Qualys - Experts & Thought Leaders

DigiCert, a global provider of digital trust announced its next-generation Discovery, a set of key capabilities in DigiCert® Trust Lifecycle Manager that enable customers to build a centralised book of record of their cryptographic keys and certificates. This centralised view, when coupled with management and automated provisioning and renewal, improves crypto agility, reducing the time and resources needed to update algorithms, rotate keys and certificates, and remediate threats. Quantum-safe standards “The majority of organisations have not yet implemented a centralised crypto-management solution,” said DigiCert Chief Product Officer Deepika Chauhan. “This is becoming critical now, as IT pioneers consider how to transition their cryptographic algorithms and certificates to quantum-safe standards to protect their organisations against ‘harvest now, decrypt later’ strategies.” Evolving cryptographic technologies Trust Lifecycle Manager Discovery employs a broad set of methods for finding certificates within an organisation In a recent Gartner® report, Senior Director Analyst Brian Lowans wrote, “All cryptographic technologies will need to evolve to cope with the future threat of quantum computing, which is increasing the need for innovative technologies such as crypto-agility, postquantum cryptography, and quantum key distribution.” Trust Lifecycle Manager Discovery employs a broad set of methods for finding certificates within an organisation, including integration with private CAs, such as AWS Private CA and Microsoft CA, integration with vulnerability management solutions such as Qualys and Tenable, integrations with web servers and load balancers, and port-based scanning. Manage and automate cryptographic assets “The integration of Qualys Vulnerability Management, Discovery and Response (VMDR) and DigiCert products enables our customers to manage and automate the cryptographic assets that they discover in their vulnerability scans,” said Pinkesh Shah, Chief Product Officer, Qualys. “This seamless integration enables companies to tightly couple their vulnerability management and crypto agility strategies, improving their security posture and agility while reducing their cyber risk.”

Cohesity, a pioneer in AI-powered data security and management announced it is expanding its Data Security Alliance ecosystem with six pioneering Data Security Posture Management (DSPM) vendors, including long-standing partner BigID, as well as Cyera, Dig Security, Normalyze, Sentra, and Securiti. Challenges with cloud Cloud adoption continues to increase, but copies of data are often shared between clouds without oversight by IT or security, resulting in the growth of shadow data. Because of this, data security, cyber recovery, and compliance are at risk, as evidenced by 82% of breaches involving data stored in the cloud.  Need for DSPM capabilities DSPM gives customers a deep understanding of where their sensitive data is, who has access to it The need for DSPM capabilities, coupled with modern data security and management services, has never been greater. DSPM gives customers a deep understanding of where their sensitive data is, who has access to it, how it is being used, and where it is stored. When combined with Cohesity’s modern data security and management technology, customers are building a strong cyber resilience posture.  Flexibility  With these partnerships, Cohesity expects to integrate with the broadest and most comprehensive selection of DSPM solutions in the industry. Collectively, this newly formed group represents the majority of the DSPM market, providing Cohesity customers with the flexibility to choose the solution that best fits their needs.  Data visibility challenge Organisations face a significant challenge when it comes to the visibility of critical data across a growing multitude of repositories. Accelerating cloud adoption, compounded by an explosion of microservices, and a high rate of change (driven by modern DevOps practices) put customers at risk of significant data sprawl. Addressing visibility gaps Joint customers maintain visibility and help assure all their stakeholders that their sensitive data is protected Due to these visibility gaps, critical and sensitive data becomes hidden from IT teams and oftentimes goes unprotected. Cohesity is working to solve this issue by partnering with the pioneering DSPM vendors and members of the Cohesity Data Security Alliance. With this unique collaboration, joint customers maintain visibility and help assure all their stakeholders, including employees, customers, and shareholders that their sensitive data is protected. Sensitive data assessment Cohesity’s pioneering data security and management technology, coupled with the benefits of DSPM, will deliver instant discovery of all data workloads, both sanctioned and unsanctioned, while also providing assessments of which data workloads have sensitive data that are often targeted by bad actors. These capabilities enable enterprises to be even more proactive in the fight against cyberattacks and provide the following cyber resilience benefits: Backup admins can easily see which objects have sensitive data. IT and security can instantly identify protection gaps for critical workloads. Actionable Cyber Recovery risk reports go directly to compliance teams. Identify and protect data As organisations rapidly expand their hybrid cloud footprint, their data risk and exposure increase in lockstep" “As organisations rapidly expand their hybrid cloud footprint, their data risk and exposure increase in lockstep,” said Elad Horn, group vice president, of Product, Cohesity. “We look forward to continuing our partnership with pioneering DSPM vendors to help our joint customers rapidly identify and protect their most sensitive and business-critical data across both public cloud and private cloud environments.”  Cyber attack and ransomware protection “Cohesity is helping some of the largest enterprises in the world protect their data against ransomware and cyber threats in hybrid cloud environments,“ said Amer Deeba, CEO and Co-founder of Normalyze. “Now with the integration with Normalyze DSPM platform, customers get full visibility into their data across all clouds, SaaS, and on-prem." "The joint solution gives security teams unprecedented visibility into their sensitive data locations and types; identifies and prioritises risks based on the highest monetary impact to the organisation in case of a data breach, and proactively protects the data from ransomware and cyber attacks.”  DSPM solutions “Cohesity’s Data Security Alliance ecosystem offers customers the opportunity to implement security on their terms, making it easy to integrate with vendors in adjacent technology spaces,” said Jennifer Glenn, research director for the IDC Security and Trust Group. “The expansion of the program to include DSPM solutions such as BigID and Normalyze, as well as other pending integrations, gives customers more insight and visibility into their data and more confidence that it will be protected appropriately.”  Data Security Alliance Cohesity’s Data Security Alliance offers a unique and comprehensive approach to security The Cohesity Data Security Alliance was founded in November 2022 and contains 15 members including BigID, Cisco, CyberArk, Mandiant, Netskope, Okta, Palo Alto Networks, PwC UK, Qualys, Securonix, ServiceNow, Splunk, TCS, Zscaler. The addition of the six DSPM security vendors brings the total membership to 21. Cohesity’s Data Security Alliance offers a unique and comprehensive approach to security.  Security and data management Through this one-of-a-kind alliance, pioneering cyber security, data security and management, and services vendors partner to seamlessly bridge enterprise IT and security by sharing context and enabling new workflows. This collaboration can help customers detect threats and respond to attacks faster, improve remediation, and advance cyber resilience, all while utilising their existing security and data management investments. Remediate data risks “It’s more important than ever for organisations of all sizes to proactively identify and remediate risk across their entire data landscape – including dark data, shadow data, and critical data,” said Tyler Young, CISO at BigID. BigID’s market-pioneering DSPM capabilities enable companies to accelerate their security strategies" “BigID’s market-leading DSPM capabilities enable companies to accelerate their security strategies and improve their security posture with differentiated actionability, risk remediation, and unmatched data discovery and classification built for the enterprise. Our partnership with Cohesity is a natural fit to extend DSPM capabilities to help customers better manage, reduce, and remediate risk.” Availability The integration with Normalyze, Cohesity’s initial design partner, is expected to be available within 30 days. The company’s partnership with BigID on enterprise-grade, AI-powered data classification grows through this new integration with SmallID (BigID’s DSPM product) and is expected to be available in 60 days. Additional DSPM partner integrations will be available in the coming months.

Policy Monitor, London-based cyber security and risk management experts will launch the latest version of Cyber Security Policy Monitor (CSPM) at the International Cyber Expo 2023 at London Olympia. Cyber Security Policy Monitor CSPM is a simple and cost-effective cloud-based application to enable organisations to define their security policies. It then ensures that these policies are followed by all employees. CSPM helps measure, manage, and monitor an operation’s cyber security workflows and compliance, giving peace of mind to organisations of all sizes, including SMEs. Traceability and compliance CSPM is all about simplification and this latest release introduces internationalisation" Nick Denning, CEO of Policy Monitor said, “CSPM is all about simplification and this latest release introduces internationalisation. Many organisations wish to be certified for Cyber Essentials, CE+, IASME Assurance, ISO 27001 or in the USA against HIPAA or a flavour of the NIST standards." "CSPM links the security policy activities to sections in a standard, proving the traceability and compliance against the relevant requirements.” CSPM Version 3.4 capabilities In launching CSPM Version 3.4 Policy Monitor will demonstrate enhanced capabilities including: Multilingual options include English, Arabic, French, and Spanish. A simplified interface for organisations to build step-by-step cyber security. Integration with Qualys to deploy Qualys agents, utilise Qualys data and schedule and distribute Qualys reports. White labelling options for consultancies to manage customers with an ‘own brand’ version of CSPM. Advanced security provides secure access for external consultants. Integration for Certification Bodies with the IASME Pervade solution. International Cyber Expo 2023 Policy Monitor will be exhibiting and demonstrating the power of CSPM Version 3.4 in the IASME Pavilion on Stand Q20 at the International Cyber Expo at Olympia, London on September 26th and 27th. The event is once again co-located with the International Security Expo and will attract visitors from around the world.