DoControl, an automated software as a service (SaaS) security company, launches its Accelerate Channel Program for global systems integrators, national solutions providers, value-added resellers (VARs), cybersecurity consulting firms and managed service providers (MSPs).
Recently published research, The CISOs Report, Perspectives, Challenges and Plans for 2022 and Beyond, reveals that Chief Information Security Officers (CISOs) are grappling with a wide range of risks and challenges, especially linked to accelerating utilization of technologies like cloud-based applications and the use of Application Programming Interfaces (APIs).
The Globee® Awards organizer of world's premier business awards programs and business ranking lists today announced the Grand, Gold, Silver and Bronze winners in the 17th Annual 2022 IT World Awards® honoring achievements and recognitions in the information technology and cyber security industries worldwide.
Researchers on Wednesday found that some applications do not validate the legitimacy of a vanity URL’s subdomain, but only validate the Universal Resource Locator (URI). As a result, threat actors can use their own SaaS accounts to generate links to malicious content that appears to be hosted by a company’s sanctioned Software-as-a-Service account.
In a Thursday update to the stolen GitHub integration OAuth tokens case reported last month, Salesforce owned Heroku said the company’s investigation found that the same compromised token that was used in April’s attack was used to gain access to a database and exfiltrate the hashed and salted passwords of customer user accounts.
$30 Million Series B lead by Insight Partners. Businesses are more reliant than ever on SaaS applications. According to a survey of 2000 global businesses, 56% of companies are using five or more cloud-based applications to run their operations. While integrating new applications is leading to enhanced productivity, especially in a hybrid work environment, it does create challenges from a security standpoint. Reliance on SaaS vendors creates a gap in terms of data protection for today’s cloud-centric companies and this also creates disparities across an organization’s application ecosystem and stack.
“Every modern company has to deal with the risk of unmanageable SaaS data access, where sensitive company, employee, and customer data are stored within popular enterprise applications. DoControl offers a rare combination of asset management, security automation, and remediation actions that eliminate the risk of exposure created by a lack of SaaS data protection capabilities,” said Stephen Ward, MD at Insight Partners, in a statement. “In my time as a CISO, I saw the importance of technology that quickly and effectively addresses these issues, and it’s why we’re proud to partner with DoControl as they continue to grow.”
DoControl, which today announced raising a $30 million series B round, said the funding will go toward accelerating the market expansion for its automated software-as-a-service (SaaS) security platform — which is already used by customers including cybersecurity firms such as CrowdStrike, Devo and Armis.
The problem being tackled by DoControl is a real one. Accelerated SaaS adoption, the growing complexity of SaaS ecosystems and the lack of granular, automated access control can leave organizations exposed to unauthorized and undetected data exfiltration.
The DLP Market Is Ripe For Disruption. For a mature market, DLP is not keeping up with the natural evolution of how sensitive data and files are being accessed, manipulated, and shared.Every flavor of an as-a-service offering has been increasingly adopted to enable businesses to become more agile. In the process, the IT estate has become more complex, and traditional DLP tools have ultimately become less effective.
Access controls are a critical mitigation strategy that should not be overlooked. The detection and prevention of data exfiltration would be reduced through granular access controls wrapped around business critical applications that contain sensitive data and files.
New research from Deep Instinct Monday pointed out that because many organizations have moved to the cloud rather than on-premises during the pandemic, for those not experienced working with cloud services, there’s a risk that misconfigurations or vulnerable, out-of-date components with external API access could get exploited.
“Cloud security in this landscape is becoming more and more decentralized, and the more decentralized your cloud estate is, the more false positives you are likely to experience,” Gavish said.
Cloud-based applications will be attracting more ransomware attacks soon, contended Adam Gavish, co-founder and CEO of DoControl, a provider of data access monitoring, orchestration, and remediation across SaaS applications in New York City.
Organizations need to have the right people, process, and technology in place to stay one step ahead and establish a strong data privacy program that effectively mitigates the risk of non-compliance and a data breach.
Researchers reported a new hybrid cloud campaign — dubbed OiVaVoii — that uses hijacked Office 365 users and a sophisticated combination of malicious OAuth apps and targeted phishing threats to attack many C-level executives, including CEOs, general managers, former board members and the presidents of companies.
This article looks at the top 40 cybersecurity startups to watch in 2022 based on their innovations in new and emerging technologies, length of operation, early funding rounds, scalability, and more. Jump to our section on investor considerations and cybersecurity startup trends for more information. We’ll start with the top 10 overall and then look at other noteworthy startups in a number of markets.
Indeed, “attackers abusing the Google Docs comment section for the sake of spreading malware and malicious links is another legitimate reason for security teams to extend their zero-trust architecture beyond the identity and network levels,” said Adam Gavish, co-founder and CEO at DoControl.
“Applying the zero trust model on the data layer can help achieve a least privilege model and significantly reduce the scope for attackers to exploit loopholes such as the one with the Google Docs comments section,” Gavish said.
CRN® has named DoControl to its 2021 Emerging Vendors list in the Security category. This annual list honors new and up-and-coming technology vendors that have proven their commitment to innovation and growth within the larger IT channel.
DoControl secures $30 million Series B for data security platform The Israeli startup’s SaaS data access control solution effectively eliminates the enterprise threats created by departing employees, third-party vendors, and cross-team collaboration