Monday May 16, 2022

Snyk raises $22M on a $100M valuation to detect security vulnerabilities in open source code

Open source software is now a $14 billion+ market and growing fast, in use in one way or another in 95 percent of all enterprises. But that expansion comes with a shadow: open source components can come with vulnerabilities, and so their widespread use in apps becomes a liability to a company’s cybersecurity. Now, a […]

Amazon is quietly doubling down on cryptographic security

The growth of cloud services — with on-demand access to IT services over the Internet — has become one of the biggest evolutions in enterprise technology, but with it, so has the threat of security breaches and other cybercriminal activity. Now it appears that one of the leading companies in cloud services is looking for […]

Very Good Security makes data ‘unhackable’ with $8.5M from Andreessen

“You can’t hack what isn’t there,” Very Good Security co-founder Mahmoud Abdelkader tells me. His startup assumes the liability of storing sensitive data for other companies, substituting dummy credit card or Social Security numbers for the real ones. Then when the data needs to be moved or operated on, VGS injects the original info without […]

Foundries.io promises standardized open source IoT device security

IoT devices currently lack a standard way of applying security. It leaves consumers, whether business or individuals, left to wonder if their devices are secure and up-to-date. Foundries.io, a company that launched today, wants to change that by offering a standard way to secure devices and deliver updates over the air. “Our mission is solving […]

RiskRecon’s security assessment services for third-party vendors raises $25 million

In June of this year, Chinese hackers managed to install software into the networks of a contractor for the U.S. Navy and steal information on a roughly $300 million top-secret submarine program. Two years ago, hackers infiltrated the networks of a vendor servicing the Australian military and made off with files containing a trove of […]

Google Cloud introduces shielded virtual machines for additional security

While we might like to think all of our applications are equal in our eyes, in reality some are more important than others and require an additional level of security. To meet those requirements, Google introduced shielded virtual machines at Google Next today. As Google describes it, “Shielded VMs leverage advanced platform security capabilities to […]

Google takes on Yubico and builds its own hardware security keys

Google today announced it is launching its own hardware security keys for two-factor authentication. These so-called Titan Security Keys will go up against similar keys from companies like Yubico, which Google has long championed as the de facto standard for hardware-based two-factor authentication for Gmail and other services. The FIDO-compatible Titan keys will come in […]

Xage secures $12 million Series A for IoT security solution on blockchain

Xage (pronounced Zage), a blockchain security startup based in Silicon Valley, announced a $12 million Series A investment today led by March Capital Partners. GE Ventures, City Light Capital and NexStar Partners also participated. The company emerged from stealth in December with a novel idea to secure the myriad of devices in the industrial internet […]

Okta nabs ScaleFT to build out ‘Zero Trust’ security framework

Okta, the cloud identity management company, announced today it has purchased a startup called ScaleFT to bring the Zero Trust concept to the Okta platform. Terms of the deal were not disclosed. While Zero Trust isn’t exactly new to a cloud identity management company like Okta, acquiring ScaleFT gives them a solid cloud-based Zero Trust […]

Ping Identity acquires stealthy API security startup Elastic Beam

At the Identiverse conference in Boston today, Ping Identity announced that it has acquired Elastic Beam, a pre-Series A startup that uses artificial intelligence to monitor APIs and help understand when they have been compromised. Ping also announced a new product, PingIntelligence for APIs, based on the Elastic Beam technology. They did not disclose the sale […]