Progress announced the Q4 2024 release of its award-winning Progress® Telerik® and Progress® Kendo UI® component libraries.
Digital Shadows Launches Access Key Alerts
October 20, 2020
Digital Shadows announced the ability to detect exposed access keys.
A combination of misconfiguration, inexperience, and laziness means that software developers are exposing access keys at an alarming rate. With threat actors routinely scouring code repositories for leaked keys, security teams need a fast, scalable solution to monitor these sites for their exposed technical assets.
Customers of Digital Shadows will now be able to identify in near real-time where these keys have been exposed. Most leakage is accidental, due to poor security practices – such as sensitive data being committed to public repositories, rather than private ones. SearchLight users will be notified when an access key has been detected on a public code repository or paste site, complete with a risk score for prioritization, source file, and matched assets. This means that remediation is quick and simple: either revoke the credential or tweak the configuration settings.
Russell Bentley, VP of Product at Digital Shadows, comments: “As software development has become increasingly distributed between in-house and outsourced teams it has become increasingly challenging to monitor the exposure of sensitive information. Every day, sensitive technical information like keys and secrets are exposed online to code collaboration platforms. Normally this is accidental, but we have seen evidence that threat actors are scouring public repositories and looking to use it in order to access sensitive data and infiltrate organizations. This new functionality within SearchLight will make it quick and simple to stop attackers in their tracks.”
SearchLight’s new access key alerting helps organizations monitor for access keys and secret exposure, providing Digital Shadows customers with complete visibility and minimal effort. This includes the ability to:
- Identify near real-time who has exposed technical data: Each alert is tailored to an organization and built-in configuration minimizes false positives and increases relevance.
- Built-in ‘playbooks’ enable organizations to learn how to reduce exposure and remediate risks
- Comprehensive coverage, for increased visibility: Automated detection of access keys across the broadest set of sources.
- Build a clear picture with enriched data: As Shadow Search is built-in to the alert, users can have a succinct view of the historical activity related to that alert, building a richer picture, and helping security teams to make decisions quicker.
Industry News
November 26, 2024
November 26, 2024
Check Point® Software Technologies Ltd. has been recognized as a Leader and Fast Mover in the latest GigaOm Radar Report for Cloud-Native Application Protection Platforms (CNAPPs).
November 26, 2024
Spectro Cloud, provider of the award-winning Palette Edge™ Kubernetes management platform, announced a new integrated edge in a box solution featuring the Hewlett Packard Enterprise (HPE) ProLiant DL145 Gen11 server to help organizations deploy, secure, and manage demanding applications for diverse edge locations.
November 26, 2024
Red Hat announced the availability of Red Hat JBoss Enterprise Application Platform (JBoss EAP) 8 on Microsoft Azure.
November 26, 2024
Launchable by CloudBees is now available on AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
November 26, 2024
Kong closed a $175 million in up-round Series E financing, with a mix of primary and secondary transactions at a $2 billion valuation.
November 26, 2024
Tricentis announced that GTCR, a private equity firm, has signed a definitive agreement to invest $1.33 billion in the company, valuing the enterprise at $4.5 billion and further fueling Tricentis for future growth and innovation.
November 25, 2024
Check Point® Software Technologies Ltd. announced the new Check Point Quantum Firewall Software R82 (R82) and additional innovations for the Infinity Platform.
November 25, 2024
Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.
November 25, 2024
Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.
November 25, 2024
Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).
November 21, 2024
Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
November 21, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.
November 21, 2024
Securiti announced a new solution - Security for AI Copilots in SaaS apps.
November 20, 2024
Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.
