RUBRIK FORWARD: SAN DIEGO, Calif., May 17, 2022 -- Rubrik, the Zero Trust Data Security™ Company, today announced Rubrik Security Cloud to secure customers’ data, wherever it lives, across enterprise, cloud, and SaaS.

Ransomware is on the rise and cyberattacks are getting more sophisticated. Despite investments in infrastructure security tools, cybercriminals are still getting through to the data. And when they take the data down, they take down the entire business. It’s time for a new approach. The next frontier in cybersecurity pairs the investments in infrastructure security with data security giving companies security from the point of data.

Rubrik is a pioneer in data security and the Rubrik Security Cloud delivers three unique capabilities:

● Data Resilience: Safeguards data by providing immutable, logically air-gapped data protection with multi-factor authentication-based access control.

● Data Observability: Continuously monitors risks and investigates threats to data including Ransomware Monitoring and Investigation powered by machine learning to detect data anomalies, encryptions, deletions, and modifications; Sensitive Data Monitoring to find and classify the most sensitive data, and assess exfiltration risk; and Threat Monitoring and Hunting to identify indicators of compromise and find the last known clean copy of data.

● Data Recovery: Quickly contains threats and recovers data, whether it’s a file, application data or a mass recovery for the entire organization. Rubrik’s new Threat Containment capability quarantines malware and restricts user access to infected data to support safer recovery.

As organizations continue to struggle with cyberattacks that compromise data, Rubrik also launched the Data Security Command Center to easily assess whether data is safe and capable of being recovered from a cyberattack. Now, customers can see which data is at risk and get recommendations to make their data more secure.

“Every company in the world is vulnerable as cybercriminals get more savvy every day,” said Bipul Sinha, Rubrik CEO and co-founder. “With Rubrik Security Cloud, we are strengthening customers' defenses so they can secure their business across enterprise, cloud, and SaaS workloads. Our data security platform enables our customers to defend their data, recover quickly, and prevail in this new cyber landscape.”

“INTEGRIS Health is proud to be the largest not-for-profit health care system in Oklahoma, with eighteen hospitals in our network and more than a million patients that rely on us every year for their health care needs. With the expansive network we support, it’s paramount that our data is resilient, and we maintain a strong data security posture to keep our hospital moving. As a CIO, I believe Rubrik is an important service and helps us provide excellent patient care. As a Rubrik customer, we’re thrilled to see the continued innovation with Rubrik Security Cloud and the company’s ongoing focus on keeping customer data safe and making it easy to recover in the face of cyber-attacks, like ransomware,” said Bill Hudson, CIO of INTEGRIS Health.

"NJ TRANSIT delivered more than a quarter of a billion annual passenger trips before the pandemic and is responsible for our riders’ safety, mobility, and livelihoods every day. It’s imperative that nothing interrupts our business, so we’ve prioritized a strong data security strategy in partnership with Rubrik. We’re committed to the ongoing and necessary work that gives our data resilience and helps us reduce our risk as we face ever evolving, and inevitable, cyber threats,” said Rafi Khan, CISO of NJ TRANSIT.

**Research and Development Fuels Additional Capabilities**

As part of Data Observability, Sensitive Data Discovery for Microsoft 365 discovers and classifies sensitive data within Microsoft 365 to better assess risk and help maintain compliance with regulations.

These latest integrations build on the joint collaboration between Rubrik and Microsoft. Last year, Rubrik Cloud Vault built on Microsoft Azure was launched to help customers better defend against cyberattacks using a fully managed, secure and isolated cloud vault service. Since launch, Rubrik has seen strong demand for Rubrik Cloud Vault across key industries including Healthcare and Life Sciences, Manufacturing, State and Local Government, and Financial Services as customers build Zero Trust solutions to defend against and recover from ransomware.

“Businesses need a data resiliency strategy to keep their data secure in the face of escalating cyber threats,” said Jurgen Willis, Vice President Microsoft Azure. “Rubrik's Security Cloud, which builds on integrations with Rubrik Cloud Vault and Microsoft Azure, will help customers accelerate their Zero Trust journey.”

For more information about Rubrik Security Cloud and other R&D innovations, click here.

Rubrik Security Cloud is available now and new enhancements will be available in the months ahead.

**About Rubrik**

Rubrik, the Zero Trust Data Security™ Company delivers data resilience, data observability, and data recovery for organizations. Rubrik keeps your data safe and easy to recover in the face of cyber attacks and operational failures. Now you can recover the data you need, however and whenever you need it to keep your business running.

For more information please visit www.rubrik.com and follow @rubrikInc on Twitter and Rubrik, Inc. on LinkedIn.

Rubrik Launches Rubrik Security Cloud to Secure Data, Wherever it Lives, Across Enterprise, Cloud, and SaaS

A widespread attack is underway to exploit known RCE flaw in Tatsu Builder WordPress plug-in, according to a new report.

A no-code page builder WordPress plug-in, Tatsu Builder, has a known remote code execution (RCE) flaw that's under active attack, researchers report, exposing as many as 50,000 sites to takeover. 

The Wordfence threat intelligence team is raising the alarm over what it calls a "widespread" attack attempting to exploit CVE-2021-25094, publicly disclosed on March 24. The vulnerability impacts both the premium and free versions of Tatsu Builder. 

Because it's not listed on Wordpress.org, the team says it doesn't know exactly how many installations the plug-in has, but they estimate it's anywhere from 20,000 to 50,000 sites. 

The Wordfence report says the Wordpress plug-in attacks first popped up on May 10, and by May 14 threat actors had already launched 5.9 million attacks against 1.4 million sites running Tatsu Builder. 

“When it comes to cybersecurity, most organizations give little thought to their websites," Chris Olson, CEO of the Media Trust, said in a statement in reaction to the attacks. "The Tatsu vulnerability shows us why this is a mistake: websites — which play a key role in marketing and revenue generation — are increasingly targeted by hackers, making them a source of risk to customers and casual visitors." 

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Widespread Attack on WordPress Sites Targets Tatsu Builder Plug-in

Creating a company culture for security may need to start by tearing down an anti-security culture.

"Culture eats strategy for breakfast" is a frequently used (and just as frequently misattributed) quote about the relative power of formal strategies and the cultures that put them into practice. Whether executives can strategize around their own culture is highly debatable, but here's something I know to be true: Culture chews giant holes in cybersecurity.

The idea of a "security culture" is powerful and popular in both cybersecurity and physical security worlds. Basically, it's the notion of making security-aware behavior so much a part of the organizational culture that the people in the organization become a powerful defensive component. It is, in most cases, the endgame of cybersecurity awareness training and the much-desired ultimate stage of cybersecurity maturity.

That's all good, but my concern is at the other end of the process — the one in which the organization's culture is not only blind to cybersecurity but also actively hostile to much of the good behavior that makes cybersecurity work.

**Friction = Bad  
**Efficiency is an obsession for most executives. Making sure that the maximum results come from the minimum investment is good business sense. Friction takes energy and turns it into something other than desired results. The more friction, the less efficiency, and the more waste. Seems simple, right? But there's a problem.

Many necessary business processes add friction to the system. Collecting (and paying) taxes adds friction. Keeping records adds friction. Human resources, health and safety safeguards, and yes, cybersecurity, all add friction. That's why some businesses develop a culture that considers each and every one of these activities to be something bad — something to be minimized, avoided, or worked around. Which is fine ... to a point.

The key to business success with all of these (and similar) activities is not to eliminate them but to make sure that the friction imposed on business processes is proportional to the business benefit derived from the activity. An unhealthy organizational culture says, basically, that there is no business benefit sufficient to warrant any friction in the most basic business activities – usually defined as marketing and sales. When the essential culture of the organization is along these lines, anything that injects friction will be at best ignored and at worst subverted. And this is the point where cybersecurity awareness training has to start.

**Mind the Gap  
**Cybersecurity awareness training begins with the simple premise that cybersecurity has value. And for that message to get through to users, the organization's culture must accept that the friction cybersecurity adds to business processes is worthwhile — that the cost of cybersecurity will be an investment rather than a boondoggle.

Too often we have created business cultures that prioritize efficiency and productivity not only over all other considerations but also to the exclusion of all other considerations. These are cultures that like to consider themselves ruthless and relentless and are all too often reckless and blinkered. Employees are often encouraged — implicitly by the culture, if not explicitly by management — to go around anything that might add friction to a process. That "thing" can be record-keeping, compliance with regulations, or cybersecurity. In each of these cases, the ultimate cost of evading the friction can be much higher than accepting it as part of doing business. And that's the blunt message that may have to lead cybersecurity awareness training in one of these "damn the consequences" cultures.

In the best of outcomes, cybersecurity awareness training results in a culture that values cybersecurity and prioritizes the actions and attitudes that make security part of everyday business behavior. But that outcome may lie at the end of a long road; the first step is building simple acceptance that cybersecurity has value for the company.

Training to Beat a Bad Cybersecurity Culture

Most local leaders lack cybersecurity resources so they don't know where their weaknesses are and which areas threat actors are most likely to target, with little focus or understanding of risk.

Local governments remain prime targets for ransomware, as hackers lock up government systems and leave municipalities with few resources and long recovery times. Everything from emergency response systems to hospitals, schools, and the elections could be up for grabs as these threat actors wreak as much havoc as possible.

It's a scary time as the landscape grows to include new threats like "killware," which is exactly as dangerous as it sounds. As Homeland Security Secretary Alejandro Mayorkas said recently, "The attacks are increasing in frequency and gravity, and cybersecurity must be a priority for all of us."

Sadly, it's not.

Hackers are consistently breaching local government systems that have weak password policies, lack multifactor authentication, and lack proper data recovery processes and tools. Those most at risk are not properly managing even the most basic security tasks, such as solidifying data backup and recovery processes. Users often share credentials like it's a Netflix account and critical systems are at risk because of it. Most local governments lack proper information security and governance.

Local leaders often lack the resources, budget, and knowledge for cybersecurity. Most don't know where their weaknesses lie and which areas threat actors are most likely to target because there is not a focus on understanding information security risks.

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly wants them to step up. The National Association of State Chief Information Officers (NASCIO) adds further urgency with its top 10 priorities for 2022, in which risk management and cybersecurity top the list.

Here are a few steps that local and county governments can take to improve their cybersecurity posture and avoid a costly breach.

**Contact a Cybersecurity Professional  
**In many cases, IT teams advising on cybersecurity are punching above their weight. But the risk of a cyberattack can't be ignored. Local governments need to partner with an organization that can not only check compliance with cybersecurity standards but also technically assess their controls.

Even if local governments are subject to cybersecurity policies, policies do not equal security. Compliance audits should check against the 18 Center for Internet Security (CIS) critical security controls and the National Institute of Standards and Technology (NIST) cybersecurity framework and also include a technical control suitability and configuration review.

In other words, the assessment should dig into the technical weeds. It should identify how governments are orchestrating backups, which forms of remote access are in use, whether there is multifactor authentication on all of them, how strong the passwords must be, and email security.

Undoubtedly there is a lot of work involved here and some of it is costly. However, a proactive approach is far cheaper than paying recovery costs (even if ransom isn't paid) and trying to repair the integrity of a government's systems and its reputation. In 2020, ransomware attacks cost US government organizations nearly $19 billion.

**Use Available Funding  
**Many local governments cite a lack of funding as a reason that cybersecurity isn't taken more seriously. While funding circumstances vary greatly across the country, there are some resources available that, although not exclusively for that purpose, can be allocated to cybersecurity.

As part of the American Rescue Plan, the Coronavirus State and Local Fiscal Recovery Funds (SLFRF) program delivers $350 billion to state, local, and tribal governments across the country for a variety of uses, including cybersecurity. Hundreds, if not thousands, of local governments aren't spending those relief funds in that way.

According to a report by Deloitte and NASCIO, the majority of states spend only 1% to 2% of their IT budgets on cybersecurity, yet federal agencies and private sector businesses spend 5% to 20%. Attackers are targeting local governments just as disproportionately as they spend on security. One study in 2020 found that local governments are the most common target of cybercriminals, with 45% of ransomware attacks aimed at municipalities.

**Perform a Penetration Test  
**Once you've identified the right cybersecurity partner and some funding to help increase your security posture, you'll want to start with a technical control suitability and configuration assessment, including a penetration test. This is an eye-opener for a lot of local governments that never thought twice about sign-in credentials or the risk posed to systems that are often taken for granted, like emergency response or traffic lights.

Your cybersecurity partner should perform both internal and external pen testing in their assessment. The data points that come out of those studies should serve as priorities for the administration and basically provide the to-do list for the next 24 months to orchestrate and support a cybersecurity strategy.

There is no quick fix for cybersecurity, but there are plenty of reasons to make the investment outside of recovery costs or ransom payments.

Consider that the Washington, DC, police network was breached and hackers posted hundreds of pages of purported internal documents. In Cornelia, Georgia, a fourth ransomware attack in two years disabled the town's software network so it couldn't pay its outstanding bills or bill its own customers for water use. In fact, water treatment plants have been of particular interest to hackers. Public water systems were hacked in California, Florida, and Pennsylvania last year, although thankfully none of the attacks have resulted in poisoned water reaching residents.

Local governments have already been targeted heavily and their threat landscape has only increased since Russia's invasion of Ukraine. The US has been bracing for Russian cyberattacks to hit home as the conflict intensifies. Municipalities, particularly the ones that control utilities, can protect against hackers' disruptions by making the necessary investments in security. With proper protections, you can save yourself from those headaches and avoid the disastrous disruptions and costs of an attack.

Local Government's Guide to Minimizing the Risk of a Cyberattack

The online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription.

Developers who want to benefit from Google's security efforts will soon be able to subscribe to a service that allows developers to use open source components that they know have been vetted and patched for security issues by Google's developers.  

The service, dubbed Assured Open Source Software (OSS), provides versions of popular open source packages that are scanned frequently, augmented by metadata created by code analysis, comply with the nascent Supply chain Levels for Software Artifacts (SLSA) framework, and are signed by Google. 

In many ways, the service is similar to the curated Linux distributions maintained by companies such as Red Hat and Ubuntu, says Eric Brewer, vice president of infrastructure for Google Cloud and a Google Fellow.

"The idea of having curated version is not new per se, but it is just more important than ever," he says. "Plus, we wanted to show that it is important to actually do the provenance, do the metadata, do the scanning, do the fuzzing, build it from source — and sign it. That's the right way to do it."

The announcement of the new service comes a week after the Linux Foundation and the Open Software Security Foundation, along with the support of nearly 40 companies, released a plan for securing open source software. That effort is focused on 10 separate initiatives in three broad areas: securing open source production, improving vulnerability discovery and remediation, and speeding patch cadence.

While Google is a major sponsor of the effort and has provided technology and specifications for a myriad of security-focused efforts — such as Security Scorecards, AllStars, and the Alpha Omega Project — Assured OSS will be eventually be a paid, commercial service, Brewer says.

"Last week was about the community focus," Brewer says. "But you ... \[also\] need a lot of private investment from many different companies to make these things better, easier to use, and you also need — especially for the critical core stuff — you need a lot of industry cooperation."

    

Open source software requires companies to analyze and maintain commonly used components. Source: Google Cloud blog

**Scanning, Fuzzing, and Checking on 100K Cores  
**While most companies maintain their own package management system as a private repository, Google's level of vetting and security testing is significant, when looking at the numbers.

The company has an end-to-end process that includes continuous fuzzing of more than 500 of the most popular packages, using a massive infrastructure based on 100,000 processor cores, Google stated in a blog post announcing the Assured OSS service. The company also provides software bill of materials (SBOM) and supply chain integrity checking through the SLSA framework.

The Assured OSS framework will also natively integrate with software-security analytics firm Snyk.

"We recognize that most organizations do not have the resources or experience to construct and operate such a comprehensive program," Google Cloud stated in its blog post. "Instead, their development teams might individually decide where they get third-party source code and packages, how they are built, and how to redistribute them within their own organizations according to their goals, threat and risk model, and resources."

**Overlapping Efforts Pose inefficiency Risk  
**Google is not alone in offering a curated collection of vetted open source software. In addition to the aforementioned Linux distros, a variety of companies — such as Anaconda — have created vetted repositories that include managing both patching and integrity issues for companies. In addition, other companies — such as Snyk, Sonotype, and Debricked — offer ways to evaluate open-source projects and libraries based on security metrics.

Google's new service raises the specter, however, that multiple companies will offer overlapping services that provide similar analyses of the top 500 packages, but do not venture into vetting packages that are less popular but still important. While redundancy is often a good attribute — because a company could find a vulnerability that another company misses — it is important for organizations to also provide more coverage across a greater number of packages, Brewer acknowledges .

"There are lots of ways to work together, but I think open source by its nature, because it is already shared, requires we work together better," he says. "So at a minimum, we should make sure that we are fixing different packages, rather than fixing the same packages — it would be globally inefficient to do that."

Assured OSS will be available to preview sometime in the third quarter of 2022, according to Google.

Google Cloud Aims to Share Its Vetted Open Source Ecosystem

Expansion includes new capabilities for hybrid deployment models and industrial Internet of things (IIoT) environments.

ATHENS, Greece, May 17, 2022 /PRNewswire/ -- Barracuda Discover.22 EMEA Partner Conference --

**Highlights:**

*   Cloud-native Secure Access Service Edge (SASE) platform from Barracuda now supports hybrid cloud environments, enabling deployments in Microsoft Azure and at the private service edge.
*   Barracuda provides industry-leading, highly scalable connectivity and security support for the industrial internet of things (IIoT). Technology integrations with FireMon, Skybox, TTTech, and Nozomi further expand the scope of security services.
*   Barracuda's Zero Trust Access solution is now simpler to deploy, leveraging a new virtual deployment with integrated directory connectors.

Barracuda Networks, Inc., a leading provider of cloud-first security solutions, today announced the expansion of its cloud-native SASE platform. Barracuda's SASE platform streamlines Secure SD-WAN, firewall-as-a-service, Zero Trust Network Access, and Secure Web Gateway functionality and incorporates secure connectivity to industrial IoT devices. The expansion includes new capabilities for hybrid deployment models and IIoT environments. Additionally, new technology integrations offer secure data transfer, orchestration, asset management, and anomaly detection.

**According to Gartner®**, "By 2024, 80% of SD-WAN deployments will incorporate security service edge (SSE) requirements, up from less than 25% in 2022."1

As part of the Barracuda SASE platform, CloudGen WAN, Barracuda's Secure SD-WAN service and firewall-as-a-service, now provides private service edge for hybrid deployments. Private service edge is ideal for organizations that need to follow certain geopolitical requirements or need full control over the data plane. Private service edge devices provide the same scope of security and networking functionality as the cloud service and are administrated and maintained via a central management platform.

Barracuda CloudGen WAN now offers Secure Connector virtual appliances and new ruggedized site devices. These updates provide highly scalable internet-of-things connectivity, as well as cloud and private service edge-based security for IIoT endpoints. The Secure Connector endpoint virtual agent can be deployed in Docker environments for a wide range of third-party IIoT solutions.

To meet the specific challenges and requirements of digitalization and the internet of things, Barracuda integrates with specialized technology partners, including FireMon, Skybox, TTTech, and Nozomi. These integrations provide the ability for customers to enable secure data transfer, take advantage of automated incident response, and align with the latest IIoT security standards.

Zero Trust Access is often the first step toward SASE. As part of Barracuda's SASE platform, Barracuda CloudGen Access now offers new tools and capabilities that radically simplify deployments. CloudGen Access is now available with a turnkey proxy for simple deployment and cloud user directory connector for easy sync of users and groups.

**Quotes:  
**"The expansion of Barracuda's cloud-native SASE platform for hybrid deployment models and IIoT environments solves a number of common security, connectivity, and scalability challenges that businesses are facing in this age of digital transformation," **said Tim Jefferson, SVP, Engineering for Data, Network, and Application Security at Barracuda.** "Today's announcement underscores Barracuda's ongoing commitment to collaborate with specialized technology partners to develop tailored solutions, integrate advanced technologies, and expand the capabilities of our cloud-first offerings."

"Barracuda offered the only cloud-native firewall-as-a-service that provided all the enterprise security levels we needed and even included SD-WAN for uninterrupted connectivity and reliable application access to Azure," **said Hans Redlich, IT Lead at Hagedorn Group of Companies, in a Barracuda case study.**

"Barracuda Secure Connector solutions made it easy for us to implement device connectivity and IoT-platform connectivity across our products," **said Ulrich Poeschl, Chief Information Security Officer at Test-Fuchs GmbH, in a Barracuda** **case study****.**

**Resources:**  
Check out the product page: https://www.barracuda.com/products/sase

Get the Gartner**®** report, How to Align SD-WAN Projects with SASE Initiatives: http://cuda.co/grptsdwansase

Gartner named Barracuda a Visionary in 2021 Magic Quadrant™ for Network Firewalls. Get the report: https://www.barracuda.com/networkfirewallsmq

**See the blog posts:  
**A closer look at the expansion of Barracuda's SASE platform: http://cuda.co/50895

Zero Trust adoption simplified: http://cuda.co/50893

Aligning SD-WAN projects with SASE initiatives: http://cuda.co/50891

**Citations:  
**1Gartner, "How to Align SD-WAN Projects With SASE Initiatives," by Bjarne Munch, Lisa Pierce, Craig Lawson, published December 1, 2021.

Gartner, Magic Quadrant for Network Firewalls, Rajpreet Kaur, Jeremy D'Hoinne, Nat Smith, Adam Hils, 1 November 2021

Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

**About Barracuda Discover.22 EMEA Partner Conference  
**Barracuda Discover.22 takes place May 17-19 in Athens, Greece. The informative event covers a wide range of topics, including security threats and trends, hands-on technical sessions, new product announcements, and the latest innovations in email protection, application and cloud security, network security, and data protection.

**About Barracuda  
**At Barracuda, we strive to make the world a safer place. We believe every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level. For more information, visit barracuda.com. 

Barracuda Networks, Barracuda and the Barracuda Networks logo are registered trademarks or trademarks of Barracuda Networks, Inc. in the U.S. and other countries. Other trademarks are the property of their respective owners.

Barracuda Expands Cloud-Native SASE Platform to Protect Hybrid Cloud Deployments

Provides security architects with access to custom scripts that can be natively integrated with other Qualys solutions.

FOSTER CITY, Calif., May 17, 2022 /PRNewswire/ -- Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today unveiled Qualys Custom Assessment and Remediation, opening its Cloud Platform to give security architects access to custom scripts that can be natively integrated with other Qualys solutions. This new solution significantly reduces response time by empowering security teams to orchestrate workflows, secure custom applications, and take immediate action to counter threats like zero-day attacks lessening the need to rely on the IT operations teams.

When threats hit, security teams need to quickly discover, assess and remediate both their third-party and custom applications. A typical response involves creating new out-of-band processes and custom scripts that need to be rolled out across hundreds or thousands of applications and endpoints by the security teams using a variety of techniques and ITSM tools. This approach creates a blind spot from an auditing and tracking standpoint and negatively impacts responsiveness.

"Reducing mean time to respond (MTTR) is the key metric for managing security risk, but it requires having the right security tools in place to optimize efficiency," said Melinda Marks, senior analyst at Enterprise Strategy Group. "Qualys Custom Assessment and Remediation leverages the comprehensive capabilities of the Qualys Cloud Platform to speed up your ability to respond to a detected security issue. It provides centralized control while helping teams remediate issues within their existing tools and workflows, saving them from inefficient, costly out-of-band rework cycles."

Qualys Custom Assessment and Remediation opens the Qualys Platform for security architects allowing the creation of custom scripts in popular scripting languages, user-defined controls and automation, all seamlessly integrated within existing programs to quickly assess, respond and remediate threats across your global hybrid environment.

Qualys Custom Assessment and Remediation enables security teams to:

**Quickly Address Zero-Day Threats**– The solution puts the power to rapidly respond to zero-day vulnerabilities directly in the hands of the security team by automating processes such as collecting and evaluating data, synthesizing third-party threat intelligence feeds, and performing appropriate remediation actions, such as configuration changes, deleting suspicious files or deploying registry changes. The result is an accelerated MTTR, which is critical to containing an attack**.**

**Secure and Audit Custom Applications –** Security teams can add customized controls and processes, without IT intervention, for various organizational activities including remediation actions eliminating the need to reinvent new scripts. This improves efficiency and allows security practitioners time to focus on more strategic activities.

**Tightly Integrate into Qualys VMDR Workflows** – Scripts are seamlessly integrated into existing VMDR workflows via assignment of custom Qualys IDs and Control IDs, which increases efficiency.

**Access a Centralized Library for Custom Scripts and Controls** – The solution provides centralized control over custom scripts easily mapped into workflows, and it is secured by role-based access control (RBAC) as well as review and approval processes. Additionally, deployment of scripts is simplified by using a centrally managed and customizable library of more than 50 popular reusable scripts to address common problems.

"Security teams struggle to manage and respond to a range of challenges that often require custom approaches," said Nagi Prabhu, chief product officer, Qualys. "By opening the Qualys Platform, we put security teams in the driver's seat. Qualys Custom Assessment and Remediation enables the creation of custom scripts and controls that are seamlessly integrated into existing security processes and workflows while extending the capabilities of the Cloud Agent so organizations can respond to threats such as Zero-Days immediately."

**Availability**

Qualys Custom Assessment and Remediation is immediately available. To request a free trial, visit www.qualys.com/car-trial. Learn more by joining our June 1 webinar.

**Additional Resources**

*   Learn about Qualys Custom Assessment and Remediation
*   Details on the Qualys Cloud Platform
*   Follow Qualys on LinkedIn and Twitter

**About Qualys**

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.

The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.

Qualys Adds Custom Assessment and Remediation to Its Cloud Platform

Protect enterprises from the harm of unwanted voice-based phishing perpetrated by bad actors.

IRVINE, Calif., May 17, 2022 /PRNewswire/ -- YouMail today announced the launch of YouMail Protective Services, which provides a set of services that perform AI-based threat detection, analysis, and mitigation for communications service providers (CSP) and enterprises to protect against unwanted and malicious traffic. These services are effectively a B2B watchdog solution that helps telecommunications carriers uncover unlawful calls made on their networks, and helps large enterprises protect their brands against robocall spoofing campaigns.

YouMail Protective Service identifies scam calling traffic by relying upon a team of experts, data from billions of calls and thousands of calling campaigns, and YouMail's patented technologies. All these services rely on data from the YouMail Sensor Network, which is collected via messages and audio trails left by illegal robocalls to YouMail app users, which represent real consumers and small- to medium-sized businesses. In turn, the data is then used by authorities to sanction bad actors, and to support legal actions taken against malicious robocallers, connecting YouMail users directly to the fight.

"We are proud to announce the general availability of YouMail Protective Services to help carriers and enterprises shut down voice and SMS communications that harm their customers and brands," said Alex Quilici, CEO of YouMail. "These services represent yet another way YouMail's large and engaged user base is contributing to this fight against illegal robocalls."

YouMail Protective Services provide two services that help protect enterprises from the harm of unwanted voice-based phishing, or vishing attacks, perpetrated by bad actors. These turn-key risk management solutions address threats to enterprise identity due to fraudulent robocalls including brand impersonation over the voice channel.

*   **YouMail Brand Defender** is a complete managed detection and response solution that protects enterprises from brand impersonation through voice-based phishing attacks. Such vishing attacks can damage corporate reputations and harm brand values, and affect just about every brand with any consumer visibility. The service detects and eliminates imposter traffic, protecting brand image, company reputation, and customer relationships. YouMail's patented technology provides zero-hour identification of unwanted robocalls, powering solutions for enterprise protection against the impact of bad actor campaigns. Brand Defender customers benefit from a comprehensive solution that incorporates alerts and reporting, mitigation, and enforcement including support for litigation against bad actors.
*   **YouMail Brand Monitor** provides surveillance of brand identity over the voice channel. This includes explicit unauthorized brand name mentions as part of voice phishing scams as well as implied references to brand relationships. Customers are notified upon detection of potential trademark infringement and/or inappropriate brand mentions, including incidences involving unlawful behavior or ill intent associated with voice calls. Brands are also informed regarding the potential impact of the impersonation incidents including call volume of bad actor campaigns.

YouMail Protective Services provides three services that help Communication Services Providers and their vendors eliminate unlawful voice and text campaigns. The services help detect and interdict unwanted traffic that would otherwise originate, traverse, or terminate on their networks.

*   **YouMail Score** provides phone number scoring as a service derived via content-based analytics that shows exactly what sorts of behaviors various numbers are engaging in.
*   **YouMail Watch** analyzes phone number behavior. The service provides visibility into usage behaviors including identification of audio content from unwanted robocalls that may be associated with telephone numbers of interest.
*   **YouMail Clear** combines data analysis and content-based analytics to locate instances of bad behavior in their networks. CSP data analysis requires the CSP to provide YouMail with network traffic data. The service represents a fully integrated network solution that analyzes every communication instance handled by the CSP with comparative analysis to data independently captured by the YouMail Sensor Network.

These B2B services enable CSPs to comply with FCC requirements under the TRACED Act to mitigate unwanted robocalls. The mandate requires solutions for real-time mitigation such as blocking, labeling, and redirection, as well as visibility into telephone number scoring and labeling. YouMail provides reports that help customers understand the scope, impact, and source of problematic or fraudulent calling campaigns. The B2B service also provides evidential proof of wrongdoing to support court actions for prosecution of responsible parties.

YouMail's new B2B services build on partnerships with communication service providers and US authorities to shut down campaigns and block bad actors from gaining network access.

YouMail serves in a key technical role for US Telecom's Industry Traceback Group, or ITG. YouMail has provided examples of the most pervasive illegal robocall calls to its users, which can then be traced back to the source carriers and customers, often in hours, helping to quickly identify the sources of illegal calls.

YouMail's contributions also stem in part from its robocall blocking app and the YouMail Robocall Index, which is widely recognized as the country's premier source of public information and education about illegal robocalls.

Learn more at: https://www.youmailps.com/

**About YouMail, Inc.**

YouMail protects consumers, enterprises, and carriers from harmful phone calls. YouMail protects consumers with app-based call protection services in the US and the UK, with the YouMail, Another Number, and Hullo Mail apps. YouMail protects consumer-facing enterprises by detecting and helping to shut down imposter traffic that can lead to financial or brand damage. We protect carriers with robocall mitigation services that detect when bad traffic is originating, traversing, or terminating on their networks. Our direct consumer solutions answer over a billion live calls per year across well over 10 million registered users, powering America's most robust telephone sensor network in identifying and providing zero-hour protection against illegal calling campaigns and cyberattacks. We also operate the YouMail Robocall Index™, the nation's definitive source on telephone network activity and attacks. YouMail, Inc. is privately funded and based in Irvine, California.

YouMail Launches YouMail Protective Services for Carriers and Enterprises

Enables organizations to provide simple, secure access to the private and public cloud or Web-based corporate apps that workers using unmanaged devices need for their work.

NEW YORK (PRWEB) MAY 17, 2022

Ericom Software, a leading provider of Zero Trust cloud cybersecurity solutions and developer of the ZTEdge™ SASE Platform, today announced the introduction of ZTEdge Web Application Isolation, an innovative cloud-delivered security solution that addresses a critical access security issue facing nearly all organizations that embrace the flexibility enabled by 3rd party workers. Specifically, these businesses must provide contractors, who typically use unmanaged devices (e.g. personal laptops or PCs provided by their employers), with access to corporate applications, while ensuring these systems will not be compromised by malware and that sensitive data cannot be mishandled or stolen.

The 3rd-Party Access Challenge

Flexible work environments and outsourcing have transformed the modern corporate workforce. Leveraging 3rd party specialists brings efficiencies and expertise to organizations but also introduces risk to their data, applications, and networks. The personal BYOD devices or laptops provided by the firms that 3rd party consultants work for are typically not managed by the contracting organization, and as a result, pose very real risks since they typically lack the up-to-date security controls present in organization-managed devices issued to employees. If unmanaged devices are compromised, they could upload malware to an application, potentially leading to downtime, breaches, or ransomware attacks. Additionally, sensitive data that is downloaded or copy-pasted onto unmanaged devices for legitimate use, or cached in a device’s web browser, is at risk of intentional or inadvertent exposure. Unfortunately, once users have logged in, dangerously little data security control or malware prevention is provided by the reverse proxy-based solutions within CASBs or WAFs that are currently used to control unmanaged device access.

Web Application Isolation

ZTEdge Web Application Isolation enables organizations to provide simple, secure access to the private and public cloud or web-based corporate applications that workers using unmanaged devices need for their work, regardless of whether they are 3rd party contractors or employees. Leveraging remote browser isolation (RBI) and easy-to-set granular, user-level policies, ZTEdge Web Application Isolation works with other systems to control which applications each user can access and, once in, which actions they can complete.

For instance, an employee may be allowed to edit a file within Office 365, but not to download it onto their unmanaged device, while a contractor may be limited solely to viewing the data. Policies can also be used to control what content – if any – can be uploaded to organization networks or web or cloud apps, and by whom. Content disarm and reconstruction (CDR) can be applied to ensure that all content and files from unmanaged devices are free of malware and threats prior to upload. Additionally, data loss prevention (DLP) can be used to safeguard against exposure of confidential material and PII in downloads.

To protect against credential misuse or theft, SaaS and web application access may be restricted to logins originating from the organization’s Web Application Isolation tenant dedicated IP address. Additionally, built-in IAM capabilities enable quick onboarding of employees and contractors – and makes it equally simple to cancel access privileges when contracts end or employees leave.

The Power of Remote Browser Isolation

ZTEdge Web Application Isolation is the latest innovative solution to use Ericom’s core Remote Browser Isolation (RBI) technology. In addition to Web Application Isolation, Ericom RBI-based solutions include:  

*   Web/Email Browser Isolation – RBI protects endpoints from advanced malware, ransomware, and other threats targeting devices from the web and email, intelligently categorizing websites/URLs and isolating risky ones in the cloud, remote from devices. For additional protection against phishing attacks, websites are presented in “read-only” mode to prevent credential theft.
*   Instant Messenger (IM) Isolation – RBI protects users of popular IM platforms like WhatsApp by scanning end-to-end encrypted traffic – a blind spot for traditional Secure Web Gateway (SWG) products – to prevent malware delivery and data exfiltration.
*   Virtual Meeting Isolation – This patent-pending Ericom solution brings the power of web isolation to secure web-based virtual meetings like Zoom and Teams. Users experience a completely standard virtual meeting experience, yet endpoints and networks are protected from malware hidden in links and other shared media and IT can enforce sharing controls to protect data.

“Web Application Isolation is the latest example of Ericom tackling big security challenges and successfully delivering solutions that are simpler and more effective than current approaches,” said David Canellos, CEO of Ericom Software. “Our Web Browser Isolation, Instant Messenger Isolation, and Virtual Meeting Isolation solutions address use cases that Secure Web Gateway and Secure Email Gateways could not handle, and Web Application Isolation is now doing the same for existing WAF, CASB, and ZTNA solutions. I’m excited to see the dramatic positive impact our innovative solutions are having on the security posture of our customers.”

Ericom’s isolation solutions can be licensed individually or as part of its ZTEdge SASE platform. Learn more at http://www.zerotrustedge.com.

About Ericom Software  
Ericom Software is a leading provider of cloud-delivered, Zero Trust cybersecurity solutions that protect today’s digitally distributed organizations from advanced security threats. The company’s ZTEdge™ platform is the industry’s first Secure Access Service Edge (SASE) solution developed specifically for midsize enterprises and small businesses. Ericom solutions leverage innovative remote browser isolation, application isolation, micro-segmentation, and virtualization technologies, and are delivered on the Ericom Global Cloud, a distributed high-availability elastic cloud platform. Ericom’s cybersecurity solutions protect thousands of businesses and millions of end users worldwide. The company has offices around the world and a global network of distributors and partners.

Ericom’s New ZTEdge Web Application Isolation Addresses Security Concerns Associated With Third-Party Contractor Application Access

New offering provides credit and financial monitoring along with identity protection and restoration.

BUCHAREST, Romania and SANTA CLARA, Calif., May 17, 2022 /PRNewswire/ -- Bitdefender, a global cybersecurity leader, today unveiled Bitdefender Identity Theft Protection, a new U.S. consumer service delivering identity threat detection and alerts, 24/7 credit and financial account monitoring, and dedicated recovery services in the event of successful identity takeover. The service helps prevent criminals from stealing or using personal information to drain financial accounts, open new lines of credit, commit medical or tax fraud among other identity-based offenses.

Identity theft remains a significant risk for consumers. The Federal Trade Commission (FTC) reported consumers losing nearly $6 billion due to fraud in 2021, an increase of more than 70% over the previous year. Additionally, a recent Bitdefender survey of more than 10,000 consumers found many to practice what is considered high-risk behavior when it comes to data protection and digital identities, including 50% stating use of a single password for all online accounts and regular sharing of personal identification details including name (43%), email address and birthdate (40%) and home address (29%).

"As consumers conduct more personal business and finances online, they need complete cybersecurity protection that not only blocks threats like malware and phishing attempts, but also protects digital privacy and actively secures personal data against theft and misuse," said Ciprian Istrate, vice president, Bitdefender Consumer Solutions Group. "Bitdefender Identity Theft Protection service enables consumers to enjoy online shopping, banking, social media and other activities with peace of mind knowing their financial identity, privacy and personal data is safeguarded around the clock and credit quickly repaired if ever needed."

Bitdefender Identity Theft Protection, developed in collaboration with IdentityForce (a TransUnion brand), is available as a standalone subscription service or through Bitdefender Ultimate Security, a comprehensive cybersecurity suite that incorporates Bitdefender Total Security antivirus, Bitdefender Premium VPN and Bitdefender Password Manager to protect computers and mobile devices across multiple operating systems including Windows, macOS, Android and iOS.

**Key Features of Bitdefender Identity Theft Protection Include:**

*   **Continuous Identity and Credit Monitoring** \-- Bitdefender combines advanced threat detection capabilities and dark web threat intelligence with 24/7 identity, privacy and credit monitoring to protect users against the theft, sale or illegal trade of their personal, financial and credit information. Monitoring is correlated with data dumps and known breaches to notify users with specifics on what information was compromised such as passwords, addresses or credit card numbers**.**
*   **Real-Time Fraud Alerts** -- Bitdefender Identity Theft instantly alerts users when personal and financial data is compromised or identity details are used to apply for new lines of credit, mortgages, car loans, wireless devices, check reorders and more. Fraud attempts are stopped in the moment, not after the financial damage has occurred.
*   **Complete Identity Theft Restoration Services** \-- Bitdefender Identity Theft delivers 24/7 support services, personalized mitigation strategies and identity theft restoration if an incident occurs. Certified U.S. protection experts do the heavy lifting of freezing compromised accounts, contacting third parties and completing necessary paperwork to restore identity removing the burden from consumers.
*   **Identity Theft Insurance** \-- Bitdefender Identify Theft guarantees insurance covering certain out-of-pocket expenses, lost wages and funds stolen from financial accounts, up to $2 million (USD) if a user falls victim to successful identity theft.
*   **Credit Score Simulator** \-- A unique credit score simulator helps users foresee how certain financial decisions may impact their credit score. Users can experiment with different credit balances, credit card payments, balance transfers and more, to understand how and why their score changes to make the best financial decision for their situation.

**Availability**

Bitdefender Identity Theft Protection is available now as an annual subscription or through the Bitdefender Ultimate Security suite. For more information or to purchase, visit https://www.bitdefender.com/solutions/identity-theft-protection.html.

**About Bitdefender**

Bitdefender provides cybersecurity solutions with leading security efficacy, performance and ease of use to small and medium businesses, mid-market enterprises and consumers. Guided by a vision to be the world's most trusted cybersecurity solutions provider, Bitdefender is committed to defending organizations and individuals around the globe against cyberattacks to transform and improve their digital experience. For more information, visit https://www.bitdefender.com.

Source

DARKReading