Security News

Fudo Security announced that the company has signed a distribution agreement with SYNNEX. "Quite often, the misconception is that identity access management solutions are an alternative to privileged access management, but this leaves an organization open to exploits from insider misuse and breached credentials." "Fudo PAM is a comprehensive, all-in-one solution that monitors all remote access and sessions. Other elements like MFA or VPN are insufficient to guarantee a complete safeguard against internal or external threats," explained Patryk Brozek, CEO, Fudo Security.

As the information infrastructure expands with new technologies and locations, zero trust allows organizations to focus on protecting the data, regardless of where it is sourced or how it is used. Now the U.S. Air Force has adopted zero trust to improve and protect its flightline.

As a protective model, zero trust does not put a wall around networks and applications, but around employees and their devices, so it can protect remote environments at scale. Committing to zero trust means assessing where the major security risks are in the existing enterprise environment and understanding the flow of data.

Accurately summarizing the complexities of this implementation process, the National Security Agency released its latest government and industry guidance on the importance of integrating zero trust security. As zero trust is a model, not a single technology or a product, the mindset required for zero trust must be embraced for any implementation to be successful.

Guardicore unveiled new zero trust assessment capabilities in Infection Monkey, its open source breach and attack simulation tool. Available immediately, security professionals will now be able to conduct zero trust assessments of AWS environments to help identify the potential gaps in an organization's AWS security posture that can put data at risk.

G/On has proved particularly effective where organizations need to scale remote access provision fast. The solution only allows access to authorised users and devices.

Gartner predicted in 2018 that at least "80 percent of worker tasks" would shift to mobile devices by 2020. The mobile device that an employee uses to access their corporate data in platforms such as Google Workspace or Office 365 might be used later to browse social media or download a new app for personal use.

SAP applications are getting compromised by skilled attackersNewly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities affecting them are being weaponized in less than 72 hours after SAP releases security patches. MindAPI makes API security research and testing easierSecurity researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier.

Okta Privileged Access is a new product that unifies identity management with least privilege access controls for critical infrastructure to increase development speed, operational agility, and improve zero trust security in enterprise technology environments. To meet today's needs, modern enterprises require a real-time, zero trust security strategy anchored in identity and privileged access management spanning IT, security, and engineering teams.

Guardicore announced new capabilities that extends microsegmentation and zero trust security to the industry broadest catalog of legacy servers, applications, and operating systems. Customers using Guardicore Centra to protect their hybrid data centers that include legacy servers can now extend zero trust policies and granular microsegmentation to IBM iSeries AS/400 servers.