We are back with Issue #23 of the "Alice in Supply Chains Newsletter." Stay ahead in third-party cyber risk management (TPCRM) with the most up-to-date content curated by our team of experts. Criminals are finding cloud platforms very efficient for data theft. But are providers working to prevent their strengths from being leveraged against their customers? "Alice in Supply Chains" is here to shed some light on the answer to this question, with a collection of guidance, news, breaches, and regulations related to third-party cyber risk management (TPCRM). We hope you enjoy the read. Stay safe, and see you again next month! #Cybersecurity #TPCRM #SupplyChainAttack
Tenchi Security
Segurança de redes e computadores
Barueri, São Paulo 31.372 seguidores
Third-Party Cyber Risk Management
Sobre nós
Na Tenchi, provemos serviços de consultoria e soluções para ajudar sua organização a alcançar os benefícios do uso de cloud computing com segurança e conformidade. Nosso trabalho tem por objetivo ajudar a área de segurança de informação se tornar um viabilizador da busca do negócio pelos aumentos de flexibilidade, escalabilidade, automação e economia que a nuvem pode trazer.
- Site
-
https://www.tenchisecurity.com
Link externo para Tenchi Security
- Setor
- Segurança de redes e computadores
- Tamanho da empresa
- 11-50 funcionários
- Sede
- Barueri, São Paulo
- Tipo
- Empresa privada
- Fundada em
- 2019
- Especializações
- cloud, security, devsecops e TPRM
Produtos
Zanshin
Software de gestão SaaS
Zanshin, the premier SaaS Third-Party Cyber Risk Management platform that is disrupting the market by working on a Cooperative, Continuous, and Comprehensive way: -Cooperative: ensuring third parties consent to be helped fix critical security issues -Continuous: delivering daily and on-demand automated tests -Comprehensive: testing the security controls that matter, not just the external attack surface With Zanshin, we deliver value by materially reducing third-party risk, as opposed to just reporting it.
Localidades
-
Principal
Al Rio Negro 503
23o andar
Barueri, São Paulo 06454-000, BR
Funcionários da Tenchi Security
Atualizações
-
Tenchi Security compartilhou isso
Tenchi Security finding a problem with the Google Workspace enforcement of 2FA was featured on the Enterprise Security Weekly podcast by Security Weekly Productions! You can see it at https://lnkd.in/deQHA5-T, and the show notes are available at https://lnkd.in/dyAXCnBt. Thank you very much to Adrian Sanabria and Katie T. for covering this and for the kind words. This problem appears to have been fixed last Friday (July 12th), about a week after we've reported it to Google Workspace support. Which is not a bad turnaround time for something at this scale, so kudos to anyone involved. Also kudos to Felipe Zanetti and Marcelo Teixeira from our corporate security team that picked up on the alerts, understood their significance and followed through on the investigation. And to Eduardo Pinheiro and our amazing engineering team for building the product that generated the alerts in the first place. Are you a security leader at a large enterprise that wants to truly manage the cyber security posture of your relevant third parties and systematically reduce the risk they represent to your organization, as opposed the traditional #TPCRM focus on just measuring or admiring the problem? I'd love to show you what we are doing here at Tenchi Security. DM me and let's schedule a product demo or a free trial. I'll also be at Black Hat (in particular the Innovators and Investors Summit) and Security BSides Las Vegas in a few weeks, hit me up if you want to meet in person there.
Rockyou2024 is a scam, Google has a whoopsie, and AI is giving folks indigestion - ESW #367
https://www.youtube.com/
-
Today, we had another successful “All Hands” meeting, our global alignment session that brings together all Tenchi Security employees. These meetings are crucial for driving our success forward! Our CEO, Felipe Boucas, shared our outstanding YTD results, recent achievements, and the challenges we’ve overcome. He also highlighted important updates on HR initiatives, strategic partnerships, and key marketing strategies. Following this, our CTO, Alexandre Sieira, presented the latest initiatives for Zanshin, our TPCRM SaaS solution, including the roadmap and exciting new features. To wrap up, Eduardo Pinheiro, our Engineering Director, spoke about the “First Ever Engineering Onsite,” where our engineering team had the opportunity to meet in person in São Paulo at the beginning of July. Team members from other countries also participated, fostering alignment on strategy, business vision, and team collaboration. Great job, team! We are proud to have each one of you with us on this journey! #cybersecurity #cyberteam #TPCRM
-
-
Se a sua conta do Google Workspace passou pela obrigatoriedade de MFA do Google para administradores e você está usando a política de MFA aplicada por unidade organizacional (OU), a sua configuração de MFA pode não estar funcionando corretamente. Quer saber mais? Leia o blog completo! Blog atualizado em 15 de julho de 2024: Atualizamos o nosso post tendo em vista que em 12 de julho de 2024, a equipe de engenharia do Google indicou que havia resolvido o problema. No entanto, recomendamos que faça sua devida diligência para validar e confirmar que a política de aplicação de MFA do seu Google Workspace está operando conforme esperado. https://lnkd.in/dkmq9xwm #2FA #googleworkspace #cybersecurity
Problemas na Obrigatoriedade de 2FA para Administradores do Google Workspace - Tenchi
https://www.tenchisecurity.com.br
-
If your Google Workspace account has gone through Google’s MFA enforcement for admins and you are using OU-level MFA enforcement, your MFA enforcement may not work. Check out the full blog for more details! Blog Update: July – 15th – 2024: We’d like to give you an update on the OU-level MFA enforcement issue identified in this blog. As of July 12th, 2024, Google’s engineering team indicated they had remedied the issue. However, please do your due diligence to validate and confirm that your Google Workspace MFA enforcement policy operates as expected. https://lnkd.in/dvF9Dwcn #2FA #googleworkspace #cybersecurity
Google Workspace Administrator 2FA Enforcement Issues - Tenchi
https://www.tenchisecurity.com
-
Tenchi Security compartilhou isso
Google Workspace seems to have bungled their planned enforcement of #2FA for administrators (see https://lnkd.in/egmPuk25). Here at Tenchi Security we had already had OU-level policies enforcing 2FA for all users, including the administrators. So when we got the e-mail saying it would be turned on for us on July 3rd, we expected that nothing would change. 😎 However our product Zanshin, which we use to perform daily checks of our Google Workspace and other #SaaS #security settings, started alerting on that date that 2FA was no longer enforced for our admin accounts. 🤔 Since this is the opposite of what we expected, we initially thought this was a false positive in our product. It wasn't. Since Google turned on the "enforcement" for our organization, our OU policies were being ignored and Google Workspace was itself reporting on its console that 2FA was indeed not enforced for our admins. We were even able to (temporarily) disable 2FA on one of the admin accounts, which was not possible before! 😱 So the change Google implemented did the opposite of what was intended. Our organization is now less secure - not only is Google Workspace not enforcing 2FA for our admins, it's even ignoring our OU policies to that effect. 🤦♂️ We have reached out to Google's support team and they were as surprised as we were, but told us they confirmed the findings with a test org they control. Tickets are now being escalated. Not sure if this was something that only happened to us (unlikely at their scale) or because very few people double-check this like we do daily with Zanshin so we were among the first to notice it. Let me know in the comments if your organization was impacted by this problem as well, and boost for visibility. Additional checks around admin accounts might be needed until Google sorts this out.
-
-
Don't miss out on this month's blog post! Entitled "Businesses still rely on inadequate controls for third-party cyber risk, but change is on the horizon," it explores the critical importance of third-party cyber risk management (TPCRM) and unveils insights from an exclusive survey conducted during the Tenchi Conference. The survey uncovered that many companies still rely on static methods, and that the cybersecurity posture of third parties is still being determined using questionnaires, industry certifications, or point-in-time scans that do not provide real-time discovery and visibility of cybersecurity risks. https://lnkd.in/dyP65CSJ Want to dive deeper? Read the full blog for more details! #TPCRM #cybersecurity
Businesses still rely on inadequate controls for third-party cyber risk, but change is on the horizon - Tenchi
https://www.tenchisecurity.com
-
O blog post deste mês está imperdível! Com o título "Empresas ainda contam com controles ineficazes para gestão de riscos cibernéticos de terceiros, mas a mudança está a caminho", aborda a importância da gestão de riscos cibernéticos de terceiros (TPCRM) e apresenta dados de uma pesquisa exclusiva realizada durante o Tenchi Conference no final do ano passado. A pesquisa revelou que muitas empresas ainda dependem de métodos estáticos, e que a postura de cibersegurança dos terceiros ainda vem sendo avaliada por meio de questionários, certificações ou testes que não fornecem uma visibilidade em tempo real sobre problemas de segurança e vulnerabilidades. https://lnkd.in/dUB55_zr Quer saber mais? Leia o blog completo! #TPCRM #cybersecurity
Empresas ainda contam com controles ineficazes para gestão de riscos cibernéticos de terceiros, mas a mudança está a caminho - Tenchi
https://www.tenchisecurity.com.br
-
Gostaríamos de agradecer a todos que estiveram presentes no nosso estande ao longo dos três dias da FEBRABAN TECH 2024. Foi um prazer recebê-los e apresentar o que há de mais inovador em gerenciamento de riscos cibernéticos de terceiros. Agradecemos pela confiança e pelo tempo dedicado! #FEBRABANTECH2024 #cybersecurity #TPCRM
-
-
O time da Tenchi Security marcou presença hoje na 34ª Edição da FEBRABAN TECH. Vai estar no evento amanhã? Venha nos visitar. Não perca a oportunidade de descobrir como podemos ajudar sua empresa a reduzir sistematicamente os riscos cibernéticos de terceiros. Esperamos por você no estande F-185! #FEBRABANTECH2024 #cybersecurity #TPCRM
-
Páginas semelhantes
Visualizar vagas
Financiamento
Última rodada
Série AUS$ 7.000.000,00