prnewswire | May 22, 2023
EncompaaS LLC, a leading SaaS provider of data governance and analytics solutions, announced a reseller and professional services partnership with Forefront Technologies, a technology solutions provider based in Burlington, North Carolina. This new partnership will bring data discovery, governance and analytics solutions to Forefront's portfolio of offering to clients around the world.
With this partnership, Forefront Technologies will now be able to offer EncompaaS competencies in data discovery and classification, governance, and analytics to clients seeking to understand and utilize their corporate data for better business outcomes. Massive growth of data across the corporate environment, in structured, semi structured and unstructured formats, has paralyzed most organizations' ability to understand and derive insight from the information they create. The EncompaaS platform provides a unified solution that enables businesses to gain value from their information and improve efficiency.
"We are thrilled to partner with Forefront Technologies and bring our competencies to Forefront's client base," said Jesse Todd, CEO of EncompaaS. "Forefront's deep expertise in delivering technology solutions to businesses in the region makes them an ideal partner for us. Together, we will provide clients with the capabilities they need to understand, govern and gain insights into the large data sets they manage."
"We are excited to partner with EncompaaS to provide our clients with best-in-class data discovery and analytics solutions," said Randall Smith, Vice President of Sales at Forefront Technologies. "As more and more businesses struggle with understanding and managing their data, the need for comprehensive data governance and analytics solutions has never been greater. The EncompaaS platform will add to our information governance portfolio to enable our clients to maximize the value of their information."
About EncompaaS LLC: EncompaaS LLC is a leading provider of data discovery, governance and analytics solutions, enabling businesses to govern, secure, and optimize their information environments. The EncompaaS platform provides a unified solution for managing and analyzing information on premises and in multi-cloud environments, enabling businesses to derive better business outcomes and improve efficiency.
About EncompaaS LLC
EncompaaS LLC is a leading provider of data discovery, governance and analytics solutions, enabling businesses to govern, secure, and optimize their information environments. The EncompaaS platform provides a unified solution for managing and analyzing information on premises and in multi-cloud environments, enabling businesses to derive better business outcomes and improve efficiency.
Businesswire | May 30, 2023
Tidelift, a provider of solutions for improving the security and resilience of the open source software powering modern applications, today announced that it has been awarded three U.S. government contracts worth over $3.5 million, and is expanding its public sector organization in response to increased demand for innovative solutions that help the U.S. government improve its cybersecurity supply chain risk management (C-SCRM) capabilities.
High-profile software supply chain vulnerabilities including Log4Shell and SolarWinds have dramatically increased attention on the need for improved software security, both in the public sector and beyond. In the U.S., this effort began in May, 2021 with White House Executive Order 14028: Improving the Nation’s Cybersecurity, and since then a variety of policy and legislative initiatives around cybersecurity have gained traction.
In September, 2022, the U.S. government’s Office of Management and Budget released memorandum M-22-18 on Enhancing the Security of the Software Supply Chain through Secure Software Development Practices. M-22-18 formalizes the guidance provided in the NIST Secure Software Development Framework and NIST Software Supply Chain Security Guidance documents as the government requirements for developing secure software, and mandates federal government agencies comply with these guidelines.
This memorandum sets aggressive deadlines for compliance with specific dates for both government agencies and organizations selling software to the government to comply with NIST guidelines. Among other stipulations, it requires that any organization selling software to the government must self-attest that their software is compliant with the NIST SSDF by June 2023 for critical software or by September 2023 for all other software.
More recently, the National Cybersecurity Strategy sets a new precedent for software security liability, with the government intending to hold software producers liable for damages caused by preventable security vulnerabilities and offer liability protections to organizations that can show they follow secure software development practices.
Tidelift awarded three U.S. government contracts worth over $3.5 million
In addition to efforts like those mentioned above, the U.S. government is increasingly investing directly in improving open source software security. Tidelift was recently awarded three separate innovation research awards as part of the U.S. government SBIR program. The SBIR program is designed to help U.S.-based businesses invest in their technical potential, while stimulating technology innovation and meeting specific research and development needs.
Through these SBIR Phase II awards, Tidelift is working with the Department of the Air Force and the Defense Advanced Research Projects Agency (DARPA) to help spur innovation in the systems and processes the U.S. government uses to improve open source software security and cybersecurity supply chain risk management. This investment will help Tidelift expand its industry-leading open source software management solution, including increasing its ability to partner with even more open source maintainers to validate their components meet important security, maintenance, and licensing standards required by government and industry users, and pay these maintainers for this critical work.
It will also help the U.S. government better address the requirements and deadlines emerging from Executive Order 14028, memorandum M-22-18, and the NIST Secure Software Development Framework, especially when it comes to the open source components in use in government applications. Tidelift is also helping address new requirements around software bills of materials (SBOMs) that U.S. government agencies are beginning to understand, interpret, plan for, and deploy. Along with Tidelift producing an SBOM from every application build, the company is actively working upstream with open source maintainers to validate and improve security, maintenance, and licensing metadata for their projects and capture this data using the TACOS (Trusted Attestation and Compliance for Open Source) attestation framework.
"The United States Air Force, and the Government as a whole, are among the largest consumers of open source software. With the increasing requirements around Software Supply Chain Risk Management (SCRM) and Software Bills of Materials (SBOM) initiatives, we are excited to partner with Tidelift to enhance cybersecurity resilience outcomes for open source software dependencies that support our most critical work," said Robert "Devo" DeVincent, Chief Software Officer, Air Force 309th Software Engineering Group.
Tidelift expands public sector organization to meet growing demand
Tidelift has named Matthew Arnow, a long-time veteran of Tidelift, to lead the newly expanded public sector team. Matthew heads up the team with extensive experience working with government and public sector clients.
“Tidelift looks forward to working more closely with our government and public sector customers and prospects to improve the resilience of our mission-critical open source infrastructure,” said Matthew Arnow, head of public sector for Tidelift. “Our unique approach of working directly with the maintainers behind thousands of important open source projects will help public sector customers comply with U.S. government security directives and meet necessary government and industry standards.”
Tidelift partners with Carahsoft to support public sector expansion
Tidelift has also partnered with Carahsoft, the leading government reseller partner, to help more quickly and effectively address the number of large public sector opportunities.
“Over the past year, we’ve seen increased demand from our customers for solutions that help improve open source software security and supply chain resilience,” said Natalie Gregory, vice president, Carahsoft. “We look forward to working with Tidelift and our reseller partners to deliver open source software supply chain risk management solutions to our government customers.”
Tidelift, a 2022 Gartner Cool Vendor, helps organizations effectively manage the open source behind modern applications. Through the Tidelift Subscription, the company delivers the tools, data, and strategies powering an inclusive and organization-wide approach to improving the health and security of the open source software supply chain. Tidelift enables organizations to move fast and stay safe when building applications with open source, so they can create more incredible software, even faster. https://tidelift.com/
EMERGING TECHNOLOGY, CYBERSECURITY
Prnewswire | April 18, 2023
Ontinue, a leading managed detection and response (MDR) provider and winner of the 2022 Microsoft Security MSSP Partner of the Year award, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced a partnership. Under the agreement, Carahsoft will serve as Ontinue's Master Government Aggregator®, making the Ontinue ION managed extended detection and response (MXDR) service available to the Public Sector through Carahsoft's reseller partners, National Cooperative Purchasing Alliance (NCPA) and OMNIA Partners contracts.
The Public Sector in the U.S. has been a prime target for cyber criminals. More than 2,300 Local Governments, schools and Healthcare providers were victims of ransomware in 2021. Contributing to the success of these bad actors is the ongoing shortage of cybersecurity professionals, which has prevented many organizations from fully staffing their security operations.
"We are excited to partner with Carahsoft and its resellers and systems integrators to address the most complex security needs of Government agencies, Educational institutions and Healthcare providers," said Chris Raniere, Chief Revenue Officer for Ontinue. "This partnership with Carahsoft will make ION MXDR available to these organizations, which struggle to protect themselves with understaffed security teams. MXDR is an ideal solution for these organizations, combining 24/7 monitoring and rapid responsiveness to detect and contain threats early in the cyber kill chain."
"The addition of Ontinue's MXDR service to Carahsoft's portfolio provides Public Sector organizations with an award-winning solution to meet their critical security requirements," said Tiffany Goddard, Sales Director who leads the Ontinue Team at Carahsoft. "Working together with Ontinue and our reseller partners, we can help these organizations improve their cybersecurity posture to counter ransomware and other serious threats. In addition to helping customers maximize their existing Microsoft security investments, our joint efforts will also drive further Azure consumption."
Ontinue ION sets the new standard for MXDR services. It uniquely delivers Nonstop SecOps with 24/7, always-on protection while increasing overall security program maturity, efficacy and scalability. The ION service brings together the cloud-native ION platform and the ION Cyber Defense Center, a 24/7 globally distributed security operation staffed by experts including the company's teams of Cyber Advisors and Cyber Defenders. The ION platform integrates advanced automation and real-time collaboration capabilities from the recent acquisition of Tiberium, a highly automated managed security services provider based on Microsoft security solutions. These capabilities power several innovations that elevate ION over other MXDR services.
Ontinue's ION MXDR service is available through Carahsoft's NCPA Contract NCPA01-86 and OMNIA Partners Contract #R191902. For more information, contact the Ontinue team at Carahsoft at (888) 662-2724 or MicrosoftISV@carahsoft.com.
The dedicated Cybersecurity team at Carahsoft specializes in providing Federal, State and Local Government agencies and Education and Healthcare organizations with security solutions to safeguard their cyber ecosystem. To learn more about Carahsoft's Cybersecurity solutions, visit www.carahsoft.com/solve/cybersecurity.
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com.
Ontinue is on a mission to be the most trusted, 24/7, always-on security partner that empowers customers to embrace the future by operating more strategically and with less risk. Grounded in an intelligent, cloud-delivered SecOps platform, Ontinue offers superior protection that goes well beyond basic detection and response services.