Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today I’m excited to share the latest milestone in our growing partner ecosystem: Vanta has joined the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program. ‍ The AWS ISV Accelerate Program is a co-sell program for AWS Partners who provide software solutions that run on or integrate with AWS. Vanta’s acceptance into the program enables us to work in close collaboration with the AWS sales team to meet customer needs and provide better outcomes. ‍

Microsoft 365 (formerly Office 365) is a Software-as-a-Service (SaaS) that offers a cloud-based version of its popular software productivity suite, including MS Word, Excel, PowerPoint, Outlook, and OneNote. In contrast, Azure Active Directory (Azure AD) is an Infrastructure-as-a-Service (IaaS) that offers a cloud-based version of Active Directory to control identity management and access to virtual resources across an organization.

SIM swapping is when a cybercriminal impersonates someone in order to convince a mobile carrier to activate a new SIM card. These bad actors use social engineering tactics, claiming “their phone” was supposedly lost, stolen or damaged, when in reality, it was never their phone to begin with. When a cybercriminal successfully SIM swaps, they can more easily steal someone’s identity because they can now receive their text messages and phone calls.

Not long after impressing Microsoft 365 customers with the recent Microsoft 365 Copilot announcement, Microsoft have launched another AI-powered Copilot product. This time with a whole new set of possibilities – introducing Microsoft Security Copilot.

Today, we’re announcing the ability to build APIs with Tines. Now you can create powerful workflows by connecting more tools and processes together - all without any code at all.

The Verge came out with an article that got my attention. As artificial intelligence continues to advance at an unprecedented pace, the potential for its misuse in the realm of information security grows in parallel. A recent experiment by data scientist Izzy Miller shows another angle. Miller managed to clone his best friends' group chat using AI, downloading 500,000 messages from a seven-year-long group chat, and training an AI language model to replicate his friends' conversations.

When was the last time your organization conducted an API security assessment? And did you have the framework and resources to do so? Now more than ever, companies need to know where their APIs are vulnerable to malicious actors. Check out the API Penetration Testing checklist, which outlines how to conduct an effective API security assessment for your organization.

We’re pleased to share that Salt has extended the capabilities of our powerful AI algorithms, further strengthening the threat detection and API discovery abilities of the Salt Security API Protection Platform. (Check out today’s announcement.) Here at Salt, we always look forward to the RSA Conference, but this year we are doubly excited to attend and showcase these new advanced capabilities! Salt invests significant resources into the continued innovation of our API security platform.

One of the guiding principles for organisations, whether they are major corporations or small firms, is to ensure compliance. Enforcing compliance helps organisations to adhere to fraud prevention guidelines, identify rule infractions, and shield a corporation from unwarranted penalties and legal action. PAN verification is one such crucial process before onboarding consumers, clients, and third parties in order to remain compliant and within the law.

The terms unified and integrated are often used interchangeably in the software world. However, security leaders must understand the differences between deeply unified and API-based integrated platforms within an organization and how they can significantly impact everything from cost to efficiency. First, it is essential to define the terms.