_Advanced

SecureData

Company-Directory-SecureData.jpg
                       

Established in California in 2007, SECUREDATA first started out as a worldwide leader in professional data recovery services. We pioneered many common techniques used throughout our industry, while serving thousands of clients per year and offer same day emergency turnarounds for most geographic areas in the continental United States..

In 2015 SECUREDATA has transitioned and developed multiple data security products, in order to meet the market’s demand for total data security along with providing existing data recovery services. All products and services create a one stop solution for all data recovery and data security needs. 



San-Francisco-Bridge.jpg

Spend time with SecureData At
RSA Conference 2019

San Francisco 2019 | March 4 - 8

South Expo Booth #4506

Meet with Sergey Gulyayev, Chief Operating Officer, and Michael Vanoverbeke, Product Management Director of SECUREDATA Inc., who will be talking about:

  • Why the SecureDrive® product line was developed and its competitive advantages;

  • The achievement of FIPS 140-2 Level 3 Validation for both SecureDrive® BT and SecureDrive® KP;

  • The growing popularity of SECUREDATA's portable data storage devices among journalists, producers, and business travelers, and why IT managers of companies at regulated industries (such as government, finance, legal, and healthcare) prefer SecureDrive devices with unique remote management capabilities.


  Contributions to ITSPmagazine

Coming soon…

  Latest News

  Where Can You Find SecureData?

 
 

Humio

Company-Directory-Humio.jpg
                       

Humio’s transformative site license is removing logging constraints and shifting the organizational culture to improve cybersecurity, privacy and business resilience. By removing obstacles to give customers autonomy, Humio enables users to determine their logging practices without concerns for restrictive technological, hardware or financial resources. With Humio’s instant visibility, security teams have continuous insights that enable immediate responses and actions to strengthen the performance across systems, prevent infrastructure breakdowns and protect against attacks.



  Contributions to ITSPmagazine

  Latest News

  Where Can You Find Humio?

 
 

Devo

Devo Advanced Directory.jpg
                   

Devo delivers real-time operational and business insights from analytics on streaming and historical data to operations, IT, security and business teams at the world’s largest organizations.

The Devo Data Operations platform offers the speed to deliver blazing-fast insights, the simplicity to ensure non-technical users can discover their own insights, and the scale to meet the data volume and query demands of the world’s largest organizations.

Customers in telco, financial services, manufacturing, IoT and other sectors use Devo to gain real-time operational intelligence from their streaming and historical data.



Recorded Webinar: Threat Hunting Reimagined

Threat hunting is a challenging, complex and time consuming exploratory activity. Threat hunters must explore, prioritize & investigate threats, gather data with context, connect disparate pieces of data, and conduct rapid and relevant analysis. Unfortunately today's tools get in the way and prevent the analyst from doing what they do best - hunt threats.


 

An InfoSec Life Column is Made Possible by the Generosity of Devo.

We are ever so grateful for your support!

 

  Contributions to ITSPmagazine

  Latest News

  Where Can You Find Devo?

 
 

STEALTHbits

Company-Directory-Stealthbits-Featured.jpg
                               

STEALTHbits is a leading data security software company that helps ensure the right people have the right access to the right information. We protect organizations from malicious access to their information. By defending against credential theft and abuse, and giving customers insight into the access and ownership of their unstructured data, we reduce security risk, fulfill compliance requirements and decrease operations expense.


 

An InfoSec Life Column is Made Possible by the Generosity of STEALTHbits.

We are ever so grateful for your support!

 

The 2018 Study on the State of Data Access Governance



  Webinars and Videos

 

  Podcasts on ITSPradio

  Recent Contributions to ITSPmagazine

  Their Story Articles and Podcasts

  Latest News and Updates

  Where Can You Find STEALTHbits?

 

Bugcrowd

Bugcrowd Advanced Directorty logo.jpg
                   

Bugcrowd has redefined crowdsourced security. We combine actionable, contextual intelligence with the skill and experience of the world’s most advanced hackers to help leading organizations solve security challenges, protect customers, and make the digitally connected world a safer place.

Bugcrowd. Outhack Them All.™


 

The Academy Column is Made Possible by the Generosity of Bugcrowd.

We are ever so grateful for your support!

 

NEW REPORT

Inside the Mind of a Hacker, 2019 Edition


According to a recent report, 71% of cybercriminals say they can breach the perimeter of a target within 10 hours. The only way to combat this threat is with the help of the white-hat community.

The crowdsourced security model harnesses this global white-hat community, with different experiences, perspectives and backgrounds, enabling organizations to leverage this untapped talent – something that would be nearly impossible otherwise.

The 2019 Inside the Mind of a Hacker Report highlights the makeup of the white-hat community to gain insight and understanding into who they are, what they like to do, their experiences, skill sets, as well as what motivates them.

To learn more about the bug bounty marketplace, download Bugcrowd’s 2019 #ITMOAH report here.


  Webinars With Bugcrowd

  Contributions to ITSPmagazine

  Latest News

  Where Can You Find Bugcrowd?

 
 

Nintex

Nintex-Directory-Featured.jpg
                       

Nintex is the world’s leader in intelligent process automation (IPA) with more than 7,500 enterprise clients and an extensive global partner network across 90 countries who have automated, orchestrated and optimized hundreds of manual processes. With its unmatched breadth of capability and platform support delivered by unique architectural capabilities, Nintex helps line of business owners and IT departments accelerate progress on digital transformation journeys. Nintex Workflow Cloud®, the company’s process automation platform, connects with all content repositories, systems of record, and people to consistently drive successful business outcomes.

 

Intelligent Process Automation (IPA) is the key to automating, orchestrating, and optimizing the modern workplace. Learn more at http://nintex.me/uJUXy_UQ


Nintex World Tour Houston

Join us at the Nintex World Tour in Houston to learn how to transform your business quickly and intelligently with process management, automation and optimization.

Hear how other companies are digitally transforming their business and driving innovation. Get the latest Nintex product updates and network with process and workflow experts. Choose from eight different business and technical breakout sessions. You’ll get the tools and training you need to become a workflow and process management hero.

Nintex World Tour Highlights:

· Hear from organizations about their approach to digital transformation, including specific process and workflow automation use cases

· Get Nintex product updates and info on new offerings, like Nintex Promapp and Nintex Sign powered by Adobe Sign

· Learn best practice approaches to managing change and engaging your business teams in transformation efforts

· From process mapping and workflow, process and document automation to RPA and e-signatures – you’ll learn about it all in technical breakout sessions

· Check out the solution showcase demo stations to see process management, automation and optimization solutions in action.

Registration Is Free


Total Economic Impact Study Finds Big Business Benefits with Nintex Workflow for Office 365

New study shows global enterprise organizations deliver workflows faster, save money and improve employee productivity by leveraging the Nintex Platform.

Bellevue, WASH.—December 5, 2018—Nintex, the global standard in process management and automation, today released a new Forrester Total Economic Impact™ (TEI) study to help business and IT decision makers experience the significant business benefits and cost savings provided by the Nintex Platform.

Nintex commissioned Forrester Consulting to conduct an independent study of the total economic impact of Nintex Workflow for Office 365. The research included an in-depth look at quantifiable and more subjective benefits organizations report with Nintex for Office 365 including the speed and ease to build and deploy workflows as well as organizational agility and compliance improvements.

Nintex Chief Evangelist Ryan Duguid said, “We’re focused on empowering ops, IT and business leaders to improve the way people work through process management and automation. Our technology empowers individuals and teams to solve process pain points and accelerate business outcomes quickly and easily.”


Nintex’s new State of Intelligent Process Automation Study identifies how company decision makers and line of business employees view their enterprise digital transformation progress, successes, and adoption challenges.

The study finds that majority of U.S. companies (64 percent) have followed a formal digital transformation plan for three years or less, while one-third of companies have followed a plan for one year or less. Though most companies are in the early digital transformation adoption stages, 94 percent of decision makers say their transformation efforts are successfully delivering valuable returns on their investments.

Though positive progress on digital transformation goals shows promise, the research reveals a distinct barrier to overall digital transformation success: poor top-down communication.

Learn more by reading the report.


Nintex ranks as a Leader in the inaugural Aragon Research Globe for Digital Business Platforms based on an evaluation of 27 major providers in the market. Nintex leads because of the speed, ease and power the platform provides to end users in the development and optimization of digital workflows.


  Podcasts on ITSP Radio

  Recent Contributions to ITSPmagazine

  Their Story Articles and Podcasts

  Latest News

  Where Can You Find Nintex?


BNS UEP

Company-Directory-BNS-UEP.jpg
       

BNS UEP is a Technology Research and Development organization that provides industry analyses for enhancing and optimizing the digital landscape. Discover how Building Noble Solutions with Unified Enablement Partners™ delivers actionable intelligence for shifting mindsets, changing narratives, and enhancing brands.


 

Diverse IT Column is Made Possible by the Generosity of BNS UEP.

We are ever so grateful for your support!

 

  Contributions to ITSPmagazine

  Latest News

  Where Can You Find BNS UEP?

 
 

Edgescan

Esdgescan on ITSPmagazine.jpg
                   

Fullstack Vulnerability Management to detect weaknesses across web applications and supporting hosts. Continuous Vulnerability Assessment coupled with expert human intelligence - Virtually False Positive Free.

Full Stack Security: Websites, apps (mobile/web/cloud), software, servers and networks with over 57,000 assets under vulnerability management, edgescan is a listed "notable vendor" in the Gartner’s Magic Quadrant for Managed Security Services and a “sample vendor” in the Gartner Application Security Hype cycle.


 

At The Edge Column is Made Possible by the Generosity of Edgescan.

We are ever so grateful for your support!

 

App layer is where the risk lives:

In 2018 we discovered that on average, 19% of all vulnerabilities were associated with (Layer 7) web applications, API’s, etc., and 81% were network vulnerabilities.

The Risk Density is still high and has not changed significantly from last years report.

Even though we find more vulnerabilities in the Infrastructure layer the risk is certainly living in the application layer. This is due to the “snowflake effect”; every application is unique, developed in a stand alone fashion and serves a unique purpose as opposed to infrastructure which is commoditised and much more uniform.

Change and uniqueness certainly introduces additional risk. Internal, non public application layer security is worse; 24.9% of all discovered vulnerabilities are High or Critical Risk. 

"Zeroday" Vulnerabilities are a myth for most part:

Most of the vulnerabilities discovered are from between 2011 and 2015. Believe it or not, the majority of vulnerabilities discovered out there are between four and seven years old. According the the Verizon DBiR (2018) the majority of breaches are also as a result of exploitation of old, known vulnerabilities!!


2018 VULNERABILITY STATISTICS REPORT.jpg

EDGESCAN 2018

VULNERABILITY STATISTICS REPORT

Vulnerabilities or bugs in software may enable cyber criminals to exploit both Internet facing and internal systems. Fraud, financial, data & identity theft, and denial-of-service attacks are often the result, leaving companies with serious losses or damage to their reputation.

However, some of these issues can be easily avoided or at least mitigated. This document discusses all of the vulnerabilities discovered by edgescanTM over the past year – during 2017.

The vulnerabilities discovered are a result of providing “Fullstack” continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises, From Telecoms & Media companies to Software Development, Gaming, Energy and Medical organisations.

The statistics are based on the continuous security assessment & management of thousands of systems distributed globally.

 


Eoin Keary, CEO of edgescan, tells ITSPmagazine Their Story

"Security is everybody’s problem now," says Eoin. "It is getting attention at the board level; you need to get yourself into these meetings, and you need to be prepared to present metrics."

Prefer to listen? Here’s the podcast version.


 
edgescan ulster.jpg
 

Payment Services Directive (PSD2)
Opening the doors to a secure business

Designed to improve choice for customers, create more competition and stimulate innovation, PSD2 will drive fundamental change in the way we bank. The move to the digital marketplace is no longer an aspiration, but is a necessity for financial institutions to stay relevant or competitive. As part of this evolution, new risks need to be considered in relation to regulatory compliance, privacy, liability and a new attack surface for cyber criminals. These risks are not necessarily greater but different, and need to be treated as such. Success in this new era will be dictated by banks and FinTech’s which maximise API integration with third parties in a secure manner. This paper explores some of the fundamental changes that underpin PSD2 and the security model that is changing with it.


More Videos and Webcasts With Edgescan



Robert Feeney from Edgescan shares tips w/ Sean Martin to help researchers stand out

In this new episode of An InfoSec Life, Robert Feeney, a senior security consultant at Edgescan, speaks to fellow security researchers and security consultants about what they can do to differentiate themselves from the pack; how can they excel in the industry. In addition to speaking to his peers, Robert shares a lot of solid information that should help the managers of these individuals working in the industry as well.

Of the topics presented, events and organizations were a key part of the conversation, especially given that this chat took place during OWASP AppSec USA 2017 following his presentation on successful automated application scanning techniques. Robert highlights that it is important to join groups like ISACA, ISC2, and OWASP and to also attend their events: national, regional and local events. Robert also suggests that it’s important to move beyond basic event and conference attendance and to consider speaking at these events as well.


  Recent Contributions to ITSPmagazine

  Their Story Articles and Podcasts


  Where Can You Find Edgescan?



(ISC)²

ICS2 with badge.jpg
                   

(ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 130,000 certified members strong, we empower professionals who touch every aspect of information security.


  Upcoming Events

 
 

  Upcoming Webinars

  Recorded Webinars


  Latest News

  (ISC)² Sponsors The Following SMB Webcasts



Want More CPE Opportunities?


Graziadio School of Business, Pepperdine University

Pepperdine Directory Logo Advanced.jpg
                   

To address the accelerating problem of cyber risk, an interdisciplinary team of CISOs, executives, and business thought leaders at Pepperdine Graziadio are providing a Cyber Risk Professional (CyRP) Certification.

CyRP is designed for business professionals and leaders regardless of technical background or the business verticals they work. Business leaders with this certification will be prepared to identify, evaluate, prepare for, and mitigate cyber security risk. CyRP is designed and taught by the same faculty who teach in the globally recognized Pepperdine Executive MBA program as well as CISOs from companies in Silicon Valley and professionals engaged in addressing cybersecurity across the US.

 

Protect Against the Growing Risks of Cybercrime

Become the driving force against the accelerating problem of potential cyber threats in your organization; earn the Cyber Risk Professional (CyRP) Certificate. Regardless of industry or technical background, CyRP will prepare business leaders to effectively identify, evaluate, prepare for and mitigate cybersecurity threats. The program highlights include:

  • CyRP is designed and taught by Pepperdine faculty and an interdisciplinary board of CISOs, executives and business thought leaders

  • Four comprehensive course modules

  • The certificate is equivalent to four continuing education credits


Upcoming CyRP Programs | Hybrid and Online

Hybrid Program Dates

Spring 2019
March 8-9, 2019 (Malibu)
April 19-20, 2019 (West LA)

Fall 2019
August 16-17, 2019 (Malibu)
September 20-21, 2019 (West LA)

Online Program Dates

Spring 2019
March 8 - April 20, 2019
(Online)

Fall 2019
August 23 - September 28, 2019
(Online)


A Unique Learning Experience With ITSPmagazine

CyRP is thrilled to partner with the team at ITSPmagazine to create a unique learning experience driven by the students and the ITSPmagazine expert contributor community. Some of the dedicated resources the students will find include:

  • Dedicated student, faculty, and community Q&A platform

  • CyRP-tailored experts corner articles and chronicles

  • Educational webcasts and podcasts


Expected Program Outcomes

The CyRP certification will equip you and other business leaders with the tools to be effective in the dialogue and management of cybersecurity risks. This certification will develop your understanding and expertise in:

  • The threat landscape

  • Cyber law

  • The "building to break" concept

  • Critical cyber risk frameworks

  • The risk-based approach to cybersecurity

  • Calculating the cost per breach, mitigation, and what this means for your bottom line

  • Incidence response

  • Strategic opportunities that strong cybersecurity brings

Additionally, this certification will provide you with the ability to answer the following questions:

  • How do I change my culture to embrace security?

  • What questions should I ask my board?

  • How much should I invest in security?

  • How do I speak to my executive team about cybersecurity?

  • What questions should I ask my CISO?

  • What does my board wish I would tell them about cybersecurity?


Who Should Enroll

Business leaders in any function or industry that need to be effective in the dialogue and management of cyber risk inside his or her organization should consider taking this course and earning this certification. If you are a business leader interested in positioning your company more effectively against cyber risk and even potentially lowering your cyber liability premiums, you should sign up and inquire about group rates for your departments, divisions, or colleagues.


Meet The CyRP Team

The CyRP program was designed by top professors, practitioners, leaders, and luminaries representing academia, government, and commercial organizations.


  Webcasts and Videos on ITSP TV


  Podcasts on ITSP Radio

  Latest News

  Upcoming Events


 

CyberSN

Cyber SN directory advanced.jpg

CyberSN believes everyone is a job seeker many times throughout his or her career. Therefore, CyberSN operates in the mindset that job seekers and hiring managers/organizations are both our clients and are treated equally: we value and emphasize a sincere, transparent relationship with both.

                   

CyberSN on ITSPmagazine

  Podcasts on ITSP Radio

CyberSN’s Deidre Diamond On Why She Kept the “Babe” in Her Non-Profit Organization #BrainBabe

Founder of CyberSN Deidre Diamond sat down with ITSPmagazine’s Selena Templeton at Black Hat to discuss how her staffing company is transforming the job search for cyber professionals. Tune in to hear why communication and social skills are critical to creating a productive and profitable environment, how she started and funded her own company, and how she aims to change tech conferences with her non-profit Brainbabe.org.

  Unusual Gatherings on ITSP TV

  Articles on ITSPmagazine


  Latest News

News coming soon


  Where Can You Find CyberSN?

Events coming soon


 

Onapsis

                       

Onapsis is the pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

As the proven market leader, global enterprises trust Onapsis to protect the essential information and processes that run their businesses.


  Podcasts on ITSP Radio


  Webinars and Videos on ITSP TV

  Recent Contributions to ITSPmagazine

  Latest News

  Where Can You Find Onapsis?