Welcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspectives from CEOs, CISOs and government officials on the latest trends in cybersecurity and AI.
Aqua Security carried out its second round of layoffs since 2022 as the future prospects for stand-alone cloud security vendors look increasingly uncertain. Aqua said axing 10% of its workforce will ensure Aqua continues on a path to profitability that's aligned with current economic conditions.
Despite all the platformization buzz, there are very few vendors with market-leading capabilities in at least three disparate security technology categories. That could change if Google forges buys cloud security firm Wiz for a reported $23 billion just two years after buying Mandiant.
In this episode of the "Cybersecurity Insights" podcast, Uptycs CEO Ganesh Pai discusses unifying XDR and CNAPP to improve visibility and explains the coming shift from behavioral detection to outlier or anomaly detection, which uses sophisticated ML and AI.
Wiz is in advanced negotiations to buy Lacework for between $150 million and $200 million. The companies recently signed a letter of intent and are now in the midst of a comprehensive due diligence process, after which a decision will be made on whether the acquisition will go through.
CEO George Kurtz said Palo Alto Networks' strategy of offering free products won't neutralize CrowdStrike's advantage around total cost of ownership. Customers are smart enough to recognize the difference between the price of a product and the total lifetime cost of operating inferior technology.
CrowdStrike plans to purchase a data security posture management startup led by an Israeli Defense Forces team leader to safeguard information across endpoints and clouds. The proposed Flow Security deal will give CrowdStrike visibility into cloud data flows and how data interacts with applications.
Cybersecurity firm SentinelOne is set to acquire PingSafe for an undisclosed sum of cash and stock. The move will integrate PingSafe's cloud-native application protection platform into SentinelOne's Singularity Platform, creating a unified and advanced cloud security solution.
Palo Alto will spent nearly $670 million buying Talon and Dig to broaden its cloud security portfolio and protect unmanaged devices without affecting usability. Purchasing Tel Aviv, Israel-based Talon Cyber Security for $435 million will help safeguard the 36% of the workforce that's independent.
Cisco has released urgent fixes to a critical vulnerability affecting an emergency communication system used to track callers' location in real time. A developer inadvertently hard-coded credentials in Cisco Emergency Responder software, opening a permanent backdoor for unauthenticated attackers.
CrowdStrike will buy an application security firm founded by two Israel Defense Forces veterans to deliver risk visibility and protection across the cloud. The deal will provide visibility into application behavior and vulnerability prioritization for server-based and serverless infrastructure.
Tenable will purchase a cloud security startup founded by the longtime leader of Secdo to help security teams make efficient and accurate remediation decisions. The proposed buy of Ermetic will make it easier for security professionals of all cloud expertise levels to spot and quickly address risks.
GrammaTech has separated its security software products and cyber research services divisions, and venture capital firm Battery Ventures has acquired the former and renamed it CodeSecure. The Washington, D.C.-area application security testing software business will pursue M&A in adjacent markets.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
Large enterprises may have hundreds or thousands of APIs. Concerns over API vulnerabilities have been around for years, but most organizations outside of highly regulated industries such as banking have not taken the steps to understand the threats they face, said Richard Bird, CSO at Traceable.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.