Driving Innovation

Organisations that maintain mature data practices in support of their modernisation initiatives consistently realise better business outcomes. As enterprises increasingly adopt cloud-based data lakehouses, erwin Data Modeler 12.5 rises to the occasion with enhanced capabilities to support seamless data deployment. The solution meticulously documents existing data sets, facilitating accurate and efficient migration to new cloud environments, thereby optimising data operations and fostering data-driven innovation.

“While it has always been important, proven by erwin Data Modeler’s 30 years in the market, data modeling is now experiencing a resurgence in its role in ensuring unwavering data integrity and governance, making it a crucial aspect for precision-driven AI and other enterprise applications,” said Heath Thompson, General Manager at Quest Software. “In today’s data-driven landscape, where information can be a powerful advantage or a liability, organisations are increasingly embracing erwin solutions to democratise data access across their entire organisation, unlocking a myriad of untapped benefits.”

In the era of AI advancement, organisations are rapidly embracing Al Large language models (LLMs) for transformative applications. LLMs, however, are only as effective as the data underpinning them. erwin Data Modeler emerges as a pivotal tool to navigate the challenges of deploying LLMs effectively by creating a foundation of data accuracy, democratising access to data and increasing literacy and efficient communication among stakeholders. By empowering business analysts to define precise data requirements for AI model training, erwin Data Modeler creates accurate and well-formatted data sets that power reliable AI results.

Key Enhancements in erwin Data Modeler by Quest 12.5:

1. Stakeholder Collaboration with ER360 Integration: erwin Data Modeler fosters seamless communication among business, IT, and data teams with its integration with ER360, an online collaboration platform. This encourages data-driven decisions, enabling business users to grasp data models and align them with the right intelligence. Enterprise glossaries facilitate effective communication by describing business language associated with specific data sets.

2. Enhanced Governance with Databricks Unity Catalog Integration: erwin Data Modeler seamlessly integrates with Databricks Unity Catalog, amplifying its governance capabilities across diverse data lakehouse environments. Customers can effortlessly classify structured and unstructured data, define permissions, and identify performance issues, ensuring meticulous data governance.

3. Boosted Data Visibility and Literacy with erwin Data Intelligence Integration: Close collaboration between erwin Data Modeler and erwin Data Intelligence offers comprehensive visibility of data assets and guidelines for their usage. Consistent data policies and best practices are implemented, elevating model quality and data operations efficiency.

4. Ensuring Data Model Quality with Enterprise Modeling Compliance Feature: erwin Data Modeler users can build and customise policies designed to standardize and review documentation, verify data compliance and monitor metadata quality, helping data stewards increase the accuracy of, and reduce the time it takes to maintain, high-quality data models.

To explore what’s possible with erwin Data Modeler by Quest 12.5:

● Visit the erwin Data Modeler product page https://www.erwin.com/products/erwin-data-modeler/.

● Watch the “What’s New in erwin Data Modeler 12.5” video https://www.erwin.com/video/introducing-erwin-data-modeler-125/

● Register for the webinar on September 27, 2023 to experience erwin Data Modeler 12.5 and other major enhancements https://www.erwin.com/event/driving-data-maturity-through-governance-quality-and-collaboration-with-erwin-data-modeler-125-by-quest/.

● Visit the erwin website to learn more about the full data intelligence offering www.erwin.com

The post Quest Software Update appeared first on IT Security Guru.

“Since publishing the 2021 Radar for Service Access Solutions [GigaOm’s prior term for SSA], Cato Networks has moved from being a Challenger to a Leader and an Outperformer due to its innovation and execution against its roadmap,” writes GigaOm analyst and report author, Ivan McPhee.

“In the world of networking and securing the enterprise, the platform is critical. It’s the convergence of capabilities into a global platform that allows for the radical simplicity and operational efficiency promised by SASE and SSA. GigaOm’s thorough research underscore this architectural prerequisite and we’re honored to be named a Leader and Outperformer in the SSA Radar Report,” says Yishay Yovel, Chief Marketing Officer at Cato Networks.

Cato Networks: The Prototypical SASE/SSA Platform

The report found Cato SASE Cloud to be one of the few SSA platforms capable of addressing the networking and security needs for large enterprises, MSPs, and SMEs.

The Cato SASE Cloud provides outstanding enterprise-grade network performance and predictability worldwide by connecting sites, remote users, and cloud resources across the optimized Cato Global Private Backbone. Once connected, the Cato SSE 360 pillar of Cato SASE Cloud enforces granular corporate access policies on all applications — on-premises and in the cloud – and across all ports and protocols, protecting users against threats, and preventing sensitive data loss.

Of GigaOm’s key SSA Criteria, the Cato SASE Cloud was the only Leader to be ranked Exceptional in seven of eight categories:

• Defense in Depth
• Identity-Based Access
• Dynamic Segmentation
• Unified Threat Management
• ML-Powered Security
• Autonomous Network Security
• Integrated Solution

And the company found a similarly near-perfect score when it came to the core networking and network-based security capabilities comprising SSA solutions: SD-WAN, FWaaS, SWG, CASB, ZTNA, and NDR.

“Founded in 2015, Cato Networks was one of the first vendors to launch a global cloud-native service converging SD-WAN and security as a service,” says the report. “Developed in-house from the ground up, Cato SASE Cloud connects all enterprise network resources—including branch locations, cloud and physical data centers, and the hybrid workforce—within a secure, cloud-native service. Delivering low latency and predictable performance via a global private backbone”

Delivering a Converged Networking and Security Platform Challenges the Industry

Since SASE’s inception, analysts have pointed to the importance of having one, converged cloud platform connecting and securing the complete enterprise — sites, users, and cloud resources. It’s this radical simplicity that enables the agility, cost savings, visibility, improved security, and operational improvements associated with SASE/SSA.

But the complexity of converging networking and security capabilities to form such a platform has long challenged legacy technology and service providers. As GigaOm notes, “The SSA landscape is becoming increasingly blurred with incumbent vendors repackaging and repositioning legacy products as integrated platforms, acquiring new technologies, or making strategic alliances to fill the gaps in their portfolios.”

Enterprises need not only consider functionality claimed by SSA vendors but the convergence of those capabilities. Says GigaOm, “When talking to vendors, verify the level of integration between individual SSA capabilities. Ensure that their vision is aligned with yours and their roadmap includes the features and integration you need.”

The post Cato Networks SASE Cloud: “leader” and “OutPerformer” in GigaOm SSA Radar appeared first on IT Security Guru.

Cybersecurity and compliance are now essential pillars within the modern enterprise. They are integral to the business continuity and legal responsibility of every organization, large or small.  What’s more, these obligations are exponentially more complex than they were just 5 years ago. However, since these are relatively new obligations that means finding the best vendors and understanding the right services for your company can be uncharted territory for your team. With this in mind, the team at the IT Security Guru has compiled a comprehensive list of the industry-leading solutions that every company needs for a well-rounded and robust cybersecurity and compliance program.  

First, we will help you make sense of the complicated web of cybersecurity solutions. Shown below in ‘figure 1’, are the many intertwined and interwoven cybersecurity services and vendors. It’s likely that not all of these will be relevant to every business, so it’s crucial for you to develop an understanding of which vendor would be most appropriate for your company/industry before beginning the buying process. What follows is a list of IT Security Guru’s ‘best in class’ recommendations for cybersecurity purchasing in 2022, based on our extensive industry knowledge, research, and comparative analysis, based on value for money and convenience, we selected the best vendors with the best products and services for every industry.  

“Best in Class” 2022  

Cybersecurity & Compliance Services: Cerberus Sentinel   

 When it comes to protecting your company against cyber-attacks and ensuring regulatory compliance it’s best to look at these obligations in aggregate rather than separately. They are so heavily codependent that it just makes your life easier if they are approached this way. However, it is nearly impossible to handle them this way since they are typically handled by a constellation of service providers. This multi-vendor approach, while common practice today, is far too complicated to be considered a ‘best in class’ solution. For this reason, we have selected Cerberus Sentinel as the ‘Best in Class’ provider for their holistic approach to Cybersecurity and Compliance Services. They are pioneering an end-to-end offering that provides both services from one company. The secret to their success is that their services are delivered by dedicated teams of experts for each program who work collaboratively to solve your cybersecurity and compliance needs.    

“Cerberus Sentinel is different from other companies in this industry, our employees are not consultants, they are dedicated partners available to our clients on a recurring monthly contract. Due to the numerous challenges in hiring experienced cybersecurity and compliance professionals, assimilating our team of industry and subject matter experts into our client’s team is the ideal solution.”   

 – David Jemmett, CEO, Cerberus Sentinel  

About Cerberus Sentinel  

“Cybersecurity is a culture, not a product” this is the Cerberus Sentinel mantra. They were founded on the belief that service providers should be technology and product agnostic and that the best approach to cybersecurity and compliance is one of proactive prevention accomplished through the development of a culture of awareness. In an era when ‘add another tool to the stack’ is the prevailing recommendation, their approach is relatively new, however, it doesn’t ignore the importance of technical tools, rather Cerberus Sentinel offers solutions that go beyond the tools, working to build a deeply rooted solution at the heart of your organization; your people.  

What does it mean to be technology agnostic? While most cybersecurity firms are locked into working with a single technology, Cerberus Sentinel has differentiated themselves by remaining technology agnostic. This approach enables their teams to work with any business, no matter what systems or tools they use. For their customers, the benefit is equally valuable; they’re able to choose the best tools and technology for their business needs without affecting their relationship with the team at Cerberus Sentinel.  

 Cerberus Sentinel Solutions    

 Cerberus Sentinel solutions cover the full range of cybersecurity and compliance services enabling them to deliver the holistic approach that so many companies need today. They call this unique approach MCCP+ which stands for Managed Compliance and Cybersecurity Provider + Culture. This is the only holistic solution that provides all three of these elements under one roof from a dedicated team of subject matter experts.   

Cerberus Sentinel offers the following solutions:   

 Secured Managed Services, Compliance Services, SOC Services, Virtual CISO Services, Incident Response, Certified Forensics, Assessment Services, and Cybersecurity & Compliance Training.  

• Secured Managed Services:  Competing cybersecurity companies may be able to point out vulnerabilities or configuration issues, but Cerberus Sentinel has experts with the capability to fix them, as well as to manage the subsequent IT infrastructure which may be put in place.   
• Compliance: As an authorized FedRAMP vendor Cerberus Sentinel  an insider’s perspective to the process in a variety of industry standards, including FedRAMP, FISMA 2014, HIPAA and NIST.  
• SOC Services:  They offer SOC-as-a-service, a subscription-based service that manages and monitors client’s logs, devices, clouds, network and assets for possible cyber threats.  This service provides Cerberus clients with the knowledge and skills necessary to combat cybersecurity threats without the strain on internal teams.   
• Virtual CISO Service:  Corporations are in need of cybersecurity services but do not have the capital resources or knowledge base to hire a dedicated in-house Chief Information Security Officer (“CISO”).  They offer this service to companies on an ongoing managed service basis as a resource to augment their management team.  CISO-as-a-service includes road mapping future policy frameworks for clients and providing knowledgeable expertise to help them achieve their security needs.  

• Incident Response and Forensics:  Focusing on identification, investigation, and remediation of cyberattacks.   
• Assessment Services: Cerberus Sentinel specializes in advanced cyber security assessments that highlight the skills and experience of the Cerberus team’s top-tier talent. Cerberus customers love them because they routinely identify issues that no one else does due to the emphasis on real-world manual testing techniques, and custom exploit development to uncover new avenues of attack.   
• Cybersecurity & Compliance Training: This targets the root cause for 75% of cyber breach events by starting with a culture of security-first forward thinking. Cerberus Sentinel’s security awareness training can prevent a catastrophic cyberattack before it even occurs by equipping users with the tools and techniques required to spot a potential cyberattack in the early stages.   

Guru’s conclusion: A holistic, cultural approach to security purpose built for our age, the Cerberus Sentinel team and offerings provide their customers and partners with an approach to cybersecurity which is both holistic and tailored to the specific buying needs of organizations in security and compliance. Their consultative approach means that they are able to support and engage with customers all through the process, guiding organizations through the buying process, through implementation, to eventually becoming full-embedded and trusted partners, who can take on the day-to-day security and compliance functions of an organization indefinitely.   

Their wide-ranging offering means an ability to slim down an overly complex vendor stack, and effectively outsource whole departments to a trusted, expert provider. In the current climate of financial uncertainty and talent shortages, working with a consultative, technology agnostic vendor allows for a certainty in your security posture, which can allow internal and compliance teams the confidence to operate effectively, and can provide your C-Suite with the reassurance they need that security is being purchased strategically.   

This kind of holistic offering could not be better timed to ensure businesses are able to operate securely; and indeed, to operate at all. Cyber insurance premiums have risen by a third over the course of the last year, as ransomware and other security incidents have put a huge squeeze on the viability of existing cyber-insurance policies. Having a certified external organisation such as Cerberus who can complete a rigorous security audit, which can be presented back to insurers as proof of a robust, overarching approach to cybersecurity can work to back up any claims made to your insurers, reducing premiums in the process – Good news for both the underwriters and the companies in question. 

To learn more about Cerberus Sentinel or to schedule a meeting with their sales team, visit www.CerberusSentinel.com  

“Honorable mentions” 2022  

KnowBe4  

About KnowBe4 

  KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 41,000 organizations around the globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud, and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense. 

KnowBe4’s Mission 

KnowBe4 enables your employees to make smarter security decisions, every day through various Enterprise Security Awareness Training activities: 

Specific Offerings:  

Security Awareness Training 

KnowBe4 provides baseline testing to assess the Phish-prone percentage of your users through a simulated phishing, vishing or smishing attack. KnowBe4 boasts the world’s largest library of security awareness training content, including interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails. The KnowBe4 user phishing training offers best-in-class, fully automated simulated phishing, vishing and smishing attacks, thousands of templates with unlimited usage, and community phishing templates. Complete with enterprise-strength reporting, both high-level and granular stats and graphs ready for management reports. KnowBe4 even has a personal timeline for each user. 

GRC 

Manage and Automate Compliance and Audit Cycles, reduce the time you need to satisfy requirements to meet compliance goals with pre-built requirements templates for the most widely used regulations. Centralize Policy Distribution and Tracking. Save time when you manage distribution of policies and track attestation through campaigns. Identify, Respond, and Monitor Your Risk. Simplify risk initiatives with an easy-to-use wizard with risk workflow based on the well-recognized NIST 800-30. 

Compliance Plus Training: 

Compliance training typically once a year is far from enough to train your users effectively or reinforce the important legal and regulatory requirements your organization needs to address for compliance. With a constant cadence of always fresh, up-to-date and short content from KnowBe4, you can stay on top of current compliance requirements and deliver a variety of training campaigns to your users on a monthly or quarterly basis. 

One Identity  

With the proliferation of human and machine identities, the race to the cloud and the rise of remote working, protecting identity has never been more important. The key impediment to doing so is the fragmented way in which most organizations manage access rights. One Identity brings together the four core elements of identity security – Identity Governance and Administration (IGA), Identity and Access Management (IAM), Privileged Access Management (PAM), and Active Directory Management and Security (ADMS) – to help customers holistically address this challenge. We call this unified identity security 

Moving from a fragmented state to a unified approach to identity security delivers numerous operational benefits, such as correlating all identities, removing friction between formerly distinct technologies, and facilitating automation and orchestration. This model also provides a critical level of added protection. With 360-degree visibility, adaptive security controls, and the ability to apply analytics across all identities in the enterprise, organizations can verify everything before granting access to their most-critical assets. This level of response and control allows cybersecurity executives to shrink windows of exposure, move closer to achieving Zero Trust and improve their overall security posture. 

The One Identity Offering: 

One Identity’s vision is not to simply help customers solve all their identity security problems with fragmented point solutions. They believe there is significant value in integrating these technologies into a single, cloud-first platform – what One Identitycall the Unified Identity Security Platform. 

The foundation of One Identity’s platform is in an identity-correlation system that delivers a consistent view across users, machine identities and accounts to help organizations move from a fragmented to a unified state. Workflow orchestration eliminates manual and error-prone activities; connectors deliver flexibility by bringing disparate applications and security ecosystems under a single point of control. Powering all of this is identity intelligence and analytics to help cybersecurity professionals get a clear view of their risk profile and take corrective actions as needed.  

Key Offerings: 

• Identity Governance and Administration: Complete, business-driven governance for identity, data and privileged permissions 
• Identity and Access Management: Secure workforce, partners, and customers while increasing operational efficiency and accelerating digital transformation efforts 
• Privileged Access Management: Protect privileged accounts and enable identity-centric Zero Trust for just-in-time access 
• Active Directory Management and Security: Enhance management of Active Directory/Azure AD for efficiency, security and to achieve Zero Trust

Synopsys 

Moving from a fragmented state to a unified approach to identity security delivers numerous operational benefits, such as correlating all identities, removing friction between formerly distinct technologies, and facilitating automation and orchestration. This model also provides a critical level of added protection. With 360-degree visibility, adaptive security controls, and the ability to apply analytics across all identities in the enterprise, organizations can verify everything before granting access to their most-critical assets. This level of response and control allows cybersecurity executives to shrink windows of exposure, move closer to achieving Zero Trust and improve their overall security posture. 

“From Silicon to Software” is the mantra at the heart of Synopsys. The team works to provide innovations that are changing the way we work and play. Autonomous vehicles. Artificial intelligence. The cloud. 5G. These breakthroughs are ushering in the era of Smart Everything―where devices are getting smarter, everything’s connected, and everything must be secure. Powering this new era of digital innovation are advanced silicon chips and exponentially growing amounts of software content―all working together, smartly and securely. Synopsys is at the forefront of Smart Everything with the world’s most advanced technologies for chip design and verification, IP integration, and software security and quality testing. We help our customers innovate from silicon to software so they can deliver Smart Everything. The three strands of this are represented via a mission statement to: 

• Build The Best Chips, Faster: Synopsys is the world’s leading provider of solutions for designing and verifying advanced silicon chips, and for designing the next-generation processes and models required to manufacture those chips.  

• Integrate More Capabilities, Faster: Synopsys offers the world’s broadest portfolio of silicon IP―pre-designed blocks of logic, memory, interfaces, analog, security, and embedded processors―to help our customers introduce more capabilities and reduce integration risk.  
• Build Secure Software, Faster: Synopsys helps customers build security and quality into the DNA of their software code―at any stage of the software development lifecycle and across the supply chain―to minimize risks while maximizing speed of application development 

Selection of specific offerings:  

Coverity Static Application Security Testing: This compliance standard gives you the speed, ease of use, accuracy, industry standards compliance, and scalability that you need to develop high-quality, secure applications. Coverity identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process when it’s least costly and easiest to fix.  

Precise actionable remediation advice and context-specific eLearning help your developers understand how to fix their prioritized issues quickly, without having to become security experts. Coverity seamlessly integrates automated security testing into your CI/CD pipelines and supports your existing development tools and workflows. Choose where and how to do your development: on-premises or in the cloud with the Polaris Software Integrity Platform (SaaS), a highly scalable, cloud-based application security platform. Coverity supports 22 languages and over 70 frameworks and templates.  

Seeker: Interactive Application Security Testing , gives you unparalleled visibility into your web app security posture and identifies vulnerability trends against compliance standards (e.g., OWASP Top 10, PCI DSS, GDPR, CAPEC, and CWE/SANS Top 25). Seeker enables security teams to identify and track sensitive data to ensure that it is handled securely and not stored in log files or databases with weak or no encryption. Seeker’s seamless integration into CI/CD workflows enables fast interactive application security testing at DevOps speed. Unlike other IAST solutions, which only identify security vulnerabilities, Seeker can also determine whether a security vulnerability (e.g., XSS or SQL injection) can be exploited, thus providing developers with a risk-prioritized list of verified vulnerabilities to fix in their code immediately.  

Black Duck Binary Analysis 

Black Duck Binary Analysis is a software composition analysis (SCA) solution to help you manage the ongoing risks associated with a complex, modern software supply chain. Empower procurement, operations, and development teams with visibility and insight into the composition of commercial applications, vendor-supplied binaries, and other third-party software.  

Black Duck Binary Analysis quickly generates a complete software bill of materials (BOM), which tracks third-party and open source components, and identifies known security vulnerabilities, associated licenses, and code quality risks. Because Black Duck Binary Analysis analyzes binary code, as opposed to source code, it can scan virtually any software, including desktop and mobile applications, embedded system firmware, and more.

The post The IT Security Guru Buyer’s Guide 2022 appeared first on IT Security Guru.

Recognised as a leader by independent analysts Gartner and Forrester, Synopsys provides the most comprehensive portfolio of application security solutions in the industry. Through the TAP program, development, DevOps, and security technology providers can partner with Synopsys to integrate the company’s application security and risk management solutions with their products. These integrations make it easier for organisations to build automated application security controls into their existing DevOps toolchains.

Synopsys recently introduced its Intelligent Orchestration solution— a dedicated application security automation pipeline that integrates with popular DevOps tools to make security testing seamless and easy to manage for high-velocity development teams. Intelligent Orchestration integrations with CloudBees and GitHub Actions underscore the value the TAP program creates for customers.

Intelligent Orchestration with source code management. Popular source code management (SCM) tools, including Bitbucket, GitLab, and GitHub, can integrate with Synopsys application security solutions to enable developers to automatically run security scans on their source code when changes are introduced. For example, the Intelligent Security Scan GitHub Action integrates with Intelligent Orchestration to simplify and streamline security testing, triggering the most appropriate analysis based on the significance of the code changes being introduced. It can be configured to automatically orchestrate rapid or incremental security scans based on pushes and pull requests. Scan results are formatted using the Static Analysis Results Interchange Format (SARIF) and displayed through the GitHub code scanning user interface automatically within the developer workflow.

“GitHub Actions helps customers automate software development efforts from ideation to production rapidly,” said Jose Palafox, business development manager for GitHub. “Security testing is an increasingly important part of that process, but it needs to happen seamlessly. With the Intelligent Security Scan Action, developers can leverage the power of Intelligent Orchestration to automatically and quickly initiate security scans.”

Intelligent Orchestration with continuous integration and delivery. Widely used continuous integration and delivery (CI/CD) tools like CloudBees, CircleCI, and Bamboo can also integrate with Intelligent Orchestration. For example, Intelligent Orchestration integrates with CloudBees to provide a dedicated security testing pipeline that runs in parallel with build and release pipelines, simplifying deployment while ensuring that application security doesn’t come at the cost of development velocity. Customers can define application security policies as code, specifying rules for security testing, response, and notification. Using proprietary technology, Intelligent Orchestration then uses those rules to evaluate code changes and other CI/CD events to intelligently trigger the appropriate security tests.

“We’re seeing more and more customers look to automate application security activities as part of their CI/CD pipelines,” said Anders Wallgren, vice president of strategy for CloudBees. “But with the accelerating pace of development and proliferation of security testing technologies, it can be difficult for them to manage the continuous stream of vulnerabilities without slowing down the pipeline. Through our strategic partnership with Synopsys and integration between our respective tools, CloudBees and Intelligent Orchestration, customers can utilise automation and risk-based intelligence to run the right tests at the appropriate stages in the pipeline, which can dramatically reduce unnecessary friction.”

To become a Synopsys technology partner or learn more, visit the TAP program webpage. The TAP program provides partners with world-class developer support, product training, integration audits, community access, and co-marketing opportunities. Collaborate, integrate, and interoperate with Synopsys application security solutions to transform how software is built, deployed, and operated. Through partnerships, customers can achieve their application security goals without impacting their development and deployment efforts.

The post Synopsys Unveils Technology Alliance Partner Program, Adds Integrations for Application Security Orchestration Solution appeared first on IT Security Guru.

As the pace and complexity of software development increases, security and development teams in all industries have recognized that integrating and automating security testing within their development toolchains and workflows is essential. However, they often find that doing this can slow development pipelines and overwhelm development teams with large volumes of testing results, many of which do not require immediate attention.

The concepts and technology behind Intelligent Orchestration were developed and refined through years of experience helping customers navigate these challenges, including a Fortune 500 financial services company undergoing a significant digital transformation effort:

“Testing your business-critical applications for security vulnerabilities is essential, but when it comes to producing actionable results and earning developers’ trust in a DevOps environment, the tests you don’t run can be equally as important as the tests you do run,” said the director of application security for the financial services client. “Avoiding extraneous testing cycles and prioritizing the critical vulnerabilities that present the most risk to your organization is key to embracing the benefits of DevSecOps. We worked closely with Synopsys as they developed their Intelligent Orchestration solution to address the DevSecOps bottlenecks we were grappling with.”

Intelligent Orchestration provides the following capabilities and benefits:

• Dedicated “continuous security” pipeline

Intelligent Orchestration is a dedicated continuous integration (CI) pipeline that runs in parallel to build and release pipelines to perform necessary application security tests.

• Seamless integration with existing pipelines and development toolchains

Intelligent Orchestration does not require build and release pipelines to be reimplemented. Instead, it easily integrates with CI pipelines via simple API calls.  In addition, extensible DevOps integrations enable teams to incorporate application security tests performed by Synopsys tools as well as open source and third-party tools, and deliver results via the development, risk management, and issue tracking tools they already use.

• Ensures the right tests are run at the right time

Teams can define their application security policies as code, specifying rules for security analysis, notification, and remediation. Using innovative technology, Intelligent Orchestration then uses that policy to evaluate code changes and other SDLC events to intelligently trigger the appropriate security tests, maximizing velocity by performing only the tests that are needed when they are needed.

• Delivers the right information to the right teams

Intelligent Orchestration optimizes and standardizes application security reporting across the gamut of security testing tools. Results are automatically filtered and prioritized based on risk and delivered directly within the development and defect tracking tools development teams already use, preventing “vulnerability overload” and enabling teams to achieve the maximum risk impact at minimum cost.

• Automates the workflow for manual or out-of-band testing activities

Intelligent Orchestration policies can also trigger manual security activities such as penetration tests, through defect tracking systems and communication channels, enabling security teams to coordinate security compliance with development workflows.

“Every organization embracing DevOps encounters friction when they integrate and automate security testing into their DevOps environments,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “Automating the enforcement of application security policies across your portfolio and managing high volumes of security testing results, while trying to keep pace with the accelerating speed of development, can be a daunting task. These challenges are precisely what Intelligent Orchestration is designed to address. Through policy-driven intelligence, automation, and extensive integrations, Intelligent Orchestration streamlines security testing programs based on risk and continuous iteration.”

Find out more here.

The post Synopsys Launches New Tool for Automated Application Security appeared first on IT Security Guru.

The analysis of over 3,000 popular Android mobile apps showed information leakage to be commonplace. Passwords, user credentials, email addresses and tokens are among the information found. With this information, malicious actors can access someone’s servers, systems or sensitive data and plant malware or even access banking apps.

In addition to this, many of these apps demand excessive use of mobile permissions. Indeed, CyRC found an average of 4.5 sensitive permissions per application. Tools for teachers is one category that posed a significant concern. In fact, one application with over a million downloads was found to require 11 permissions that Google classifies as “Protection Level: Dangerous”.

The report also found that the majority of apps (63%) contained open source components with known security vulnerabilities, with an average of 39 vulnerabilities per vulnerable app. Nearly half of these (44%) have been identified as high risk because they either have been actively exploited or are associated with documented proof-of-concept (PoC) exploits. Just under five percent of the vulnerabilities are associated with an exploit or PoC exploit and have no fix available. One percent of the vulnerabilities are classified as remote code execution (RCE) vulnerabilities—which is recognized by many as the most severe class of vulnerability. 0.64% are classified as RCE vulnerabilities and are associated with an active exploit or PoC exploit.

Top free games, top-grossing games, banking apps, budgeting apps, payment apps and top paid games ranked in the top 6 most vulnerable apps; which is highly concerning considering their immense increase in popularity during the pandemic.

Remarkably, however, 94% of the vulnerabilities detected have publicly documented fixes, meaning there are security patches or newer, more secure versions of the open-source component available. Furthermore, 73% of the 3,137 unique vulnerabilities detected were first disclosed to the public more than two years ago, indicating that app developers simply aren’t considering the security of the components used to build their apps.

“Like any other software, mobile apps are not immune to security weaknesses and vulnerabilities that can put consumers and businesses at risk,” shared Jason Schmitt, general manager of the Synopsys Software Integrity Group. “Today, mobile app security is especially important when you consider how the pandemic has forced many of us—including children, students, and large portions of the workforce—to adapt to increasingly mobile-dependent, remote lifestyles. Against the backdrop of these changes, this report underscores the critical need for the mobile app ecosystem to collectively raise the bar for developing and maintaining secure software.”

To learn more, download the report, Peril in a Pandemic: The State of Mobile Application Security Testing.

The post Popular Android Apps Putting Consumer Privacy and Security At Risk appeared first on IT Security Guru.

In order to determine which organisations stand out amongst the pack, Forrester has pulled together 28 criteria in three high-level categories: current offering, strategy, and market presence. The report specifically advises readers to “look for SAST (static application security testing) solutions that overlay the CI/CD pipeline through out-of-the-box-integrations with popular IDEs, build tools, and code repositories. In addition, seek solutions that provide actionable remediation guidance, with code samples and interactive training reachable through the developer’s toolset.”

In the Forrester Wave Q1 2021 report released this month, of the twelve SAST providers evaluated, Synopsys’ Coverity SAST solution received the highest score and ranked in the top three in the strategy category. Within the current offering category, Synopsys received the top score in the software development lifecycle integration criterion and the highest score possible in the remediation guidance and education criterion. Within the strategy category, Synopsys received the highest scores possible in three of the five criteria: product vision, market approach, and planned enhancements. The Forrester report notes that “Synopsys is a good fit for firms looking for a strong SAST solution that is also part of an overall AST platform.”

“We’re proud to be recognized by Forrester as a leader in the SAST market,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “As one of the foundational solutions in our broad application security testing portfolio, Coverity has not only continued to deliver the value security teams expect from an enterprise SAST tool — but it has also evolved to address emerging use cases, such as enabling frictionless experience for developers and supporting the increasingly diverse ecosystem of toolchains, programming languages, and architectures.”

Download a complimentary copy of The Forrester Wave: Static Application Security Testing, Q1 2021.

The post Findings of the Forrester Wave SAST 2021 Report appeared first on IT Security Guru.

Since the outbreak of COVID-19, many organisations have been forced to ask their employees to work from home. This has made these tools a necessity for businesses whose activities rely on collaboration between employees.

Finding the right collaborative solutions for your company depends on the unique structure and needs of your organisation. Here are some things to look out for when exploring the various tools currently available.

1.      Understand your business needs

The immense number of collaboration software available today provides organisations with an overwhelming number of options. In order to narrow down these choices, managers should analyse the unique needs of the workplace and then select the most suitable solution that satisfies those needs.

This can be accomplished by interviewing employees and identifying areas in the collaborative process where they may experience difficulties. This allows staff to provide some valuable input during the selection process. The insight they provide could be useful in choosing the right collaboration tool.

A particular activity can be completed in a number of ways, so learning about each process from the employees themselves can reveal the best methods for completing them, and by connection – the best solutions for the job.

For example, an employee may experience difficulty explaining a spreadsheet to other staff over the phone. In this situation, the process could be sped up and made more accurate by using a collaboration tool that offers fast and high-quality screen sharing capabilities. Businesses could also use cloud-based spreadsheets in this situation that can be accessed and updated in real-time by employees.

Once the needs of the organisation have been identified, managers should seek out the software that offers the right features for meeting those needs. The goal of using these tools is to provide employees with a collaborative experience that is as efficient and accurate as face-to-face interactions, so it may require reviews of many different tools before they find the right one.

2.      Check for software compatibility

Even after identifying the needs of the business, the collaboration tool options available may still be too large. In order to narrow down the range of options available, organisations should check to see which tools are actually compatible with the existing office and employee systems.

This could prove to be a challenge if the establishment is small and doesn’t have a dedicated IT team. Owners of small businesses could hire the services of managed IT service providers to take care of their IT functions and identify which tools are compatible with their existing systems.

Managed IT service providers can thoroughly vet these collaborative solutions and point out any difficulties or shortcomings that may be encountered when using them. Using certain software could lead to more issues, and these difficulties may require unique IT solutions. Townsville and Cairns organisations should be careful about investing in tools for remote collaboration before understanding their capabilities and limitations.

3.      Try them beforehand

Many collaboration tool creators/providers offer trial versions of their software to allow people to try them out beforehand. These trial versions may come with full functionality or limited functionality that allow users to get a feel for the capabilities.

Managers should help their employees get acquainted with these tools by having them try them out on small non-risky projects. These staff members can then provide feedback on their experience using these tools, and help identify the limitations and shortcomings of each one when performing routine business activities.

4.      Availability of support services

Most collaborative software solutions offer some form of support services. However, the quality and availability of these services can differ greatly between manufacturers.

While some offer 24/7 support services, others may provide support services only during business hours on weekdays. Managers should consider whether their team will require out of hours support as it may come at a higher cost.

Organisations should also look at the types of support services that these providers are offering. Some may offer to send staff to set up the collaboration software and/or troubleshoot any problems that users encounter while using them, whereas other providers may offer support only over the phone and leave the actual troubleshooting to the business’s IT department with access to limited IT solutions.

Townsville and Cairns businesses may already have their resources stretched thin due to the pandemic, so they should go with a collaboration tool provider that offers comprehensive support services for their product

5.      Think about future needs

The current pandemic conditions are expected to be the new “normal” for the next year or so. This is why all businesses should start thinking about long term strategies that include the use of these platforms, especially if they have plans to expand in the near future.

Businesses often develop newer needs as they grow. These future needs may have to be satisfied with the collaboration tools that are being purchased in the present. It may be possible for the organisation to switch to using other collaborative solutions in the future, but this switch could slow down growth while employees familiarise themselves with the new software.

If business owners can anticipate their future needs and select a collaborative solution in the present that is based on those needs, they won’t have to worry about their staff having to learn new software.

It is important to remember that the most expensive solution may not necessarily be the most effective one for your business. Managers should be wary of any collaboration tool providers with flashy websites, as quality marketing may not necessarily equate to quality products.

In summary, before purchasing a collaboration tool for remote teams, assess the needs of the business, narrow down the list of software available based on user experience and compatibility, and make a choice that can benefit them in the future as well.

Author Bio:

Andrew Bischof is the Owner/Director of Future Computers, an IT solutions provider in North Queensland. His dream of working in IT became a reality when he moved to Cairns and took over Future Computers in 2003. Since then, he has been providing IT Solutions in Townsville, Cairns and North Queensland. His goal is to provide clients with IT solutions that surprise, inspire and delight.

The post 5 Considerations When Selecting Collaboration Tools for Remote Teams appeared first on IT Security Guru.

Cybereason Mobile aims to prevent, detect and respond to security issues, shielding customers from emerging mobile threats. With Cybereason’s second new offering, Cybereason Mobile MDR provides a managed service which gives enterprises access to a team of security analysts to counter advanced mobile threats across Android and iOs devices, day and night. 

These extensions into mobile endpoint protection, announced by the Boston-based security company today, can be seen as important steps in providing security in a climate where the traditional IT perimeter of enterprises essentially no longer exists.

Designed in response to the growing calls to defend mobile devices, these two new mobile offerings are even more pertinent given the current surge in remote working as employees work from their homes on laptops and mobile devices in order to prevent further spread of the Coronavirus.

Cybereason Mobile and Cybereason Mobile MDR are industry game-changers since mobile device detection and prevention can now be automated across traditional endpoints and mobile devices. Plus, both of these new additions will be fully integrated into the Cybereason platform, so there is no extra console for analysts to monitor. Mobile devices are another endpoint that need protection therefore these new platforms offer the same simplified, contextualised user experience that Cybereason customers expect.

“Today’s expanding digital footprint makes it critical to have mobile device threat visibility, a massive blindspot within enterprises. The launch of Cybereason Mobile and our managed service is a cybersecurity industry game-changer. It automates the mobile device detection and prevention process and cross-correlates threats across all endpoints from workstations, servers, cloud and mobile. Cybereason is giving security analysts and security operations teams the industry’s deepest visualized cloud services and the ability to stop targeted threats to their networks,” said Lior Div, Chief Executive Officer and Co-founder, Cybereason.

Recognised as the top-ranked offering in the recently published “The Forrester Wave: Endpoint Detection & Response, Q1 2020” Cybereason has gained wide recognition of late,  securing a AAA rating in the Resistance to Evasion category by detecting and blocking 100 percent of the malware and exploits during the NSS Labs Inc.’s Advanced Endpoint Protection (AEP) Test.

The post New Mobile Device Protection Announced by Cybereason appeared first on IT Security Guru.

Martin Hron, senior researcher at Avast who led this research, advises buyers of these products to opt for an alternative from a more trustworthy brand that has built security into the product design. As with any off-the-shelf device, we recommend changing the default admin passwords to something more complex; however, in this case, even that will not stop a motivated individual from intercepting the unencrypted traffic. “We have done our due diligence in disclosing these vulnerabilities to the manufacturer, but since we have not heard back after the standard window of time, we are now issuing this Public Service Announcement to consumers and strongly advise you to discontinue use of these devices,” Hron said.

Red flags right out of the box

Avast Threat Labs first analyzed the T8 Mini onboarding process, following the instructions to download the companion mobile app from http://en.i365gps.com — notably, a website served over HTTP protocol as opposed to the more secure HTTPS. Users can then login to their account with their assigned ID number and very generic default password of “123456”. This information was transmitted over insecure HTTP protocol, too.

The ID number is derived from the International Mobile Equipment Identity (IMEI) of the device, so it was easy for researchers to predict and enumerate possible ID numbers of other trackers by this manufacturer. Combined with the fixed password, practically any device following this sequence of IMEI numbers would be able to be broken into with little effort.

Everything is unencrypted

Using a simple command lookup tool, researchers discovered that all of the requests originating from the tracker’s web application are transmitted in unencrypted plain-text. Even more concerning, the device can issue commands beyond the intended uses of GPS tracking, such as:

· Call a phone number, enabling a third-party to eavesdrop through the tracker’s microphone

· Send an SMS message, which could allow an attacker to identify the phone number of the device and thus use inbound SMS as an attack vector

· Use SMS to reroute communication from the device to an alternate server in order to gain full control of the device or spoof information sent to the cloud

· Share a URL to the tracker, allowing a remote attacker to place new firmware on the device without even touching it, which could completely replace the functionality or implant a backdoor

Unsurprisingly, the companion mobile app AIBEILE (on both Google Play and iOS App Store) was also found communicating with the cloud through a non-standard HTTP port, TCP:8018, sending unencrypted plain-text to the endpoint. Upon dissecting the device itself to analyze how it speaks to the cloud, Avast Threat Labs confirmed that the data again travels unencrypted from the GSM network to the server without any authorization.

What consumers should take away from this research

In addition to the device that is the focus of this research, Avast has identified 29 other models of GPS trackers containing these security vulnerabilities — most of which are made by the aforementioned vendor — as well as 50 different mobile applications sharing the same unencrypted platform discussed above. Researchers estimate there are more than 600,000 devices in the wild with default “123456” passwords and upwards of 500,000 downloads of the mobile apps. Repeated notifications to the device maker revealing the flaws received no response.

Leena Elias, head of product delivery for Avast, urges the public to take caution when bringing cheap or knock-off smart devices into the home. “As parents, we are inclined to embrace technology that promises to help keep our kids safe, but we must be savvy about the products we purchase,” she said. “Beware of any manufacturers that do not meet minimum security standards or lack third-party certifications or endorsements. Shop only with brands you trust to keep your data safe — the extra cost is worth the peace of mind.”

For a deep-dive analysis of the security flaws found in the T8 Mini GPS tracker, please visit the Avast Decoded threat intelligence blog. To hear Leena and Martin discuss the implications for parents, watch this video on the Avast blog.

About Avast
Avast (LSE:AVST) is the global leader in digital security products. With over 400 million users online, Avast offers products under the Avast and AVG brands that protect people from threats on the internet and the evolving IoT threat landscape. The company’s threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technologies to detect and stop threats in real time. Avast digital security products for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, OPSWAT, West Coast Labs and others. Visit: www.avast.com.

The post Avast Discovers Security Flaws In Widespread GPS Trackers Exposing Locations Of Over Half A Million Children And Elderly. appeared first on IT Security Guru.