Security News > 2021 > July

TrustInSoft announced an Application Security Test specifically designed to mathematically guarantee bug-free code in embedded Internet of Things devices. This AST for IoT is based on TrustInSoft's Analyzer to provide the equivalent of static and dynamic code analysis of C/C++ source code using Formal Methods testing to guarantee the absence of undefined source code behaviors.

Immuta launched new SaaS deployment option, enabling data teams to implement data access control across their entire cloud data environment in minutes. Modern data teams are moving to pure SaaS deployments for all of their analytics and data science, and they want access control delivered in the same way.

Bitwarden announced a broader set of password management features for enterprises seeking to ensure password security at scale. Admin Password Reset, a new policy feature available to Bitwarden enterprise plan customers, provides designated administrators the ability to reset passwords on end-user accounts if an employee loses or forgets their Bitwarden password.

Neustar and Equifax released Financial Spectrum, an audience segmentation and media activation solution designed to meet the unique demands of financial services marketers. Financial Spectrum offers asset-based customer segmentation to financial services marketers, reducing compliance risk by leveraging actual, direct-measured financial data and no protected-class demographic variables like age or marital status.

MariaDB announced a collaboration with Amazon Web Services to bring MariaDB SkySQL to the cloud, ensuring massive scalability and availability for businesses deploying high-performance database-as-a-service on AWS. The collaboration enables deeper product integration and a go-to-market relationship that better serves joint MariaDB and AWS customers, and those enterprises ready to execute cloud modernization strategies. Combined with Amazon Elastic Kubernetes Service/AWS Fargate and global AWS scale, SkySQL can deploy MariaDB on AWS as a distributed SQL database for scalable transaction processing, as a multi-master cluster for continuous availability, or as a multi-node columnar database for data warehousing and analytics requiring high availability and/or scalability.

Another potential mitigation has emerged for the PrintNightmare zero-day vuln, which lets low-privileged users execute code as SYSTEM on Windows domain controllers: remove those people from a backwards-compatibility group. While the patch for CVE-2021-1675 also protects against PrintNightmare on most Windows devices, it didn't do so for domain controllers, which caused some puzzlement among security researchers.

Armorblox announced a strategic technology partnership with Intermedia to protect customers from advanced email attacks that target potentially vulnerable users. Armorblox technology powers AI Guardian, included with Intermedia Email Protection, to detect and alert users to sophisticated email attacks that weaponize the context of communications to steal money and data.

After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks. The criminals are currently using a new version of their file-encrypting malware and have moved the operation to a new leak site that lists a handful of victims.

According to Gartner, the SASE market is expected to grow at a CAGR of 42 percent, reaching almost $11 billion, with at least 40 percent of enterprises having SASE adoption strategies in place by 2024. In recent global research it was revealed that more than two thirds of organizations couldn't correctly define SASE. To raise awareness within the market on SASE and the benefits it can bring to organizations, Versa will use its new funding to invest in driving global educational marketing and sales campaigns, as well as further supporting its partner communities to spread the message to enterprises across the globe.

Sevco will use the funding to scale adoption of the cloud-native security asset intelligence platform that delivers two fundamental values to customers: continuous converged visibility of all assets across siloed systems; and the telemetry required to understand how assets change in a dynamic environment over time. "Led by two executives who helped create the EDR market, Sevco knows how to innovate and operationalize technology for the masses. We believe Sevco will bring the same disruption to security asset intelligence that they did to endpoint security."