Cyborg Security launches HUNTR platform to help orgs tackle cyber threats
Cyborg Security’s HUNTR platform provides advanced and contextualized threat hunting and detection packages containing behaviorally based threat hunting content, threat emulation, and detailed runbooks, supplying organizations what they need to evolve their security analysts into skilled hunters.
Cloudflare One: A cloud-based network-as-a-service solution for the remote workforce
As more businesses rely on the internet to operate, Cloudflare One protects and accelerates the performance of devices, applications, and entire networks to keep workforces secure. Now businesses can protect their workforce in a flexible and scalable way, without compromising security as distributed teams work from multiple devices and personal networks.
Booz Allen Hamilton unveils SnapAttack, bringing together red and blue security teams
By unifying the security lifecycle into a single solution, SnapAttack enables red and blue teams to work together, emulating attacks from intelligence data, sharing insights of malicious behavior, and developing vendor-agnostic behavioral detection analytics to stop advanced adversaries.
BAE Systems unveils cyber-threat detection and mitigation solution for U.S. military platforms
The Fox Shield suite is designed to help platforms detect, respond, and recover from cyber attacks in real time. The system’s cyber resilience capabilities can be integrated into ground, air, and space vehicles to protect our warfighters and platforms from cyber attacks designed to access and degrade mission capabilities.
Shujinko AuditX: Simplifying, automating and modernizing audit preparation and compliance
AuditX automates evidence collection, maps evidence across multiple controls and across different standards, streamlines audit workflow and clarifies communication across teams and with auditors. AuditX organizes evidence in a centralized library for final readiness review and provides a 360-degree dashboard to make the entire process highly visible and predictable.
Masergy extends the value of Masergy SD-WAN Secure to home and mobile users
Masergy’s Work From Anywhere solutions include SD-WAN Secure Home for executives and power users requiring unwavering reliability from their home office connections and SD-WAN On the Go for mobile users needing secure access to corporate and cloud applications.
C2A Security launches AutoSec, an automotive cybersecurity lifecycle management platform
C2A Security announced the launch of its flagship cybersecurity product, AutoSec, a cybersecurity lifecycle management platform. AutoSec meets the rapidly-evolving challenges of vehicle cybersecurity with an open platform that empowers industry stakeholders to identify and mitigate cyber attacks.
Cloudflare released Cloudflare One, a comprehensive, cloud-based network-as-a-service solution for your workforce. As more businesses rely on the internet to operate, Cloudflare One protects and accelerates the performance of devices, applications, and entire networks to keep workforces secure.
Now businesses can protect their workforce in a flexible and scalable way, without compromising security as distributed teams work from multiple devices and personal networks.
“After decades of building legacy corporate networks, organizations are left with clunky systems designed to protect their now empty offices. The only way to secure today’s work-from-anywhere economy is to secure each individual employee, protecting their individual networks, devices, and access to business-critical applications,” said Matthew Prince, CEO of Cloudflare.
“With Cloudflare One, we’re giving organizations of any size the power to solve their security and networking needs seamlessly, no matter how their business needs shift.”
Companies have traditionally used a castle-and-moat approach to security, creating a barrier between the enterprise network and external threats. Now that applications have moved to the cloud, and more employees have moved outside of the office, that model is broken.
Employees are frustrated with the speed and experience of VPNs, and organizations want an alternative to the expensive patchwork of legacy solutions required to secure and connect corporate offices to each other and the internet.
Today’s new landscape requires a zero trust approach, where organizations do not automatically trust any requests to corporate data or resources, and instead, verify every attempt to connect to corporate systems before allowing them access.
With the rapid shift to remote work caused by the pandemic, businesses of all sizes are looking to adopt a zero trust architecture. According to an October 2020 commissioned study conducted by Forrester Consulting:
- 76% of businesses today say their organization’s security approach is “antiquated” and that they need to shift to a zero trust framework.
- 82% of all organizations have already committed to migrating to a zero trust security architecture.
- 80% of security leaders said that their organizations accelerated cloud transformation efforts in 2020, but they were unprepared to manage such an overhaul.
Cloudflare secures and accelerates more than 25 million internet properties using a global network that covers 200+ cities in more than 100 countries.
Cloudflare One uses that same network scale to give businesses multiple on-ramps to the public internet from offices, to data centers, to employees in-the-field, and connects traffic to Cloudflare’s comprehensive zero trust solution.
This unified solution enables fast and safe connections to workplace applications, allows teams to use an app without exposing it to the public internet, makes personal devices safe for business use, and works in any environment with any cloud provider.
Cloudflare One provides a unified set of tools for a zero trust solution, giving organizations a one-stop-shop to do things like:
- Secure every connection: Remote employees can get the same protection they’d expect from a corporate firewall no matter where they are working from. With Cloudflare One, Cloudflare Access checks for identity across every workload and Cloudflare Gateway keeps users, devices, and data safe on the internet.
- Protect against zero-day attacks: Today’s browsers are inherently vulnerable to zero-day attacks and other malicious threats on the internet. Cloudflare’s remote browser isolation technology creates a gap between a user’s browser and endpoint, protecting devices and networks from exploits and attacks.
- Integrate with the security solutions you’re using: Cloudflare seamlessly connects with leading identity platforms like Okta, Onelogin, and Ping Identity, and endpoint protection platforms like CrowdStrike, VMware Carbon Black, Tanium, and SentinelOne to verify identity and assess device health before granting access to applications.
- Monitor and manage your network with a single pane of glass: With Cloudflare’s firewall features, businesses get a comprehensive view of all data flows globally. Now businesses have a bird’s eye view of what’s happening on their data centers, branch offices, clouds, and endpoints and then use that intelligence to mitigate intrusions and threats quickly across the entire network.
According to Chase Cunningham, VP, Principal Analyst Serving Security & Risk Professionals at Forrester, in the report “The Forrester Wave: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020,” “As legacy technology becomes outdated and less effective, improved technical capabilities powering the future of work will dictate which providers will lead the pack.
“Vendors that can provide a secure remote workforce, zero trust mission completion, and easy-to-use technology position themselves to successfully deliver true zero trust to their customers.”
“JetBlue Travel Products needed a way to give crew-members secure and simple access to internally-managed benefit apps,” said Vitaliy Faida, General Manager, Data/DevSecOps at JetBlue Travel Products. “Cloudflare gave us all that and more — a much more efficient way to connect business partners and crew-members to critical internal tools.”
“OneTrust relies on Cloudflare to maintain our network perimeter, so we can focus on delivering technology that helps our customers be more trusted,” said Blake Brannon, CTO of OneTrust.
“With Cloudflare, we can easily build context-aware zero trust policies for secure access to our developer tools. Employees can connect to the tools they need so simply teams don’t even know Cloudflare is powering the backend. It just works.”
Cloudflare partners with Internet Archive to make sites available when their origin servers are down
By partnering with the Internet Archive, Cloudflare is strengthening its Always Online solution that makes sites available when their origin servers are down and keeps the Internet functioning for users globally.
Launched in 2010, Always Online is like insurance for websites. It caches a static version of websites, so, if for any reason, your web host or service provider goes down, it will kick in to keep your site online. Without it, a website risks reputation damage, a decreased user experience and even a drop in search ranking if the website’s origin goes offline, experiences a timeout, or otherwise breaks.
Now, Cloudflare’s Always Online service will fetch the most recently archived version of a site from the Internet Archive, an additional safeguard, if one cannot be found in the local cache. To do this, the Internet Archive uses the same crawling infrastructure that has allowed its Wayback Machine to archive over 465 billion web pages to date.
“The Internet Archive’s Wayback Machine has an impressive infrastructure that can archive the web at scale,” said Matthew Prince, co-founder and CEO of Cloudflare. “By working together, we can take another step toward making the Internet more resilient by stopping server issues for our customers and in turn from interrupting businesses and users online.”
The Internet Archive’s Wayback Machine has been archiving the public web since 1996 and to date, has preserved and made available more than 468 billion web pages and more than 45 petabytes of information.
Cloudflare customers can easily upgrade to the new Always Online service with one click in the Cloudflare dashboard. This will allow the Wayback Machine to crawl and archive its website at regular intervals.
“Through our partnership with Cloudflare, we are learning about, and archiving, web pages we might not have otherwise known about, and by integrating with Cloudflare’s Always Online service, archives of those pages are available to people trying to access them if they become unavailable via the live web,” said Mark Graham, Director of the Wayback Machine at the Internet Archive.
Cloudflare announced the release of Cloudflare Workers Unbound, offering a serverless platform for developers with unparalleled flexibility, performance, security, ease of use, and pricing.
It allows developers to run complicated computing workloads across the Cloudflare network and pay only for what they use. In addition to being more flexible, Cloudflare Workers Unbound can save users up to 75 percent for the same workloads running on legacy, centralized serverless platforms such as AWS Lambda.
“Cloudflare Workers Unbound is the most compelling serverless platform available,” said Matthew Prince, co-founder and CEO of Cloudflare. “I challenged our team to build a platform that didn’t just compete with niche edge computing solutions, but would provide developers the fastest, most secure, most flexible, and most cost-effective general-purpose serverless offering — period. I’m incredibly proud of Cloudflare Workers Unbound and can’t wait to see what developers will build with it.”
The Cloudflare Workers edge computing platform has been available to developers since September 2017. Last quarter, more than 20,000 developers created new applications running on Cloudflare Workers. Today, more than 10 percent of traffic through Cloudflare’s global network is powered by Cloudflare Workers. Cloudflare Workers Unbound opens the platform to even more use cases, allowing developers to access the power of edge computing but with better flexibility and cost than even legacy, centralized serverless platforms.
Cloudflare Workers Unbound provides a broad set of benefits to developers:
- Limitless: Developers can run heavy workloads without having to worry about overly restrictive CPU constraints and pay only for what they use.
- Cost-effective: For the same workload, Cloudflare Workers Unbound can be 75 percent less expensive than AWS Lambda, 24 percent less expensive than Microsoft Azure Functions, and 52 percent less expensive than Google Cloud Functions.
- No hidden fees: Developers don’t pay for hidden extras like API gateway or DNS request fees.
- No cold starts: Cloudflare Workers Unbound is the first serverless platform to offer out of the box support for 0 nanosecond cold start times, compared with cold starts on other platforms that can take seconds and add unpredictable variability.
- Unthrottled CPU: Other serverless platforms throttle CPU, resulting in workloads that take longer. The efficiency of the Cloudflare Workers isolates architecture lets Cloudflare run CPUs unthrottled so users can get more done per second of compute time.
- Fast globally: Workloads run across the Cloudflare network, spanning more than 200 cities in more than 100 countries, reducing average network latency for users everywhere in the world.
- Instant updates: Developers can update their code and have it live globally in 15 seconds, compared with the minutes it can take to update on other serverless platforms.
- Automatic scaling: Cloudflare Workers Unbound automatically scale to meet demand without developers needing to worry about spinning up new instances.
- Robust debugging tools: Developers can achieve more productivity with new tools to simplify debugging and diagnosing problems.
- Secure by design: The platform is built to withstand the latest security threats, including sophisticated timing attacks, and was reviewed by the team that discovered the Spectre class of vulnerabilities.
“Serverless promises both a radical new economic model for compute, and a radically simplified programming model, with the developer focusing on orchestration and composition of rich back end services. Autoscaling, performance, observability, built-in security and support for a range of modern programming languages are all provided by the infrastructure,” said James Governor, RedMonk co-founder and analyst. “Cloudflare Workers Unbound is designed to provide best in class performance, taking advantage of a global edge network, competing directly with existing cloud serverless platforms on a cost for cost basis.”
Cloudflare, the security, performance, and reliability company helping to build a better Internet, announced that Tokyo, Japan, is the home of its newest Asia-Pacific (APAC) office.
This office will help the company grow brand awareness, support customers, and recruit new talent. Cloudflare also announced that Masa Aoba, a seasoned technology executive with more than 30 years of experience in the IT industry, will lead this new office and team.
Today, Cloudflare’s global network spans more than 200 cities in more than 100 countries, including two cities in Japan. Cloudflare first invested in Japan nearly a decade ago, expanding its network into Tokyo in 2010, just months after launching.
The company later expanded its network into Osaka in 2015, and today Cloudflare’s network spans 33 cities across the APAC region. Cloudflare is planning further expansion in the region as it continues to grow its network beyond 200 cities globally.
“As the third largest economy, and one of the most Internet-connected countries in the world, Japan was a clear choice when considering expansion locations for our next APAC office,” said Matthew Prince, co-founder and CEO of Cloudflare.
“Our new facility and team in Tokyo present a unique opportunity to be closer to our customers, and help even more businesses and users experience a better Internet across Japan and throughout the world.”
With more than 27 million Internet properties on Cloudflare’s network, the company already has many customers in the APAC region and in Japan, specifically, including Sony Music Axis Inc.
Cloudflare has also partnered with Accelia, Classmethod, D-zero, Domo, Mitsui Knowledge Industry, Spelldata, and GlobalDots Japan GK in Japan to enable joint customers in the country.
Cloudflare’s first Head of Japan, Masa Aoba, will oversee and lead the company’s sales and activities in Japan. “More than 90 percent of Japan’s population uses the Internet and Japan is home to 52 of the Fortune 500 companies,” said Masa Aoba, Head of Japan at Cloudflare.
“With this level of connectivity and business acumen, we have a huge opportunity to grow our brand in Japan. I’m looking forward to helping our Japanese customers and partners secure and optimize their business-critical applications to connect to their users across the world.”
In the last year, Cloudflare grew its APAC team by 63 percent. Today, Cloudflare has more than 180 employees in APAC. Cloudflare’s Tokyo location will join its other global offices in San Francisco, CA, San Jose, CA, Austin, TX, Champaign, IL, New York, NY, Washington, D.C., Lisbon, London, Munich, Singapore, Sydney, and Beijing.
Cloudflare for Campaigns protects political campaigns against cyberattacks and election interference
Cloudflare, the security, performance, and reliability company helping to build a better Internet, announced it will be offering free security services to help political campaigns in the United States and around the world defend against cyberattacks and election interference.
The Cloudflare for Campaigns program will allow any eligible campaign to access a variety of the company’s security services including enhanced firewall protection, denial-of-service (DDoS) attack mitigation, as well as internal data management and security controls.
These services will be provided at no cost to eligible U.S. campaigns, and for a fee to other campaigns in the U.S. and globally.
Since 2014, Cloudflare has offered free security and reliability services to nearly 1,000 vulnerable individuals and organizations around the world including journalists, humanitarian groups, and civil rights activists through Project Galileo.
The Athenian Project, launched in 2017, extends these benefits to more than 150 state and local election websites. Separate from these projects, Cloudflare provided services to 16 of the 17 2016 U.S. Presidential campaigns and has provided service to 18 of the 32 2020 U.S. Presidential campaigns.
The Cloudflare for Campaigns program will ensure that the same type of security services that are available to the largest campaigns are also available to smaller campaigns.
“Given the increase and sophistication of foreign election interference efforts, there is a clear need to help campaigns improve the security of not only their websites and other public-facing assets, but also their internal data security systems and teams,” said Matthew Prince, co-founder and CEO of Cloudflare.
“This is our way of providing best practices and no-brainer solutions to not only large campaigns, but also smaller, but equally important campaigns that may have limited resources.”
Cloudflare will provide business-level services to candidates for the duration of their campaigns and will include:
- Load balancing: Cloudflare Load Balancing runs at each of its data centers across 200 cities worldwide and is powered by the fastest authoritative DNS in the world. Cloudflare’s global Anycast network is 15x bigger than the largest DDoS attack ever recorded and ensures that traffic continues to get routed even under stress.
- Rate limiting: Cloudflare Rate Limiting protects against denial-of-service attacks, brute-force login attempts, and other types of abusive behavior from suspicious visitors.
- Enhanced firewall protection: The Cloudflare Web Application Firewall fights attacks in seconds without slowing down websites.
- DDoS attack mitigation: Cloudflare’s network, which has a capacity of 30Tbps, has mitigated attacks as big as 942Gbps. No matter the size of attack, the Cloudflare network can handle it.
- Cloudflare for Teams: This newly announced set of solutions, Cloudflare Access and Cloudflare Gateway, can secure campaigns and their employees and volunteers globally, without sacrificing performance.
- Bot management: Cloudflare’s bot management harnesses threat intelligence from protecting more than 20M Internet properties across its network to detect and mitigate bots.
By providing free services such as rate-limiting, load balancing, bot management, and web application firewall, political campaigns can defend their campaign websites from attacks.
With the addition of Cloudflare for Teams, campaigns can protect their employees and volunteers who have access to their internal networks from malware and viruses, while also giving employees easy access to internal applications no matter where they are in the world.
To provide these services for free to eligible U.S. campaigns, Cloudflare is working with Defending Digital Campaigns (DDC), a non-profit, non-partisan organization providing access to cybersecurity products, services, and information regardless of party affiliation.
In May 2019, DDC received approval from the Federal Elections Commission to provide free or discounted cybersecurity services to federal candidate committees and national party committees.
“Political campaigns, like any organization, need a comprehensive approach to cybersecurity,” said Michael Kaiser, President and CEO of Defending Digital Democracy.
“Securing a candidate’s website, their critical public facing presence, and hardening access to key internal applications can vastly improve cybersecurity. Defending Digital Campaigns, with a mission to make campaigns more cybersecure, is proud to partner with Cloudflare to protect both external and internal technology assets across the campaign ecosystem.”
Political campaigns that meet DDC requirements can receive these sets of services for free. To receive these free services under DDC, political campaigns must meet the following criteria:
- A House candidate’s committee that has at least $50,000 in receipts for the current election cycle, and a Senate candidate’s committee that has at least $100,000 in receipts for the current election cycle;
- A House or Senate candidate’s committee for candidates who have qualified for the general election ballot in their respective elections; or
- Any presidential candidate’s committee whose candidate is polling above five percent in national polls.
Arlo SmartCloud: A SaaS solution securing cloud services for businesses
Arlo SmartCloud is a fully managed global platform built for security, scalability and reliability that can be deployed as part of subscription services for hardware companies, automotive companies, service providers, insurance companies, home builders, smart communities, smart cities, traditional security companies, and other related verticals.
TP-Link HomeCare Pro: A smart home IoT security solution powered by Avira
Powered by Avira, Homecare Pro can identify smart home devices and check to determine if they are safe. Users will be notified if a related security function needs to be enabled or optimized to protect not only endpoints like laptops or smartphones, but also IoT devices like smart bulbs, smart thermostats, smart plugs and more.
3D sensing platform for access control and smart video security announced
The Ambarella CV25 AI vision SoC powers depth processing, anti-spoofing algorithms, 3D facial recognition algorithms, and video encoding on a single chip, significantly reducing system complexity while improving performance.
Fingerprint Cards adds two capacitive touch sensors to its fingerprint authentication portfolio
The FPC1020 and FPC1024 touch sensors feature high biometric performance and a small physical footprint. They are water resistant and can be used by devices and applications where a secure and smooth way to authenticate users is desired. The sensors have low power consumption and come with features for an excellent everyday user experience.
Cloudflare for Teams: Protecting corporations without sacrificing performance
Cloudflare has launched Cloudflare for Teams, a set of solutions that will secure corporations and their employees globally, without sacrificing performance. Cloudflare for Teams is centered around two core products: Cloudflare Access and Cloudflare Gateway.
Cloudflare, the security, performance, and reliability company helping to build a better Internet, announced that it has launched Cloudflare for Teams, a set of solutions that will secure corporations and their employees globally, without sacrificing performance. Cloudflare for Teams is centered around two core products: Cloudflare Access and Cloudflare Gateway.
Cloudflare Access is a Zero Trust identity and access management solution that secures, authenticates, and monitors user access to ensure that employees and devices are who they say they are. To do this, Cloudflare is working with identity providers, including Okta, OneLogin, and Ping Identity.
Cloudflare also works with major endpoint security providers, including VMware Carbon Black, Malwarebytes, and Tanium to ensure that users’ devices accessing applications have the latest protections and updates.
With employees and contractors spread around the world, the traditional VPN model is slow, clunky and a pain to work with. As a result, employees often try to circumvent corporate VPNs, creating additional security risks for themselves and for their companies.
Because Access is built on Cloudflare’s existing global network, which spans 200 cities in more than 90 countries, it sits within 100 milliseconds of nearly all of Cloudflare’s users. With this scale, Cloudflare can deliver an experience to teams that is safe and fast, no matter where they are in the world.
Cloudflare Gateway is a new solution being developed that will secure and filter outbound Internet traffic to protect employees from threats on the public Internet. Gateway will also ensure that Internet-browsing employees don’t bring malware or vulnerable code into the organization.
Existing technologies can slow down the user experience or are not effective at stopping attacks. Gateway will instead keep employees and their devices safer online, without sacrificing performance. Cloudflare is also partnering with cloud networking partners including Ciphercloud and Cloudgenix to deliver these solutions to enterprises.
Gateway will replace firewall appliances in offices, negate the need for new hardware, eliminate expensive MPLS fees, and deliver anti-malware scanning and software closer to the user, stopping threats before they hit the network.
Three versions are in development that will be available:
- Gateway will include DNS-based filtering and audit logging
- Gateway Pro will secure all Internet-bound traffic
- Gateway Enterprise will deliver data loss prevention and include always-on browser isolation from the newly-acquired S2 Systems Corporation
“With the rise of SaaS, cloud, and an increasingly mobile workforce, existing security solutions don’t work for modern-day employees or their employers,” said Matthew Prince, co-founder and CEO of Cloudflare.
“Employees need to access their applications quickly and securely, browse the public Internet without threatening company security, and be able to do all of this no matter where they are. Cloudflare for Teams gives companies and their employees a better way to do work, without added inconvenience.”
Benefits of Cloudflare for Teams
- Fast: Cloudflare for Teams is built for speed from the ground up. Threat filtering runs on one of the world’s fastest DNS resolvers and delivers a VPN replacement that will improve performance, instead of slowing users down.
- Vast threat intelligence: Cloudflare for Teams applies the threat intelligence collected from securing more than 20M Internet properties and blocking an average of 72B cyber threats per day.
- Seamless to implement and manage: Cloudflare for Teams is expected to take less than an hour to deploy and saves hours of end-user time compared to traditional VPN solutions. IT teams can also manage comprehensive network security within the same dashboard or through Cloudflare’s partners, including Splunk, Datadog, and Sumo Logic.
- Massive scalability: With 30 Tbps of network capacity, Cloudflare’s network can scale to meet the needs of the most demanding enterprises.
- Built-in DDoS mitigation: Hackers are increasingly targeting office infrastructure for denial of service attacks. Cloudflare for Teams is built with the same industry-leading DDoS mitigation benefits as Cloudflare for Infrastructure.
- Near users, wherever they are—literally: Instead of backhauling traffic, users connect to Cloudflare’s network in 200 cities around the world, within 100 milliseconds of 99% of the developed world’s Internet-connected population.
Cloudflare for Teams customers
“Cloudflare Access has enabled Ziff Media Group to seamlessly and securely deliver our suite of internal tools to employees around the world on any device, without the need for complicated network configurations,” said Josh Butts, SVP Product & Technology, Ziff Media Group.
“VPNs are frustrating and lead to countless wasted cycles for employees and the IT staff supporting them,” said Amod Malviya, Cofounder and CTO, Udaan.
“Furthermore, conventional VPNs can lull people into a false sense of security. With Cloudflare Access, we have a far more reliable, intuitive, secure solution that operates on a per user, per access basis. I think of it as Authentication 2.0 — even 3.0”
“Roman makes healthcare accessible and convenient,” said Ricky Lindenhovius, Engineering Director, Roman Health.
“Part of that mission includes connecting patients to physicians, and Cloudflare helps Roman securely and conveniently connect doctors to internally managed tools. With Cloudflare, Roman can evaluate every request made to internal applications for permission and identity, while also improving speed and user experience.”
Cloudflare for Teams partners
“We’re excited to partner with Cloudflare to provide our customers an innovative approach to enterprise security that combines the benefits of endpoint protection and network security,” said Tom Barsi, VP Business Development, VMware.
“VMware Carbon Black is a leading endpoint protection platform (EPP) and offers visibility and control of laptops, servers, virtual machines, and cloud infrastructure at scale.
“In partnering with Cloudflare, customers will have the ability to use VMware Carbon Black’s device health as a signal in enforcing granular authentication to a team’s internally managed application via Access, Cloudflare’s Zero Trust solution.
“Our joint solution combines the benefits of endpoint protection and a zero trust authentication solution to keep teams working on the Internet more secure.”
“Rackspace is a leading global technology services company accelerating the value of the cloud during every phase of our customers’ digital transformation,” said Lisa McLin, vice president of alliances and channel chief at Rackspace.
“Our partnership with Cloudflare enables us to deliver cutting edge networking performance to our customers and helps them leverage a software defined networking architecture in their journey to the cloud.”