks, and other sources continue to occur at an astonishing speed. Clients demand a solution to protect data without compromising the user experience, as DLP has failed. CrowdStrike promises to rethink data security using SecureCircle’s technology, enforcing encryption on data in all three states (in transit, at rest, and in use), allowing clients to secure data on, from, and to endpoints. Clients will be able to govern data access and usage regulations for each user based on their Zero Trust score when integrated with CrowdStrike Zero Trust Assessment, providing dynamic risk mitigation.

“Data loss prevention has suffered from a lack of innovation and legacy tools have completely failed to live up to the promise of preventing breaches. At the same time, the endpoint has become the focal point for how data is accessed, used, shared and stored,” said George Kurtz, co-founder and chief executive officer of CrowdStrike. “CrowdStrike will be setting a new standard for endpoint-based data protection by connecting Zero Trust enforcement to the device, the user identity and, with this acquisition, the data users are accessing and using.”

Jeff Capone, chief executive officer at SecureCircle said, “We are excited to join the CrowdStrike family, and integrate SecureCircle’s revolutionary data protection solutions with the industry leader in cloud-delivered endpoint protection. The endpoint in today’s enterprise is everything, and coupling our cloud-native approach to protecting sensitive data with CrowdStrike’s industry leading Zero Trust endpoint security will enable customers to enforce Zero Trust on the endpoint across all levels.”

RevBits Announced Zero Trust Network Security To Protects Digital Assets

Posted on by admin

RevBits, a firm providing complete 360-degree cyber defense, announced release of RevBits Zero Trust Network (ZTN). RevBits ZTN is an application providing authenticated access for remote users and devices to applications, services and data, with complete network security.

The remote employees and access to third parties increase the risk for companies. RevBits ZTN isolates and protects internal assets, without using complicated network segmentation, by moving network protection to endpoints. RevBits ZTN offers in-transit data security via encryption, secure access to apps and services and network security through user and device authentication to support a default no-trust security stance.

“As enterprise threat levels rise, rethinking cybersecurity and perimeter control is paramount. It is no longer a matter of ensuring data encryption for remote users through a VPN as a complement for network security; organizations must adopt a default no-trust posture,” said David Schiffer, CEO at RevBits.

Based on technological innovation in the market for access management, RevBits ZTN extends access management and control to user level with unified visibility and analytics to the individual user level through RevBits Privileged Access Management (PAM).

RevBits ZTN offers data security by authenticating all users and devices with encryption and granular access control. “Based on our unique architecture and patent-pending technologies, RevBits ZTN provides best in class protection. By combining the principles from our PAM solution, RevBits ZTN delivers data encryption, comprehensive obfuscation, granular user and machine access control, and monitoring to protect digital infrastructure,” said Mucteba Celik, CTO at RevBits.

ColorTokens Partners with Paramount to Empower Middle East Customers in Zero Trust Security

Posted on by admin

ColorTokens a cybersecurity firm has formed a strategic partnership with Paramount Computer Systems, a leader of product and services in the market for information assets security to enterprises in the Middle East.

Paramount will provide the ColorTokens’ Xtended ZeroTrust Platform, which includes Xshield for Workload Visibility and Segmentation, Xprotect for Endpoint and Host Protect, and Xessure for Zero Trust as a Service, to Middle East companies across Vertical Solutions like BFSI, logistics, aviation and more. The system has been designed to assist safety security teams protect endpoints quickly, effectively and react to zero-day attacks and integrate seamlessly with current security tools.

ColorTokens offers an easy-to-use cloud platform that extends far beyond the perimeter as a leader in using Zero Trust security. The Xtended ZeroTrust® Platform of ColorTokens offers real-time viewing, segmentation, and business resilience to cyber risks across hybrid networks and boundaries while allowing operating flexibilities in the entire IT infrastructure.

“Digital transformation in today’s modern workplace means enterprises are adopting multi-cloud strategies, with an increased focus on dynamic microservices. Traditional security approaches assume that everything within an enterprise network can be trusted. Zero Trust is a significant departure from this mindset as it centers on the belief that a user or device is untrustworthy until proven otherwise. In today’s world, adversaries don’t stop at the point of breach, they move laterally across networks to reach targeted data and assets. We are thrilled to be joining forces with Paramount, their extensive cloud capabilities and market expertise combined with our cutting-edge solutions can enable us to successfully empower regional organizations in their Zero Trust journeys,” said Lee Ealey-Newman, VP Channels for EMEA at ColorTokens.

“As organizations continue to embrace cloud transformation, a proactive approach to cybersecurity is the need of the hour. To stay ahead of evolving cyber threats, adopting micro-segmentation and a software-defined perimeter (SDP) has become crucial for modern enterprises. By integrating ColorTokens’ ground-breaking, end-to-end Zero Trust solutions into our portfolio, we can provide our clients with future-proof protection for their increasingly hybrid infrastructures,” said Suhas Varambally, SVP, Paramount.

“Cyber threats are adapting to the dynamic way people work today, making it crucial for organizations to revamp their security strategies. As ColorTokens’ value-added distributor, this new partnership with Paramount is reflective of our commitment to expanding their foothold in the region. We believe that Paramount’s longstanding market expertise makes them the perfect partner to help regional customers leverage ColorTokens’ solutions to move from a conventional security approach to a foolproof, advanced Zero Trust model,” said Garreth Scott, Managing Director, Credence Security.

Mission Secure and XONA partners to offer zero-trust OT cybersecurity solutions to industries relying on remote operations capacity

Posted on by admin

Mission Secure, the world’s leading Industrial control (ICS) cybersecurity tech firm, announced a strategic partnership with XONA, the developer of a zero-trust user access solution for remote industrial operations, to provide more comprehensive and integrated operational technology (OT) cybersecurity solutions across several industries.

Remote operations capability is becoming extremely important in a pandemic-affected operational landscape for sustaining resiliency, enhancing efficiency, and accomplishing corporate goals. However, as IT and OT systems converge, businesses are exposed to cybersecurity vulnerabilities that standard IT security solutions can’t address. In order to protect essential infrastructure and business data from malicious attackers, organizations need OT-specific cybersecurity features.

In the defence, critical infrastructure, and process industries, Mission Secure offers comprehensive OT security solutions. This partnership improves their security by bringing a zero-trust user access layer to their product offerings, which include integrated closed-loop multi-factor authentication (MFA), browser-based virtual desktop infrastructure (VDI), moderated secure file transfer, system connection segmentation and monitoring, protocol isolation, and deep user access forensics, all offered through a single platform.

“Mission Secure is proud to bring XONA’s ‘best-in-class’ solution to our customers Our OT/ICS customers often face challenges with remote access, but the XONA technology adds an important feature set to our Platform-as-a-Service that will bridge the gap between cyber protection and operational efficiency. That’s especially important now as threat actors increasingly turn their attention to vulnerabilities in OT/ICS to avoid the increased security in IT infrastructures,” said John K. Adams, Mission Secure’s CEO.

“Simple to deploy, zero-trust user access empowers companies to embrace OT remote operations capacity without compromising cybersecurity. As ransomware and other cybersecurity threats increase in scope, frequency and severity, it’s critical that companies fortify their remote operations to account for a shifting threat landscape. We’re excited to partner with Mission Secure to deliver just those necessary capabilities,” said XONA CEO, Bill Moore.

Together Mission Secure and XONA will offer a comprehensive cybersecurity solution that protects companies as they embrace remote operations.

ColorTokens and Finesse formed partnership to help Middle Eastern businesses combat Zero-Day Vulnerabilities with Zero Trust

Posted on by admin

ColorTokens, a global provider of Zero Trust cybersecurity solutions, has partnered with Finesse, a Dubai-based IT system integrator. This partnership is a strategic move to provide Middle Eastern organizations with a new method to deal with the growing number of cyberthreats.

ColorTokens’ Xtended ZeroTrustTM Platform, which includes Xshield, Xprotect and Xaccess, provides a comprehensive approach to analyzing and mitigating cyberthreats across endpoints, networks and applications. ColorTokens allows businesses to accurately assess and enhance their security postures, enabling cyber-resiliency in cloud and hybrid environments. ColorTokens’ Xaccess is the latest addition to the Xtended ZeroTrustTM Platform. It provides Zero Trust secure access for remote employees, third parties, or contractors from distant places as they link with their cloud- or datacenter-based apps or data.

Finesse will be able to rapidly visualise and segment their entire IT infrastructure, proactively protect endpoints, and contain and respond to zero-day cyberattacks as a result of this partnership. 

“With the exponential growth of cyberthreats in the Middle East, traditional security approaches that follow a ‘castle-and-moat’ principle are no longer sufficient to protect today’s enterprise networks. To prevail against an increasingly malevolent threat landscape, adopting micro-segmentation and a Zero Trust approach that extends to the endpoint has become mission-critical for modern enterprises. We believe that Finesse, with its strong presence in the Middle East and in-depth industry knowledge, is well-positioned to deliver ColorTokens’ ground-breaking, end-to-end Zero Trust platform to regional customers. In addition, this partnership complements our vision of building a robust channel ecosystem comprised of top-notch partners, together with our trusted regional value-added distributor, Credence Security,” said Lee Ealey-Newman, VP Channels for EMEA, ColorTokens.

“Partnering with a premier cybersecurity innovator such as ColorTokens allows us to offer our customers a cutting-edge and easy-to-deploy Zero Trust platform. To win against today’s increasingly sophisticated cyberadversaries, organizations need to adopt a proactive and holistic security strategy that transcends traditional methods. ColorTokens’ Xtended ZeroTrust Platform can address this industry demand, and we are excited to work with them in providing the strongest protection and greatest value to our customers,” said Adhish Pillai, Practice Lead Cybersecurity, Finesse.

“With enterprise boundaries expanding beyond corporate perimeters, securing the network has become more important than ever. Zero Trust plays a critical role in addressing this market need, and that’s why bringing this security approach to more and more customers across the region is a key priority for Credence Security. We are confident that Finesse is the right partner to take ColorTokens’ Zero Trust innovations to new heights,” said Philip Cherian, Regional Channel Director, Credence Security.

InfoSecurity Outlook Magazine focuses on keeping track of Information Security, Data Security, Cloud Security, IoT Security and Fraud Management related technology to help entrepreneurs protect their organizational data from threats and misuse.

Quick Links

Our Brands

© 2023 InfoSecurity Outlook. All rights reserved.

Terms & Conditions

Privacy Policy