SSDL is a modular orchestration platform powered by Palo Alto Networks Prisma Cloud and Cortex XSOAR that enables shared clients to reinforce their cloud environments with enhanced security measures from code to cloud. This helps them to mitigate risks and promote a secure development and deployment lifecycle that adheres to their unique cloud security and compliance requirements. The platform helps clients address cybersecurity requirements from design to tactical build/deploy, as well as manage ongoing cloud observability and optimize operational efficiency. SSDL can be efficiently integrated as an overall solution or integrated into an organization’s existing Continuous Integration/Continuous Delivery (CI/CD) pipeline, cloud security infrastructure and compliance ecosystem — and scales across all major cloud platforms.

“Our new Secure Software Development Lifecycle solution helps organizations address cloud security complexities with confidence,” said Kieran Norton, Deloitte Risk & Financial Advisory’s transformation and emerging technology leader and principal, Deloitte & Touche LLP. “As our strategic alliance with Palo Alto Networks expands, we’re excited to continue to help our shared clients achieve their cloud and business goals by driving successful cybersecurity outcomes.”

Deloitte and Palo Alto Networks shared clients can leverage the platform for streamlining account provisioning, enabling secure build and deployment processes, implementing robust logging and monitoring mechanisms, enforcing custom security guardrails and auto remediation.

“Organizations today need help securing constantly changing, cloud-native applications and infrastructure from development to deployment,” said Prem Iyer, SVP Global Ecosystems, Palo Alto Networks. “We are pleased to further expand our collaboration with Deloitte by offering clients a transformative solution that provides continuous security across the software development lifecycle, helping them address compliance requirements and increasing efficiency with embedded security and automated remediation.”

The existing alliance between Deloitte and Palo Alto Networks focuses on jointly developing and offering integrated, end-to-end Zero Trust and multi-cloud cybersecurity solutions to their mutual enterprise and government customers.

For more information visit deloitte.com.

Related News:

Netwrix MSP Sector Report Finds Data and Network Security Top Priorities

Trend Vision One Announced for Optimized Security for Endpoints

The post New SSDL Offered by Deloitte and Palo Alto Networks Alliance appeared first on Digital IT News.

The new functionality in Netwrix Auditor X enables customers to:

• Reduce the time to detect and investigate incidents involving sensitive data. Security teams can quickly detect and respond to activity that threatens sensitive content, thanks to more granular security intelligence.
• Enjoy a personalized security experience. The customizable home screen gives users instant access to the information most relevant to them, such their current risks and favorite reports, so they can swiftly make informed decisions to strengthen their security posture.
• Gain control over Azure AD users and their roles. With the detailed information about Azure AD users and roles in Netwrix Auditor X, IT teams can further mitigate the risk of security incidents and prove to auditors that they are following compliance requirements and industry best practices for their cloud users.
• Identify and eliminate security gaps in SharePoint Online. New detailed reports make it easy to spot security risks in SharePoint Online, such as documents that have been shared with external users or that can be accessed by everyone in the organization.
• Know who’s reading sensitive data in SQL Server. Organizations can hold privileged users accountable for improper actions in SQL Server, such as reading information they are not supposed to. As a result, security teams can deter behavior that could lead to data leakage, speed security investigations, and prove to auditors that only authorized users are viewing the confidential content stored in SQL Server.

“Netwrix Auditor has evolved from an Active Directory auditing tool for operational problems into a comprehensive security intelligence solution for issues that are top of mind at the executive level,” said Steve Dickson, CEO of Netwrix. “Over 11,000 organizations around the globe rely on Netwrix Auditor, and with each release, it becomes even simpler to use while further strengthening security. This is how Netwrix is changing the industry — we make powerful data security easy.”

Netwrix Auditor is a security solution that helps organizations detect security threats, prove compliance and increase IT team efficiency. The platform provides security intelligence to minimize IT risks, detect activity that threatens the security of sensitive data and investigate incidents in time to prevent real damage.

Netwrix Auditor X is now globally available. To learn how Netwrix Auditor X can make IT admins into heroes and IT managers into superstars, please visit www.netwrix.com/auditorx.

Related News:

Lack of Budget and Cloud Security Skills are Top Obstacles Keeping Organizations from Protecting Data in the Cloud, According to Netwrix Study

Stealthbits, Now Part of Netwrix, Named to Carahsoft ITES-SW2 Contract to Support U.S. Army Enterprise Infrastructure Goals

The post Speed the Detection of Threats to Sensitive Data and Enhance the Security of Cloud Environments with Netwrix Auditor X appeared first on Digital IT News.

“As the crypto economy continues to become a more important part of our customers’ lives, we want to empower them to mine cryptocurrency with Norton, a brand they trust,” said Vincent Pilette, CEO of NortonLifeLock. “Norton Crypto is yet another innovative example of how we are expanding our Cyber Safety platform to protect our customers’ ever-evolving digital lives.”

For years, many coinminers have had to take risks in their quest for cryptocurrency, disabling their security in order to run coinmining and allowing unvetted code on their machines that could be skimming from their earnings or even planting ransomware. Earnings are commonly stored directly on miners’ hard drives, where their digital wallet could be lost should it fail.

Norton Crypto delivers a secure, reliable way for consumers to mine for Ethereum without opening themselves and their devices up to these pitfalls. Once cryptocurrency has been earned, customers can track and transfer earnings into their Norton Crypto Wallet, which is stored in the cloud so it cannot be lost due to hard drive failure.

“We are proud to be the first consumer Cyber Safety company to offer coinminers the ability to safely and easily turn the idle time on their PCs into an opportunity to earn digital currency,” said Gagan Singh, chief product officer at NortonLifeLock. “With Norton Crypto, our customers can mine for cryptocurrency with just a few clicks, avoiding many barriers to entry in the cryptocurrency ecosystem.”

Norton Crypto is expected to become available to all Norton 360 customers¹ in the coming weeks.

Image licensed by Pexels.com

Related News: 

New Norton 360 App Brings Comprehensive Cyber Safety to Android and iOS Devices

83% Of Respondents Used A QR Code To Process A Payment , But Many Are Unaware Of The Hidden Dangers: Ivanti Research

The post NortonLifeLock Unveils Norton Crypto appeared first on Digital IT News.

Ransomware has been an increasing threat targeting organizations of all sizes. In 2020, 47 percent of cyber insurance claims reported to Coalition were ransomware attacks and targeted businesses of all sizes. The majority of these claims could have been prevented with an EDR solution in place or contained with rapid incident response services.

“The complexity, severity, and frequency of cyber attacks continue to increase. To keep pace, the tools and services we arm our policyholders with need to match this trajectory,” said Matt Dort, Head of Technology Alliances for Coalition. “Partnering with SentinelOne brings scale to our incident response and simplicity to intricate threats.”

“A risk management strategy shouldn’t end with security solution deployment,” said Chuck Fontana, Senior Vice President, Business & Corporate Development for SentinelOne. “The combination of Coalition’s cyber insurance and SentinelOne’s suite of services ensures there are no gaps in an organization’s strategy.”

SentinelOne Singularity XDR, which is a combination of endpoint protection and endpoint detection and response, provides next-gen prevention and EDR capabilities to achieve autonomous protection, visibility, and response at machine speed. SentinelOne recently participated in the MITRE Engenuity evaluation, where it was the only vendor to achieve complete visibility with zero missed detections across both Windows and Linux environments. SentinelOne was also recognized by Gartner as a Leader in the 2021 Magic Quadrant for Endpoint Protection Platforms and received the highest score for all three customer types in Gartner’s Critical Capabilities for Endpoint Protection Platforms report.

Coalition’s unique product and partner offering combines best-in-class cyber insurance and proactive cybersecurity tools to help organizations manage cyber threats and protect the value of their entire business. Its all-new platform, Coalition Control, provides free attack surface monitoring to any organization to help them visualize and mitigate their cyber risk right away. Inside Coalition Control is a robust partner ecosystem that helps prevent incidents from happening, while Coalition’s comprehensive cyber insurance covers the full breadth of cyber peril, including cyber crime, forensics, bodily injury and property damage, and more, to offer support before, during, and after a crisis.

To learn more about Coalition, visit https://www.coalitioninc.com/.

To read more about SentinelOne, visit their blog or website at https://www.sentinelone.com/.

Image licensed by Pixabay.com

Related News:

Zscaler Advances Zero Trust Security for the Digital Business Disrupting Decades of Legacy IT Security and Networking Models

Most Consumers Want Insurers to Handle Personal Cyber Threats as Pandemic Drives Digital Consumption

The post Coalition Partners with SentinelOne to Protect Customers from Ransomware and Cyber Threats appeared first on Digital IT News.

a leader in The Forrester Wave: Zero Trust

The post Palo Alto Networks Introduces Complete Zero Trust Network Security appeared first on Digital IT News.

CREST’s SOC Accreditation is available for both service providers and internal SOCs and was developed with extensive input from CREST members and the wider industry to provide an internationally recognized and independent validation of the SOC. Accreditation demonstrates a high level of assurance and trust. Since its launch at the end of 2017, the CREST SOC Accreditation has seen a significant increase in demand.

CREST has a detailed and comprehensive SOC Assessment Criteria that looks at six key areas of a SOC: Organizational Environment; Customer Requirements; Technology and Tools; Event Analysis; Threat Intelligence & Situational Awareness; and Protecting the SOC. The first stage to accreditation involves completing the application via the CREST Membership Portal, which will ask questions about processes, policies and methodologies. The second stage is the detailed audit conducted by a qualified auditor within six months of the application.

“Even before the pandemic and the additional travel constraints it has brought, high levels of international demand for SOC Accreditation meant we needed to look for a more accessible, flexible and efficient approach to speed up the audit process,” explains Samantha Alexander, Principal Accreditor at CREST. “But we needed to ensure that any solution didn’t impact the very high standards of the audit itself. This remote capability allows the CREST audit team to review documentation, conduct interviews and site tours with the same rigor and attention to detail as an onsite visit.”

CREST will discuss the process with the organization’s SOC team in advance to ensure that all SOC criteria are covered and technology requirements are reviewed to deliver an effective audit. The audit will start with a review of documentation and records, observations of processes and methodologies, interviews with the SOC staff and a remote video tour of the SOC environment. All data and evidence will be noted and included in the final audit report, held under a CREST NDA. More information is available by visiting https://www.crest-approved.org/applying-for-soc-accreditation.

Image licensed by: Pixabay.com

Related News:

Check Point Software’s Mobile Security Report 2021 Shows Almost Every Organization Globally Experienced a Mobile Malware Attack during the Past Year

Survey: 60% of Educational Organizations Hit by Phishing Attacks Targeting Cloud Data, the Highest Result of All Verticals Analyzed

The post CREST Launches Remote Audit Facility for SOC Accreditation appeared first on Digital IT News.

“Managing security and compliance can be a tedious and complex task, which has been further complicated by a flood of single, point products,” said Bryon Miller, CISO and Hosted Portal Lead, ASCENT. “With the ASCENT Security Compliance Portal, organizations can automate their security processes while gaining a single source of compliance truth for visibility into achievements and gaps across leading security frameworks. In a single cloud-based platform, security and compliance teams now have everything they need to manage compliance readiness.”

The new ASCENT Security Compliance Portal automates security program processes, including assessments, policies, plans, and incident response, end-to-end. The new portal also features capabilities for complete vendor management and artifact storage so that companies can simplify their adherence to leading compliance frameworks while retaining regulatory proof to simplify auditing response. Key features of the portal include:

• Security Assessments. Providing the real-time status for any control framework, or multiple control frameworks, ASCENT security assessments provide complete, continuous monitoring of controls to ensure assessments are always current.
• Security and Compliance Calendar. Featuring automated email reminders to control owners, the security and compliance calendar proactively manages and monitors control tasks so last-minute data collection is avoided.
• Risk Assessments. ASCENT provides annual risk assessments for natural, man-made, business, and IT risks, to ensure appropriate mitigation steps can be performed. Once completed, it’s easy to maintain changes and report on real-time status to ensure the risk assessments are current.
• Complete Vendor Management. ASCENT simplifies vendor management processes, automating vendor due diligence assessments where vendors are notified of the need to complete their risk assessment directly within the portal. Vendor contract management features also monitor, manage and alert on renewals and expirations.
• Automated and On-Demand Reporting. ASCENT provides automated weekly reporting and offers customizable on-demand reporting across critical compliance areas including security assessments, security awareness training, outstanding compliance tasks and more.

ASCENT Security Compliance Portal is a multi-tenant solution that offers out-of-the-box compliance framework processes for CIS Top 20, Cybersecurity Assessment Tool (CAT), Cybersecurity Maturity Model Certification (CMMC), FedRAMP, FFIEC, GDPR, HIPAA/HITECH/HITRUST CSF, ISO 27001/27002, NIST (FISMA), PCI-DSS and over 30 additional industry-standard frameworks. The solution is ideal for regulated industries, including financial services, DoD contractors and suppliers, healthcare organizations, law firms and auditing firms as well as the managed services providers (MSPs) that support them to ensure security and compliance practices for their customers.

“GiaSpace has been performing network audits as one-offs for many years, but we were missing a portal that we could use to deliver our Compliance as a Service,” said Robert Giannini, Strategic Technology Consultant, GiaSpace, a managed IT and security services provider. “When the DoD ramped up the intro of CMMC, we put forth a lot of searching for a system that we could use to manage NIST, CMMC, and HIPAA audits. After our initial trial and error, we found the ASCENT Portal. Today we use the ASCENT Portal to manage several multi-tenant audits and the required supporting documentation. I strongly feel this is a system that is going to streamline our efforts in getting DoD contractors CMMC certified and manage those findings in a secure system.”

Available now, the SaaS-based ASCENT Security Compliance Portal pricing starts at $4,800 annually. For more information, visit: www.ascent-portal.com.

Image licensed by: unslpash.com

Related News:

Deloitte Introduces ReadyAI Artificial Intelligence-as-a-Service Solution

BMC Enables Organizations to Develop and Deliver Code Faster

The post ASCENT Launches ASCENT Security Compliance Portal appeared first on Digital IT News.

Return to Work Security Services simplifies the complexities associated with returning to in-person work by empowering organizations to select the technologies and services they need with the agility to adapt to their unique environment as part of their individual plans to return to a physical workspace.

Return to Work Security Services can become part of a smarter and safer employee or visitor experience from entrance to exit, allowing customers to utilize:

• Kiosk-based access screening at employee, visitor, warehouse and plant entrances to facilitate company policies such as wellness screens, automated temperature checks, mask compliance and hand sanitizing – minimizing the need for human contact.
• Personnel density and physical distancing analysis and planning tools to reserve and modify the availability of reservable spaces, such as socially distanced desks, common rooms, warehouse spaces or occupancy-limited meeting rooms to accommodate social distancing protocols based on state and local mandates and compliance requirements determined by the customer.
• Access to analysis and materials that customers may incorporate into their own customized training, adoption and improvement programs and practices to reduce the risk of non-compliance, and access to past visitor logs for quick assessments, all allowing for proactive management of return-to-work challenges.

“As businesses return to the workplace, employers’ top concern is how to bring their staff back safely and address their obligations under various state and other mandates. This is a critical responsibility, now and post-pandemic, and will transform how we work and collaborate in face-to-face environments to help keep everyone at work safe long-term,” said Steven Burger, Vice President, Technology Innovation & New Business Development, Ricoh USA, Inc. “Business continuity measures such as taking preventative screening and distancing measures will remain paramount for the foreseeable future. Return to Work Security Services takes a common-sense, comprehensive approach to addressing the changes necessary for returning to the physical workplace so organizations can focus on recovery, growth and the future.”

Capturing the key attributes of users’ most pressing return-to-work policies and processes, Ricoh’s offering is customized for the specific needs of each customer with data-driven optimization and change management support. Ricoh also provides insights for improvements based on regular review of data analytics that customers may use as part of ongoing compliance programs and as they continue to refine their COVID-19 policies and practices. This latest service complements Ricoh’s existing offerings that address safety needs such as RICOH Intelligent Voice Control, Workplace & Facilities Management Services and more.

Image licensed by Pixabay.com

Related News: 

COVID-19 and the Future of Work: Citrix® Shares Lessons Learned One Year In

IGEL Reports Record Growth Driven by Increasing Global Adoption of Cloud-Delivered Digital Workspaces

The post Ricoh unveils Return to Work Security Services to address security and safety needs in physical workplaces appeared first on Digital IT News.

Enterprises everywhere are expanding connectivity, growing their cloud capabilities and turning to automated solutions to protect themselves against sophisticated cyberattacks. Palo Alto Networks continues to expand its integrated platform of cloud, network and AI-driven threat protection capabilities to meet these market and customer dynamics. Its partner ecosystem has been instrumental in providing complementary solutions to help customers implement the best security architectures.

As digital transformation fuels the demand for specialized security expertise and creates a new economy of services, Palo Alto Networks is committed to delivering the products, programs and resources to enable its NextWave partners. Developed in consultation with the company’s partners, NextWave 3.0 will:

• Enable differentiation with new specializations. Partners can build their security expertise through three new Prisma SASE (Prisma Access and Prisma SD-WAN, formerly CloudGenix), Prisma Cloud and Cortex XDR/XSOAR specializations. These new specializations include corresponding partner training and certifications.
• Enhance partner profitability with three new specialization incentives for Prisma SASE, Prisma Cloud and Cortex XDR/XSOAR deals, along with other new incentives, deal boost and new rebates for its NextWave Diamond Innovator partners.
• Expand partner opportunities by boosting existing deal referral incentives on all Palo Alto Networks products, extending partner-delivered support across more of Palo Alto Networks’ technologies and offering new education credits. Further, NextWave partners can now resell Prisma Cloud via a two-tier go-to-market strategy.
• Empower partner success. NextWave 3.0 includes a host of new enablement resources and ways for partners to earn or maintain NextWave status, expanding Certified Professional Services certification to include the new specializations, Technology Education credits and technology adoption discounts.

“The future of our business and that of our partners are fundamentally linked,” said Karl Soderlund, senior vice president of Worldwide Channels. “The NextWave partner of tomorrow will enable digital transformation for our customers by embracing new technology, offering product-specific expertise, and leading with services. NextWave 3.0 helps our partners do just that. It is the most sweeping set of enhancements we have done to help our partners become security experts across our entire technology portfolio.”

About the NextWave Partner Program

• Palo Alto Networks NextWave partner program includes approximately 6,500 partners who help 80,000 customers around the world succeed with the company’s technologies. In FY’20, 900 NextWave partners doubled their business through Palo Alto Networks.
• In the company’s most recent Partner Satisfaction survey, more than 3,300 NextWave partners ranked Palo Alto Networks No. 1 in Partnership, Growth, Enablement and Profitability, when measured against top competitors.
• Today, more than 18,000 partner engineers hold over 40,000 Palo Alto Networks technical certifications.

Partner Quotes

WWT

“As enterprises accelerate digital transformation, the need for agile and adaptable security solutions has never been greater,” said Mike McGlynn, Vice President and General Manager of Global Security, World Wide Technology (WWT). “Palo Alto Networks’ NextWave 3.0 offers a comprehensive security suite that enables WWT to help organizations construct and evolve their security infrastructures in the cloud, at the edge, and through AI-driven automation, tailored to their unique transformation needs.”

Sirius

“As a national integrator of technology-based business solutions that span the enterprise, including the data center, Sirius builds solutions on products and services from the world’s top technology companies through our dedicated teams of highly-certified experts,” said Deborah Bannworth, Senior Vice President of Partner Alliances, Inside Sales, Maintenance Sales & Services, Sirius. “NextWave 3.0 supports Sirius in aligning its world-class expertise to the Palo Alto Networks platform of technologies and will help us continue to meet the needs and priorities of its customers, which have shifted in 2020.”

Presidio

“More than ever, our customers in every industry are looking for IT to transform businesses with advanced technologies – to drive innovation, connectivity, lower costs, and optimize processes,” said Chris Barney, Senior Vice President, Cyber Security Practice, Presidio. “We are very pleased to partner with Palo Alto Networks, and to leverage NextWave 3.0, which will help us build our security services and expertise across the lifecycle of security needs for our customers.”

Image licensed by pixabay.com

Related News:

IGEL Expands Zoom, Cloud Printing and Webcam Support for Windows Virtual Desktop (WVD) Environments

39% of Healthcare Organizations Suffered Ransomware Attacks in the Cloud in 2020

The post Palo Alto Networks Launches NextWave 3.0 to Help Partners Build Expertise in Dynamic, High-Growth Security Markets appeared first on Digital IT News.

The post Edge Delta Releases Intelligent Observability Pipelines for DevOps, Security, and SRE teams appeared first on Digital IT News.