- 1. Appgate SDP enables clientless, browser-based access to protected resources
"Appgate SDP creates one-to-one connections between users and resource locations and dynamically enforces identity-centric access policies at the network level."
- 2. StackPulse helps enterprises deliver reliable production-grade Kubernetes applications
"The 15-month old company that exited stealth mode in January, with $28 million in funding" and "When an error is detected in a Kubernetes environment, StackPulse automatically executes diagnostic steps to gather information from the clusters, and assists engineers in performing the root-cause analysis. This automation helps them quickly identify how to mitigate and resolve an issue. Additionally, StackPulse has released more than a dozen playbooks built by SRE experts that remediate common Kubernetes problems."
- 3. Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites
"Incydr Browser Upload Detection is built to detect and alert security teams to unsanctioned browser upload activity, such as employees uploading business documents to personal cloud, email or social media accounts or source code repositories, regardless of the network or internet browser being used." and "The Incydr browser upload detection capability is more efficient for security teams to manage as there is no need to maintain browser plug-ins or proxies, and makes investigation and response quicker and more accurate." - But without a browser plugin or proxy, so via an agent?
- 4. Imperva acquires CloudVector to provide visibility and security for API traffic
"Imperva announced it has entered into an agreement to acquire CloudVector. CloudVector enables customers to discover, monitor, and protect all API traffic in any environment from exploits and breaches."
- 5. Sysdig adds detailed audit logs for runtime detection and response for AWS Fargate
"Runtime detection for AWS Fargate on Amazon ECS based on Falco, Audit trails, rapid response, and capture files for AWS Fargate workloads (Sysdig captures and records all AWS Fargate activity — including commands, network connections, and file activity — and correlates the information with rich context from the cloud and Kubernetes.), Unified view across AWS Fargate security posture, vulnerabilities, and threats" - I love this.
- 6. ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response
"ThreatQuotient announced ThreatQ TDR Orchestrator, a new data-driven automation capability for more efficient and effective threat detection and response. This capability enables users to control what actions are to be taken, when, and why through the use of data."
- 7. Palo Alto Prisma Cloud targets unprotected VMs and container security
"Auto-Detection and Auto-Protection for Hosts: Prisma Cloud now automatically detects unprotected virtual machines (VMs) running on AWS, Microsoft Azure and Google Cloud Platform (GCP). It seamlessly deploys the Prisma Cloud Defender agent to help ensure that VMs are not left unprotected....Anti-Malware Capabilities at Runtime and During Continuous Integration and Delivery (CI/CD) Scenarios, Simplified Compliance for Hosts, Containers and Serverless Applications, Open Source License Analysis and Expanded Software Composition Analysis" Sounds like they are integrating acquisitions: Bridgecrew, Aporeto. PureSec, Twistlock, RedLock
- 8. SecureAuth expands identity-as-a-service options
"SecureAuth's new support for PIN protection for all FIDO2 WebAuthn-compliant portable authenticators such as the YubiKey 5 hardware key is intended to reduce the risk of lost or stolen authenticators being abused. The new SecureAuth Endpoint client enables multifactor authentication at login for Windows, Mac and Linux devices, including support for passwordless login by using – for example – a biometric WebAuthn authenticator and a PIN. Finally, the new SecureAuth Mobile SDK allows organisations to quickly integrate multifactor authentication into their own apps, avoiding the need to use a third-party authenticator."
- 9. IPO values Darktrace at £2.2 billion
- 10. KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature
"The KnowBe4 phishing platform now leverages machine learning to recommend and deliver informed and personalized phishing campaigns based on users' training and phishing history. Using data from KnowBe4's Artificial Intelligence Driven Agent (AIDA), a new recommendation engine enables admins to automate the selection of unique phishing security test templates for their users. It analyzes user data such as the number of failed phishing security tests, the types of attack vectors in those failures, how often suspicious emails are reported through the Phish Alert Button, the frequency and recency of training completions and more."
- 11. Influencing Future of Cloud Security with MITRE ATT&CK® for Containers
- 12. Rapid7 : Kubernetes Security Is Not Container Security
"To complete this analogy, you can think of image scanning as the cloud equivalent of source code scanning, which checks if you have known vulnerabilities in your code. Image scanning is important, but it isn't a replacement for a firewall, antivirus, or proper operating system configuration. In the old days, when containers ran only on top of Docker, container security was enough. Nowadays, make sure you don't overlook the operating system (Kubernetes) and focus only on the apps (containers), because doing so will leave large gaps in your security and compliance."
- 13. Sonatype Helps Organizations Manage Open Source License Obligations and Speed up Legal Compliance with New Tool
"Sonatype, the leader in developer-friendly tools for software supply chain management and security, today unveiled its Advanced Legal Pack which fundamentally changes how both legal teams and developers manage open source licenses and compliance. Using machine learning and artificial intelligence, the pack automates open source license compliance eliminating manual work, drastically improving team productivity, and expediting development innovation and release times. "
- 14. Sectigo Acquires SiteLock, Solidifying Its Market-Leading Position in Web Security
"Sectigo, a global provider of automated digital certificate management and web security solutions, announced the acquisition of SiteLock, a leading provider of website security protection and monitoring; the transaction also included Patchman, a Netherlands-based provider of automated Content Management System (CMS) vulnerability scanning and patching solutions."
- 15. Thoma Bravo’s $12.3 Billion of Proofpoint
- 16. Cybersecurity firm Acronis pulls in $250m in CVC-led funding
- 17. Cymulate nabs $45M to test and improve cybersecurity defenses via attack simulations