IT Security

October 25, 2024 Zoho and NVIDIA Join Forces to Enhance AI With Tailored, Efficient Models

Zoho Corporation has announced a strategic partnership with NVIDIA to leverage the NVIDIA AI accelerated computing platform, including NVIDIA NeMo, for the development and deployment of advanced AI models within Zoho's SaaS applications. This collaboration aims to enhance AI capabilities for Zoho's extensive customer base of over 700,000 businesses worldwide.

October 11, 2024 Securing the Identity Perimeter: An In-Depth Look at SpecterOps and BloodHound Enterprise

I speak to many cybersecurity vendors, some are good, some are not memorable, but others excel. Recently, one company I briefed with stood out to me for its innovative approach to identity attack path management (iAPM): SpecterOps. Its flagship product, BloodHound Enterprise, has become an indispensable tool for organizations worldwide looking to secure their identity infrastructure against sophisticated cyber risks.

September 17, 2024 Securing the Digital Identity: The Critical Role of Proofpoint's ITDR in Modern Cybersecurity

Proofpoint's Identity Threat Detection and Response (ITDR) solution, known as Identity Threat Defense (ITD), emerges as a beacon of security, offering not just a shield but a proactive platform against identity-based threats.

August 28, 2024 Beyond Traditional IGA: Lumos Delivers Zero Trust Identity Governance for the Modern Enterprise

As cyberthreats continue to evolve, managing access to sensitive resources is a growing challenge for organizations. Lumos, a relatively new player in the identity governance and administration (IGA) space, is making waves with its innovative approach. This tech note explores how Lumos’ technology simplifies access management while bolstering security.

August 08, 2024 Savvy: A Comprehensive Solution for Shadow IT Governance and Identity Security

Savvy is an identity-first SaaS security vendor that has rapidly gained traction in the market. While the company is relatively young, its founders and core team bring decades of experience from leading identity and access management (IAM) providers such as Ping Identity, Okta, and SailPoint. This deep understanding of the IAM landscape is evident in Savvy's approach to addressing the pervasive challenges of shadow IT governance and identity security. With a growing member network of over 50,000 individuals and organizations, Savvy has established itself as a trusted advisor and provider of innovative solutions in the SaaS-identity security space.

July 17, 2024 Kaspersky Lab: Caught in the Crossfire – A Technical Look at the US Ban

Kaspersky Lab has been knee-deep in controversy surrounding its ties to the Russian government and potential national security risks. We try to understand the situation from a security analyst’s perspective, examining the capabilities of Kaspersky products, the US government's concerns, and the implications for businesses.

July 11, 2024 A Deep Dive Into Eracent: SBOM Management, Vulnerability Analysis, and Beyond

Eracent is a privately held IT asset management (ITAM), software asset management (SAM) and cybersecurity solution provider founded in 2000. Their roots trace back to AT&T, Bell Labs, and Lucent’s pre-Y2K initiatives (around 1997-2000), where a core focus was placed on IT asset discovery and protection. Eracent emphasizes their experience with extensive asset discovery during a period with significantly different internet and network connectivity compared to today and have consistently focused on ITAM and SAM solutions throughout their existence. This note features Eracent’s extension into open-source software risk mitigation though software bill of materials (SBOM) management.

July 10, 2024 Devolutions Vs. the Goliaths: How Affordability & Ease of Use Challenge the PAM Status Quo

In this tech note I take a closer look at Devolutions, a partial stack Privileged Access Management (PAM) vendor, exploring its history, market positioning, core features, and differentiating factors. Through insights gleaned from a vendor briefing and demo, I explore Devolutions’ evolution, target audience, and its strategic approach to the PAM landscape.

June 05, 2024 Beyond Legacy Systems: How Verkada's Cloud Architecture Revolutionizes Physical Security

We examine Verkada's history, market position, and core offerings, providing an expert’s perspective informed by three decades of security architecture experience.

June 05, 2024 Zoho: Simplifying Enterprise Security Through a Unified Approach

This article explores Zoho's security suite, examining the interplay between its various products and the benefits it collectively brings to enterprise security.

April 23, 2024 The Rise of Human-Centric Data Loss Prevention: A Deep Dive Into Proofpoint’s Approach

With evolving threats and regulations, traditional DLP solutions are struggling to keep pace. Proofpoint is addressing these challenges with its Information Protection platform, emphasizing a human-centric approach empowered by behavioral analytics, granular controls, and cloud capabilities.

April 18, 2024 Your Employees Are the Target: Proofpoint’s Human-Centric Answer

Proofpoint, an innovator in the cybersecurity industry, has earned its reputation as a leader in email security and DLP. As the threat landscape evolves, Proofpoint has expanded its solutions, embracing a more holistic, human-centric approach.

April 16, 2024 Beyond IGA: SailPoint's Identity Security Cloud for the Modern Enterprise

Identity governance and administration (IGA) platforms have become essential for robust security strategies in modern enterprises. SailPoint, at the forefront of IGA solutions, has strategically expanded its capabilities to align with the growing demand for unified identity security. This note will examine the growing need for these platforms and SailPoint's transformation to address it.

April 12, 2024 Senhasegura: An Analysis of Their Cloud Entitlements CIEM Solution and How It Complements PAM

I have met with David from senhasegura several times. He explained this translates to Secure Password in Portuguese. Founded in Brazil and available in more than 60 countries, senhasegura is a leading cybersecurity firm specializing in Privileged Access Management (PAM), Certificate Lifecycle Management (CLM), and Cloud Infrastructure Entitlement Management (CIEM) solutions. Senhasegura is recognized as a global leader in PAM by top consulting firms and clients and has been consistently rated as a leader and challenger in various reports by analysts and industry experts. Senhasegura's PAM solution is known for its ease of use, good customization, unique key analysis features, and ability to meet rigorous auditing requirements.

April 04, 2024 Maximizing Security: Choosing the Best Multifactor Authentication Tool (MFA) for Your Company

"Fortresstify" your company's defenses with the right multifactor authentication (MFA) tool. This article dives deep into the world of MFA, exploring its features, key providers, and why cultivating a strong relationship with your chosen vendor is crucial. Discover how MFA can become your ultimate security ally, safeguarding your data and empowering a worry-free digital environment.

March 26, 2024 Acronis: Exploring Core Features, Differentiators, and Security Considerations

Acronis presents a compelling option for organizations seeking a comprehensive platform that merges reliable data protection with proactive cybersecurity measures.

March 21, 2024 Revolutionizing Data-Driven Decisions: The Cisco-Splunk Acquisition and Its Impact on CIOs and CTOs

Cisco consolidated its position as one of the largest software companies globally by completing the acquisition of Splunk.

February 29, 2024 Spoofing Be Gone: Abnormal Security Says Hasta la Vista, Baby, to Business and Vendor Email Compromise Scams

The conversation around security awareness training and phishing simulations has changed in the past year. The training and tools of the past simply aren’t working against today’s more sophisticated attackers. Abnormal Security can mitigate an assortment of the most common types of business and vendor email compromise.

February 23, 2024 AppViewX: Beyond PKI Automation – A Comprehensive Machine Identity Management Solution

In today's cybersecurity landscape, managing machine identities and digital certificates across complex, hybrid multi-cloud environments is a growing challenge. As the volume of digital certificates used to secure machines, applications, workloads, services, and devices continues to grow exponentially, organizations often struggle with a lack of visibility and manual processes, resulting in critical service outages and security vulnerabilities. AppViewX CERT+ is a next-generation automated certificate lifecycle management (CLM) solution that simplifies PKI and certificate management. It combines the best of automation, security, and insights to meet enterprise machine identity and digital trust requirements. AppViewX CERT+ features are purpose-built to address both the operational and security challenges of certificate management to, in turn, help organizations prevent application outages and security breaches. By enabling enterprise-wide crypto-agility, AppViewX CERT+ enhances machine identity trust, eliminates security gaps, promotes compliance, and supports post-quantum cryptography readiness.

February 23, 2024 Zscaler: Redefining Security in the Zero Trust Era

This analysis examines Zscaler's cloud-based security platform, with a focus on its Zero Trust Exchange (ZTE), Zero Trust Network Access (ZTNA), and broader suite of security solutions. It explores Zscaler's approach to overcoming the limitations of traditional VPN architectures, using artificial intelligence (AI) for threat detection, and integrating various security functionalities within a unified platform. Drawing insights from analyst demo notes, vendor information, and independent research, this analysis aims to provide a comprehensive and unbiased assessment of Zscaler's value proposition for security professionals.

February 07, 2024 Assessing Onfido: Combating Fraud With AI-Based Identity Verification

In the digital realm, trust is currency. Without robust identity verification, online interactions become a breeding ground for fraud and exploitation.