Connect with us

AI

Tackling the endpoint security hype: Can endpoints actually self-heal?

Avatar

Published

on

Join Transform 2021 this July 12-16. Register for the AI event of the year.


Imagine that every endpoint on an IT network is self-aware — it knows if it’s under attack and immediately takes steps to thwart the attack. It then shuts itself down and autonomously rebuilds itself with new software patches and firmware updates.

This is the promise of self-healing endpoints: endpoints that continually learn about new attack techniques while keeping their configurations optimized for network and security performance. Unfortunately, the reality does not match the hype.

Defining the self-healing endpoint

A self-healing endpoint is defined by its self-diagnostics, combined with the adaptive intelligence needed to identify a suspected or actual breach attempt and take immediate action to stop the breach. Self-healing endpoints can shut themselves off, complete a recheck of all OS and application versioning, and then reset themselves to an optimized, secure configuration. All these activities happen autonomously, with no human intervention.

What differentiates self-healing endpoint offerings on the market today is their relative levels of effectiveness in deploying resilience techniques to achieve endpoint remediation and software persistence to the OS level. Self-healing endpoints with multiple product generations of experience have learned how to create persistence to the firmware, OS, and application layer of endpoint system architectures. This is distinguished from automated patch updates using scripts governed by decision rules or an algorithm. That doesn’t qualify as a true self-healing endpoint and is better described as endpoint process automation.

Beware the self-healing endpoint hype

The self-healing endpoint is one of the most overhyped areas of cybersecurity today, with over 100 vendors currently vying for a piece of the market. The anticipated growth of business endpoint security is feeding this frenzy.

Gartner predicts the endpoint protection platform (EPP) market will grow 18.5% in 2021 and climb from an estimated $8.2 billion in 2019 to about $18.8 billion by 2024. By the end of 2025, more than 60% of enterprises will have replaced older antivirus products with combined EPP and endpoint detection and response (EDR) solutions that supplement prevention with detection and response capabilities. Taken in total, Gartner’s Top Security and Risk Management Trends for 2021 underscores the need for more effective EDR, including self-healing endpoints.

Growth is also being driven by rapidly changing cybersecurity threats. The recent SolarWinds hack forever changed the nature of cyberattacks by exposing how vulnerable software supply chains are as a primary threat vector and showing how easily endpoints could be rendered useless by compromised monitoring systems. The hackers embedded malicious code during DevOps cycles that propagated across customers’ servers. These techniques have the potential to render self-healing endpoints inoperable by infecting them at the firmware level. The SolarWinds attack shows how server, system, and endpoint device firmware and operating systems now form a launchpad for incursions initiated independently of the OS to reduce detection.

Endpoints that were sold as self-healing are still being breached, and current gaps in the effectiveness and reliability of endpoints must be addressed. Runtime protection, containment, and fault tolerance-based endpoint security systems were oversold under the banner of self-healing endpoints. In fact, many don’t have the adaptive intelligence to recognize a breach attempt in progress. Fortunately, newer technologies that rely on behavioral analytics techniques found in EDR systems, threat hunting, AI-based bot detection, and firmware-based self-healing technologies have proven more reliable.

Further complicating the self-healing endpoint landscape is the speed with which EDR and EPP begin merging to form unified endpoint security stacks. The value of EDR/EPP within an endpoint security stack depends on how well cybersecurity vendors strengthen platforms with new AI and machine learning.

EPP offers a prime example of the need for AI and machine learning. The primary role of EPP in an endpoint security stack is to identify and block malicious code that seeks to overtake control of endpoints. It takes a solid combination of advanced threat detection, antivirus, and anti-malware technologies to identify, stop, and then eradicate the endpoint threat.

How to prove an endpoint is self-healing

A knowledge base comprising fully documented adversary tactics and techniques provides tooling to truth-test self-healing endpoint claims. Known as MITRE ATT&CK, this knowledge base has captured and cataloged data from actual breach attempts, supplying the verifications teams need to test out self-healing endpoint security claims.

The knowledge base for endpoint validation also benefits vendors, as it discloses whether an endpoint is truly self-healing. Using the MITRE dataset, cybersecurity vendors can discover gaps in their applications and platforms. MITRE ATT&CK’s 14 categories of adversarial tactics and techniques form a framework that provides organizations and self-healing endpoint vendors with the data they need to simulate activity cycles.

MITRE sponsors annual evaluations of cybersecurity products, including endpoint detection and response (EDR), where vendors can test their solutions against the MITRE ATT&CK datasets. The methodology process is based on a design, execute, and release evaluation process. Simulations of APT29 attacks comprise the 2019 dataset and the Carbanak+FIN7 2020 dataset. Evaluations for 2021 are now open for Wizard Spider and Sandworm. The ATT&CK Matrix for Enterprise serves as the framework for evaluations of each vendor’s EDR capabilities.

Mitre ATT&CK for Enterprise Matrix

Above: The MITRE ATT&CK for Enterprise Matrix serves as the framework for identifying all known threats and breach attempts across 14 categories. The matrix is used for quantifying the performance of different EDR and self-healing systems today.

EDR and self-healing endpoint vendors create test environments that include detection sensors designed to identify, block, and prevent intrusions and breaches from the datasets MITRE provided. Next, MITRE creates a red team comprising emulated adversarial attacks. APT29-based data was the basis of the evaluation in 2019 evaluations and Carbanak+FIN in 2020 and Wizard Spider and Sandworm data. The test involves a simulation of 58 attacker techniques in 10 kill chain categories.

MITRE completes attack simulations and relies on detection types to evaluate how effective each EDR solution is in identifying a potential attack. The detection times are classified into alerts, telemetry, or none generated. Microsoft Threat Defender 365 was able to identify all 64 active alerts and successfully identified eight MITRE attack categories from the Enterprise Matrix. The following is an example of the type of data generated based on the simulated MITRE attack scenario.

Img Mitre Attack Benchmark

Above: Analyzing MITRE ATT&CK data by vendor provides a reliable benchmark for which EDR and self-healing endpoints can scale under an actual attack.

MITRE ATT&CK data has come to influence self-healing endpoint product design. When cybersecurity EDR vendors test their existing self-healing endpoints against MITRE ATT&CK data, they often find areas for improvement and innovation.

For Microsoft, 365 Defender’s advances in identifying credential access, initial access, and privilege escalation attack scenarios based on modeled data help improve Threat Defender analytics. Based on the cumulative lessons learned from three years of MITRE ATT&CK data evaluations, the most effective self-healing endpoints are designing in self-generative persistence, resilience, and adaptive intelligence.

The three techniques delivering the best results are AI-enabled bots that threat-hunt and remediate self-healing endpoints, behavior-based detections and machine learning to identify and act on threats, and firmware-embedded persistence.

AI-enabled bots identify and eradicate anomalies

Companies across all industries can successfully use automation bots to anticipate security threats, reduce help desk workloads, troubleshoot network connectivity issues, reduce unplanned outages, and self-heal endpoints by continually scanning network activity for any signs of a potential or actual breach. Throughout the pandemic, software vendors have fast-tracked much of their AI and machine learning-based development to help customers improve their service management, asset management, and self-healing endpoint security.

In the case of Ivanti, a decision to base its latest IT service management (ITSM) and IT asset management (ITAM) solutions on its AI-based Ivanti Neurons platform reflects the way AI-based bots can contribute to protecting and self-healing endpoints in real time in the “Everywhere Workplace.” The goal with these latest innovations is to improve ITSM and ITAM so IT teams have a comprehensive picture of IT assets from cloud to edge. Ivanti’s product strategy reflects its customers’ main message that virtual workforces are here to stay. They need to proactively and autonomously self-heal and self-secure all endpoints and provide personalized self-service experiences to support employees working from anywhere, anytime.

VentureBeat spoke with SouthStar Bank IT specialist Jesse Miller about how effective AI-based bots are at self-healing endpoints. Miller said a major goal of the bank is to have endpoints self-remediate before any client ever experiences an impact. He also said the bank needs to have real-time visibility into endpoint health and have a single pane of glass for all ITSM activity.

“Having an AI-based system like Ivanti Neurons allows what I call contactless intervention because you can create custom actions,” Miller said. “We’re relying on Ivanti Neurons for automation, self-healing, device interaction, and patch intelligence to improve our security posture and to pull in asset data and track and resolve tickets.” SouthStar’s business case for investing in a hyper-automation platform is based on hours saved compared to more manual service desk functions and preemptive self-healing endpoint security and management. Below is an example of how self-healing configurations can be customized at scale across all endpoints.

Ivanti Neurons Screen Shot

Above: ITSM platforms are expanding their scope to include endpoint detection and response including self-healing endpoints. For example, Ivanti’s Neurons platform and its use of AI-enabled bots at scale.

Microsoft Defender 365 relies on behavior-based detections

Continually scanning every artifact in Outlook 365, Microsoft Defender 365 is one of the most advanced self-healing endpoints for correlating threat data from emails, endpoints, identities, and applications.

When there’s a suspicious incident, automated investigation results classify a potential threat as malicious, suspicious, or no threat found. Defender 365 then takes autonomous action to remediate malicious or suspicious artifacts.

Remediation actions include sending a file to quarantine, stopping a process, isolating a device, or blocking a URL. The Microsoft 365 Defender suite, which provides autonomous investigation and response, includes a Virtual Analyst. Earlier this month, Microsoft made Microsoft 365 Threat Defender analytics available for public preview. Most recent threats, high-impact threats, and threat summaries are all available in a single portal view.

MS Defender Screen Shot

Above: Correlating insights from behavior-based detections, machine learning algorithm-based analysis, and threat data from multiple sources is at the heart of Microsoft 365 Defender’s EDR architecture.

Firmware-embedded self-healing endpoints for always-on connection

Absolute Software offers an example of firmware-embedded persistence providing self-healing endpoints. The company’s approach to self-healing endpoints is based on a firmware-embedded connection that’s undeletable from every PC-based endpoint.

Absolute’s customers say the Persistence technology is effective in remediating endpoints, providing resilience and autonomous responses to breach attempts. Dean Phillips is senior technology director at customer PA Cyber, one of the largest and most experienced online K-12 public schools in the nation, serving over 12,000 students based in Midland, PA. Phillips said it’s been helpful to know each laptop has active autonomous endpoint security running and that endpoint management is a must-have for PA Cyber.

“We’re using Absolute’s Persistence to ensure an always-on, two-way connection with our IT management solution, Kaseya, which we use to remotely push out security patches, new applications, and scripts. That’s been great for students’ laptops, as we can keep updates current and know where the system is,” Phillips said.

Such an agent enables capable endpoint management on student laptops, which he called “a big plus.”

Absolute’s 2021 Q2 earnings presentation reflects how quickly the self-healing endpoint market is expanding today.

Endpoint, heal thyself

Cybersecurity vendors all claim to have self-healing endpoints. Absolute Software, Akamai, Blackberry, Cisco, Ivanti, Malwarebytes, McAfee, Microsoft 365, Qualys, SentinelOne, Tanium, Trend Micro, Webroot, and many others attest that their endpoints can autonomously heal themselves. Separating hype from results starts by evaluating just how effective the technologies they’re based on are at preemptively searching out threats and removing them.

Evaluating self-healing endpoints using MITRE ATT&CK data and sharing the results with prospects needs to happen more. With every cybersecurity vendor claiming to have a self-healing endpoint, the industry needs better benchmarking to determine how effective threat hunting and preemptive threat assessments are.

What’s holding more vendors back from announcing self-healing endpoints is how difficult it is to provide accurate anomaly detection and incident response (IR) results that can autonomously track, quarantine, or remove an inbound threat. For now, the three most proven approaches to providing autonomous self-healing endpoints are AI-enabled bots, behavioral-based detections, and firmware-embedded self-healing technologies.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://venturebeat.com/2021/04/23/tackling-the-endpoint-security-hype-can-endpoints-actually-self-heal/

AI

Optimal Dynamics nabs $22M for AI-powered freight logistics

Avatar

Published

on

Join Transform 2021 this July 12-16. Register for the AI event of the year.


Optimal Dynamics, a New York-based startup applying AI to shipping logistics, today announced that it closed a $18.4 million round led by Bessemer Venture Partners. Optimal Dynamics says that the funds will be used to more than triple its 25-person team and support engineering efforts, as well as bolster sales and marketing departments.

Last-mile delivery logistics tends to be the most expensive and time-consuming part of the shipping process. According to one estimate, last-mile accounts for 53% of total shipping costs and 41% of total supply chain costs. With the rise of ecommerce in the U.S., retail providers are increasingly focusing on fulfilment and distribution at the lowest cost. Particularly in the construction industry, the pandemic continues to disrupt wholesalers — a 2020 Statista survey found that 73% of buyers and users of freight transportation and logistics services experienced an impact on their operations.

Founded in 2016, Optimal Dynamics offers a platform that taps AI to generate shipment plans likely to be profitable — and on time. The fruit of nearly 40 years of R&D at Princeton, the company’s product generates simulations for freight transportation, enabling logistics companies to answer questions about what equipment they should buy, how many drivers they need, daily dispatching, load acceptance, and more.

Simulating logistics

Roughly 80% of all cargo in the U.S. is transported by the 7.1 million people who drive flatbed trailers, dry vans, and other heavy lifters for the country’s 1.3 million trucking companies. The trucking industry generates $726 billion in revenue annually and is forecast to grow 75% by 2026. Even before the pandemic, last-mile delivery was fast becoming the most profitable part of the supply chain, with research firm Capgemini pegging its share of the pie at 41%.

Optimal Dynamics’ platform can perform strategic, tactical, and real-time freight planning, forecasting shipment events as far as two weeks in advance. CEO Daniel Powell — who cofounded the company with his father, Warren Princeton, a professor of operations research and financial engineering — says that the underlying technology was deployed, tested, and iterated with trucking companies, railroads, and energy companies, along with projects in health, ecommerce, finance, and materials science.

“Use of something called ‘high-dimensional AI’ allows us to take in exponentially greater detail while planning under uncertainty. We also leverage clever methods that allow us to deploy robust AI systems even when we have very little training data, a common issue in the logistics industry,” Powell told VentureBeat via email. “The results are … a dramatic increase in companies’ abilities to plan into the future.”

The global logistics market was worth $10.32 billion in 2017 and is estimated to grow to $12.68 billion USD by 2023, according to Research and Markets. Optimal Dynamics competes with Uber, which offers a logistics service called Uber Freight. San Francisco-based startup KeepTruckin recently secured $149 million to further develop its shipment marketplace. Next Trucking closed a $97 million investment. And Convoy raised $400 million at a $2.75 billion valuation to make freight trucking more efficient.

But 25-employee Optimal Dynamics investor Mike Droesch, a partner at BVP, says that demand remains strong for the company’s products. “Logistics operators need to consider a staggering number of variables, making this an ideal application for a software-as-a-service product that can help operators make more informed decisions by leveraging Optimal Dynamics industry leading technology. We were really impressed with the combination of their deep technology and the commercial impact that Optimal Dynamics is already delivering to their customers,” he said in a statement.

With the latest funding round, a series A, Optimal Dynamics has raised over $22 million to date. Beyond Bessemer, Fusion Fund, The Westly Group, TenOneTen Ventures, Embark Ventures, FitzGate Ventures, and John Larkin and John Hess also contributed .

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://venturebeat.com/2021/05/13/optimal-dynamics-nabs-22m-for-ai-powered-freight-logistics/

Continue Reading

AI

Code-scanning platform BluBracket nabs $12M for enterprise security

Avatar

Published

on

Join Transform 2021 this July 12-16. Register for the AI event of the year.


Code security startup BluBracket today announced it has raised $12 million in a series A round led by Evolution Equity Partners. The capital will be used to further develop BluBracket’s products and grow its sales team.

Detecting exploits in source code can be a pain point for enterprises, especially with the onset of containerization, infrastructure as code, and microservices. According to a recent Flexera report, the number of vulnerabilities remotely exploitable in apps reached more than 13,300 from 249 vendors in 2020. In 2019, Barracuda Networks found that 13% of security pros hadn’t patched their web apps over the past 12 months. And in a 2020 survey from Edgescan, organizations said it took them an average of just over 50 days to address critical vulnerabilities in internet-facing apps.

BluBracket, which was founded in 2019 and is headquartered in Palo Alto, California, scans codebases for secrets and blocks future commits from introducing new risks. The platform can monitor real-time risk scores across codebases, git configurations, infrastructure as code, code copies, and code access and resolve issues, detecting passwords and over 50 different types of tokens, keys, and IDs.

Code-scanning automation

Coralogix estimates that developers create 70 bugs per 1,000 lines of code and that fixing a bug takes 30 times longer than writing a line of code. In the U.S., companies spend $113 billion annually on identifying and fixing product defects.

BluBracket attempts to prevent this by proactively monitoring public repositories with the highest risk factors, generating reports for dev teams. It prioritizes commits based on their risk scores, minimizing duplicates using a tracking hash for every secret. A rules engine reduces false positives and scans for regular expressions, as well as sensitive words. And BluBracket sanitizes commit history both locally and remotely, supporting the exporting of reports via download or email.

BluBracket offers a free product in its Community Edition. Both it and the company’s paid products, Teams and Enterprise, work with GitHub, BitBucket, and Gitlab and offer CI/CD integration with Jenkins, GitHub Actions, and Azure Pipelines.

BluBracket

Above: The Community Edition of BluBracket’s software.

Image Credit: BluBracket

“Since our introduction early last year, the industry has seen through Solar Winds how big of an attack surface code is. Hackers are exploiting credentials and secrets in code, and valuable code is available in the public domain for virtually every company we engage with,” CEO Prakash Linga, who cofounded BluBracket with Ajay Arora, told VentureBeat via email.

BluBracket competes on some fronts with Sourcegraph, a “universal code search” platform that enables developer teams to manage and glean insights from their codebase. It has another rival in Amazon’s CodeGuru, an AI-powered developer tool that provides recommendations for improving code quality. There’s also cloud monitoring platform Datadog, codebase coverage tester Codecov, and feature-piloting solution LaunchDarkly, to name a few.

But BluBracket, which has about 30 employees, says demand for its code security solutions has increased “dramatically” since 2020. Its security products are being used in “dozens” of companies with “thousands” of users, according to Linga.

“DevSecOps and AppSec teams are scrambling, as we all know, to address this growing threat. By enabling their developers to keep these secrets out of code in the first place, our solutions make everyone’s life easier,” Linga continued. “We are excited to work with Evolution on this next stage of our company’s growth.”

Unusual Ventures, Point72 Ventures, SignalFire, and Firebolt Ventures also participated in BluBracket’s latest funding round. The startup had previously raised $6.5 million in a seed round led by Unusual Ventures.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://venturebeat.com/2021/05/13/code-scanning-platform-blubracket-nabs-12m-for-enterprise-security/

Continue Reading

AI

Data governance and security startup Cyral raises $26M

Avatar

Published

on

Join Transform 2021 this July 12-16. Register for the AI event of the year.


Data security and governance startup Cyral today announced it has raised $26 million, bringing its total to date to $41.1 million. The company plans to put the funds toward expanding its platform and global workforce.

Managing and securing data remains a challenge for enterprises. Just 29% of IT executives give their employees an “A” grade for following procedures to keep files and documents secure, according to Egnyte’s most recent survey. A separate report from KPMG found only 35% of C-suite leaders highly trust their organization’s use of data and analytics, with 92% saying they were concerned about the reputational risk of machine-assisted decisions.

Redwood City, California-based Cyral, which was founded in 2018 by Manav Mital and Srini Vadlamani, uses stateless interception technology to deliver enterprise data governance across platforms, including Amazon S3, Snowflake, Kafka, MongoDB, and Oracle. Cyral monitors activity across popular databases, pipelines, and data warehouses — whether on-premises, hosted, or software-as-service-based. And it traces data flows and requests, sending output logs, traces, and metrics to third-party infrastructure and management dashboards.

Cyral can prevent unauthorized access from users, apps, and tools and provide dynamic attribute-based access control, as well as ephemeral access with “just-enough” privileges. The platform supports both alerting and blocking of disallowed accesses and continuously monitors privileges across clouds, tracking and enforcing just-in-time and just-enough privileges for all users and apps.

Identifying roles and anomalies

Beyond this, Cyral can identify users behind shared roles and service accounts to tag all activity with the actual user identity, enabling policies to be specified against them. And it can perform baselining and anomaly detection, analyzing aggregated activity across data endpoints and generating policies for normal activity, which can be set to alert or block anomalous access.

“Cyral is built on a high-performance stateless interception technology that monitors all data endpoint activity in real time and enables unified visibility, identity federation, and granular access controls. [The platform] automates workflows and enables collaboration between DevOps and Security teams to automate assurance and prevent data leakage,” the spokesperson said.

Cyral

Existing investors, including Redpoint, Costanoa Ventures, A.Capital, and strategic investor Silicon Valley CISO Investments, participated in Cyral’s latest funding round. Since launching in Q2 2020, Cyral — which has 40 employees and occupies a market estimated to be worth $5.7 billion by 2025, according to Markets and Markets — says it has nearly doubled the size of its team and close to quadrupled its valuation.

“This is an emerging market with no entrenched solutions … We’re now working with customers across a variety of industries — finance, health care, insurance, supply chain, technology, and more. They include some of the world’s largest organizations with complex environments and some of the fastest-growing tech companies,” the spokesperson said. “With Cyral, our company was built during the pandemic. We have grown the majority of our company during this time, and it has allowed us to start our company with a remote-first business model.”

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://venturebeat.com/2021/05/13/data-governance-and-security-startup-cyral-raises-26m/

Continue Reading

AI

Data governance and security startup Cyral raises $26M

Avatar

Published

on

Join Transform 2021 this July 12-16. Register for the AI event of the year.


Data security and governance startup Cyral today announced it has raised $26 million, bringing its total to date to $41.1 million. The company plans to put the funds toward expanding its platform and global workforce.

Managing and securing data remains a challenge for enterprises. Just 29% of IT executives give their employees an “A” grade for following procedures to keep files and documents secure, according to Egnyte’s most recent survey. A separate report from KPMG found only 35% of C-suite leaders highly trust their organization’s use of data and analytics, with 92% saying they were concerned about the reputational risk of machine-assisted decisions.

Redwood City, California-based Cyral, which was founded in 2018 by Manav Mital and Srini Vadlamani, uses stateless interception technology to deliver enterprise data governance across platforms, including Amazon S3, Snowflake, Kafka, MongoDB, and Oracle. Cyral monitors activity across popular databases, pipelines, and data warehouses — whether on-premises, hosted, or software-as-service-based. And it traces data flows and requests, sending output logs, traces, and metrics to third-party infrastructure and management dashboards.

Cyral can prevent unauthorized access from users, apps, and tools and provide dynamic attribute-based access control, as well as ephemeral access with “just-enough” privileges. The platform supports both alerting and blocking of disallowed accesses and continuously monitors privileges across clouds, tracking and enforcing just-in-time and just-enough privileges for all users and apps.

Identifying roles and anomalies

Beyond this, Cyral can identify users behind shared roles and service accounts to tag all activity with the actual user identity, enabling policies to be specified against them. And it can perform baselining and anomaly detection, analyzing aggregated activity across data endpoints and generating policies for normal activity, which can be set to alert or block anomalous access.

“Cyral is built on a high-performance stateless interception technology that monitors all data endpoint activity in real time and enables unified visibility, identity federation, and granular access controls. [The platform] automates workflows and enables collaboration between DevOps and Security teams to automate assurance and prevent data leakage,” the spokesperson said.

Cyral

Existing investors, including Redpoint, Costanoa Ventures, A.Capital, and strategic investor Silicon Valley CISO Investments, participated in Cyral’s latest funding round. Since launching in Q2 2020, Cyral — which has 40 employees and occupies a market estimated to be worth $5.7 billion by 2025, according to Markets and Markets — says it has nearly doubled the size of its team and close to quadrupled its valuation.

“This is an emerging market with no entrenched solutions … We’re now working with customers across a variety of industries — finance, health care, insurance, supply chain, technology, and more. They include some of the world’s largest organizations with complex environments and some of the fastest-growing tech companies,” the spokesperson said. “With Cyral, our company was built during the pandemic. We have grown the majority of our company during this time, and it has allowed us to start our company with a remote-first business model.”

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://venturebeat.com/2021/05/13/data-governance-and-security-startup-cyral-raises-26m/

Continue Reading
Aviation4 days ago

JetBlue Hits Back At Eastern Airlines On Ecuador Flights

Cyber Security5 days ago

Cybersecurity Degrees in Massachusetts — Your Guide to Choosing a School

Blockchain4 days ago

“Privacy is a ‘Privilege’ that Users Ought to Cherish”: Elena Nadoliksi

AI2 days ago

Build a cognitive search and a health knowledge graph using AWS AI services

Cyber Security5 days ago

Cybersecurity Degrees in Texas — Your Guide to Choosing a School

Blockchain2 days ago

Meme Coins Craze Attracting Money Behind Fall of Bitcoin

Energy3 days ago

ONE Gas to Participate in American Gas Association Financial Forum

Esports3 days ago

Pokémon Go Special Weekend announced, features global partners like Verizon, 7-Eleven Mexico, and Yoshinoya

Fintech3 days ago

Credit Karma Launches Instant Karma Rewards

Blockchain4 days ago

Opimas estimates that over US$190 billion worth of Bitcoin is currently at risk due to subpar safekeeping

SaaS4 days ago

Blockchain12 hours ago

Shiba Inu: Know How to Buy the New Dogecoin Rival

Esports2 days ago

Valve launches Supporters Clubs, allows fans to directly support Dota Pro Circuit teams

SaaS4 days ago

Blockchain4 days ago

Yieldly announces IDO

Esports4 days ago

5 Best Mid Laners in League of Legends Patch 11.10

Cyber Security3 days ago

Top Tips On Why And How To Get A Cyber Security Degree ?

SaaS4 days ago

Blockchain2 days ago

Sentiment Flippening: Why This Bitcoin Expert Doesn’t Own Ethereum

Business Insider2 days ago

Bella Aurora launches its first treatment for white patches on the skin

Trending