Latest news with #NordLayer
Business Upturn
01-08-2025
- Business
- Business Upturn
NordStellar achieves SOC 2 Type II compliance, demonstrating its commitment to security
NEW YORK, Aug. 01, 2025 (GLOBE NEWSWIRE) — The next-generation threat management platform NordStellar has announced that it achieved System and Organization Controls (SOC) 2 Type II compliance. It's the third and final product of the Nord Security Business Suite to have successfully concluded this audit. NordStellar enables businesses to detect and respond to cyber threats before they escalate, empowering them to stay ahead of threat actors. It was launched in 2024 and is the newest addition to the Nord Security Business Suite, alongside NordLayer , the toggle-ready platform for business, and NordPass , a password manager. Both are SOC 2 Type II compliant. 'Last year NordStellar achieved SOC 2 Type I compliance, and we're thrilled that our constant efforts and product development have allowed us to complete the SOC 2 Type II audit successfully. Security is our greatest priority, and we are on a mission to deliver a high-quality and trustworthy product to our customers. We dedicate ourselves to continuously advancing our standard of excellence, maintaining transparency and reliability at every step', says Vakaris Noreika, head of product at NordStellar. SOC 2 is a security framework developed by the American Institute of Certified Public Accountants (AICPA) to ensure service providers securely manage customer data. SOC 2 compliance is achieved by undergoing independent audits assessing data management based on five criteria: security, availability, processing integrity, confidentiality, and privacy. All three Nord Security Business Suite products passed the SOC 2 Type II audit with no exceptions. ABOUT NORDSTELLAR NordStellar is a next-generation threat exposure management platform that enables companies to detect and respond to cyber threats before they escalate. NordStellar offers visibility into how threat actors work and what they do with compromised data. NordStellar was created by Nord Security, a globally recognized company behind one of the world's most popular digital privacy tools, NordVPN. For more information, visit . Contact details:Inga Vaitkeviciute [email protected]
Forbes
25-06-2025
- Business
- Forbes
Browser-Based SaaS: The New Face Of Shadow IT
Andrius Buinovskis is Head of Product at NordLayer, a toggle-ready network security platform for business. As more applications migrate to the web, businesses are becoming increasingly reliant on the browser. While a browser-first approach offers various benefits, it also introduces additional risks. The growth of shadow IT and shadow transition of data are key concerns cybersecurity leaders should consider when navigating the shift to a web-based work environment. Popular desktop software is moving to the web, and enterprises are following suit. According to research, most employees can complete 80% of their work tasks using a browser. Browser-based applications boost productivity and enhance team collaboration by delivering a smooth, user-friendly experience. Moreover, they're easier and less expensive to maintain, adding to their appeal. Considering the benefits of shifting to a browser-based work environment and its eager adoption, it seems the future is web-based. However, emerging trends come with new (or rather old but revolutionized) risks—the increasing use of web-based software-as-a-service (SaaS) applications is expanding the scope of shadow IT and shadow transition of data. The Hidden Dangers Of Web-Based Applications With the rise of web-based applications, shadow IT has turned into a software zoo. Before the shift toward a browser-first approach, the primary concerns associated with shadow IT were unmanaged devices and unauthorized desktop software. However, these risks were more limited—the bring-your-own-device (BYOD) phenomenon wasn't as widespread, desktop software needed to be installed, and security admins would eventually discover unauthorized applications during security audits. Now, CISOs are faced with a new, stealthier threat. Employees can instantly start using any web-based SaaS application by simply clicking on a link in the browser. Not all consumer-grade platforms are safe. Many do not have sufficient security controls, increasing the risk of experiencing a cybersecurity incident, such as exposing sensitive corporate data or employee log-in credentials. They lack strong user authentication while additional integrations create unauthorized data pipelines to third-party services. Also, they do not protect users from accidentally making confidential information visible to the public via search engines or large language models (LLMs). Moreover, because they prioritize performance over security, they rarely meet regulatory requirements, opening the door to potential compliance violations. As a result of the lack of observability security admins have into employees' use of unauthorized web-based applications, data movement can easily go undetected. Users can copy sensitive information, documents or files and transfer them to unauthorized applications. Because these platforms can be accessed from anywhere with just a web browser, are usually connected to other applications and often come equipped with copy-paste or drag-and-drop functionalities, unintentionally leaking information has become almost inevitable. These information leaks increase the scope of information existing outside of security admins' oversight (shadow data), which can result in a devastating cybersecurity incident. According to a report by IBM, one in three data breaches in 2024 involved the use of shadow data. How To Prevent Browser-Based Cybersecurity Incidents Web-based applications can create a significant security blind spot. Although securing the browser can be challenging, the high risk of experiencing a cybersecurity incident requires that no security gaps are left unattended. Here are some key areas businesses need to focus on to ensure they're prepared to combat browser-based attacks: High observability and the ability to enforce security policies are the main tools to help protect businesses against web-based threats. Traditional browsers do not have built-in security tools. As a result, businesses that have embraced a browser-first approach should consider switching to an enterprise browser, allowing security teams to observe employee activity and enforce security policies across the company. Stolen employee login credentials can lead to a data breach, particularly when employees reuse their organizational network passwords to access unauthorized web-based SaaS applications. Enforcing effective password management policies, such as always using different, random and complex passwords, helps to reduce the risk of cybercriminals infiltrating the company's network. Employees are the first line of defense against browser-based attacks. Ensuring they know the dangers of using unauthorized web-based SaaS applications and how unsafe the majority of these platforms are can help dissuade users from engaging with them, reducing the overall scope of shadow IT. In Conclusion Embracing web-based SaaS applications can be transformative for productivity and collaboration, but without robust security measures, a browser-first approach can ultimately do more harm than good. Considering the rapid rate at which organizations and employees embrace the browser, the shift to a web-based environment is inevitable. By prioritizing a comprehensive cybersecurity strategy, you can ensure you're safeguarded against browser-based incidents. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Yahoo
24-04-2025
- Business
- Yahoo
SentinelOne and Nord Security partner up to tackle SMBs' cybersecurity challenges
NEW YORK, April 24, 2025 (GLOBE NEWSWIRE) -- Nord Security, home to advanced cybersecurity solutions, announces an exciting integration with SentinelOne®, a global leader in AI-powered cybersecurity. The industry giants aim to help small and medium-sized businesses (SMBs) conquer cybersecurity challenges across endpoint and network security. To build and maintain an effective cybersecurity strategy, businesses must navigate a complex mix of solutions that often lack integration. This absence of coordination creates additional challenges, requiring significant financial, human, and technical resources to manage multiple separate systems. Through this collaboration, SentinelOne and Nord Security will offer companies a combined solution that will allow them to address both endpoint and network security challenges. The comprehensive solution comes from SentinelOne's integration with NordLayer, a toggle-ready network security platform from Nord Security's business suite. SentinelOne will automatically alert NordLayer of any malicious user identified on the endpoint, ensuring they're disconnected from the network before it can be compromised. 'We are proud to partner with a global leader like SentinelOne. At Nord Security, we recognize that the complexity of current cybersecurity challenges requires collaboration across the industry. While our expertise fuels innovative solutions, building strong, strategic partnerships with players like SentinelOne, whose products complement ours, is essential to address the full range of cyber threats,' says Justas Morkunas, chief commercial officer for B2B at Nord Security. 'We believe this new integration, already available through the leading cloud marketplace Pax8, is just the beginning of a fruitful and long-lasting partnership that will result in many exciting developments in the future.' 'Partnering with Nord Security allows us to deliver greater value to businesses seeking comprehensive, streamlined security protection,' says Melissa K. Smith, vice president, technology partnerships and strategic initiatives at SentinelOne. 'Together, we're making it easier for organizations to secure tomorrow without added complexity, empowering organizations to focus on growth, not threats.' Attendees of the RSAC 2025 conference are invited to visit Nord Security's and SentinelOne's respective booths at Moscone Center in San Francisco from April 28 to May 1 to learn more about the partnership. About SentinelOneSentinelOne® is a leading AI-powered cybersecurity platform. Built on the first unified Data Lake, SentinelOne empowers the world to run securely by creating intelligent, data-driven systems that think for themselves, stay ahead of complexity and risk, and evolve on their own. Leading organizations—including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments – trust SentinelOne to Secure Tomorrow™. Learn more at About Nord Security Nord Security, home to the renowned VPN service NordVPN, is the world's leading cybersecurity solutions provider, trusted by 20,000+ businesses across the globe. Designed to meet the needs of a digital workforce, the Nord Security business suite brings together the toggle-ready network security platform for business NordLayer, the next-generation password manager NordPass, and the threat exposure management platform NordStellar. For more information, visit Contact:inga@ in to access your portfolio
