❌

Reading view

There are new articles available, click to refresh the page.

Synack Strengthens Integration to Microsoft Azure to Help Protect Hybrid Clouds

βœ‡Synack Blog
By: Synack

Synack Joins the Microsoft Intelligent Security Association (MISA)

Synack has recently joined the Microsoft Intelligent Security Association (MISA) and integrated with Microsoft Sentinel. This means that Microsoft Sentinel users can now easily access Synack’s global team of security experts for on demand testing of cloud assets. MISA is an ecosystem of independent software vendors and managed security providers who integrate their security solutions with Microsoft platforms and technology to increase visibility and minimize threats.

This announcement is only one component of this growing partnership and is a testament to the commitment both Synack and Microsoft have to providing flexible and scalable security solutions. Extending Microsoft’s security capabilities through partnerships and integrations like that with Synack, reduce cost and complexity for enterprises looking for end-to-end cloud security solutions.

Synack Helps Secure Microsoft Azure Hybrid Clouds

Keeping your hybrid cloud safe and secure from cyber criminals is a daunting task. Hackers are constantly searching for vulnerabilities in your cloud that they can exploit to gain access. You need to be constantly vigilant and discover and resolve all the vulnerabilities in your system while they only need to find one to be successful in penetrating it to perpetrate their cybercrime activities.

To help you more effectively protect your network from cybercriminals, Synack is now providing integrations to two key Microsoft cloud security solutions: Microsoft Defender for Cloud and Microsoft Sentinel. Additionally, new cloud-oriented services are available through Synack Campaigns, which provide on-demand access to members of the Synack Red Team for completing targeted security objectives.

Synack Provides Critical Information for Remediation of Exploitable Vulnerabilities

Microsoft Sentinel and Microsoft Defender for Cloud play a significant role in improving security operations. Microsoft Defender for Cloud provides recommendations, alerts and diagnostics to Microsoft Sentinel to provide better analytics and incident response. Microsoft Sentinel provides an overall picture of what is happening in your network taking in data from multiple sources to give security analysts a powerful tool to detect and respond to cyberattacks. Together these two solutions help provide seamless and effective security operations.

But there is a critical piece missing in this security view. You need to be able to validate misconfigurations and create attack vectors to search for and report exploitable vulnerabilities at the network layer as well as internally in your cloud. Synack, the premier security testing platform powered by the most skilled and trusted community of global security researchers provide continuous penetration testing and vulnerability discovery with actionable data and report the results to Microsoft Defender for Cloud and Microsoft Sentinel where the vulnerabilities can be investigated, analyzed, and resolved. You can run a one-time assessment, or sign up for continuous testing of your system.

View Synack Vulnerability Assessment Results in Microsoft Defender for Cloud and Microsoft Sentinel

When it comes to exploitable vulnerabilities in your cloud, time-to–resolution is critical. Synack’s new integrations to Microsoft Defender for Cloud and Microsoft Sentinel automatically sync the results of Synack vulnerability assessments to those security solutions to help decrease time-to-resolution. There is no need for human intervention or cumbersome transfer of information. You have all your vulnerability information in one place in screens that your security teams are used to working with.

Automatically Create Vulnerability Entries in Defender for Cloud

With Synack’s new integration to Microsoft Defender for Cloud, customers can create a Synack Vulnerabilities custom workbook in Defender for Cloud. The Microsoft Defender for Cloud workbook displays the exploitable vulnerabilities discovered in the Synack vulnerability assessment along with a severity status and scoring. The data syncs automatically from the Synack Client Portal directly to Microsoft Defender for Cloud.

Automatically Create Incidents in Microsoft Sentinel

Similarly, Synack’s new integration to Microsoft Sentinel synchronizes vulnerability data from your Synack account to Microsoft Sentinel for further management and remediation. It automatically creates an incident in Microsoft Sentinel for each vulnerability and keeps the incident up-to-date with the latest changes in the vulnerability.

A Holistic View of Your Cloud Security

Syncing vulnerability results from Synack to Microsoft Defender for Cloud and Microsoft Sentinel puts all of your vulnerability information in one place in a format that Microsoft Azure users are accustomed to seeing. There’s no need to log into another tool or become familiar with another report format in order for security engineers and managers to determine the health and security of their networks. Security teams can take appropriate action and update vulnerability status right in the Microsoft tool.

This capability becomes even more critical as Synack continues to expand its Microsoft Azure-specific testing portfolio, including continuous testing for Microsoft Azure and the Microsoft Azure Security Benchmark Campaign.

You can choose the sync cadence, and you can visualize your vulnerability data using Microsoft Defender for Cloud’s graphs and charts. You’ll get a high-level overview of vulnerability information, such as status, and can track these changes over time. For any assessment, you can see the associated vulnerabilities, and for more detailed information, you can link directly to the full vulnerability info provided in the Synack Client Portal. Any new vulnerabilities will automatically sync and populate into Defender for Cloud and newly discovered vulnerabilities will automatically sync and populate incidents into Microsoft Sentinel where they become part of a holistic security view. Executives or anyone else who wants to see this vulnerability or incident information can do so in Microsoft Azure display screens.

microsoft MISA

Integration Is Easy

Synack provides the custom Microsoft Azure Workbook with Synack Vulnerabilities data within your Microsoft Defender for Cloud. A backend application hosted on Synack premises provides a Custom Endpoint for the Workbook. Synack provides the default template for the Synack Vulnerabilities workbook. You can further modify the looks of your workbook, or use the endpoint to create new workbooks. It’s up to you how you want to view and manage the exploitable vulnerabilities.

Synack makes the integration easy. All you need to do is create a Synack API token and then deploy the Synack Workbook ARM template to Microsoft Defender of Cloud. After that you can access your workbook in Microsoft Defender for Cloud. Each time Synack performs a vulnerability assessment, the results will be displayed in the Microsoft Defender for Cloud workbook.

For Microsoft Sentinel, Synack provides a data connector to synchronize the vulnerability data from your Synack account. The data synchronization is performed by a Microsoft Azure Function that uses both Synack and Microsoft Sentinel APIs to pull the Synack data over to Microsoft Sentinel. Once you deploy the data connector you will start seeing new incidents in Microsoft Sentinel created from the Synack vulnerabilities. If the status of a Synack vulnerability changes, the status of the corresponding Microsoft Sentinel incident will be updated accordingly.

Now You Have a Holistic View of Your Network Security Posture

To help reduce time-to-resolution, Synack’s integrations to Microsoft Defender for Cloud and Microsoft Sentinel give you a holistic view of your network’s health and security posture encompassing all your exploitable vulnerability information, including the results of Synack penetration testing, in one place in familiar Azure screens.

On-demand Testing for Cloud Configuration with Synack Campaigns

Synack Campaigns provide on-demand access to the Synack Red Team for completion of targeted security tasks, augmenting internal teams while solving for the cybersecurity talent gap. The Azure Security Benchmark Infrastructure Campaign provides Synack researcher testing against Azure security controls. This Campaign will utilize a researcher with the right skills to provide a true adversarial perspective against your Azure services, and will validate your ASB status seen in Microsoft Defender for cloud.

For information on Synack’s partnership with Microsoft, learn more here.

The post Synack Strengthens Integration to Microsoft Azure to Help Protect Hybrid Clouds appeared first on Synack.

Synack expands executive team, adds top cybersecurity talent as business surges

βœ‡Synack Blog
By: Synack

The premier on-demand security testing platform is experiencing record growth as organizations globally seek its help to bridge the cybersecurity skills shortage.

REDWOOD CITY, Calif., June 6, 2022 /PRNewswire/ β€” Synack, the premier on-demand security platform for continuous penetration testing and vulnerability management, is expanding its executive team and bringing on top industry talent to meet growing demands from organizations globally seeking to solve their cybersecurity skills shortage.

β€œOur recent growth is a testament to the value of the Synack Platform,” said Jay Kaplan, Synack’s CEO.

The key additions represent a major step for Synack as it experienced massive growth in the first quarter of 2022 due to an increase in new business as well as renewals from customers who rely on the company’s platform that combines software and skills from a global community of security researchers – the Synack Red Team – to help that vulnerabilities that matter most.

β€œOur recent growth is a testament to the value of the Synack Platform,” said Jay Kaplan, Synack’s CEO. β€œIt’s more important than ever for organizations to do everything they can to find and fix vulnerabilities before adversaries exploit them. We’re bringing on an incredible group of people who can help us continue doing this important work and build a lasting, thriving company so we can help even more organizations solve their cybersecurity needs.”

β€œSimply put,” said Kaplan, β€œwe’re growing quickly and hiring the very best talent to ensure exceptional customer satisfaction and to maintain our position as the No. 1 security testing platform in the world.”

New additions include:

Michael Chao, Chief Financial Officer

Michael is an accomplished business leader with extensive strategic, operational, financial and accounting experience who is focused on building teams, creating high performance cultures, and achieving outstanding business outcomes. He has worked in both public and private companies across more than 25 years of experience. He was previously CFO at the cybersecurity company Coalfire in addition to holding CFO and senior level nance roles at KeyPoint Government Solutions, Famous Brands International, Vail Resorts and eBay.

Melissa Lightbody, Chief People Officer

Melissa originally joined Synack in September 2020 as VP, People. She quickly helped to set the tone for the company and worked across all teams to focus on culture, inclusivity, diversity and growth. Melissa is Synack’s first Chief People Officer, a critically important role as the company continues to grow its domestic and international teams with an eye toward maintaining a culture of innovation and collaboration. Melissa’s previous roles include VP, People at Sonder, VP, Enterprise Business Operations & Transformation Officer at Vituity, and VP, Global Head of People & HR Operations at MZ.

Wade Lance, Field Chief Information Security Officer

A cybersecurity veteran, thought leader and frequent conference speaker, Wade is joining Synack from Illusive Networks where he was most recently Field CTO, Product Evangelist. He’s joining Synack as the company’s first Field CISO, an important role that will work across teams as well as with customers and prospects to help them better understand the value and promise of the Synack Platform. Wade’s role is a further indication of the demand for Synack as the company looks to break into new markets, drive adoption and build a global brand.

Tracy Pallas, Vice President of Channel

The Channel is a growing and important part of Synack’s business. Earlier this year, the company launched its emPower Synack Partner Program to offer the Channel the most effective, seamless and continuous access to penetration testing. Tracy is joining Synack to further expand this offering and build new relationships with systems integrators, managed service providers, distributors and resellers. Tracy previously held key leadership positions in sales and business development at Commvault, Agari and Illusive Networks.

Learn more about the work Synack is doing at https://synack.com/

Β 

ABOUT SYNACK

Synack’s premier on-demand security testing platform harnesses a talented, vetted community of security researchers and smart technology to deliver continuous penetration testing and vulnerability management, with actionable results. We are committed to making the world more secure by closing the cybersecurity skills gap, giving organizations on-demand access to the most-trusted security researchers in the world. Headquartered in Silicon Valley with regional teams around the world, Synack protects global banks, federal agencies, DoD classified assets and more than $6 trillion in Fortune 500 and Global 2000 revenue. For more information, please visit www.synack.com.

The post Synack expands executive team, adds top cybersecurity talent as business surges appeared first on Synack.

❌