Resources

DoControl 2023 Predictions: The SaaS Security Market - What to Expect in 2023

DoControl Announces SaaS Security Platform Expansion with Shadow Apps Module Launch

DoControl Announces SaaS Security Platform Expansion with Shadow Apps Module Launch

Exploitation of Codespaces. Blank-image attacks. Social engineering trend. ICS vulnerabilities. Combined cyber arms

DoControl Announces SaaS Security Platform Expansion with Shadow Apps Module Launch

DoControl Announces SaaS Security Platform Expansion with Shadow Apps Module Launch

Managed Security Services Provider (MSSP) Market News: 18 January 2023 - MSSP Alert

DoControl announces SaaS Security Platform Expansion with Shadow Apps Module Launch

The Number of Cloud Apps Delivering Malware Nearly Tripled in 2022

Trends in SSE adoption. Ransomware in 2022. Cyber war crimes?

Cybersecurity startups to watch for in 2023

New Cybersecurity Technology 2022

Insider Risks Hamper the Digital Transformation Process

How Zero Trust Secures Business-Critical SaaS Application Data

7 Cybersecurity Trends for 2023 to Watch Out For

Secure Offboarding in the Spotlight as Tech Layoffs Mount

Stemming the Security Challenges Posed by SaaS Sprawl

DoControl Appoints John Chester as Vice President of Sales

Managed Security Services Provider (MSSP) Market News

Cloud security expected to drive 11.3% growth in security spending in 2023

DoControl Receives 2022 Great Place to Work Certification™

DoControl Wins 2022 Great Place to Work

DoControl announces expanded integration with Zoom

DoControl announced an expanded integration with Zoom to provide an additional layer of data access security controls to protect sensitive video, audio, and text-based files.

The Average Company with Data in the Cloud has a $28 Million Breach Risk

The average company with data in the cloud has a data-breach risk of about $28 million, according to a new study by Varonis. (U.S. Immigration and Customs Enforcement)

US-EU privacy agreement. China's favorite CVEs. Election security. Trends in social engineering. Notes on the hybrid war.

The SaaS Security Posture

DoControl Secures Enterprise Video Conferencing Data Through Zoom Integration

Enhanced visibility, access, and granular control policies provide a comprehensive solution to secure business-critical data

DoControl Secures Enterprise Video Conferencing Data Through Zoom Integration

DoControl Secures Enterprise Video Conferencing Data Through Zoom Integration

DoControl Secures Enterprise Video Conferencing Data through Zoom Integration

These 10 Startups Are The Next Big Thing in SaaS

Personal App Use on the Rise – And So Are Cloud Security Risks

Personal App Use on the Rise – And So Are Cloud Security Risks

Personal App Use on the Rise – And So Are Cloud Security Risks

DoControl Named 2022 SINET16 Innovator for Automated, No-code SaaS Data Security - CyberNews

Recognized for its Innovations that Modernize DLP and CASB to Secure SaaS Data

DoControl Named 2022 SINET16 Innovator for Automated, No-code SaaS Data Security - TMCNet

Recognized for its Innovations that Modernize DLP and CASB to Secure SaaS Data

DoControl Named 2022 SINET16 Innovator for Automated, No-code SaaS Data Security - Global Security Mag

Two-Thirds of Security Pros Says Their Cloud Apps and Infrastructures are Vulnerable

Two-thirds of CISOs say their organizations are vulnerable when it comes to cloud applications and infrastructure, such as Google Cloud, new research by Nuspire found.

DoControl: Automating SaaS Data Security Policy Enforcement

New York-based DoControl offers an automated way to monitor and remediate security vulnerabilities in major software-as-a-service applications. It provides a way to centralize enforcement of least privilege and expand zero trust principles to the SaaS data layer.

DoControl Integrates with Box to Transform SaaS Data Access Security

DoControl, the automated Software as a Service (SaaS) security company, announced an expanded integration with Box, the leading Content Cloud, that adds a foundational layer of granular controls to protect sensitive data and provide comprehensive data access security.

DoControl Integrates with Box to Transform SaaS Data Access Security

DoControl, an automated software as a service (SaaS) security company, today expands integration with Box, a content cloud, that adds a foundational layer of granular controls to protect sensitive data and provide comprehensive data access security.

Managed Security Services Provider (MSSP) Market News

Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

11 Top Cloud Security Threats

More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Pandemic 11," the top security threats organizations face when using cloud services.

DoControl: Data Loss Prevention with Granular Access Control

An Intellyx Brain Candy Brief

DoControl Launches ‘Accelerate Channel Program’ to Extend Sales Footprint of SaaS Data Access Control Solution

Program to extend partner security expertise and value for global systems integrators, national solution providers, VARs, MSPs and consulting firms

DoControl Introduces Channel Program for SaaS Data Access

DoControl, an automated software as a service (SaaS) security company, launches its Accelerate Channel Program for global systems integrators, national solutions providers, value-added resellers (VARs), cybersecurity consulting firms and managed service providers (MSPs).

20 Hottest Cybersecurity Products At RSAC 2022

Fresh off a Series B round of fundraising, DoControl offers an automated data access controls platform for software applications.

New Report Reveals APIs and Cloud Applications are CISOs’ Greatest Threat

Recently published research, The CISOs Report, Perspectives, Challenges and Plans for 2022 and Beyond, reveals that Chief Information Security Officers (CISOs) are grappling with a wide range of risks and challenges, especially linked to accelerating utilization of technologies like cloud-based applications and the use of Application Programming Interfaces (APIs).

Globee® Awards Winners Announced in The 17th Annual 2022 Information Technology World Awards®

The Globee® Awards organizer of world's premier business awards programs and business ranking lists today announced the Grand, Gold, Silver and Bronze winners in the 17th Annual 2022 IT World Awards® honoring achievements and recognitions in the information technology and cyber security industries worldwide.

Researchers spoof ‘Vanity URL’ links of Box, Google and Zoom

Researchers on Wednesday found that some applications do not validate the legitimacy of a vanity URL’s subdomain, but only validate the Universal Resource Locator (URI). As a result, threat actors can use their own SaaS accounts to generate links to malicious content that appears to be hosted by a company’s sanctioned Software-as-a-Service account.

CISOs and Cloud Security

Cloud security has been pushed into the forefront as security leaders adapt to the realities of the pandemic and the shift to hybrid work, while CISOs are simultaneously looking for ways to simplify security across their entire portfolio.

Another database compromise reported in GitHub, Heroku, OAuth tokens case

In a Thursday update to the stolen GitHub integration OAuth tokens case reported last month, Salesforce owned Heroku said the company’s investigation found that the same compromised token that was used in April’s attack was used to gain access to a database and exfiltrate the hashed and salted passwords of customer user accounts.

Check out the 25-slide pitch deck DoControl used to raise a $30 million Series B led by Shopify-backer Insight Partners to stop data leaks via workplace apps

Security startup DoControl landed $30 million in a Series B funding round.

DoControl Raises Another $30M for its No-Code SaaS Security Platform

$30 Million Series B lead by Insight Partners. Businesses are more reliant than ever on SaaS applications. According to a survey of 2000 global businesses, 56% of companies are using five or more cloud-based applications to run their operations. While integrating new applications is leading to enhanced productivity, especially in a hybrid work environment, it does create challenges from a security standpoint. Reliance on SaaS vendors creates a gap in terms of data protection for today’s cloud-centric companies and this also creates disparities across an organization’s application ecosystem and stack.

Cloud Security Startup DoControl Raises $30 Million

Cloud data security startup DoControl has closed a $30 million Series B funding round that brings the total raised by the company to $43 million.

DoControl raises $30 million in Series B

Data is a hot commodity, and this Israeli startup is bringing you a SaaS to protect it

DoControl raises $30M to automate SaaS security

DoControl, which today announced raising a $30 million series B round, said the funding will go toward accelerating the market expansion for its automated software-as-a-service (SaaS) security platform — which is already used by customers including cybersecurity firms such as CrowdStrike, Devo and Armis.

DoControl raises $30M for no-code security tools for cloud app log-ins

“Every modern company has to deal with the risk of unmanageable SaaS data access, where sensitive company, employee, and customer data are stored within popular enterprise applications. DoControl offers a rare combination of asset management, security automation, and remediation actions that eliminate the risk of exposure created by a lack of SaaS data protection capabilities,” said Stephen Ward, MD at Insight Partners, in a statement. “In my time as a CISO, I saw the importance of technology that quickly and effectively addresses these issues, and it’s why we’re proud to partner with DoControl as they continue to grow.”

SaaS security startup DoControl raises $30M to scale up innovations

The problem being tackled by DoControl is a real one. Accelerated SaaS adoption, the growing complexity of SaaS ecosystems and the lack of granular, automated access control can leave organizations exposed to unauthorized and undetected data exfiltration.

Securing the Stopgap: Controlling Access to SaaS Applications

If enterprises continue to use emergency measures as long-term solutions, they must protect their IT estate.

Top Data Loss Prevention (DLP) Trends in 2022

The DLP Market Is Ripe For Disruption. ‍For a mature market, DLP is not keeping up with the natural evolution of how sensitive data and files are being accessed, manipulated, and shared.Every flavor of an as-a-service offering has been increasingly adopted to enable businesses to become more agile. In the process, the IT estate has become more complex, and traditional DLP tools have ultimately become less effective.

CISA Issues Warning About MFA Configuration and “PrintNightmare” Vulnerabilities Being Exploited by Russian Hackers

Access controls are a critical mitigation strategy that should not be overlooked. The detection and prevention of data exfiltration would be reduced through granular access controls wrapped around business critical applications that contain sensitive data and files.

Russia-linked attackers breach NGO by exploiting MFA

Patch flaws and enforce authentication policies, CISA and FBI warn

7 Ways to Secure Collaboration Tools in Your Organization

The push to embrace Slack, Teams, and Zoom at work comes with new security risks for organizations.

Companies inexperienced with the cloud at risk for misconfigurations, API exploits

New research from Deep Instinct Monday pointed out that because many organizations have moved to the cloud rather than on-premises during the pandemic, for those not experienced working with cloud services, there’s a risk that misconfigurations or vulnerable, out-of-date components with external API access could get exploited.

What NIST SP 800-207 means for SaaS security

Today’s columnist, Corey O’Connor of DoControl says companies can modernize their security operations by combining defense-in-depth with NIST’s zero-trust principles. (Credit: NIST)

Cybersecurity is the Biggest Obstacle to Cloud Adoption

“We are seeing this in the merging of mature sectors like CASB, DLP and SSPM, with newer point solutions that provide centralization in a more lightweight offering,” he said.

Vast majority of IT leaders embrace the cloud, but 63% say cyberthreats a major obstacle

“Cloud security in this landscape is becoming more and more decentralized, and the more decentralized your cloud estate is, the more false positives you are likely to experience,” Gavish said.

Q&A With Corey O'Connor – DoControl

Zero Trust Data Access, Top Cyber Threats and more...

Ransomware-Related Data Leaks Jump 82% in 2021

Cloud-based applications will be attracting more ransomware attacks soon, contended Adam Gavish, co-founder and CEO of DoControl, a provider of data access monitoring, orchestration, and remediation across SaaS applications in New York City.

Microsoft adds ‘critical’ feature for GitHub security

Update on the ICRC breach. Privacy and security as mutually reinforcing.

For organizations adopting the zero-trust security model, extending least privilege to the identity, device, and network levels has become a great way to mitigate the risk of data leakage and noncompliance.

7 Privacy Tips for Security Pros

How best to integrate privacy into your organization's security program.

Data Privacy Week: Raising Awareness and Encouraging Compliance

Organizations need to have the right people, process, and technology in place to stay one step ahead and establish a strong data privacy program that effectively mitigates the risk of non-compliance and a data breach.‍

DoControl announces no-code security workflows for SaaS applications

The automated SaaS security company DoControl announced no-code security workflows that brings Zero Trust into the SaaS data layer.

Data Privacy: Experts Share How Far We’ve Come and How Far We Have to Go

Corey O'Connor, Director of Product Marketing at DoControl, said that Data privacy has been top of mind for both individuals and organizations alike.

Malicious hybrid cloud campaign uses 0Auth apps to target C-level executives

Researchers reported a new hybrid cloud campaign — dubbed OiVaVoii — that uses hijacked Office 365 users and a sophisticated combination of malicious OAuth apps and targeted phishing threats to attack many C-level executives, including CEOs, general managers, former board members and the presidents of companies.

Data Privacy Day 2022: Views and Tips from Top Industry Experts

Tips from Industry Experts

Data Privacy: What Technologists Should Know in 2022

"There’s a need to go deeper down the stack and introduce granular data access controls across the SaaS application data layer.”

Russia’s REvil Takedown Sets Stage for Several Scenarios

Traditional ransomware techniques did not need to be advanced to be effective, according to Adam Gavish, co-founder and CEO at DoControl. It is a simple rinse and repeat process.

Top Cybersecurity Startups to Watch in 2022

This article looks at the top 40 cybersecurity startups to watch in 2022 based on their innovations in new and emerging technologies, length of operation, early funding rounds, scalability, and more. Jump to our section on investor considerations and cybersecurity startup trends for more information. We’ll start with the top 10 overall and then look at other noteworthy startups in a number of markets.

‘Massive Wave’ of Hackers Exploiting Comments in Google Docs

Indeed, “attackers abusing the Google Docs comment section for the sake of spreading malware and malicious links is another legitimate reason for security teams to extend their zero-trust architecture beyond the identity and network levels,” said Adam Gavish, co-founder and CEO at DoControl.

Google Doc ‘comments’ used to launch phishing attacks, send malicious content

“Applying the zero trust model on the data layer can help achieve a least privilege model and significantly reduce the scope for attackers to exploit loopholes such as the one with the Google Docs comments section,” Gavish said.

Predictions For 2022 By Cybersecurity Vendors

The insider menace will dominate 2022 as workers take not solely their crops with them as they go away their jobs, stated Adam Gavish, co-founder and CEO at DoControl.

The 10 Hottest Cybersecurity Startups Of 2021

CRN Hottest Cybersecurity List

Modern SaaS Data Protection Requires Greater Granularity

Different Departments Pose Different Organizational Risk

CRN® Recognizes DoControl on the 2021 Emerging Vendors List

CRN® has named DoControl to its 2021 Emerging Vendors list in the Security category. This annual list honors new and up-and-coming technology vendors that have proven their commitment to innovation and growth within the larger IT channel.

Business Enablement Vs. Data Access Security: It’s No Longer Either/Or

Different Organizations, Different KPIs, Different Risks

A startup set up during corona has already raised capital twice (Hebrew)

Geektime

DoControl Raises $10M As SaaS Application Use Grows

Crunchbase

SaaS Safety Startup DoControl Raises $ 10 Million From VCs, CrowdStrike

Super Social

DoControl launches with $13.35 million in funding to automate SaaS data access

CTECH

DoControl Launches with $13.35M in Funding to Automate SaaS Data Access Controls

Martech Series

Data monitoring company DoControl raises $10 million

New York Business Journal

Data access management startup DoControl emerges from stealth with $13.35M

Venture Beat

DoControl Launches with $13.35M in Funding to Automate SaaS Data Access Controls

WFMZ

SaaS Security Startup DoControl Raises $10M From VCs, CrowdStrike SaaS security startup DoControl raises $10M from RTP, Cardumen, CrowdStrike & StageOne.

MSSP ALERTS

DoControl secures $30 million Series B for data security platform

DoControl secures $30 million Series B for data security platform The Israeli startup’s SaaS data access control solution effectively eliminates the enterprise threats created by departing employees, third-party vendors, and cross-team collaboration