Archive for July 19, 2023

Laminar Adds Microsoft SharePoint, Google BigQuery Support

Posted in Commentary with tags on July 19, 2023 by itnerd

Laminar, the leading agile data security platform provider, today announced it has added Microsoft SharePoint Online and Google BigQuery to its existing support for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Snowflake. The additions make the Laminar Data Security Platform the first and only cloud-native data security solution to support all major cloud service providers (CSPs), leading data warehouses, and common software-as-a-service (SaaS) applications used by today’s top enterprises.

The cloud’s limitless potential is rooted in the data that an organization has, and what they do with it. To power innovation, 94% of enterprises use cloud services and applications. Microsoft SharePoint is the third most popular enterprise application, with 65% of its users adopting the cloud version, SharePoint Online. Employees routinely collaborate on shared content, and developers work with it as well to automate business processes, track progress, and share information across departments or with partners.

Similarly, Google BigQuery is one of the top three data warehouse solutions. It is a powerful analytics platform that excels at processing and analyzing massive volumes of data quickly and efficiently. With its scalable architecture and advanced querying capabilities, BigQuery enables organizations to gain valuable insights from their data in real time, empowering data-driven decision-making and accelerating business growth.

Both solutions enable developers, data scientists, and other innovators to be creative and extract the maximum value from their operational data. For instance, business intelligence staff may use these tools to analyze customer purchase patterns or sales trends, while data scientists may look out for hidden associations within the data to inform new strategies. Unfortunately, these same activities also open organizations up to significant risk by generating unknown or “shadow” data — a top concern for 93% of data security and governance professionals.

Data security needs to be agnostic to the infrastructure in which data resides. Security posture must also travel with the data, as it moves through the cloud and the related data warehouses and applications. By adding support for Microsoft SharePoint Online and Google BigQuery, customers using the Laminar Data Security Platform can now discover, classify, and secure data in even more environments. Thus, data security and governance teams can see and secure their organizations’ data consistently across the entire digital landscape.

The news continues Laminar’s ongoing product innovation, following the announcement of support for GCP and Snowflake, as well as data detection and response (DDR) and data access governance (DAG) capabilities.

To learn more about the Laminar Data Security Platform, visit https://laminarsecurity.com.

Leave a comment »

Bell Pure Fibre Ranked As Canada’s Fastest Internet By Ookla 

Posted in Commentary with tags on July 19, 2023 by itnerd

Bell announced its pure fibre Internet has been awarded fastest in Canada in Ookla’s Q1-Q2 Speedtest Awards report, the biannual analysis of wireline and wireless performance across the country. The report also ranks Bell pure fibre Wi-Fi as fastest in the country. With the addition of previous recognition won by Bell such as PCMag Best Major ISP for Gaming and BrandSpark’s Most Trusted ISP, Bell becomes Canada’s most awarded Internet service provider.

Based on Speedtest results independently collected and analyzed by Ookla, the Q1-Q2 Speedtest Awards recognizes the best speed and coverage of Canada’s major providers.

Many households today have multiple devices connected simultaneously throughout the home, with phones, laptops, smart TVs, security cameras, thermostats and smart appliances all connecting to Wi-Fi. Bell is enhancing the at-home experience, offering increasingly faster speeds to customers with products such as Giga Hub with Wi-Fi 6E compatibility and gigabit plus speeds, Wi-Fi pods to extend the connectivity in specific areas of the home and more. Bell customers can easily access the fastest Internet across the country allowing them to work, learn, video chat, stream and game online on any or all of their household devices simultaneously.

Quick facts:

  • Bell pure fibre won Canada’s fastest Internet in the Ookla Q1-Q2 2023 Speedtest Awards
  • Bell pure fibre ranked as Canada’s fastest Wi-Fi verified by Ookla for Q1-Q2 2023
  • Bell is Canada’s most awarded Internet service provider

Leave a comment »

FIFA Women’s World Cup Partnership To Support Canadian Indigenous Women Entrepreneurs 

Posted in Commentary with tags on July 19, 2023 by itnerd

As an Exclusive Payment Services Partner of the FIFA Women’s World Cup 2023™, for the first-time Visa is extending its Visa Player of the Match athlete award to support women-owned small businesses with $500,000 in total grant funding across the 64 matches and potentially 32 qualifying countries. 

Visa Canada announced today that it has selected the Canadian Council of Aboriginal Business (CCAB) as the recipient of its Visa Player of the Match small business grant program. 

When a member of Canada’s National Women’s Team is awarded the Visa Player of the Match trophy throughout the tournament, funds will be granted to CCAB to support Indigenous women entrepreneurs. To kickstart the initiative, Visa Canada will provide an initial contribution of $25K CAD to support Indigenous women-owned businesses.

How it Works

The Visa Player of the Match trophy is awarded at each of the 64 matches to the player whom fans vote to be the most outstanding of the match. At FIFA Women’s World Cup 2023™, audiences watching at home can celebrate the women on the pitch and for the first time, help elevate women in business at the same time. Building up to the final match, Visa will award 64 grants to the identified grant recipient from the same country as the national team represented by the winning footballer.

The funding for Visa Player of the Match ranges in value from $5,000 for the 48 first round matches up to $50,000 for the final. Through the duration of the tournament, this program will see Visa invest a total of $500,000 in grant funding to support women-owned small businesses, globally. 

Supporting Women in Sports and Business

Initiatives like the Visa Player of the Match small business grants and the Visa Canada Small Business Hub, which has resources and solutions to support small businesses, are part of the Visa commitment to supporting small businesses.

In sport, Visa is committed to empowering women across its organization and through its brand support. For more than 15 years, Visa’s investment in women’s football has advocated for equity, inclusion, and creating meaningful connections with athletes, fans, and communities around the world.

Visa is the first worldwide FIFA Women’s Football Partner, the first standalone sponsor of UEFA Women’s Football, and sponsor of national teams including Canada Soccer, the U.S. Soccer Federation and Mexico Soccer Federation.

Visa also supports 34 women football players through its Team Visa program. This new group of Team Visa athletes – from 27 markets – represents the largest number of women footballers in Team Visa’s history and includes Canadian team captain Christine Sinclair, as well as Ashley Lawrence. The program extends Visa’s commitment to connecting the world through sport and championing women athletes at a time when women’s football continues to reach new heights.

To learn more about Visa’s support of athletes and plans surrounding FIFA Women’s World Cup Australia & New Zealand 2023™ visit here.  

Leave a comment »

PingSafe Exits Stealth With $3.3 Million USD In Seed Funding

Posted in Commentary with tags on July 19, 2023 by itnerd

PingSafe, the only CNAPP platform powered by attacker intelligence, today announced its emergence from stealth mode with $3.3M in seed funding. The funding round was led by Sequoia Capital India & Southeast Asia’s (now known as Peak XV Partners) Surge with participation from prominent angel investors, including Rahul Chari (Co-Founder & CTO, PhonePe), Neeraj Arora (ex-CBO, WhatsApp), Saurya Prakash (Co-Founder, Recko), Vivek Ramachandran (Founder, SquareX) and Gaurav Agarwal (Co-Founder & CTO, Tata 1mg) and Tanglin Ventures. 

Founded by one of the top-ranked white hat hackers in the world, Anand Prakash, who has found vulnerabilities across companies like UberMeta, and Twitter, and Nishant Mittal, PingSafe envisions being a one-stop shop for all cloud security-related organizational needs.  Along with the PingSafe team of cybersecurity researchers and industry executives, PingSafe aspires to be companies’ go-to security thought partner as they modernize their cloud security posture. PingSafe serves customers across multiple geographies and verticals, including notable names like Flipkart, Razorpay, Near Intelligence Inc. (NASDAQ: NIR), Skyflow, Belvilla, Recko (a Stripe Company), and others. 

PingSafe has seen tremendous traction, growing ten times in revenue since last year. It has also quadrupled its customer base, replacing existing security industry incumbents while showcasing its ability to retain and increase revenue from existing customers. PingSafe is the highest-rated CNAPP according to peer-to-peer review site G2 and is part of AWS’s prestigious ISV Accelerate Program. In addition to advancing PingSafe’s unique approach to cloud security and product innovation, the funds will accelerate the go-to-market efforts specifically for the US market.

According to Markets and Markets, the CNAPP market size was estimated to be ~$8B in 2022 and is growing at a CAGR of 20%. Although security expenditure has increased to prevent misconfigurations within organizations, cyberattacks have become increasingly frequent and sophisticated, with attackers utilizing multiple individual vulnerabilities to compromise systems. This highlights a clear need for a platform that not only combines multiple capabilities like CSPM and CWPP in a single solution but also imitates novel attacks on an organization’s cloud infrastructure to highlight the most severe issues for the security team to address first.

PingSafe aims to be the cloud security platform that bridges this gap between attackers’ modus operandi and security solutions currently on the market. By aggregating intelligence via Cloud APIs and logs, PingSafe utilizes its graph database to generate a normalized architecture of the cloud real estate of a client. Utilizing its Offensive Security Engine, PingSafe then detects toxic and exploitable vulnerabilities, allowing security teams to make efficient decisions without relying on human verification of alerts. Furthermore, given that every company has a unique approach towards software development lifecycle, security, and investigation, PingSafe has a no-code policy builder that allows users to define custom policies better suited for their environments, giving complete cloud security coverage across any combination of cloud services and technology stacks.

Leave a comment »

The White House Launches U.S. Cyber Trust Mark IoT Security Labeling Program 

Posted in Commentary with tags on July 19, 2023 by itnerd

The White House has announced U.S. Cyber Trust Mark, an Internet of Things (IoT) cybersecurity labeling program intended to provide consumers with measure of confidence when buying IOT devices. The FCC expects to roll out the program sometime in 2024.

The release said the initiative would “raise the bar for cybersecurity across common devices, including smart refrigerators, smart microwaves, smart televisions, smart climate control systems, smart fitness trackers, and more.” The U.S. Cyber Trust Mark will appear as a distinct shield logo on devices that meet specific cybersecurity criteria established by the National Institute of Standards and Technology (NIST). The NIST criteria will provide an extensive list of security criteria categories of protection and functionality that devices must meet to carry the Cyber Trust Mark, including requiring strong password, protecting stored data, allowing user configuration and offering regular security updates, to mention just a few requirements. The full list of standards is still being determined.

NIST will be prioritize high security risk devices such as home routers that are often abused by attackers to steal PII and construct botnets for launching DDoS attacks. These standards are expected to be completed in 2023.The FCC will also be providing a QR code that will link to a national registry of certified devices to provide security information for registered products.

I have two comments on this. The first is from George McGregor, VP, Approov:

 “This is a good initiative. Although the NIST guidelines make it clear that the IOT “product” must include all elements of the solution it would be good to see more specific security guidelines on the mobile apps which will almost always be part of an IOT solution. This is because mobile apps present specific security challenges which must be addressed in order to protect data and protect the device.”

The second comment is from David Mitchell, Chief Technical Officer, HYAS:

“The U.S. Cyber Trust Mark is a big step forward to deal with the ever-expanding market of sub-par IoT devices proliferating into our homes & businesses. It will be interesting to see how the vendors react and when and to what extent the EU and other allies participate. While there is no current language around retroactively certifying the millions of later model devices already in service, it is a key piece that needs to be understood.    

“Due to the additional workload required by the vendors to meet these criteria, it would not be surprising if there were cost increases for these devices — and hopefully not such a significant cost that consumers will decide to choose the non-certified devices.”

As always the Devil is in the detail. So I personally will wait until I see further detail on this before passing a final judgement. But this is a good move in my opinion. And I hope it forces companies to focus on making secure IoT products for consumers.

UPDATE: Allen Drennan, Co-Founder & Principal, Cordoniq adds this comment.

Many IoT devices were built using insecure protocols, and if they did implement transport layer security, these utilize outdated ciphers and hashes, or open source TLS modules that are also outdated and subject to hacking.  Ideally, as part of the cybersecurity initiatives it will be important to not only make sure all devices implement up to date TLS standards for communications, but are also required to frequently update their internal security stacks as new threats are discovered and need to be addressed. 

Another important aspect is the reliance on the UDP protocol for many IoT devices like thermostats, baby monitors, wireless cameras and more with most vendors not implementing current accepted security protocols such as DTLS for connectionless communications.  This area is seldomly addressed with most consumer products used today.

Leave a comment »

Reddit Has A New Ugly Icon… If You Don’t Like It You Need To Pay Them To Change It… WTF?

Posted in Commentary on July 19, 2023 by itnerd

I am not sure what Reddit CEO Steve Huffman and company are smoking over at Reddit. But whatever it is, it clearly is affecting their judgement. Let me illustrate this by showing you the Reddit icon that showed up on my iPhone a day or so ago:

This does not appeal to me in any way shape or form. What makes it works is if you go into the settings for the Reddit app and choose “Change app icon”:

You’ll notice that the majority of icon options have locks. That’s because Reddit wants you to get a premium subscription to change the icon for the Reddit app. I am 100% certain that nobody will pay Reddit $79.99 a year of $8.99 on iPhone to change the app icon. That’s just simply ludicrous. And it also has a Elon Musk feel of desperation. Because if you’re charging people to change the icon of an app, you really have lost the plot as I don’t know a single person on this planet who would do that.

Leave a comment »