That is especially true if that provider is part of an unstoppable trend of cloud, software-as-a-service or cybersecurity providers taking on the responsibility of handling and safeguarding its customer’s data. Without those internal controls over a cloud-based technology that is being handled in a vendor’s environment, trust is now more important than ever.

Offloading that responsibility to a technology and putting them in the position to make critical business decisions for your organization should require a high level of trust. IT buyers should ensure that not only are the right security practices in place at the prospective vendor, but that they also have the resources and the right philosophy when it comes to customer data, says Robb Reck, a security professional currently working to uphold standards of trust and transparency as the chief trust officer at managed detection and response provider Red Canary.

“All of those questions should work to determine if the technology vendor is a trustworthy partner or not,” Reck says.

Positions such as Reck’s are typically security or risk management initiatives from leadership that go beyond the scope of a typical security program and look critically at the company’s transparency with customers.

A chief trust officer defines how the software vendor talks to customers about security issues, including proactively bringing issues to customers, oftentimes before they even know about it.

Can you trust your technology vendor?

According to Reck, technology providers are trustworthy when they follow two simple rules: fulfilling their promises and being proactively transparent.

“You probably learn this at age 2—the idea of doing what you said you were going to do and saying what you’re going to do. Telling a customer what is coming and delivering that thing over and over again is a way to earn an awful lot of trust,” Reck says. “When you become predictable, you become trustworthy.”

Equally as important when selecting a technology vendor is their track record when it comes to transparency, and not just being honest when asked about security incidents. For example, a vendor should tell its customers about a security incident that went unnoticed, even if it could have gotten away without any negative press.

Reck used the analogy of borrowing a friend’s car, getting in a minor fender-bender, and not telling the owner.

“Am I willing to be the person who proactively tells the truth and apologizes and explains how they’re going to make it better? In the future, you know I’m not going to lie to you.”

Another key pillar of trust is around aligned incentives of the software vendor and customer that prioritize positive outcomes rather than just business transactions.

“If they’re making money on me all the way until I go bankrupt, I don’t feel like that’s a very good partnership,” Reck says. “Finding ways that you can align incentives between the provider and customer is a big part of it.”

Cloud, SaaS providers and trust

While cybersecurity providers may top the list of tech companies that should be trustworthy, organizations consuming any software-as-a-service (SaaS) and other cloud-based deployments of their enterprise technologies should demand a higher level of transparency and trust.

With data storage and management shifting from on-premises and an organization’s own data center to the cloud, organizations are essentially trusting the control of their data, infrastructure and services to an outsider. Before, the enterprises themselves were their own backstop and were able to make changes, and evaluate how the software was running.

Customers of security providers like Red Canary—that monitor telemetry and essentially decide what behavior to ignore and what behavior warrants an alert and investigation—have to trust that the software is both made well by the vendor and that is running well, and that any human interaction is not costing them downtime.

With that in mind, a wide range of cloud-based technologies should be looked at from this angle, including customer relationship management tools and enterprise resource planning (ERP) software.

Warning signs

According to Reck, these are several warning signs that indicate a software vendor is not transparent or trustworthy.

Downplaying the incident in first communications about an incident

Those first few messages about a security incident need to clearly outline what is known and what is not known. Too often software vendors will say only a certain portion of customers are affected, only to later revise that to a larger number and undermine the trust their customers place in them.

No transparency about any security incidents

Every company has security incidents, so a lack of disclosures should be alarming—regardless of how insignificant the incident is. Reck provided one example from his experience at Red Canary in which a customer stopped sending the firm its telemetry to be monitored for threats for about 12 hours. Once the company noticed the issue and fixed it, it combed through the data to make sure nothing malicious was missed. After that, the company had a brief internal conversation about informing the customer, and it quickly decided that the customer should know, even though nothing bad happened during those 12 hours.

“I see each of those opportunities as a way to not only build trust with our customers … but also to build that internal understanding of what it means to be a trustworthy company,” Reck says.

No status page

Public-facing resources or information detailing the status of services are the low-hanging fruit of any technology vendor’s transparency.

Government-mandated transparency

This level of transparency is now being required by certain agencies in the U.S. government, including the SEC, which has proposed new rules that would require publicly traded organizations—which include many leading software providers—to report about material cybersecurity incidents and provide updates about previously reported incidents.

In addition, organizations would be required to detail their security policies and procedures to identify and manage cybersecurity risks, per the proposals.

As a result of President Joe Biden’s Executive Order on cybersecurity, software providers will be required to be more proactively transparent about the security of their products and their own environment, including a software bill of materials that details the different components in a piece of software.

In a recent blog, Brookings Institution notes that the recent RSA Conference highlighted offerings to secure the supply chain and increase vendor transparency, with many referencing the Executive Order.  The Institute calls Biden’s decree a “set of goals” designed to create a transparent marketplace for technology and security tools.

“The creation of a transparent market for software and provision of information for operators and purchasers leverages the greatest competitive advantage of the United States: the rule of law required to support a trustworthy marketplace,” the research group wrote.

The post How to Vet a Vendor’s Transparency and Trustworthiness appeared first on My TechDecisions.

According to the company, the Linux EDR and MDR solution will help organizations better protect their Linux environments, which can be difficult to secure. The solution leverages Linux-optimized technology developed by the company’s engineers, analysts, researchers and customer support.

Red Canary says the solution is dedicated to Linux infrastructure and production environments with a lightweight agent designed from the ground up to support most Linux distributions while using minimal resources.

This is a departure from other Linux security solutions, which Red Canary says can be disruptive because they are first designed for Windows or Mac agents and were adapted for Linux. Those can impact system performance, business and customers, according to the company.

The solution features a lightweight sensor that “operates entirely in userland, avoiding kernel modules, hooking, or code injection,” which Red Canary says can lead to system instability, kernel panics and system crashes.

Customer portals provide transparent sensor performance to give customers and stakeholders confidence they need when deploying to business-critical systems, Red Canary says in a blog.

The company says its telemetry collection and threat detection capabilities exceed industry standards, with features such as behavioral detection, rootkit identification, fileless malware detection and more.

The solution supports a wide range of Linux distributions, versions and kernels, as well as the latest container and container orchestration technologies, such as Kubernetes and Docker, giving customers the viability and detection outcomes for ephemeral or long-lived workloads, according to Red Canary.

The company also boasts a support team that is available 24/7 for general security advice or questions, and customers can also communicate via Slack.

The post Red Canary Announces Linux-First EDR, MDR Solution appeared first on My TechDecisions.

According to the company, the new threat investigation and active remediation features are designed to help customers investigate, triage and respond to threats, especially for smaller companies that lack the resources to staff in-house around-the-clock threat response.

The company says the new capabilities come after incidents like the Kaseya ransomware attack and the Log4J bugs have magnified the need for better monitoring, detection and remediation across the enterprise.

According to Red Canary, these new offerings help give the company’s solutions a more comprehensive and deeper level of threat detection and response. The firm claims its solutions detect five times as many confirmed threats as other security solutions and reduces false positives over 99%.

The company says its managed detection and response (MDR) capabilities are extending beyond the endpoint to protect enterprise endpoints, cloud workloads, network, identity and SaaS applications, with new threat investigation features that ingest alerts from security solutions in customers’ security stacks, in addition to Red Canary’s threat detection tools.

From there, the company’s threat detection experts conduct the investigations for the customer, prioritizing alerts to direct customers to the threats that matter most, Red Canary says in a press release.

The company also released Active Remediation, a new 24/7 hands-on-keyboard threat response offering, designed for smaller companies without in-house security expertise to respond to threats.

Brian Beyer, co-founder and CEO of Red Canary, says the firms’ competitors prioritize alerts triaged by a security expert, but that’s it.

“For us, it’s just the tip of the iceberg,” Beyer said in a statement. “Red Canary monitors customers’ environments around the clock and makes experts available 24/7 to detect and respond to threats across endpoint, cloud, network and SaaS apps. We believe customers deserve the best possible security, and we’re proud to be an ally in the fight.”

The company also launched Red Canary Partner Connect, a new partner program designed to arm partners with cybersecurity tools. Partners include solution providers, MSSPs, insurance firms and other technology partners.

The post Red Canary Adds 24/7 Remediation, Protection Features appeared first on My TechDecisions.