Kenna Security - Experts & Thought Leaders
Latest Kenna Security news & announcements
LastPass, the pioneer in zero-knowledge password management, announces that Karim Toubba has joined the company as its Chief Executive Officer. The cloud security veteran will lead LastPass as it separates from GoTo, formerly LogMeIn, and increases investment to create an even more seamless user experience, modernise go-to-market functions, and continue to build password and identity management solutions for the company’s customers. Toubba succeeds LastPass’ interim-CEO, Mike Kohlsdorf, who will continue to lead GoTo as CEO. Delivering strategic value “This is a transformational moment for LastPass, and we are thrilled to bring Karim on board to lead the next chapter of LastPass,” said Mike Kohlsdorf, adding “He brings the right blend of security, innovation and leadership experience to lead LastPass – addressing the needs of our customers, all while ensuring we continue to grow rapidly and evolve our product offerings.” “We’re delighted to welcome Karim as the new CEO during this significant phase at LastPass,” said Andrew Kowal, Partner at Francisco Partners, adding “There is a critical need in the market for secure identity verification and LastPass is poised to deliver strategic value against a vast growth opportunity.” Creating new category Kenna Security leveraged machine learning and data science to disrupt a stagnant market Karim Toubba, who served as CEO of Kenna Security, which was acquired by Cisco in July of 2021, brings over 25 years of security leadership and executive management in technology companies to his new role. Under his leadership, Kenna Security leveraged machine learning and data science to disrupt a stagnant market and create a new category of Risk-Based Vulnerability Management (RBVM). He most recently served at Cisco, overseeing the Kenna Security integration, and previously led product and strategy for the Security Business Unit at Juniper Networks. Password management category Karim Toubba said, “I’m excited to join LastPass due to the incredible opportunity to make an impact in identity management, which is one of the largest and most important segments within cybersecurity – one that is a critical first step in how users experience online services but that is often at the forefront of cyberattacks.” He adds, “LastPass is already the leader in the password management category but now we have an opportunity to further innovate and deliver additional value for our 100,000 business customers and more than 33 million registered users worldwide.”
Security and IT teams have recently been facing a tidal wave of highly publicised breaches stemming from unpatched vulnerabilities, such as the attacks originating from a zero-day Windows printer spooler vulnerability dubbed ‘PrintNightmare’ (CVE-2021-34527). These software vulnerabilities are a major threat vector that security teams need to address. They are excited to announce the launch of the vulnerability management module for VMware Carbon Black Cloud Endpoint. By adding vulnerability management to VMware Carbon Black Cloud Endpoint, customers can further streamline and consolidate key security functionality into a single cloud-native agent and console. Delivering risk-prioritisation VMware’s new offering delivers risk-prioritisation and increased visibility so security teams can focus on exploitable vulnerabilities. “In the first half of 2021, we’ve well surpassed the number of zero-days exploited than were seen in all of 2020. Vulnerability management must be a core functionality for security teams as they fight back against an onslaught of attacks.” Organisations can now monitor their Windows and Linux endpoints for OS and application vulnerabilities “Our vulnerability management module allows defenders to easily prioritise which vulnerabilities are considered critical, all within one single platform,” said Scott Lundgren, CTO, Security Business Unit, VMware. Organisations can now monitor their Windows and Linux endpoints for OS and application vulnerabilities and prioritise remediation based on the risk of exploit. Day security tasks By leveraging the existing lightweight VMware Carbon Black Cloud Endpoint sensor to collect application and OS data and combining it in the cloud with Kenna Security’s enriched vulnerability insights and risk scores, customers can reduce the system impacts and manual efforts associated with point-in-time vulnerability scans and manage their vulnerabilities in an ongoing fashion alongside their other day-to-day security tasks. The vulnerability management module helps security teams understand the current state of endpoint vulnerabilities within the VMware Carbon Black Cloud console so they can act quickly and with context in the event of an attack. The increased visibility proactively reduces the attack surface because organisations can better identify vulnerabilities and harden endpoints before a vulnerability is exploited. Creating resource overhead This new offering extends VMware’s existing partnership with Kenna Security to provide dynamic risk scoring It’s important to note how increased visibility is achieved. Traditionally, legacy vulnerability vendors would perform a scan on the endpoint itself, creating resource overhead. Because of this overhead, customers had to schedule time (usually once a month or quarter) to perform the scan during downtime. This meant more planning and less frequent data updates. With this new offering, VMware Carbon Black Cloud not only offloads the overhead from the endpoint to the cloud, but it automatically updates vulnerability data every 24 hours. This scanless approach to vulnerability management eliminates the need to plan for downtime before scanning and automatically provides up-to-the-minute vulnerability information. This new offering extends VMware’s existing partnership with Kenna Security to provide dynamic risk scoring and prioritisation for endpoint vulnerabilities without the need to rely on scanner data alone. Science-based approach Within the VMware Carbon Black Cloud, one will see a prioritised list of CVEs (Common Vulnerabilities and Exploits) that is updated with a no-touch, incredibly low-impact data collection. Their partnership with Kenna Security enables the integration of their unique data science-based approach to risk prioritisation. Their partnership with Kenna Security enables the integration of their unique data science-based approach “Modern vulnerability management requires visibility, accuracy, and velocity to achieve successful outcomes. Extending our partnership with VMware Carbon Black Cloud from their workload offering to their endpoint offering will arm security teams with visibility into the vulnerabilities in their endpoints, accurate data science-based risk scoring, all at the speed required for businesses to prioritise the right actions at the right time and meaningfully reduce the risk for their organisations,” said Ed Bells, CTO and Co-Founder, Kenna Security, a Cisco Company. Additional overhead cost This new offering enables risk-based vulnerability management to be built into one single agent and delivered with the standard VMware Carbon Black Cloud sensor at no additional overhead cost. By focusing on intelligent risk scores that go beyond the industry standard of CVSS and indicate real-world exploits of vulnerabilities, security teams can reduce the number of noisy alerts and false positives and spend time remediating vulnerabilities that create real risk in their environments. This allows organisations to better identify the true risk of every endpoint, with easy-to-understand risk scores and detailed intelligence. Meanwhile, security teams can focus on the vulnerabilities that matter, remediate them faster, and adopt a proactive security posture focused on protecting against emerging threats.
Kenna Security, the enterprise provider in risk-based vulnerability management, and VMware Carbon Black, a provider in cloud-native next-generation endpoint security, are partnering to power the vulnerability assessment and risk scoring capabilities of Carbon Black Cloud WorkloadTM. As a result of this partnership, enterprises running VMware Carbon Black Cloud Workload will be able to efficiently and effectively prioritise critical vulnerabilities and reduce risk to their servers and workloads. Cloud security “As organisations continue their journey towards cloud transformation and application modernisation, it’s time to rethink cloud security,” said Patrick Morley, Senior Vice President and General Manager of VMware Carbon Black. “VMware Carbon Black Cloud Workload will introduce a new approach to cloud security, extending protection to the workload level to reduce the attack surface. “ "Utilising Kenna Security’s vulnerability assessment, we will be able to deliver an intuitive, transparent approach that breaks down barriers between security and operations teams to empower organisations to gain control of vulnerability management programs to better secure critical servers and workloads.” VMware Carbon Black is able to provide an elegant solution to a long-standing challenge in enterprise cybersecurity By leveraging Kenna Security capabilities, VMware Carbon Black is able to provide an elegant solution to a long-standing challenge in enterprise cybersecurity. Many organisations have the capacity to patch only a fraction of the vulnerabilities threatening their environments. Prioritising vulnerabilities Additionally, traditional scanning is often too cumbersome for the large number of endpoints in their environment. Although not all vulnerabilities pose a proven risk of weaponisation, the challenge for organisations is identifying which vulnerabilities to focus on. With the inclusion of Kenna’s vulnerability assessment capabilities, VMware Carbon Black Cloud Workload is able to efficiently focus resources on the specific critical vulnerabilities facing each organisation. Reducing risk “The relationship between security teams and vCenter admins is critical for maintaining uptime and protecting cloud workloads, but it simply doesn’t work effectively when these teams are speaking different languages with different priorities,” said Karim Toubba, Chief Executive Officer at Kenna Security. “Vulnerability management is not only about finding the most vulnerabilities—it’s also about fixing the right ones. By leveraging Kenna Security, VMware Carbon Black Cloud Workload will help organisations align on prioritising vulnerabilities so they can improve their security intuitively, reducing risk while also becoming more efficient at the process as a whole.” Real-time infrastructure and software inventory data VMware Carbon Black will leverage Kenna Security’s inference technology to analyse real-time infrastructure VMware Carbon Black will leverage Kenna Security’s inference technology to analyse real-time infrastructure and software inventory data collected by VMware Carbon Black, in order to identify and prioritise vulnerabilities based on Kenna’s robust, contextual data. This will give organisations utilising VMware Carbon Black Cloud Workload full visibility into their vulnerability environment without having to run authenticated scans or deploy yet another cumbersome agent. Six-month unlimited free trial By utilising Kenna’s proven data science techniques in the application of machine learning and natural language processing to uniquely curate and customise threat datasets, including more than 15 exploit and threat intelligence feeds and more than 7 billion managed vulnerabilities, VMware Carbon Black will give organisations the power to apply Kenna’s predictive modelling to forecast the weaponisation of new vulnerabilities with a confirmed 94 percent accuracy rate, and then prioritise their remediation activities based on the risk of exploitation. VMware customers can experience the advanced new solution with a six-month unlimited free trial of VMware Carbon Black Cloud Workload Essentials, available for all current vSphere 6.5 and VMware Cloud Foundation 4.0 customers.
The key to unlocking K12 school safety grants
Download5 surprising findings from OT vulnerability assessments
DownloadPhysical access control
DownloadHoneywell GARD USB threat report 2024
DownloadPalm vein recognition
Download