SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Entire CyberRes SaaS portfolio receives ISO certification
Thu, 21st Jul 2022
FYI, this story is more than a year old

CyberRes' cyber resilience products offered through its software-as-a-service (SaaS) have all achieved International Organization for Standardization (ISO) 27001.2013 certification of the Information Security Management System (ISMS) category.

A Micro Focus line of business, CyberRes' notes that its efforts to use industry best practices for developing, securing and operating SaaS products have been validated in reaching this milestone by one of the industry's most well-known standards boards.

The certification comes in response to CyberRes demonstrating that it implements, maintains and continually improves its SaaS offerings for information security management systems as it relates to customer data and privacy.

"Receiving ISO 27001 certification is another example of why CyberRes is a trusted leader in the cyber security market," CyberRes SaaS senior director David Gahan says.

"ISO 27001 certification is the gold standard when it comes to ensuring a business operates SaaS at a high level of professionalism with steadfast focus on protecting customers' most treasured assets: their intellectual property and other data.

"This external certification is a strong indication that CyberRes' SaaS offerings meet the standards needed for hosting mission critical processes and services."

The CyberRes SaaS offerings covered by the ISO 27001:2013 ISMS certification include:

  • Security Operations
  • ArcSight Intelligence
  • ArcSight Intelligence for CrowdStrike
  • ArcSight Recon Galaxy Public
  • Galaxy Threat Acceleration Program Basic
  • Galaxy Threat Acceleration Program Plus
  • Identity and Access Management
  • NetIQ Advanced Authentication
  • NetIQ Identity Governance
  • Data Security
  • Voltage File Analysis Suite
  • Voltage Secure Mail
  • Application Security
  • Fortify on Demand
  • Fortify Hosted

This certification comes after CyberRes acquired Debricked in March, enabling customers to accelerate the speed of DevSecOps while ensuring the resilience of their software supply chain.

CyberRes says the addition of the cloud-native software composition analysis platform and AI and machine learning (ML) capabilities further drive the company's strategy in the future of software resilience and DevSecOps.

The company adds that these aligned capabilities, combined with Debricked's vision of how developers evaluate, consume, and secure open source components customised to their organisation's requirements, make the company a valuable addition to CyberRes' application security portfolio.

Furthermore, CyberRes says the acquisition will help Micro Focus continue to invest in security and provide the ability to assist customers and partners in reinforcing their cyber resiliency.

Debricked says it finds new ways for companies to secure their software supply chain long term, and the developer-centric open source intelligence company's SaaS solution enables a more intelligent selection of open source while affording organisations a significant reduction in the risks that traditionally come with it.

It adds that both of these are core requirements of modern DevSecOps programs.

Additionally, the service runs on cutting-edge ML, which allows the data quality to be highly accurate and immediately updated whenever a new vulnerability is discovered.

Key attributes of Debricked technologies include identifying, fixing and preventing vulnerabilities in open source dependencies by scanning at every commit and providing notifications when new vulnerabilities arise.