Application Protection

NowSecure

Company-Directory-NowSecure.jpg
               

NowSecure is the mobile app security software company trusted by the world’s most demanding organizations. Only NowSecure delivers fully automated mobile app security testing with speed, accuracy, and efficiency for Agile and DevOps initiatives.

Through the complete approach of static, dynamic, behavioral and interactive mobile app security testing on real Android and iOS devices, NowSecure identifies the broadest array of security threats, compliance gaps, and privacy risks in custom-developed, commercial, and business-critical mobile apps.

NowSecure customers can choose automated software on-premises or in the cloud, expert professional penetration testing and managed services, or a combination of all as needed.


  Their Story Articles and Podcasts

  Latest News

  Upcoming Events



Signal Sciences

Company-Directory-SignalSciences.jpg
                   

We’re not just rethinking what’s possible with web application security—we’re revolutionizing it. At Signal Sciences, we engineer big ideas with an eye on the future, building sustainable and wide-reaching solutions that not only serve teams’ immediate needs but also instinctively evolve along with them. We believe in simple, effective actions. We value teamwork. And our web protection platform proves it.


  Podcasts on ITSP Radio

Enabling DevOps: A Security Imperative | Zane Lackey, CISO of Signal Sciences

In this episode, Chenxi - host of The New Factor - chats with Zane Lackey, CISO of Signal Sciences. Zane was the CISO of Etsy.com, and his team pioneered some of the first DevOps security deployments, many years ahead of the industry at large. Zane and Chenxi discussed how security must enable and support DevOps and how that should come about in a company. Zane talked at length about his experiences at Etsy to pioneer DevOps security when there was no prior success case to follow and how he forged his own path, and why it is a security imperative today to consider security engineering in a mindset that is API-first, code second.


Acalvio

                   

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.  The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management.

Acalvio enriches its threat intelligence by data obtained from internal and partner ecosystems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation.


  Webinars and Videos on ITSP TV


  Podcasts on ITSP Radio

Power To The People - Knowledge Is Power - A podcast with Chris Roberts and Dr. Christopher Pierson

This podcast is a post live panel conversation, following “Power To The People - Knowledge Is Power,” during Black Hat 2017 in Las Vegas.

Sean Martin and Marco Ciappelli invited Chris Roberts - Chief Security Architect at Acalvio Technologies - and Dr. Christopher Pierson - Chief Security Officer and General Counsel at Viewpost - to hang out with us and have a chat.

It is an interesting conversation. We invite you to listen to it.

 

 

Chris Roberts chats with us about cyber security VS. safety, AI, privacy and other "fun" stuff.

Chris Roberts chats with ITSPmagazine's Marco Ciappelli and Sean Martin about raising awareness and helping people use their technology more securely. We discuss perceptions and responsibility and how machine learning and artificial intelligence can help us be more secure if we surrender ourselves to it. The question is, are we already surrendering too much? We also ponder two other ideas... is the word "security" lost on society - would the word "safety" suit us better? And, last but not least, is there a big marketing value in having a certified "CyberSafe" product?

 

Prevoty

Company-Directory-Prevoty.jpg
               

Real-time visibility and protection for critical applications and data via Runtime Application Self Protection (RASP)

Prevoty is dedicated to solving the challenges of application security. Applications are the heart of business, accessing and processing sensitive data. Network security has limited purview into what happens inside an application, and sophisticated hackers bypass perimeter defenses far too easily. 

After keeping hackers at bay for years, our founders realized that true application security requires radical thinking: applications must self-defend at runtime. 

Using LANGSEC, Prevoty developed a solution that monitors and protects applications at runtime, neutralizing actual attacks and providing unprecedented visibility into your production environment. Organizations rely on Prevoty’s high-performing RASP products to reduce runtime risk and eliminate vulnerability backlogs.


  Their Story Articles and Podcasts



Experts Corner Webinar
Application Security In An Open Source World

Securing applications that rely on third-party
and open source software

Aside from the data they collect, create, and store, applications can oftentimes be an organization's greatest digital asset. Building custom applications to match the customer and market demands mapped to revenue objectives and available resources can be tremendously rewarding, but also a potentially-huge undertaking.

Ultimately, time to market is always a factor ... a requirement that almost always wins out over security. One way to tackle the time and effort to deliver more quickly is to leverage third party and open source components. But, do these elements save you in the long run - or do they introduce more risk in the form of potential vulnerabilities that are either not easily uncovered (at best) or not easily patched (if patchable at all)?

To answer these questions and more, we've pulled together a group of experts that deal with these challenges on a daily basis.


  Podcasts on ITSP Radio

Now is not the time to point fingers, says Prevoty's Kunal Anand in response to the Equifax breach

On the heals of the announcement alerting roughly half of the American population to the fact that their personal information was exposed in a breach at Equifax, Kunal Anand, CTO and co-founder of application security solution provider, Prevoty, chats with ITSPmagazine's Sean Martin to explore how this might have happened and what the scope and scale of the situation looks like.

While we know very little at this point, given the source of the breach being attributed to an application vulnerability, what can we glean from the Equifax breach? First, there are a couple significant questions that need to be answered. Such as, how can so much data be exposed in plain text? What was the trigger behind the detection? We may not know the answers to these questions for quite some time, but we should all be asking ourselves, how come application security doesn’t get the attention it deserves within an organization, especially when applications are likely the most critical asset a company has (second to the data the apps connect to)?

Regardless of the answers to these questions (and more), Kunal’s advice for both the industry and the organizations that are facing this threat themselves is to not point fingers at Equifax and to recognize that this could happen to any of us. This is not the time to dog pile on another breach story; rather it is a time to reflect and learn.


  Webinars and Videos on ITSP.TV


  Recent Contributions to ITSPmagazine


  Latest News


  Where Can You Find Prevoty?



Waratek

                   

Waratek takes application security programs beyond a WAF without using heuristics. Based on patented virtualization technology, Waratek’s application security platform produces zero false positives, requires no code changes, tuning or instrumentation, and takes minutes to install – providing instant protection from the OWASP Top Ten as well as Zero Day attacks. These are benefits that cannot be provided by current WAF or emerging technologies like RASP using instrumentation or filters.

 

  Recent Contributions to ITSPmagazine

  Podcasts on ITSP Radio

Skybox

                   

Skybox arms security leaders with a powerful set of integrated security solutions that give unprecedented visibility of the attack surface and key Indicators of Exposure (IOEs), such as exploitable attack vectors, hot spots of vulnerabilities, network security misconfigurations and risky firewall access rules. By extracting actionable intelligence from data using modeling, simulation and analytics, Skybox gives leaders the insight needed to quickly make decisions about how to best address threat exposures that put their organization at risk, increasing operational efficiency by as much as 90 percent.

 

Arxan

Arxan cover.jpg
                   

Arxan is the trusted leader of Application Attack Prevention and Self-Protection products for Internet of Things (IoT), Mobile, Gaming, Digital Media, and other embedded applications. Arxan provides the most comprehensive end-to-end enterprise solution for application protection including a robust software/cloud solution, a strong ecosystem of partners, a leading-edge research group, professional services, and a world class support organization. We help organizations protect their applications from hacker attacks by making their applications resilient to prevent hackers from tampering and also blocking attacks real time in static or run-time mode. This also helps customers get compliant with regulatory and industry standards including PCI, GLBA, HIPAA, OWASP, among others. By deterring application attacks, we protect customers from financial loss, brand damage, IP theft, stolen credentials, and fraudulent transactions, unauthorized access, non-compliance with standards, and more.

 


  Recent Contributions to ITSPmagazine