Latest investment to broaden integrations with top firewall vendors.

OTTAWA, Ontario, Oct. 20, 2022 /PRNewswire-PRWeb/ — Corsa Security, leaders in scaling network security, announced today it has secured an additional $10 million in funding from Roadmap Capital. The funds will be used to propel product development of the Corsa Security Orchestrator (CSO) with industry leading features and to engage in key customer trials in multiple geographies. This follows the successful launch of the updated CSO earlier this year and continues the focus on providing dynamic scaling functionality for next-generation firewalls from leading vendors. In addition, the CSO will be specifically addressing the demand for a scalable 5G next-generation firewall through Corsa Security's proprietary clustering technology.

"We are continuing to stimulate our company's growth," said Eduardo Cervantes, CEO and Chairman, Corsa Security. "We are seeing more and more interest in the market as enterprises need easy-to-deploy on-premise network security that allows them to dynamically add virtual firewall capacity at the touch of a button. This funding allows us to further broaden our Corsa Security Orchestrator new features and integrations with top firewall vendors so we can bring our solution to even more customers."

The Corsa Security Orchestrator provides an intuitive interface to simplify all the complex operations associated with running on-premise virtual firewall instances, including licensing, deployment, maintenance, troubleshooting, and push-button scaling. It is designed to deploy, scale and optimize firewalls from leading vendors with tailored workflows that run on commodity compute. By integrating virtualization with intelligent orchestration, organizations can realize up to 9x lower TCO and speed their time to deployment by a factor of 24. The CSO also includes other powerful features to save customers time and money--it automates on?premise virtual firewall deployments, optimizes server resource allocation, and maximizes firewall license credits by scaling up firewalls when and if needed.

**About Corsa Security**

  
Corsa Security is the leader in automating network security virtualization, which helps large enterprises and service providers deploy, scale and optimize virtual on-premise firewalls with speed (24x faster deployment), simplicity (zero-touch operations) and savings (9x lower TCO). By tightly integrating firewall virtualization with intelligent orchestration, the Corsa Security Orchestrator provides an aggregated view of all your virtual firewalls while managing their infrastructure health, capacity and performance. Customers subscribe to the Corsa Security services based on their current needs and then pay as they grow by integrating flex licensing from our firewall partners. Learn how Corsa Security is revolutionizing network security at corsa.com.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Corsa Security Drives Forward with Additional $10 Million Funding

New cloud data survey from the Cloud Security Alliance and BigID sheds light on the state of cloud data security in 2022.

NEW YORK, Oct. 20, 2022 /PRNewswire/ — BigID, the leading data intelligence platform that enables organizations to know their enterprise data and take action for privacy, security, and governance, today released the Cloud Data Security Research Report 2022, in partnership with Cloud Security Alliance (CSA) — with results from over 1,500 IT & Security professionals.

The results? According to the survey, organizations consider cloud data security a top 3 priority when protecting data - and cloud data security posture management (DSPM) is critical to addressing gaps.

Key findings include:

*   **Organizations are struggling with securing and tracking sensitive data in the cloud:** Only 4% believe all of their cloud data is sufficiently secured: over a quarter of organizations aren't tracking regulated data, nearly a third aren't tracking confidential or internal data, and 45% aren't tracking unclassified data.
*   **82% of organizations consider capturing dark data a moderate to high priority this year.** Additionally, 79% of organizations reported to have moderate to high levels of concern around the proliferation of dark data in their organization but are unsure about how to approach the challenge.
*   **SaaS Data needs to become a priority:** 76% of organizations rate tracking data across SaaS platforms as moderately to highly difficult.
*   **Organizations are utilizing multiple cloud platforms:** 86% of organizations utilize multiple cloud platforms to store their data- across IaaS, PaaS, and SaaS
*   **62% of organizations** report that they are likely to experience a cloud data breach in the next year.

"Cloud data security is top of mind for organizations of all sizes, showing that many organizations are unprepared to deal with the unique challenges of securing data in the cloud. With the rapid growth of cloud, it is essential that organizations take steps to improve their cloud data security posture," said Dimitri Sirota, CEO and co-founder at BigID. "This research underscores the value of solutions like BigID to accelerate cloud data security with a risk-based, data-first approach that can scale as data continues to expand across the multi-cloud."

To learn more, download a copy of BigID's Cloud Data Security Research Report 2022 today.

**Learn more:**

*   **Read** a summary of the survey at bigid.com/blog
*   **See** a live demo with our security experts at BigID

**Methodology**

The survey was conducted online by CSA in July 2022 and received 1663 responses from IT and security professionals from organizations of various sizes and locations.

**About BigID**

BigID enables organizations to know their enterprise data and take action for data-centric security, privacy, and governance. Companies deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. By applying next-gen ML across the data landscape, BigID's data security, privacy, and governance solutions enrich and extend the modern tech stack, making it easier than ever to discover dark data, reduce risk, accelerate cloud migrations, achieve compliance, and align with security frameworks by taking a data-first approach. Go big with the BigID Data Intelligence Platform or start small with SmallID: the first cloud-native, on-demand data-centric security solution designed to automatically discover, manage, and protect cloud data - across IaaS, PaaS, and SaaS.

Only 4% of Security and IT Leaders Believe All of Their Cloud Data is Sufficiently Secured

External attack surface management leader unveils evolution of risk intelligence solution, including a virtual sandbox environment to safely validate steps to remediation.

PALO ALTO, Calif., Oct. 20, 2022 /PRNewswire/ — CyCognito today announced the next generation of its Exploit Intelligence solution to help security teams prioritize and mitigate the most critical security risks in their external attack surface. Exploit Intelligence leverages CISA, FBI and other threat intelligence sources, including adversary activity, to create advisories that validate where threats in the wild align to risks in the organization.

Sandbox Virtual Lab, a key new feature of Exploit Intelligence, is the industry's first integrated external attack surface sandbox testing environment. Now security teams can simulate how an adversary would compromise a specific asset, quickly validating if and how a vulnerability can be exploited and the potential impact. Additionally, Sandbox Virtual Lab enables repeat asset testing to ensure proper patching.

This initial release of the Sandbox Virtual Lab focusses on Log4j because it remains a pervasive threat. In the coming months, Sandbox Virtual Lab will also support additional simulate Log4Shell, ProxyShell, ProxyLogon and ZeroLogon threats.

"CyCognito's Exploit Intelligence fills a gap between threat intel and vulnerability management," said Rob Gurzeev, CEO, CyCognito. "The addition of Exploit Intelligence doesn't just link vulnerabilities to specific assets, but answers the important question of why it is important to prioritize fixing specific assets immediately because of their attractiveness to active attackers."

Exploit Intelligence dramatically reduces Mean Time to Remediation (MTTR) of an organization's riskiest external assets, saving security teams time and money. CyCognito's unparalleled discovery and mapping engine paired now with integrated Exploit Intelligence gives security teams actionable knowledge (not just data feeds) to build, test and deploy fixes for today's most pervasive threats, such as Log4j.

Features and benefits include:

*   **Remediation Acceleration:** Exploit Intelligence quickly identifies highest-risk exploitable assets within an external attack surface, empowering security teams to reduce response and remediation timelines from months to days.
*   **Curated Intelligence:** Understand how threats are being actively executed by attackers in the wild and how those threats map to vulnerabilities in your attack surface.
*   **Quick Impact Assessment:** A focused map that paints a picture of all assets potentially at risk, including those assets that are already protected and those that remain vulnerable.
*   **Identify Ownership:** The CyCognito discovery engine determines asset ownership to quickly identify who is responsible for fixing vulnerable assets.
*   **Verify and Act with Confidence****:** Safely test exploits against assets in the Sandbox Virtual Lab to determine actual risk to an IT stack.
*   **Mitigate Threats Faster:** Integrates with SIEM/SOAR, ticketing tools and remediation workflows to provide evidence and mitigation guidance.

**About Cycognito  
**CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk, and how you can eliminate the exposure. Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. The Palo Alto-based company is funded by leading Silicon Valley venture capitalists, and its mission is to help organizations protect themselves from even the most sophisticated attackers. It does this with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers.

CyCognito Launches Next Generation of Exploit Intelligence Threat Remediation Platform

ICS/OT cybersecurity and asset monitoring vendor improves scalability and flexibility with new update.

CHANDLER, Ariz., Oct. 20, 2022 /PRNewswire/ — SynSaber, an early-stage ICS/OT cybersecurity and asset monitoring company, today announced the addition of a new Dynamic Pipeline feature to the company's platform, providing customers with improved scalability and flexibility.

Building upon the product launched in February 2022, this update includes a comprehensive set of features and capabilities to collect, analyze, and curate data at the OT edge. SynSaber was purpose-built to bring edge visibility to industrial networks (oil and gas, water and electric utilities, advanced manufacturing) so that organizations can deploy and scale rapidly, integrate with current technology, and detect threats to protect business-critical assets.

_"SynSaber partners with some of the most important critical infrastructure operators in the nation to protect and provide visibility into how ICS/OT assets are exposed to potential cyber attacks,"_ said Jori VanAntwerp, Co-Founder/CEO of SynSaber. _"With our latest update to the platform, customers are now able to extend visibility and flexibility throughout the organization for cybersecurity to act as a business continuity vehicle and empower operators and asset owners to prevent any operational disruption."_

**Dynamic Pipeline** **'s Key Benefits:**

*   Users can modify data sources, processors, and destinations in real-time, enabling **dynamic configuration changes**without interruption to visibility.
*   Pipeline configuration can be modified and deployed within SynSaber's **visual-based interface.**

The ability to dynamically configure Saber sensors from a visual-based interface allows for greater control and ease of access. In addition to the improved scalability and flexibility the dynamic pipeline provides, the v1.1.0 update includes enhancements to some of the existing features from SynSaber version v1.0.0.

These feature improvements include:

*   **Custom flow module** enables near real-time processing and analysis of data and asset identification.
*   **Improved Syslog support** allows fast and efficient communication with existing infrastructure and technologies.

To see the dynamic pipeline and SynSaber v1.1.0 in action, schedule a demo or visit SynSaber founders at an upcoming event — Oct. 20-21: HouSecCon (Houston, TX); Nov. 2-3: FL Public Power Cybersecurity Summit (Orlando, FL); Nov. 8-9: Co-op Cyber Tech (Washington, DC); and Dec. 9: SANS ICS Consequence-Driven Incident Response Solutions Forum (Virtual event).

**About SynSaber  
**SynSaber is the simple, flexible, and scalable industrial asset and network monitoring solution that provides continuous insight into the status, vulnerabilities, and threats across every point in the industrial ecosystem, empowering operators to observe, detect and defend OT/IT systems and protect critical infrastructure. SynSaber is privately held with funding from SYN Ventures, Rally Ventures, and Cyber Mentor Fund. Learn more at SynSaber.com.

SynSaber Adds New Dynamic Pipeline to OT Cybersecurity Platform

Surprisingly poor cross-team collaboration leads to mismanaged SaaS, wasted money and time.

NEW YORK — (BUSINESS WIRE) — Torii, creator of the #1 Automated SaaS Management Platform (SMP), today released “The State of SaaS At Work Report: Collaboration in a Distributed Workplace.” It reveals that most (60%) IT pros are in the dark when it comes to understanding their cloud app ecosystem, and only a small fraction collaborates with other key teams on controlling costs, securing data, and responding to changing business conditions. It also finds tremendous dissonance between how well IT thinks they’re working with other teams to manage distributed SaaS, and how poorly they actually are.

“SaaS is the ultimate team sport. Everyone from IT, procurement, and lines of business, to finance and security plays an important role in acquiring and managing cloud apps. But in many businesses, the team is dysfunctional. People operate in silos with limited information, no single source of truth, and woefully inadequate collaboration. The only possible outcomes from this are wasted money on apps and licenses, wasted time, and loss of agility,” said Uri Haramati, CEO of Torii. “In today’s distributed, cloud-powered workplaces, businesses can’t afford substandard SaaS management. As Torii’s State of SaaS at Work report makes clear, a new approach to distributed SaaS management rooted in collaboration, transparency, and empowerment is urgently needed.”

**Key Findings from the Torii State of SaaS at Work Report**

Cloud apps are incredibly easy for any employee to trial, purchase, and integrate without ever communicating with IT. Scattered app ownership and data further decentralizes what are now largely distributed organizations, undermining productivity and competitiveness. As cloud application usage increases everywhere, it's critical for IT teams and stakeholders throughout the company to actively participate in managing their cloud applications and spend, together.

**Collaboration Dissonance  
**While some collaboration happens between IT, finance, security, procurement, and HR, it's not happening nearly as often as it should. While 90% of IT leaders praised their collaboration with other teams around SaaS management, in actuality only 20% do so with any regularity, and just 5% collaborate on the majority of business-critical tasks.

**Procurement and Finance are underutilized IT resources  
**Only 14% of IT leaders reported working frequently with finance and procurement teams. But ongoing collaboration and data sharing are essential for minimizing costs, eliminating under-utilized licenses, and surfacing the app usage and cost data needed for continuous spend management and successful contract negotiations.

**Businesses aren’t being proactive enough against Shadow IT  
**Only 20% of respondents work with security and/or compliance often enough to help them discover and derisk unknown applications. Without a complete view of their entire SaaS stack and users, businesses can’t secure sensitive data, ensure authorized access, or meet compliance requirements.

**Access the full report  
**Torii queried 300 IT leaders about the effects of decentralized app purchasing on collaboration and SaaS management. For additional survey findings and implications, access Torii’s complimentary “State SaaS at Work: Collaboration in a Distributed Workplace” report, here.

**About Torii  
**Torii is the #1 Automated SaaS Management Platform (SMP) for today’s increasingly distributed businesses. Unlike conventional tools, Torii empowers an organization’s entire business to come together around their cloud apps and stay in perfect sync as their tech stack evolves. This accelerates innovation and agility, while eliminating millions of dollars in wasted licenses, hundreds of hours spent on manual operations, and protecting sensitive data flowing through known and Shadow IT apps. Torii’s global customers include Carrier Corporation, Instacart, Bumble, Athletic Greens, Palo Alto Networks, and Payoneer. Torii is backed by leading venture capital firms including Tiger Global Management, Wing Venture Capital, Global Founders Capital, Uncork Capital, Entree Capital, and Scopus Ventures. Learn more at www.toriihq.com and follow on Twitter @Torii\_hq or LinkedIn.

New Torii Report Finds 60% of IT Leaders Don’t Know What Apps They Have

HP enhances HP Wolf Security portfolio to stop attackers hijacking privileged access to sensitive data.

PALO ALTO, Calif, October 20, 2022. —– HP Inc. (NYSE: HPQ) today announced enhancements to its HP Wolf Security endpoint protection portfolio, with the launch of Sure Access Enterprise (SAE). SAE protects users with rights to access sensitive data, systems, and applications. It prevents attackers from hi-jacking these privileged sessions – even if the users’ endpoint device is compromised, the access to high value data and systems can remain secure. This stops minor endpoint breaches turning into major security incidents.

Available for both HP and non-HP devices, SAE leverages HP’s unique task isolation technology to run each privileged access session within its own, hardware-enforced virtual machine (VM). This ensures the confidentiality and integrity of the data being accessed, isolating it from any malware in the endpoint operating system. Users are free to conduct privileged, non-privileged, and personal activities securely from one machine. This improves user experience, reduces IT overheads, and enhances protection.

“Gaining access to a privileged users’ device is a critical step in the attack chain. From here, an attacker can scrape credentials, escalate privileges, move laterally, and exfiltrate sensitive data.” comments Ian Pratt, Global Head of Security for Personal Systems at HP Inc. “Sure Access Enterprise is a unique solution that prevents this escalation, thwarting attackers.”

Organizations have several types of users that need to access privileged data, systems, and applications daily. These users range from IT administrators, IoT and OT support staff, through to customer support and finance teams. Allowing these users to perform privileged and non-privileged tasks on the same PC comes with considerable risk. Even if a Privileged Access Management (PAM) system is used to control access to privileged systems, attackers can potentially still usurp privileged sessions, steal sensitive data and credentials, or insert malicious code and commands (e.g., via injected keystrokes, clipboard capture, or memory scraping) if the endpoint is compromised. Traditional best practice has been to issue privileged users with separate dedicated Privileged Access Workstations (PAW) that are used solely for privileged tasks. However, this inconveniences users and increases IT overheads purchasing and managing two systems.

SAE uses advanced hardware-enforced virtualization to create protected VMs that are isolated from the desktop operating system and hence cannot be viewed, influenced, or controlled by it. Thus, confidentiality and integrity of the application and data inside the protected VM can be assured, without the operational cost and complexity of issuing a separate PAW.

“By isolating tasks in protected VMs, which are transparent to the end user, Sure Access Enterprise breaks the attack chain,” continues Pratt. “As well as protecting System Administrators accessing high-value servers, SAE can be used to protect other sensitive assets – for example, protecting credit card details accessed by customer support at a retailer, patient data access at a healthcare provider, or connections to an Industrial Control System at a manufacturer.”

Sure Access Enterprise is available now and features:

*   **Strong Integrations** with Privileged Access Management (PAM) solutions (e.g., CyberArk, BeyondTrust), IPSec remote access tunnels and Multifactor Authentication (MFA).
*   **Centralized Management** to enable separation of duties and flexible policy options – such as locking connections to specific PCs or users or requiring HP Sure View activation for privacy.
*   **Hardware root of trust**, supported by the latest Intel® technologies, to prevent malware from bypassing security controls
*   **Encrypted, tamper-resistant session logging** to track access, without recording sensitive data or credentials, easing compliance.

To learn more, visit: https://www.hp.com/uk-en/security/endpoint-security-solutions.html

About HP  

HP Inc. is a technology company that believes one thoughtful idea has the power to change the world. Its product and service portfolio of personal systems, printers, and 3D printing solutions helps bring these ideas to life. Visit http://www.hp.com.

About HP Wolf Security

From the maker of the world’s most secure PCs and Printers, HP Wolf Security is a new breed of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services.

HP Launches Sure Access Enterprise to Protect High Value Data and Systems

Achieving basic IT hygiene is 99% of the game.

As your company's chief information security officer (CISO), you're responsible for IT and corporate security, as well as the safety and security of company data and assets. You navigate a fraud landscape of ever-changing and newly emerging threats, while analyzing, prioritizing, and communicating these threats to others at the C-level table. If security risks and vulnerabilities are not properly prioritized at an organizational level, your company is more vulnerable to breaches, hacks, and threats.

**A One-Stop "What If" Catalog of Risks**

Your risk register should serve as a standardized framework — a "what if" manual that includes current and potential security risks and how they could impact the organization. This risk register should identify threats, outline the probability they will affect your company, and illustrate the overall potential impact — and it should be continually updated. This inventory of risks may include risk description, cause, result, likelihood, outcome, and mitigation actions, all customized to your organization. Break out your risk register into sections that map to different business units and stakeholders (infrastructure, internal systems, physical security, etc.) and detail how each may be affected by various threats.

How do you decide what goes into your risk register? Much of that depends on your company's cybersecurity posture, identified risks, and potential risks. However, there are some general guidelines to keep in mind.

**1\. Zero trust is a must.**

Yes, hybrid work accelerates fraud. Many new technologies have come to the forefront as companies adapt and adjust to facilitating remote work for their teams scattered across the globe. We now live in an environment of heightened risk, new types of threats, and constant alerts. It's been a year since President Joe Biden issued a cybersecurity executive order outlining the importance of adopting a zero-trust cybersecurity approach, yet only 21% of critical infrastructure organizations have adopted such a zero-trust security model.

Zero trust is something security teams have been talking about for a few years. Think about how the "business perimeter" has changed with multiple teams, multiple devices, and multiple locations. Historically, many thought of zero trust as "trust, but verify." The new zero trust: "check, check again, then trust in order to verify." This means validating every single device, every single transaction, every single time.

**2\. Plan "outside the lines" when it comes to business continuity, disaster recovery, and potential cyberattacks.**

As you construct your risk register, there are remote workplace-specific items to keep in mind. Of course, you want to put security measures in place that will minimize downtime for employees. Bolster your identity and access management via methods such as multifactor authentication. Ensure corporate data is encrypted to prevent sensitive data from getting into the wrong hands. Also, consider current world events, global economic forecasts, and even unpredictable natural disasters, and how each may affect your company's operations.

**3\. Mind the gaps.**

The rise of remote work has corresponded with a rise in shadow IT — those devices, software, and services that employees adopt without IT department approval. The number of software-as-a-service (SaaS) apps running on corporate networks averaged three times the number that IT departments were aware of in 2022.

Here's the problem: You can't protect what you can't see. Shadow IT can introduce information security vulnerabilities in the way of data leaks, compliance violations, and more. As you enable your remote workforce to be more flexible in how they work, visibility should be top of mind. This is, of course, in addition to tightening up identity and access management across the board and doubling down on zero-trust policies.

You should be having continuous conversations with stakeholders to stay one step ahead of shadow IT and application sprawl. Consider creating policies that open a dialogue with IT and the rest of the company. These policies could also encourage employees to go to IT if they want to request a new application.

**4\. Seek the highest common compliance denominator.**

The current global data protection landscape is an ever-changing one, with several regulations, compliance initiatives, frameworks, and mandates (GDPR, FIPS, ISO 27001, SOC, FedRAMP, and more). And there are also country-, region-, and state-specific mandates, such as Brazil's General Data Protection Law and the California Consumer Privacy Act (CCPA).

So, how can you ensure your organization is compliant? Look for the highest common denominator across various regulations. Take bits and pieces from different mandates, regulations, and guidelines and wrap them into your own company's unique framework. You may take some regulations from the EU's General Data Protect Regulation (GDPR) that are more stringent, while taking other tougher regulations from Brazil's law. This way, you adhere to the highest levels of data privacy regulations in real time while supporting your global customer base.

**A Final Word About Basic IT Hygiene**

As you consider the guidelines above, remember this: If you properly patch your machines, keep a close eye on configuration management, and add/remove users in a timely manner, you are mostly there. Even though there will always be new challenges to address (new government mandates, compliance updates, potential security risks), achieving basic IT hygiene is 99% of the game.

Are You a CISO Building Your Risk Register for 2023? Read This First

Compliance activities are often viewed as frustrating but necessary. That's an understandable view as teams often have to apply a set standard to existing systems and figure out how to collect enough evidence to answer an audit.

Compliance activities are often viewed as frustrating but necessary. That's an understandable view as teams often have to apply a set standard to existing systems and figure out how to collect enough evidence to answer an audit.

That work requires a lot of documentation, verification, and digging up answers to questions long forgotten. Approaching compliance in this way — while common — does your security practice a disservice.

Let's ignore the word "compliance" for a bit. Can you answer this deceptively simple question: "Is your security practice doing what you think it is?"

Are the controls you've rolled out effective? Do other teams follow the appropriate process for changes? Can you follow a transaction across your systems to respond to an incident?

**Are We Supposed to Test?**

One area with a shocking lack of attention is testing, and that's probably because testing in development is always a challenging balance of effort vs. return. But at least within the build process, it's accepted that code and integrations must be tested.

When was the last time you saw a standardized regular security control test?

At best, teams will engage in a penetration test or a red-team exercise. While these are often a heavy lift, they often generate excellent results, even if they take a significant investment of resources and time. Unfortunately, you won't see that level of effort applied for each and every deployment to production.

If we keep digging, we'll find teams that do, in fact, have some testing integrated into the CI/CD pipeline. Vulnerability scanning and infrastructure-as-code (IaC) template scanning are the most common tools implemented here.

Vulnerability scanning aims to find known vulnerabilities in out-of-date software. These issues can often be addressed by updating code dependencies, applying a path to update key software, or rolling out a mitigating control elsewhere in the infrastructure.

IaC template scanning is looking for potential issues _before_ they hit production. Misconfigured permissions, gaps in logging, unencrypted connections, and other issues can be addressed by builders much easier at this stage when compared to addressing them in production.

But these two steps are often the end of any security testing. Why is that?

**Too Many Competing Priorities**

One simple answer is that it just usually isn't done. Security testing typically happens when evaluating a control or process but after that, the assumption is that it continues to work.

If you shuddered a bit at "assumption," you should. As a community of practice, if we want to keep our tin foil hats, testing should be top of mind.

Nothing is ever that simple, though. Testing security controls can be tricky, which makes figuring out how to automate tests even more challenging for teams that historically don't have a deep bench for development activities.

With the move to the cloud, the barrier to security testing has dropped significantly. We've seen the first steps with the inclusion of vulnerability and IaC scanning inside the CI/CD pipelines used by development teams.

It's time for security teams to implement regular testing not only in the build pipeline but in production.

**Simple Wins the Day**

Testing doesn't have to be complicated. Simple checks will go a long way.

Validating that a security group actually prevents access from unlisted IP blocks, verifying access for users and systems, making sure that logs are being written to the correct location, and other tests are a good place to start.

These basic checks provide a safety net beyond vulnerability and IaC scanning to verify that your security controls and processes are working as expected.

**What About Compliance?**

The bonus? That type of testing and verification _is_ compliance. When you peel back the layers, compliance activities are really just proving that you are doing what you said you were going to do.

Organize the results of these tests with compliance audits in mind, and you're doing the work as you go. That's continuous compliance. If you and your team can build that habit, it not only improves your day-to-day security practice, it will greatly simplify your compliance work as well.

This isn't a different approach to compliance; it's just a different way to look at it. Hopefully, it's a perspective that helps you understand the value.

Your next steps are to start to build and automate these simple tests, roll out tools such as vulnerability and IaC scanning, and start practicing continuous compliance.

**About the Author**

    

I'm a forensic scientist, speaker, and technology analyst trying to help you make sense of the digital world and it's impact on us. For everyday users, my work helps to explain what the challenges of the digital world. Just how big of an impact does using social media have on your privacy? What does it mean when technologies like facial recognition are starting to be used in our communities? I help answer questions like this and more. For people building technology, I help them to apply a security and privacy lens to their work, so that they can enable users to make clearer decisions about their information and behavior. There is a mountain of confusion when it comes to privacy and security. There shouldn't be. I make security and privacy easier to understand.

Security Testing Improves Headaches & Compliance

Bolster delivers intelligence and remediation across web, social media, app stores, and Dark Web, with 24/7, live SOC support.

**Los Altos, CA- October 20, 2022 —** Bolster, Inc., the automated digital risk protection company, today announced the addition of Dark Web Intelligence and 24/7 support. Bolster’s new Dark Web offering is the easiest to use actionable threat solution on the market - adding to the value of the entire Bolster product portfolio. Customers will have access to a comprehensive platform able to monitor and protect their brand across the web, social media, app stores and dark web; with access to experts 24/7.

Designed for actionable insight, Bolster’s Dark Web monitoring allows organizations to gather threat intelligence across the dark web and predict how threat actors will behave and act. Organizations can discover hacking tools, exploit kits, relevant chatter and how that affects a brand. The Bolster platform offers automated and curated responses that deliver the most effective risk mitigation strategy internally.

“Because the dark web can be a place of great intelligence on pre and post breach information, having dark web monitoring is essential to understanding threats to your brand,” said Abhishek Dubey, co-founder and CEO of Bolster, Inc. “We have designed our solution to be completely actionable by allowing customers to create curated, automated workflows when they spot a certain type of alert or activity. This allows for an easy method of both obtaining instant insight and responding quickly and effectively to threats.”

When a threat or suspicious activity is discovered, customers now have the ability to call a security expert 24/7 and 365 days a year. The 24/7 support offering provides the following services:

*   **Around the Clock Support:** Whether it be active online threats or questions about reporting, Bolster’s 24 hour, 7 days a week, 365 days a year SOC team support will put customers in direct contact with a security expert.

*   **Strategic Planning:** A dedicated, curated quarterly business review and executive reporting will be available to provide consulting, configuration strategies, best practices, strategic adversary services, and more. Strategic planning will help organizations plan for and mitigate future risks.

*   **Expert Management:** Bolster managed services allow customers to focus on their core business objectives while they handle the detection, monitoring, and takedown of threats to brands. Customers will have a trusted team of experts to navigate the digital risk landscape.

With dark web intelligence and around the clock expert support built into the Bolster platform, customers have the one consistent, intuitive experience to track threats across any online channel. Ease of use and a hands-off remediation process will help ease training and administration as well as refocus IT resources to other core business objectives. Bolster offers the industry’s best user experience for detecting, monitoring, and remediating digital risk.

For more information on Bolster, please visit: https://bolster.ai/

**About Bolster, Inc.**  

At Bolster, our mission is to make the internet safe for everyone. That's why we created the first and only fully automated platform purpose-built from the ground up to detect, monitor, and take down fraudsters on the Internet. We call it Automated Digital Risk Protection. Our comprehensive platform offers the most efficient protection across web, social media, app stores and the dark web to combat fraudulent sites and content. Bolster was founded in 2017 by security industry veterans with headquarters in Los Altos, CA. To learn more, go to www.bolster.ai.

Bolster Deepens Platform with Dark Web Threat Intelligence and 24/7 Support

CISOs and security leaders in state and local governments are dealing with increasing threats like ransomware — with varying degrees of cyber maturity.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Source

DARKReading