Biz Builder Mike

You can't sail Today's boat on Yesterdays wind - Michael Noel

integration

Zimperium and Ping Identity Extend Zero Trust Controls to the Most Vulnerable Endpoint: Mobile


Integration of Zimperium’s mobile device risk attestation into the PingFederate platform enables real-time Zero Trust authorizations and access to corporate resources

Zimperium is excited to announce a partnership with Ping Identity, enhancing Zero Trust architectures by delivering comprehensive mobile risk posture data to enable joint customers to implement more robust controls and policies to provide end-users with clear, actionable alerts directing them to resolve security or compliance issues. With the real-time mobile threat detection, notification, and response from Zimperium and the PingFederate architecture and enterprise workflows, security teams can ensure mobile endpoint coverage is an integral part of their Zero Trust security posture.

The established perimeters around corporate devices have faded away, replaced by an ever-mobile distributed workforce with global access into enterprise assets. Increased connectivity and data availability enable organizations to grow and evolve beyond a physical location’s confines while minimizing the friction an employee would typically experience in this new, spread-out workspace. For enterprises to securely enable employees to access the data they need on the devices they use the most, Zero Trust must be enabled with advanced mobile threat defense.

Ping Identity, the Intelligent Identity solution for the enterprise, believes zero trust technology is essential to securing business and consumers in an increasingly connected world. And Zimperium’s integration into the PingFederate platform provides joint customers with enhanced controls, addressing the mobile device’s security posture by providing the granular telemetry data back to the Ping Identity Zero Trust architecture.

Using Zimperium’s patented on-device, machine learning-based mobile security technology, the integration enhances Ping Identity’s existing mobile endpoint identity management and access controls. Joint customers will be protected against targeted mobile risks and attacks and will immediately experience the benefits of enhanced Zero Trust capabilities and workflows, such as:

  • Broadest range of mobile risk and threat-based detection in the industry;
  • Real-time conditional access across all mobile devices and accounts across a broad range of apps and services;
  • Direct user feedback on detected risks within the protected app (where applicable)
  • Defined access policies best suited for the environment; and
  • Reduced attack surface through mobile endpoint access and authorization controls.

“Due to the rise in distributed work and bring your own device policies, the average enterprise is not securing 60% of the connected devices in their network – mobile endpoints,’ said Jon Paterson, CTO of Zimperium. “The integration between Zimperium and Ping Identity not only brings those devices into the security fold, but it also enhances mobile Zero Trust controls, minimizing mobile risks and attack surfaces.”

This integration between Zimperium and Ping Identity enables enterprises to evolve and scale without sacrificing their security posture. By enhancing existing mobile endpoint identity management and access tools, security operations teams can understand their whole risk posture and raise their mobile security confidence on managed and unmanaged mobile devices.

“Identity is the new perimeter that enterprises need to secure, and the best way to effectively do that is to leverage a zero trust approach that unifies mobile threat defense with strong authentication,” said Loren Russon, vice president of product management at Ping Identity. “Our integration with Zimperium will make zero trust implementation easy for security teams to deliver a more seamless and secure user experience.”

For More Information

Attend our webinar on April 29th at 11am EDT to see a how Zimperium enhances Zero Trust architecture on mobile endpoints.

About Zimperium

Zimperium, the global leader in mobile security, offers the only real-time, on-device, machine learning-based protection against Android, iOS and Chromebooks threats. Powered by z9, Zimperium provides protection against device, network, phishing and malicious app attacks. For more information, visit www.zimperium.com.

Previous Zimperium Mobile Security Blog PostPrevious Zimperium Mobile Security Blog Post Android Trojans Infect APKPure and Huawei App Stores

Zimperium and Ping Identity Extend Zero Trust Controls to the Most Vulnerable Endpoint: Mobile

Source

Gartner 2021 Market Guide for Mobile Threat Defense

Gartner 2021 Market Guide for Mobile Threat DefenseGartner 2021 Market Guide for Mobile Threat Defense

“Security and risk management leaders who need to strengthen their mobile security posture should adopt MTD products to improve their overall security hygiene.” – Gartner

Gartner recently published the 2021 Market Guide for Mobile Threat Defense report, and the analyst firm continued to highlight the importance of enterprise adoption of Mobile Threat Defense (MTD) solutions for the evolving workforce. Zimperium is once again recognized by Gartner as a Representative Vendor, providing an advanced MTD solution to organizations of all sizes and bringing security confidence to mobile endpoints.

You can read Gartner’s 2021 Marketing Guide for Mobile Threat Defense here.

The past year has proven that as mobile endpoints continue to be part of the larger, evolving attack surface, the number of threats against them continues to rise as well. And as mobile continues to be adopted into everyday workflows, the avenues of attack will continue to be shown. The mobile endpoint’s security posture connected to corporate networks, both managed and unmanaged, needs to be addressed early on to avoid any of these devices becoming the starting point for a much larger security incident.

“MTD products not only prevent attacks but also detect and remediate them. MTD focuses on identifying and thwarting malicious threats, rather than relying on device management configuration to protect against simple user mistakes.” – Gartner

Mobile Devices Supporting Zero Trust

The last year also saw enterprises adopting more advanced security architectures, with many focusing on zero trust architectures. But as they address security gaps with various security technologies, they must also normalize mobile device security. Properly configured and integrated, advanced MTD solutions can enhance existing zero trust controls by providing mobile device risk attestation. 

“Emerging use cases envisage MTD as a component of zero-trust network access (ZTNA) architecture and of an extended detection and response (XDR) system for detection and response, which can serve as a pilot for unified endpoint security. This is in addition to the use of MTD for mobile phishing protection.” – Gartner

Mobile Forensics in XDR

According to the Market Guide for Mobile Threat Defense, enterprises need to adopt mobile defense solutions into their security stack supporting their zero trust architectures and extended detection and response (XDR) technologies. And as organizations continue to evolve with both remote and distributed workforce policies, so must their cyber hygiene and security mindset.

This integration and extended security capabilities are vital to shoring defenses for enterprises evolving from EPP to XDR security solutions. Advanced MTD solutions provide the features, workflow, and capability that complement XDR capabilities on mobile devices.

UEM & SIEM Integrations

Gartner also highlights the importance of UEM and SIEM integrations with the rise in MTD deployments, integrating as seamlessly as possible into existing security workflows. While EPP vendors are deploying lightweight mobile security applications, they often do not have the capabilities, strengths, and maturities to match existing MTD solutions’ effectiveness. Integration into existing systems, from UEM to EPP dashboards, is key to providing effective mobile security outcomes for security and IT teams. 

“[Enterprises should] integrate MTD with incumbent unified endpoint management (UEM) tools. They should favor the app-based option and leave proxy-based deployment for corporate-owned business-only (COBO) scenarios.” – Gartner

“Usage of an MTD solution on top should aim not only to address advanced malicious threats but also to improve enterprise security hygiene.” – Gartner

Case for Purpose-Built Applications

IT and security leaders responsible for their enterprise’s mobile endpoint security should be aware that purpose-built mobile security applications are designed to do more than prevent attacks and bring a whole host of other advanced security features to the mobile devices. Zimperium zIPS, for example, is a hybrid machine learning endpoint application, providing both online and offline protection against phishing attempts, misconfigurations, malicious applications, and more across iOS, Android, and Chromebook devices.

“At the device level, the ability to assess postures, such as OS version, security updates, system parameters, device configuration, firmware and system libraries, to identify security misconfigurations, device vulnerabilities, and suspicious or malicious activity. For example, MTD tools can check for modification of system libraries and configurations, as well as for privilege escalation, such as a jailbreak or rooting.” – Gartner

And while legacy mobile security tools do exist, they lack the advanced approach to mobile endpoint security necessary to keep up with modern-day threats.

“[W]e see no value in adopting antivirus solutions that do not provide behavioral anomaly prevention and detection, as the underlying mobile platforms already perform signature-based scans to look for malware.” – Gartner

As enterprises of all sizes evolve their security posture and workforce in unison, the priority to adopt advanced mobile threat defense toolsets like Zimperium continues to rise among security and IT leaders. The only way enterprises can shore up their zero trust to XDR architecture and gather the data they need to make informed decisions with their UEM and SIEM, is with advanced mobile endpoint device security.

What Now?

If you want to learn more about how Zimperium can help secure your devices and apps in all the frequent use cases and more, please contact us for a free mobile risk assessment and security consultation

1 Gartner, Market Guide for Mobile Threat Defense, 29 March 2021. Dionisio Zumerle, Rob Smith.
Document ID: G00736793
Gartner Disclaimer

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from https://get.zimperium.com/gartner-market-guide-for-mtd-2021/

Previous Zimperium Mobile Security Blog PostPrevious Zimperium Mobile Security Blog Post Zimperium Collaborates with Oracle to Provide Mission Critical Mobile Security to Customers

Gartner 2021 Market Guide for Mobile Threat Defense

Source

PancakeSwap (CAKE) aims to take a slice out of Uniswap’s DeFi dominance

Decentralized finance has taken a back seat to nonfungible tokens over the past month but this hasn’t stopped the top DeFi projects from developing and strategizing how to grow their ecosystems and market share. 

One project that has outperformed the field as of late is PancakeSwap (CAKE), the Binance Smart Chain-based automated market maker (AMM) that allows users to exchange tokens and earn a portion of fees through yield farming.

Monthly trading volume on PancakeSwap. Source: Delphi Digital

According to a recent report from Delphi Digital, several factors have played a significant role in helping the PancakeSwap ecosystem grow in recent months and analysts predict that the protocol will continue to be a serious competitor to Uniswap.

Users flee high Ethereum fees

Anyone who has tried to transact on the Ethereum (ETH) network in 2021 will have noticed the astronomical rise in gas fees which has been compounded by the rising price of Ether. 

Average Ethereum gas fee. Source: Etherscan

If you compare this chart of the average gas fees on Etherum with the chart above detailing the monthly trading volume on PancakeSwap, a correlation can be seen between higher fees and more activity on the DeFi platform.

While Ethereum fees were ballooning, Binance Smart Chain (BSC) emerged as a viable option thanks to numerous cross-chain bridges and low transaction costs. PancakeSwap is the largest, most established DEX on the BSC thus it benefits from the influx of users and Binance’s large user base.

Delphi Digital analysts identified Binance’s immense ecosystem as another major factor providing a boost for CAKE as its “vast network effect” comes from being the “biggest crypto exchange that’s typically the first choice for retail traders.”

Prospective users can gain access to the BSC by simply withdrawing their tokens from Binance to a BSC-supported wallet.

PancakeSwap could be a ‘perpetual vampire’

Delphi Digital also highlighted CAKE’s token economics as a significant factor for its future growth.

Unlike UNI and SushiSwap (SUSHI), there is not a hard cap on the supply of CAKE tokens which gives the platform the “ability to perpetually conduct targeted vampire attacks in order to attract liquidity and incentivize projects to launch on PancakeSwap’s AMM.”

The current weekly inflation rate for CAKE is 3.78%, which is significantly higher than UNI’s 2% yearly inflation rate.

Even with various deflationary measures implemented by CAKE developers, the “net emission is approximately 1,000,000 CAKE per week – which translates to 37% real inflation annually (or 0.7% weekly).”

According to Delphi Digital, PancakeSwap is aware of how the current inflation numbers look and the team announced a governance vote to change the emission schedule with the options to leave it the same, decrease it to 23.5 or 22 CAKE per block.

The option to reduce emissions to 22 CAKE, a 20% decrease, is currently favored to win and this would reduce CAKE emissions by 1,050,000. This would help to neutralize inflation while also allowing the project to keep its vampire attack capabilities in the long-run.

CAKE attempts to break above resistance

Data from Cointelegraph Markets and TradingView shows that since reaching a low of $8.30 on Feb. 28, the price of CAKE has made several attempts to break out to a new all-time high and at the time of writing the altcoin trades for $15.63.

CAKE/USDT 4-hour chart. Source: TradingView

According to data from Cointelegraph Markets Pro, market conditions for CAKE have been favorable for some time.

The VORTECS™ score, exclusive to Cointelegraph, is an algorithmic comparison of historic and current market conditions derived from a combination of data points including market sentiment, trading volume, recent price movements and Twitter activity. A recent test of the system resulted in investment returns as high as 1,497% using specific strategies outlined in the report.

VORTECS™ Score (green) vs. CAKE price. Source: Cointelegraph Markets Pro

As seen in the chart above, the VORTECS™ Score for CAKE turned green and registered a 65 on March 21, roughly six hours before the price began to rally over the next four days.

After the initial precise rise on March 22, the VORTECS™ Score continued to climb and reached a high of 81 on March 25, three hours before the price began to rally 36%.

Strong backing from Binance and low fees on BSC have PancakeSwap in an enviable position to attract additional liquidity from the Ethereum-based DeFi protocols as a practical solution to high gas fees remains elusive. Despite inflation-related concerns, analysts have suggested keeping an eye on this Uniswap competitor as the battle for DeFi dominance continues to unfold.

The views and opinions expressed here are solely those of the author and do not necessarily reflect the views of Cointelegraph.com. Every investment and trading move involves risk, you should conduct your own research when making a decision.

PancakeSwap (CAKE) aims to take a slice out of Uniswap’s DeFi dominance

Source

The Financial Technology Association Launches Backed By Big Names, Seeks to Advocate on Behalf of Fintech

A new trade group has been launched to advocate on behalf of the Fintech industry. Today, the Financial Technology Association (FTA), is hoping to educate stakeholders and support the modernization of financial regulation. Founding members of the group are Afterpay, Betterment, Brex, Carta, Figure, Marqeta, Quadpay, Plaid, Ribbit Capital, Wise, and Zest AI.

In a release, FTA said it believes the successful integration of Fintech solutions in the American financial system starts with the adoption of national policies that recognize the importance of responsible innovation and encompass a coherent vision on key priorities.

Daniel Gorfine, FTA Senior Policy Advisor, stated:

“Technology-driven innovation is transforming the way we offer, access, and benefit from financial services and markets in the United States. This organization will focus on proactively shaping regulations, policy frameworks, and public understanding in order to safeguard consumers and advance the development of trusted, digital financial markets and services.”

Milan Dalal, FTA Senior Government Relations Advisor, added that they look forward to engaging with the new administration and Congress to help solve outstanding financial services challenges faced by many Americans:

“The Fintech industry has an important story to tell and looks forward to working with policymakers to protect consumers and advance responsible innovation.”

As part of the new organization’s launch, it has issued an introductory paper entitled Shaping the Future of Finance.

FTA’s introductory paper seeks to show that Fintech companies are improving efficiency and transparency, broadening equity, access and inclusion, reducing costs, and increasing choice for consumers and businesses.

Source

MicroWorkers Integrates with Ontology’s ONTO Digital Wallet to Facilitate Additional Payment Options for Workers

MicroWorkers has integrated Ontology’s ONTO wallet in order to facilitate additional payment options for workers.

MicroWorkers’ integration of ONTO wallet completes the latest phase in their joint venture with the Ontology development team. Through the partnership, MicroWorkers plans to continue to promote users’ access to new and more flexible payment options.

As noted in an update from the Ontology team:

“To further their mutual aim of empowering microworkers across the globe, Ontology, the high performance, public blockchain specializing in decentralized identity and data, and global freelancing marketplace leader MicroWorkers (MW), have announced the completion of the latest phase of their collaboration.” 

Ontology is working cooperatively with Microworkers to carry out the integration of its ONTO Wallet with the MicroWorkers platform. The integration should allow users to get their rewards via payment methods other than PayPal and Payoneer, while “increasing access to capital for many around the world.”

As confirmed in the announcement, the online freelancing market is growing steadily and members of the nascent industry are leveraging blockchain or distributed ledger technology (DLT) to make their platform and marketplaces “more efficient.”

This latest announcement has come when interest in crypto payments and related services has been growing. MicroWorkers will now be leveraging the Ontology blockchain to support its “growing AI demands and enable workers and employers to use their ONTO digital wallets to receive and send crypto payments.”

The update further noted:

“MicroWorker users are also able to securely store and share their account history and reputation score through their ONT ID on-chain, allowing for cutting-edge encryption while placing sole control of the data in the hands of the user. With the initial test phase of the integration now completed, these services will soon be available to all MicroWorkers users.”

Li Jun, Founder of Ontology, noted that they’re proud that this collaboration will allow users and employers of MicroWorkers to get paid via the ONTO app, “showcasing Ontology’s blockchain and identity platform as a way to deliver these much-needed services at a time when micro workers most need it.”

By using their ONTO digital wallet, MicroWorkers are able to withdraw Binance USD (BUSD) virtual currency, and then make deposits in Euros into their debit cards. This “greatly expands the amount of withdrawal methods and currency types available for users of MicroWorkers, giving them greater choice over how they get paid for their work,” the announcement noted.

While sharing other benefits this partnership should offer to users, the update revealed that there’s now a “significantly lower withdrawal fee rate, which at 2% is lower than other withdrawal methods on the current MicroWorkers platform.”

The update also mentioned:

“Additional benefits will be [also be] offered, including the elimination of card opening fees and the wider availability of digital currency rewards…. an income certificate can [also] be generated on ONTO with one click, which provides convenience for users when seeking related jobs, and also makes ONTO’s functions more demonstrative.”

Nhatvi Nguyen, CEO at MicroWorkers, stated that “by enabling this integration with Ontology, we are making significant strides in terms of how our workers can get paid.”

Nguyen added:

“We believe that this development will promote a new level of financial freedom among our platform users and enable them to benefit from the number of exciting new services that we have in the pipeline. We see blockchain and digital identity as hugely important, and we’re dedicated to leveraging these emerging technologies to provide micro workers around the world with the best possible experience.”

Source