Ermetic | September 15, 2022
Ermetic, the cloud infrastructure security company, today announced that it has initiated the process to achieve Authority to Operate (ATO) status under the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
The company also announced the appointment of Ben McGucken as regional vice president of sales for US Federal and Latin America, who will lead the company’s FedRAMP certification. In addition, the Ermetic cloud security platform now supports AWS GovCloud (US) and Azure for US Government – which are designed to address specific regulatory and compliance requirements of US government agencies at the federal, state, and local level that run sensitive workloads in the cloud.
The company has engaged stackArmor, Inc, a leading provider of FedRAMP engineering and advisory services, to guide Ermetic through the FedRAMP ATO process. stackArmor and its team of experts have over a decade of experience assisting cloud service providers to ensure their solutions meet compliance standards including FISMA, FedRAMP and NIST.
“We are pleased to partner with Ermetic on their FedRAMP journey toward an ATO, stackAmor's ThreatAlert is an integrated suite of security and compliance services deployed within the accreditation boundary. This also includes continuous monitoring designed to help companies like Ermetic reduce the level of effort and costs while accelerating the FedRAMP process.”
-Martin Rieger, Chief Solutions Officer for stackArmor.
Federal, state and local governments are using the cloud to provide better services for constituents, but need to address security risks, especially those associated with preventing breaches, detecting issues rapidly, and protecting personal information, said Shai Morag, CEO of Ermetic. Ermetic is embarking on the FedRAMP process to provide every level of government with a comprehensive solution for cloud native application protection.
Ben McGucken joined Ermetic from data security vendor BitGlass where he was AVP of Sales for South and Latin America. He has also served in senior sales roles with ExtraHop, Palo Alto Networks and Layer 3 Communications.
“Ermetic already supports AWS GovCloud and Azure for Government for customers that want to conduct proof of concept evaluations, As we move through the FedRAMP authorization process, government agencies can feel confident that the Ermetic platform is designed to meet the regulatory and compliance requirements they must comply with for cloud workloads.”
-Ben McGucken regional vice president of sales for US Federal and Latin America.
Ermetic helps prevent breaches by reducing the attack surface of cloud infrastructure and enforcing least privilege at scale in the most complex environments. The Ermetic SaaS platform provides comprehensive cloud security for AWS, Azure and GCP that spans both cloud infrastructure entitlements management (CIEM) and cloud security posture management (CSPM). The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra and Target Global.
Booz Allen | July 26, 2022
Booz Allen Hamilton (NYSE: BAH) announced today it has partnered with Acalvio Technologies to improve the nation’s cybersecurity operations with proactive defenses that will help government and commercial organizations build greater resilience in the face of an increasingly dynamic threat landscape. This partnership complements Booz Allen’s National Cyber strategy by adding cyber deception to the firm’s intelligence-grade tradecraft and full-spectrum capabilities.
Acalvio’s patented and award-winning Autonomous Deception product, ShadowPlex, the only advanced cyber deception product with FedRAMP certification, enables organizations to detect, investigate, and respond to malicious activity in information technology (IT) and operational technology (OT) environments across on-premises and cloud deployments. Together, Booz Allen and Acalvio will bring these sophisticated capabilities to government and commercial clients to combat advanced cybersecurity challenges, including advanced persistent threats (APT), ransomware, and insider threats. Key benefits of the partnership include:
Accelerated Threat Detection to Connect the Dots: With more than 5,000 cyber professionals with proven skillsets to support clients, Booz Allen cuts through the noise and connects across missions, sectors, and data silos to provide a comprehensive view of the threat landscape. Now, with Acalvio’s ShadowPlex, clients can better prioritize the endless number of alerts they receive with high-confidence alerts across identity management and cyber asset threats that are not always prevented by traditional sensor strategies. This approach reduces the attacker dwell time with early detection and increases security operations center efficiency with sophisticated investigation.
Adversarial Insights to Outpace the Competition: Backed by over 20 years of support across classified missions and commercial critical infrastructure sectors, Booz Allen uses a combination of reverse engineering, defensive technologies, predictive analytics, vulnerability assessments, proactive threat hunting, artificial intelligence (AI), and machine learning (ML) in preparation for adversaries. Now, this portfolio adds Acalvio’s patented Deception Farm architecture, a key differentiator for clients, to deploy deceptive artifacts—like fake hosts or “honeypots” —that act as tripwires to detect intruders to better understand their behaviors. Combined, these solutions allow for new and unique insights that can be quickly implemented to stop bad actors in their tracks.
Automated Deployments to Stay Ahead: Innovative solutions are only as good as their ability to rapidly integrate into the mission and quickly drive outcomes. Acalvio’s ShadowPlex automates and simplifies the configuration and deployment of deception artifacts, combining pre-defined playbooks with an AI-based recommendation system. With this partnership, Booz Allen will provide ready-to-deploy packaged solutions that automate service delivery to create scale, with lower cost, and greater mission impact.
“As cyber threats grow increasingly advanced, Booz Allen is committed to developing secure, trusted, and resilient strategies that enhance the nation’s cybersecurity posture, To outpace the adversary, it is imperative that government and commercial organizations better integrate and synchronize the way they conduct cyber offense and defense. Booz Allen’s partnership with Acalvio achieves this, using offensive insights to inform cyber defense and addressing current gaps in the marketplace. This innovative approach operationalizes insights in real time so we can evolve our solutions to keep pace with the cyber landscape.”
-Garrettson Blight, Director of National Cyber Solutions Booz Allen.
The strategic partnership adds cyber deception to Booz Allen’s multiple cyber-enabled platforms for OT, cloud security, 5G technology security, connected health, and weapons systems cybersecurity, and complements Booz Allen’s existing operational capabilities such as threat hunting, detection engineering, and zero trust.
“We are proud to partner with Booz Allen to deliver innovative and ready-to-deploy cyber deception capabilities for government and commercial clients, These offerings will empower government and commercial organizations to combat advanced cybersecurity challenges with solutions that deploy at speed and at scale in a fast-changing environment. With a combined focus on relentless innovation, this collaboration will allow clients to stay ahead of the competition and defend their most critical assets.”
-Ram Varadarajan, CEO and Co-founder of Acalvio Technologies.
With cross-sector mission understanding, battle-tested approaches, and ready-to-deploy solutions, Booz Allen is disrupting how the nation tackles cybersecurity and is taking a holistic approach to anticipate and solve the most complex cyber challenges. Learn more about Booz Allen’s vision for bolder cybersecurity strategy, operations, and solutions, and the firm’s long history of supporting U.S. government work in cyber defense and offense.
About Booz Allen Hamilton-
For more than 100 years, military, government, and business leaders have turned to Booz Allen Hamilton to solve their most complex problems. As a consulting firm with experts in analytics, digital solutions, engineering, and cyber, we help organizations transform. We are a key partner on some of the most innovative programs for governments worldwide and trusted by its most sensitive agencies. We work shoulder-to-shoulder with clients, using a mission-first approach to choose the right strategy and technology to help them realize their vision.
Memorial Hermann Health System | July 12, 2022
Accorian, today announced it has joined Civitas Networks for Health, the largest national network of its kind. Civitas is comprised of member organizations working to use health information exchange, health data, and multi-stakeholder, cross-sector approaches to improve health.
Accorian is a leader in providing cybersecurity and compliance services, with a special focus on the healthcare and health technology industry. We work with our clients reduce their security risks and assist companies of all sizes achieve their necessary cybersecurity compliance(s). As an external HITRUST assessor firm, we have helped companies achieve HITRUST certification along with SOC 2 and ISO certifications.
"With Accorian's focus on heath, becoming a member of Civitas allows us to further that focus with the health collaboratives. We hope to continue working with HIEs to strengthen their security and compliance posture."
-Premal Parikh CEO ACCORIAN.
Civitas Networks for Health is excited to have Accorian join our national network, said Civitas CEO Lisa Bari. We are raising the voices of local health collaboratives and those providing critical services to support health transformation. From the secure exchange of life-saving data to the accountability of multi-stakeholder initiatives, our member organizations have built the most trusted, connected, and inventive programs to serve their communities.
Accorian is full-service cybersecurity and compliance firm that helps its clients with both security AND compliance. Accorian's clients range from start-ups to fortune 100 firms. Founded in 2019, Accorian is an external HITRUST assessor and a PCI ASV. To learn more about Accorian please visit www.accorian.com
About Civitas Networks for Health-
Civitas Networks for Health is a mission- and member-driven organization dedicated to using health information exchange, health data and multi-stakeholder, cross-sector approaches to improve health. It was formed in October 2021 with the affiliation of the Strategic Health Information Exchange Collaborative (SHIEC) and the Network for Regional Healthcare Improvement (NRHI). Civitas Networks for Health counts more than one hundred regional and statewide health information exchanges (HIEs), regional health improvement collaboratives (RHICs), quality improvement organizations (QIOs) and all-payer claims databases (APCDs) as well as more than 50 affiliated organizations as members and reaches approximately 95 percent of the United States population.