Tag: platform

Salt Security API Protection Platform Now Available in the Microsoft Azure Marketplace

Posted on by Kernel

Salt Security, the API security company, has announced that it has achieved Microsoft Azure IP Co-sell Ready status, which means that the Salt Security API Protection Platform can be sold and marketed by Microsoft sellers globally. By earning this status, Salt said it can provide its customers with a more streamlined deployment and management process for taking advantage of the productive and trusted Azure cloud platform. In addition, the Salt Security API Protection Platform will gain greater visibility both within the Microsoft Azure Marketplace and among Microsoft sales teams and partners worldwide. 

 

According to the Q3 2022 State of API Security Report, malicious API traffic grew 117% over the past year, now accounting for 2.1% of all API traffic. Customers tap the Salt platform to discover their APIs, protect them during runtime, and improve their API security posture. The Salt Security API Protection Platform correlates user behaviour over time to pinpoint and stop attackers, using its rich context about all API usage to identify the reconnaissance activities of bad actors. The platform consolidates all pertinent information into a single attacker timeline generating a single alert, which allows incident response teams to quickly take action.

 

“Salt empowers organisations to drive digital transformation and business innovation initiatives with the confidence that their critical data and services are protected with the industry-leading API security platform,” said Gilad Barzilay, head of business development at Salt Security. “Microsoft Azure IP Co-sell Ready status further validates our integration with the Azure cloud platform and strengthens our commitment to our joint customers.”

 

The Microsoft IP Co-Sell Program enables Microsoft and partners to provide comprehensive solutions in a collaborative selling model to drive joint sales, revenue, and mutual customer success. 

 

“Through Microsoft Azure Marketplace, customers around the world can easily find, buy, and deploy partner solutions they can trust, all certified and optimised to run on Azure,” said Jake Zborowski, general manager, Microsoft Azure Platform at Microsoft Corp. “We’re happy to welcome Salt Security to the growing Azure Marketplace ecosystem.”

 

Salt Security applies cloud-scale big data, with the industry’s most time-tested AI and ML algorithms, to provide the insights needed for API security. Through its patented API Context Engine (ACE) architecture, the platform can identify the early indicators of an attack, stop attackers from advancing, and turn attackers into penetration testers, leading to valuable feedback for development teams to eliminate API vulnerabilities.

The post Salt Security API Protection Platform Now Available in the Microsoft Azure Marketplace appeared first on IT Security Guru.

CybSafe launches SebDB 2.0 Behavioural Risk Platform

Posted on by Kernel

Behavioural risk platform, CybSafe has announced the launch of SebDB 2.0, the database developed by CybSafe’s in-house science and research team that gives security professionals the scientific understanding often missing when tackling human risk.

While organisations often attempt to improve security awareness, it is scarce for the effect of such efforts to be measured meaningfully. SebDB 2.0 allows organisations to target specific behaviours lacking within an organisation, implement plans to address them, and measure the effectiveness of those interventions.

SebDB is the result of collaboration between academics, government, and industry experts. It maps over 70 specific security behaviours linked to security risks. This helps security professionals prioritise the targeting of specific security behaviours to reduce risk.

It enables organisations to take a vital next step in protecting their organisation that many miss. While many organisations train their people with Cybersecurity Awareness and Training, it is often not measured in any meaningful way. The links between security behaviours and risks are not always clear. It’s hard to know which interventions to apply. It’s harder still to explain how interventions reduce risk.

Dr. Jason Nurse, CybSafe’s Director of Science and Research said: “Most security professionals set broad goals like “reduce account compromise”. But they don’t identify the security behaviours linked to the risks. If you aren’t identifying individual security behaviours, it is extremely difficult to measurably reduce human risk in your organisation. This is not a straightforward activity. That’s what SebDB aims to support.”

SebDB is built by the community for the community. It is a research effort and a practical tool that helps security professionals with the complexity and risk they face now and into the future. It helps organisations change behaviour linked to security risks.

Oz Alashe, CEO of CybSafe said: “Cyber security challenges need to be solved collectively. This is the goal of SebDB. Run by the community, it helps identify links between security behaviours and risks that are not always clear. Knowing how behaviours affect risk changes things significantly, for the better, allowing decisions and interventions to be made on evidence, not guesswork.”

The post CybSafe launches SebDB 2.0 Behavioural Risk Platform appeared first on IT Security Guru.

LeakBase Announces Swachhata Platform Breached, 16 Million User PII Records Exposed

Posted on by Kernel

Yesterday, data breach notification website Leakbase said someone allegedly hacked the Swachhata Platform in India and stole 16 million user records.

Security researchers at CloudSEK , reported the news as they discovered a post by Leakbase sharing data samples containing personally identifiable information (PII), including email addresses, hashed passwords and user IDs.

Earlier this week, an advisory published by CloudSEK reported that 6GB of compromised data from the  Swachhata Platform – an initiative in association with the Ministry of Housing and Urban Affairs of India – is being shared via a popular file–hosting platform.

“[Leakbase is] previously known from providing reliable information and data breaches from companies around the world,” wrote CloudSEK. “[Threat actors on the platform] often operate for financial gain and conduct sales on their marketplace forum Leakbase.”

The platform in 2017 was at the center of a massive data breach at Taringa, a Reddit–like social network website for Latin American users.

Further to this, CloudSEK said Leakbase users often offer access to admin panels and servers of several content management systems (CMSs), allegedly gained via unauthorized means and sold for monetary profit.

“This information can be aggregated to further be sold as leads on cybercrime forums,” the company wrote.

In addition, the security experts said the data could be harvested by threat actors to conduct phishing, smishing and social engineering attacks.

In order to mitigate the impact of attacks like this, CloudSEK recommended system administrators to implement a strong password policy and enable multi–factor authentication (MFA) across logins.

It’s recommended that vulnerable and exploitable endpoints should be patched, and user account anomalies that could indicate possible account takeovers monitored regularly.

To conclude, CloudSEK said companies should monitor cybercrime forums to keep up with the latest tactics employed by threat actors.

It appears that the alleged data leak comes days after Optus was hit by a cyber–attack that exposed the data of at least 10,000 Australians.

The post LeakBase Announces Swachhata Platform Breached, 16 Million User PII Records Exposed appeared first on IT Security Guru.

Salt Security Platform Enhancements Make it Easier to Operationalise API Security

Posted on by Kernel

Salt Security, the leading API security company, has announced new enhancements to its next-generation Salt Security API Protection Platform, extending abilities in threat detection and pre-production API testing. The latest features include deeper and earlier insights into attacker behaviours and attack patterns, visual depictions of API call sequences, and support for attack simulation ahead of releasing APIs into production. With the new capabilities, Salt enhances its market-leading capabilities in runtime protection, providing organisations a more comprehensive view of API usage and the API attack surface so they can improve their business understanding and accelerate incident response time.

Building upon its existing threat detection and monitoring algorithms, the Salt platform provides organizations with quick, automatic, and continuous visibility into any risks or vulnerabilities within their API ecosystem. Customers can more easily spot and block API attacks before bad actors can reach their objective, and they can also more quickly identify unusual API usage patterns and remediate API vulnerabilities.

New features in the Salt Security API Protection Platform include:

  • Threat hunting capabilities within more detailed attacker timelines – Salt continues to be the only API security company that creates a consolidated attacker timeline. New platform capabilities support threat hunting and better illumination of the sequence of attacker steps, enabling organisations to conduct faster incident analysis and expedite remediation efforts. 
  • Visualization of API Call Sequences – Salt becomes the first API security vendor to offer a visual depiction of the various paths that API calls are following. This visualisation makes clear how users are interacting with APIs, revealing actions that should and should not be allowed, how users or services are entering digital systems, usage that shouldn’t be allowed, API design flaws, and other usage details.  
  • Contextual API security testing – Salt is making robust attack simulation capabilities available across runtime, pre-production, and development cycles. These simulations can help organisations identify business logic flaws early in the lifecycle, and integration with CI/CD systems means developers can address security gaps before releasing APIs.  

In the Salt Security State of API Security Report, Q1 2022, 86% of respondents admitted to lacking the confidence in knowing which APIs expose sensitive data. Identifying and monitoring for API vulnerabilities in real-time is crucial for protecting companies’ vital assets so they can focus on business operations instead of risk.

“Bad actors work tirelessly to refine their tactics and techniques to make threats more difficult to detect. Successfully defending against modern, sophisticated API attacks requires solutions that can swiftly detect illegitimate activity and behavioural abnormalities in real-time,” said Elad Koren, Chief Product Officer, Salt Security. “Our latest platform capabilities deliver critical insights sooner and across the full API lifecycle. With increased context over time, combined with automated threat alerts, organizations can better defend themselves against attacks and fix API vulnerabilities before they can be exploited.”

The post Salt Security Platform Enhancements Make it Easier to Operationalise API Security appeared first on IT Security Guru.

Here are Some Useful Steps That Will Help You Choose the Right Trading Platform

Posted on by Kernel

Trading has become popular among investors for a variety of reasons. It can be a great way to make money and grow your investment portfolio. But, to be successful at trading, there are so many different things that you need to take into account. One of the most important things is choosing the right trading platform.

When it comes to trading platforms, there are a lot of different options you can choose from. Each one has its own set of features and benefits, which can make it difficult to decide which one is right for you. In this article, we will provide you with a few useful steps that will help you make the right decision when it comes to choosing a trading platform. So without further ado, let’s get started!

Do a Good Research

The first thing you need to do is to research the different trading platforms available. You can start by reading reviews from other investors or checking out comparison articles. This will give you a good idea of what each platform has to offer and whether or not it would be a good fit for your needs. Just remember that not all reviews are created equal. Some might be biased, so you need to take them with a grain of salt.

If you are new to trading, then you might want to look for a platform that is easy to use and has a lot of user-friendly features. By following the info available in this eToro review, you can see that it is a great option for beginners as it has an intuitive interface and plenty of helpful features. However, if you are more experienced, and want to have more control over your trades, then you might want to opt for a platform that offers more advanced features like stop-loss orders or limit orders.

Consider the Fees

Another important thing to take into account is the fees charged by the platform. Some platforms might charge you a commission for each trade, while others might have a monthly subscription fee. Some offer free trading, but they might make money from other sources like advertising or by charging higher fees for withdrawal or deposits. You must consider all of these factors when making your decision so that you can choose a platform that is affordable for you.

In addition to the fees, you should also check the payment options offered by the platform. Some might only accept bank transfers, while others might also support credit cards and e-wallets. It’s important to choose a platform that offers a payment method that is convenient for you.

Check the Security Measures

When you are dealing with money, security is always a top priority. When it comes to trading platforms, you need to make sure that your personal and financial information is well-protected. The platform should have implemented adequate security measures, such as encryption, to safeguard your information. You should also check if the platform is registered and regulated by a reputable authority. This will give you peace of mind knowing that your money is in good hands.

And if possible, you should also check if the platform offers two-factor authentication. This is an extra layer of security that can help protect your account from hackers.

Check the Customer Support

Even the best trading platforms can have occasional technical issues. When this happens, you need to be able to get in touch with customer support so that the issue can be resolved quickly. The platform should offer multiple channels of communication, such as email, phone, and live chat. And they should also have a good reputation for responding to customer inquiries promptly.

If you are new to trading, you might want to look for a platform that offers educational resources. This can come in handy if you need some help understanding how the platform works or if you want to learn more about trading in general.

Try Out the Platform

Once you have narrowed down your options, the next step is to try out the platform. Most trading platforms offer a demo account that you can use to test out the features and get a feel for how the platform works. This is a great way to see if the platform is user-friendly and if it has all the features that you need.

Many trading platforms also have mobile apps that you can use to trade on the go. This is a great feature to have as it allows you to respond to market changes quickly and easily. And most importantly, you should feel comfortable using the platform. If you don’t, then it’s probably not the right one for you.

Trading platforms can be a complex and daunting task, especially if you are new to the world of investing. It is therefore important to consider your overall experience. By taking into account things like the user interface, the fees, the payment options, and customer support, you can be sure to find a platform that is right for you.

Visit on site http://www.noobslab.com