Collaborate Disseminate
DirectDefense announced that it has appointed Jared Ballou as Vice President of Business Development. Based in San Diego, CA, Jared will be responsible for driving strategic partnerships to support the company’s growth and business strategy. “Jar… Continue reading DirectDefense hires Jared Ballou as VP of Business Development
DirectDefense announced the launch of the Enterprise Security Program Review (ESPR), a joint security offering with IronNet, Unlimited Technology and Exero. A first-of-its-kind in the Managed Security Services Provider (MSSP) space, the ESPR measures t… Continue reading DirectDefense unveils Enterprise Security Program Review to address unnoticed cyber risks
Last week, security firm DirectDefense came under fire for over-hyping claims that Cb Response, a cybersecurity product sold by competitor Carbon Black, was leaking proprietary from customers who use it. Carbon Black responded that the bug identified by its competitor was a feature, and that customers were amply cautioned in advance about the potential privacy risks of using the feature. Now Carbon Black is warning that an internal review has revealed a wholly separate bug in Cb Response that could in fact result in certain customers unintentionally sharing sensitive files. Continue reading Carbon Emissions: Oversharing Bug Puts Security Vendor Back in Spotlight
On Wednesday, the security industry once again witnessed an all-too-familiar cycle: I call it “Security by press release.” It goes a bit like this: A security firm releases a report claiming to have unearthed a major flaw in a competitor’s product; members of the trade press uncritically republish the claims without adding much clarity or waiting for responses from the affected vendor; blindsided vendor responds in a blog post showing how the issue is considerably less dire than originally claimed.
At issue are claims made by Denver-based security company DirectDefense, which published a report this week warning that Cb Response — a suite of security tools sold by competitor Carbon Black (formerly Bit9) — was leaking potentially sensitive and proprietary data from customers who use its product. Continue reading Beware of Security by Press Release
Two well-funded cybersecurity firms jumped into a public relations fight Wednesday after one alleged that the other had allowed third parties to profit off leaked sensitive customer data. Direct Defense President Jim Broome wrote in a blog post published Wednesday that his firm had found evidence of improper conduct on the part of Carbon Black, a seller of endpoint security software products. Direct Defense, a managed and full service provider of security offerings, said it found an apparent flaw in the architecture of a popular Carbon Black product named Cb Response. This flaw allegedly allowed for a leak of sensitive customer information onto multi-scanning services like VirusTotal, a popular malware repository. The inadvertently leaked data, according to Broome, could be resold by third parties. “Files uploaded by Cb Response customers first go to Carbon Black (or their local Carbon Black server instance), but then are immediately forwarded to a cloud-based […]
The post PR fight ensues after claims of leaked Carbon Black data appeared first on Cyberscoop.
Continue reading PR fight ensues after claims of leaked Carbon Black data