Latest news with #ZeroTrust
National Post
a day ago
- Business
- National Post
ManageEngine Enhances AD360 With Risk Exposure Management and Local User MFA Features to Strengthen Identity Threat Defenses
Article content New Capabilities Help Enterprises Visualize Attack Paths, Enforce MFA on Unmanaged Local Accounts, and Align Identity Security With the Zero Trust Framework Article content The identity risk exposure management feature adds identity threat detection capabilities that help uncover how attackers could escalate privileges or move laterally within the environment With local user MFA, enterprises can extend enterprise-grade MFA to previously unmanaged local accounts Read about AD360's identity risk exposure management at and local user MFA capabilities at Article content AUSTIN, Texas — ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today announced the general availability of identity risk exposure management and local user MFA features in AD360, its converged identity and access management (IAM) platform. The release enables security teams to detect privilege escalation risks and secure unmanaged local accounts, two common identity attack vectors that attackers continue to exploit at scale. Article content Identity remains the primary attack vector in modern enterprises, as shown by Verizon's 2025 Data Breach Investigations Report, which found that credential abuse was the initial access vector in 22% of breaches. The report also highlighted widespread abuse of poorly managed local accounts and privilege paths across over 12,000 confirmed breaches. Article content 'With this release, ManageEngine AD360 moves beyond traditional IAM by embedding identity threat defenses into core identity operations. By turning identity data into actionable security insights, we're helping customers make IAM the first line of defense, not a check box,' said Manikandan Thangaraj, vice president of ManageEngine. Article content While most IAM tools focus on provisioning and policy enforcement, AD360 adds risk exposure mapping via attack path analysis as well as local MFA enforcement, helping enterprises close attack paths that often go undetected. This marks a key step in identity management evolving from an access control layer into an active security control. New Capabilities Article content Identity risk exposure management: Graph‑based analysis maps lateral movement and privilege escalation paths in Active Directory (AD), automatically prioritizing risky configurations and recommending remediation steps. The graph engine models AD objects as nodes and privilege inheritance as lines, revealing multi‑step attack chains in real time, with actionable suggestions that IT teams can implement to close exposed paths. Local user MFA: This feature extends adaptive MFA to local accounts on non‑domain‑joined servers, DMZ assets, and test environments, thwarting credential stuffing and persistence techniques. ML‑driven access recommendations: During provisioning and access review campaigns, machine learning analyzes permission patterns and suggests adjustments to implement least privilege access, helping prevent excess entitlements. Article content Additionally, ManageEngine has enhanced AD360's access certification module, which now includes expanded entitlements for comprehensive review coverage, and the risk assessment capabilities feature new indicators for improved identity risk monitoring across AD and Microsoft 365 environments. These enhancements are designed to streamline compliance reporting and strengthen access governance across the enterprise. The new capabilities support NIST SP 800-207 on Zero Trust architecture, align with PCI DSS Version 4.0 Requirement 8, and facilitate SOX, HIPAA, and GDPR controls. Article content About AD360 Article content ManageEngine AD360 is a unified identity platform that seamlessly connects people, technology, and experiences while giving enterprises full visibility and control over their identity infrastructure. It offers automated life cycle management; secure SSO; adaptive MFA; and risk-based governance, auditing, compliance, and identity analytics—all from a single, intuitive console. With extensive out-of-the-box integrations and support for custom connectors, AD360 easily integrates into existing IT ecosystems to enhance security and streamline identity operations. Trusted by leading enterprises across healthcare, finance, education, and government, AD360 simplifies identity management, fortifies security, and ensures compliance with evolving regulatory standards. For more information, please visit Article content Article content Article content Article content Article content Contacts Article content Media Contact: Article content Article content Article content Article content
Yahoo
6 days ago
- Business
- Yahoo
Columbus approves $23M for improving cybersecurity infrastructure
COLUMBUS, Ohio (WCMH) — Columbus City Council has approved $23 million to strengthen the city's cybersecurity infrastructure. This comes just days before the one year anniversary of the city being hit with a massive ransomware attack. NBC4 Investigates uncovered that half a million people's private information, including the identities of undercover officers and crime victims, was stolen and leaked on the dark web. Now, millions of dollars will be invested in a new system. Council approved $23 million for what is called a 'zero-trust network'. This model is 'never trust, always verify.' The city is hoping that implementing the zero-trust network will strengthen it's IT infrastructure against future attacks. Traditional networks assume everything inside an organization's network can be trusted. Now, this security mindset assumes that there are threats both inside and outside of a network and makes it so that only necessary users are authorized. Once implemented, only those with express permission and who go through strict verification can access the city's network. A spokesperson for Mayor Andrew Ginther sent a statement saying: 'Federal, state, and local governmental entities, including the City of Columbus, face persistent and sophisticated cybersecurity threats. These threats are constantly evolving and increasing in sophistication. Cybersecurity experts and researchers have developed the Zero Trust Network framework to adapt to these threats. 'Unlike traditional security frameworks that assume everything inside an organization's network is trustworthy, a Zero Trust Network assumes that threats can exist both inside and outside the network. Therefore, among other things, a Zero Trust Network requires strict verification for every user and device attempting to access resources within a network, regardless of their location. It also includes segmenting an organization's network into smaller, isolated zones or microsegments. These microsegments are typically aligned with organizational units such as departments or workgroups, are intended to limit unnecessary network traffic between segments, and are designed to prevent unauthorized movement between segments. 'Zero Trust is not a product, but a shift in security mindset, architecture, and operational approach. The City of Columbus is seeking to commence its Zero Trust Network project later this year and anticipates that it will take at least two years to implement with an estimated investment of $23 million.' Councilmember Nick Bankston also sent a statement saying: 'In today's world, cybersecurity is public safety. This $23 million investment in a Zero Trust Network is not just about protecting servers — it's about protecting the people of Columbus. By modernizing our infrastructure and adopting industry best practices, we are taking responsible, proactive steps to ensure that residents can trust their government to keep their information safe and services running securely. Council remains committed to sharing information about last year's cyberattack when it is appropriate to do so. However, what we can say is this: we're taking action to make sure our systems — and our residents — are protected against the evolving threat landscape going forward.' Hardware will need to be replaced across all city buildings and data centers. The city will start implementing the framework in its core network and largest facilities and expand over the next two years. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Solve the daily Crossword
Zawya
7 days ago
- Business
- Zawya
ThreatLocker grows Gulf footprint with key UAE and Qatar meetings
Dubai, UAE: ThreatLocker®, a global cybersecurity leader in endpoint protection, has deepened its presence in the Middle East with a visit last month that included high-level meetings in Qatar and an exclusive event in Dubai focused on Zero Trust and prevention-first strategies. These engagements add to recent ThreatLocker participation in Middle East events in Bahrain, Saudi Arabia, Oman, and Kuwait. ThreatLocker CEO and Co-Founder Danny Jenkins met with senior leaders and peers from Qatar's largest enterprise organisations to discuss how ThreatLocker is redefining the cybersecurity landscape in the Middle East through its Zero Trust and prevention-first approach. The next day, at a CTRL+ALT+DELight breakfast in Dubai, Jenkins discussed the UAE's cyber resilience policies before business leaders, technology experts, and journalists who gathered to exchange insights on the region's evolving cyber threat landscape. The event, held at the Dubai International Financial Centre, featured a presentation from Jenkins, who shared his perspective on emerging cyber risks. The former ethical hacker also showcased a live hacking demonstration and participated in expert interviews with prominent news media in the region. The discussion included a behind-the-scenes look into how organisations can detect, respond to, and recover from cyber threats in real time. Jenkins also took questions from UAE business leaders across sectors, addressing cybersecurity insurance, compliance frameworks, disaster recovery, access management—and the full scope of concerns businesses face in the Middle East and globally today. 'The UAE is moving fast to become a global hub for digital innovation. And with that comes increased cybersecurity risk and the need for robust cyber defences," said Jenkins. 'Our aim is to work collaboratively with UAE businesses to build secure solutions and strategies that suit the specific needs of the companies in the region.' Based in Orlando, Florida, ThreatLocker is committed to helping Middle East organisations strengthen their defences, particularly as the market accelerates its digital transformation journey in line with regional strategies. Businesses interested in signing up for a ThreatLocker DEMO may visit Meet ThreatLocker at the five additional scheduled events for the region by keeping up with the company events calendar. About ThreatLocker® ThreatLocker is a global leader in Zero Trust security, providing organizations with endpoint protection, application control, storage control, and privileged access management to prevent cyber threats before they execute. With its innovative security solutions, ThreatLocker helps businesses worldwide enhance their cybersecurity posture and maintain operational continuity. Learn more at Media Contact: Stefany Strong, Media Relations Manager
Forbes
16-07-2025
- Business
- Forbes
Building A Blueprint For Improved Security Outcomes
TK Keanini, CTO, DNSFilter. I was recently included in the Forbes Expert Panel post "How To Reduce Insider Threats (Without Impacting Efficiency)," and it got me thinking more closely about zero trust and how we've arrived at this point today. Zero trust was first introduced in 2009 by John Kindervag, a longtime cybersecurity expert and former Forrester Research analyst. Because it's been around a while, most of us are already very familiar with the zero-trust mantra: 'Never trust, always verify.' As an example, just because Employee X accesses a corporate network using their Pixel 7a today, it doesn't mean that the system will automatically allow them access the next day, simply because they're using the same device. We need to verify that it's actually Employee X every single time (among other verifications). At this point, anything less than a zero-trust strategy isn't only outdated but also lazy. No one really needs access to all of the internet, especially in a work setting. They simply need high-performance access to the resources required for their professional or personal tasks and nothing more. Attackers are banking on the fact that you're able to access everything and anything, even the thing that they created two minutes ago. Until you adopt a zero-trust mindset, you'll fall victim to bad actors' tactics. When you're protecting your entire company, extreme clarity on roles and responsibilities is paramount to setting the right access policy. Let's break that down a bit. Authentication, Authorization And Audits (AAA) One way to think about security and zero trust is in terms of the three A's: • Authentication: Are you who you say you are? • Authorization: Given you are who you say you are, what can you access based on your role? • Audits: For every action, is there an immutable ledger of that activity? These terms have historically been associated with identity and access management, but I'd argue that regardless of the system you're building and wish to secure, you must design an AAA set of functionality you can depend on. I want to focus on authorization for a moment, because no one, especially in a corporate environment, needs access to the entire internet. There's a core set of items that absolutely no one should access; these are known and emerging threats. But once we remove access to threats, we then need to layer on what makes sense for an individual's role. Without role-based authorization in mind, organizations are at a heightened risk of a breach. Let's imagine a person who has administrative access to a critical system that isn't necessary for their role. If a social engineering campaign targets this person, their lack of understanding of the system they have access to could lead to the release of sensitive information to a threat actor. What this comes down to is applying the principle of least privileged access. For each authenticated role, provide the least privileged authorization and closely monitor the audit trail. This will enable you to identify gaps in your authorization policies and provide more effective incident response in the event of a breach. What I've described above is a zero-trust recipe book for many technologies. Zero Trust In The Real World Applying AAA is useful when thinking through a zero-trust approach to many defensive countermeasures (like firewalls, proxy servers and file system access). One area that I've found to be effective is your protective DNS strategy. First things first, if you're just using DNS and not protective DNS, you should consider upgrading because, once again, no device really needs access to everything online. The difference between DNS and protective DNS is simply your ability to apply these AAA policies to everything you're trying to protect. The role of DNS is to ensure that when you type in a domain name or click on a link, the corresponding IP address is returned, allowing your device to establish a connection. Protective DNS enables a zero-trust approach by allowing you to authenticate that request and establish an identity, then apply a policy that provides the least privileged authorization for that role. Finally, it provides an audit trail so you can ask, 'What internet activity was performed by that identity over a certain amount of time?' Protective DNS providers vary in the capabilities they provide, but by understanding your own zero-trust requirements via these AAA terms, you can find one that's right for you. Final Thoughts Zero trust is a mindset shift that prioritizes precision, clarity and accountability at every level of access. That starts by asking hard questions about who needs access to what and committing to 'never trust, always verify.' Reducing access to the internet is one critical way that organizations can protect themselves. By embracing strong authentication, strict authorization and comprehensive auditing—the AAA of modern security—you create a resilient, layered defense that protects against insider threats without sacrificing operational efficiency. Anything less isn't just risky; it's outdated. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Zawya
16-07-2025
- Business
- Zawya
Check Point Software Technologies named a leader in zero trust platforms, Q3 2025 evaluation
DUBAI, UAE – Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a pioneer and global leader of cyber security solutions, today announced it has been recognized as a Leader in The Forrester Wave™: Zero Trust Platforms, Q3 2025. The independent analyst report evaluated the 10 most significant Zero Trust platform providers and cited Check Point for delivering a unified, prevention-first security platform that covers network, cloud, and endpoint controls across hybrid environments. Check Point received the highest possible scores (5 out of 5) in four critical criteria within the current offering category: centralized management and usability, least-privileged-access enforcement, segmentation and control, and deployment. The company also received 5/5 scores in the roadmap and supporting services and offerings criteria within the strategy category, which Check Point believes reinforces its strong vision and customer-centric approach. 'This recognition by Forrester affirms, for us, Check Point's leadership in delivering consistent Zero Trust security that is comprehensive, intuitive, and built for the AI-driven, hyperconnected world,' said Nataly Kremer, Chief Product Officer at Check Point Software. 'Our AI-powered Infinity Platform is purpose-built to help organizations secure users, assets, and data — wherever they reside — through centralized management, intelligent policy enforcement, and flexible deployment across cloud, on-prem, and hybrid environments.' Check Point's highlights from the report include: Centralized Management Least-Privileged Access Enforcement Segmentation and control Deployment Roadmap Supporting services and offerings Forrester also noted that organizations looking for a centralized, easy-to-manage, and holistic network security platform for local networks should include Check Point on their shortlist. For Check Point, this position as a leader reinforces the company's commitment to a prevention-first strategy, helping enterprises proactively secure their infrastructure against modern threats while accelerating their Zero Trust adoption. Learn more on our blog and access a complimentary copy of The Forrester Wave™: Zero Trust Platforms, Q3 2025 here. Forrester does not endorse any company, product, brand, or service included in its research publications and does not advise any person to select the products or services of any company or brand based on the ratings included in such publications. Information is based on the best available resources. Opinions reflect judgment at the time and are subject to change. For more information, read about Forrester's objectivity here. Follow Check Point via: X (Formerly known as Twitter): Facebook: Blog: YouTube: LinkedIn: About Check Point Software Technologies Ltd. Check Point Software Technologies Ltd. ( is a leading protector of digital trust, utilizing AI-powered cyber security solutions to safeguard over 100,000 organizations globally. Through its Infinity Platform and an open garden ecosystem, Check Point's prevention-first approach delivers industry-leading security efficacy while reducing risk. Employing a hybrid mesh network architecture with SASE at its core, the Infinity Platform unifies the management of on-premises, cloud, and workspace environments to offer flexibility, simplicity and scale for enterprises and service providers. Legal Notice Regarding Forward-Looking Statements This press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding future growth, the expansion of Check Point's industry leadership, the enhancement of shareholder value and the delivery of an industry-leading cyber security platform to customers worldwide. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 2, 2024. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.
