Argon, a new security startup securing the modern software delivery process, emerges from stealth mode as the first unified security solution that protects all stages of the continuous integration/continuous delivery (CI/CD) pipeline and ensures the integrity of the software development lifecycle (SDLC). “The massive effect of the SolarWinds’ IT management software breach that began when hackers compromised one of its software updates, signalled the birth of a new cyberattack surface that organisations are not equipped to defend,” said Eilon Elhadad, CEO, Argon. Strong security posture “Our solution provides full visibility into the development environment and protects our customers from bad actors who seek to plant malicious code or tamper with the native behaviour and uptime of the applications.” Automated software delivery through a CI/CD pipeline process offers application developers a fast and efficient way to develop, build, test, and deploy new software. The CI/CD pipelines use a series of cloud and hosted services and open-source tools which open the organisation’s network to new environments where the source code is copied, moved, and shared. Maintaining a strong security posture in a cloud-native environment requires security and DevOps personnel to have full visibility over the entire environment to mitigate risk. Code-tampering detection technology Argon seamlessly connects to the existing CI/CD pipelines via an agentless implementation and instantly maps the development environment, assets, and user activities. The solution prioritises and automates remediation of alerts according to security best practices and compliance rules, ensuring zero trust deployment. Argon’s code-tampering detection technology performs validity checks on every step of the CI/CD process to confirm no tampering has occurred. “The way companies release software has evolved from a manual, controlled, and timed process to one that is fully automated, distributed, and complex,” said Eylam Milner, CTO, Argon. “Vendors deploy new code on a daily basis, and it’s irrational for them to expect their DevOps and security teams to protect their release pipelines without a dedicated solution.” Accelerating development processes Elhadad and Milner are both former leaders of security and engineering teams in the Israeli military. Eran Orzel, Chief Revenue Officer (CRO) has over 20 years of experience in sales leadership roles in cybersecurity and enterprise software. Prior to joining Argon, Eran held several roles at Check Point Software Technologies, most recently as the Global Head of Strategic Sales and Partnerships where he led and played a significant role in the rapid growth of Check Point’s major business growth engines. “Companies are accelerating the development processes using DevOps pipeline infrastructures and the trend is at its peak,” said Orzel. “Consequently, the threats are growing stronger than ever, with dozens of incidents from code theft to code manipulation in the last six months alone.” Argon is launching with 15 employees after raising more than $4 million (USD) in initial funding led by Hyperwise Ventures. Software-driven companies “Bad actors are exploiting new weaknesses in the modern software delivery pipeline to gain access, leak data, and tamper with the product’s source code,” said Nathan Shuchami, Managing partner at Hyperwise Ventures. “Argon has developed an innovative solution that software-driven companies need in order to block those attacks and secure their customers and products.” Several high-profile cybersecurity angel investors have joined Hyperwise Ventures, including Shlomo Kramer, the founder of Check Point, Imperva, and Cato Networks; Zohar Alon, Founder of Dome9; Giora Yaron, chairman of Amdocs Technology Committee; Avery More, managing partner of ORR Partners; and Harel Kodesh, a former partner at Silver Lake.
Check Point has extended the capabilities of its CloudGuard cloud security platform to support Kubernetes computing services, including Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS). CloudGuard also delivers additional security capabilities for Amazon Web Services (AWS) Serverless computing solutions, including AWS Lambda and related services like AWS Fargate, Amazon API Gateway, Amazon DynamoDB, and Amazon Kinesis. The announcement further delivers on Check Point’s vision of ensuring consistent security for any enterprise workload in any cloud. Fastest-growing extended cloud service Serverless is the fastest-growing extended cloud service, with 50% growth over 2018. In a 2019 survey, 87% of respondents were running container technologies, a number up from 55% in 2017. However, rapid adoption of these technologies creates challenges for organisations in gaining visibility of, and enforcing, consistent security and compliance across their cloud deployments. This increases the risk of misconfigurations and security holes, which expose organisations to the risk of data breaches and cyber-attacks. This new functionality complements CloudGuard’s existing ability to secure traffic between Kubernetes With CloudGuard, customers can ensure that their Kubernetes configurations continuously comply with established container security baselines such as CIS Kubernetes Benchmarks or NIST 800-190. This new functionality complements CloudGuard’s existing ability to secure traffic between Kubernetes, and on premise or cloud assets using IPsec VPN. Delivering powerful CSPM capabilities CloudGuard’s new Serverless Code Scanning feature detects, alerts-on and remediates security and compliance risks in a Serverless environment. “No matter which cloud resources organisations choose, it’s critical that they have complete visibility and control over them to meet Cloud Security Posture Management (CSPM) and compliance demands,” said Zohar Alon, Head of Cloud Products at Check Point. “These enhancements to CloudGuard deliver powerful CSPM capabilities across enterprises’ entire cloud deployments, continuously analysing, detecting any misconfigurations or security issues, and remediating them. This ensures organisations can fully exploit the cloud’s agility without compromising their security posture.”
Cloud-based access control and occupancy management to safeguard workplacesDownload
Wireless Access Control eBookDownload
How security systems ensure healthy workplaces during COVID and afterDownload
How are AI and analytics changing physical security, and what should we expect next?Download