Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Author

 Rik Turner
LinkedIn
RSS
E-Mail

Profile of Rik Turner

Principal Analyst, Emerging Technologies, Omdia
Member Since: 7/28/2016
Author
News & Commentary Posts: 64
Comments: 0

Rik is a principal analyst in Omdia's IT security and technology team, specializing in cybersecurity technology trends, IT security, compliance, and call recording.  He provides analysis and insight on market evolution and helps end users determine what type of technology and which vendor they should be pursuing.

Rik has also worked in Omdia's financial services technology team, with a specialization in capital markets technology. Prior to joining Omdia, he worked as an IT journalist, specializing in networking and security, and as a foreign correspondent in Brazil, where he worked, among others, for the Financial Times and The Economist.

Articles by Rik Turner

Why is Proofpoint Being Taken Private for $12.3bn?

4/27/2021
Email security heavyweight Proofpoint has announced its acquisition, for $12.3bn, by Thoma Bravo, the private equity firm that is among the most active in the cybersecurity market. This is the highest price yet paid for a security vendor: What is its significance, and what does it say about the current state and future of the email security market?

Post a Comment

Zscaler First Big-Name Company to Buy Into CPM with Trustdome Acquisition

4/19/2021
Zscaler has become the first major player in cybersecurity to buy a specialist vendor in the emerging market segment of cloud permissions management (CPM) with its acquisition of Israeli startup Trustdome. This technology works by first discovering all of a customer's cloud assets and cataloging all the extant permissions to access those assets. From there, it provides a list of those permissions and highlights the ones that it deems excessive or unnecessary. CPM can be classed as an expression of the Zero Trust approach to security alongside technologies such as microsegmentation; privileged access management (PAM); and zero-trust access (ZTA).

Post a Comment

On the Radar: Solvo Offers CPM as a Service

4/19/2021
Solvo is a startup and new entrant in the cloud permissions management (CPM) market segment. CPM is at a very early stage in its development, and it is Omdias opinion that over time it will attract larger tech vendors, some of which may favor the M&A route over developing the technology themselves. Solvo's market opportunity, therefore, is to sign up a roster of marquee clients to raise its profile before the sector is consolidated by larger players.

Post a Comment

Lookout Enters SASE Fray With CipherCloud Buy

4/13/2021
Endpoint security vendor Lookout is the latest entrant in the busy so-called secure access service edge (SASE) market thanks to its acquisition of CipherCloud. There will be cross-sell opportunities in Lookout's and CipherCloud's enterprise customer bases. In addition, Lookout has relationships with many telecoms operators, a sector that is waking up to the need to respond to the SASE challenge

Post a Comment

Oktas PAM and IGA Launch Underpins "Primary Cloud" Ambitions

4/12/2021
Okta, a leading player in identity-as-a-service (IDaaS), has announced its entry into two other segments of the identity market: privileged access management (PAM) and identity governance and administration (IGA). Though it pits the IDaaS heavyweight against entrenched incumbents in both segments, the move is consistent with its plan to become its customers' cloud provider of choice for the entire gamut of their identity-related requirements.

Post a Comment

Data Theorem Speeds Commoditization of Cloud Security Posture Management

4/1/2021
Data Theorem, a developer of application security technology, has launched Cloud Secure, a two-part offering for apps in the cloud consisting of a cloud security posture management (CSPM) platform and a series of so-called cloud hacker toolkits. As its name suggests, CSPM technology focuses on the automated identification and remediation of risks across a companys cloud assets.

Post a Comment

Verizon Responds to SASE Challenge With a Two-pronged Strategy

3/22/2021
Verizon is adopting a two-pronged approach to the challenge the growing secure access service edge (SASE) vendor community has been mounting to the telco business model for the last couple of years. On the one hand, it is about to change the way it takes security services to market, unveiling a combination of bundling of basic functionality with a freemium model whereby customers will be invited to pay for the more advanced version. Meanwhile, further down the road it plans to launch its own Verizon SASE service.

Post a Comment

Okta Bets $6.5bn on Auth0 to Bolster its B2C Identity Offering

3/18/2021
At the beginning of March, Okta, the market leader in the identity-as-a-service (IDaaS) space, announced it was spending $6.5bn, entirely in stock, to purchase Auth0, which offers an authentication and authorization (Authn and Authz) platform as a service. The Auth0 platform is sure to enhance Oktas offerings in those spaces, where it is already a heavy hitter. However, it is really in the consumer segment that Omdia sees the greatest benefits of the acquisition.

Post a Comment

On the Radar: Deduce Combats Account Takeover with Crowdsourced Login Intel

3/18/2021
Deduce develops technology, delivered in SaaS mode, to help companies counter the threat of account takeover (ATO) in online and mobile interaction scenarios (e-commerce, m-commerce, online banking, gaming/gambling, etc.). The technical underpinning of the vendor's product offering is the Deduce Identity Network. This is the vendor's data coalition, formed by some 150,000 websites that it has instrumented with its JavaScript code to collect intelligence on the login requests they receive.

Post a Comment

Fundamentals of Privileged Access Management (PAM)

3/12/2021
Privileged access management (PAM) is a specialized branch of identity, authentication, and access technology that manages the access rights of users who have elevated permissions to critical corporate resources. This report describes the evolution of PAM and outlines the main components that any PAM platform must have to compete in this market, ahead of an Omdia Universe vendor comparison report to be published in the third quarter of 2021.

Post a Comment

On the Radar: CyGlass offers network detection and response (NDR) as a service

3/9/2021
CyGlass is a wholly owned subsidiary of UK domain registry Nominet. It offers a network detection and response (NDR) platform delivered as a cloud-based service and targets the midmarket (i.e., companies of up to 5,000 employees). CyGlasss opportunity is to attract customers that lack extensive in-house security skills with a service that can deliver security without too much heavy lifting on their part.

Post a Comment

DDoS is back bigger, badder, and more variegated

2/22/2021
Distributed denial-of-service (DDoS) attacks enjoyed what one mitigation provider has described as a "renaissance" in 2020, with more volume, variety, and velocity than ever before. With 2021 shaping up to be another atypical year for business despite the rollout of vaccines around the world, the prospect is that we will see yet another busy time for DDoS.

Post a Comment

On the Radar: Twingate Offers an Easy-to-Use Zero-Trust Access Service

2/11/2021
Twingate is a developer of zero-trust access (ZTA) technology, which delivers remote access in a more secure fashion than virtual private networks (VPNs). It delivers its technology as a service. As a fully managed SaaS product with multiple product tiers and price points to suit customers needs, Twingate will be a strong option for companies looking to simplify their remote access experience.

Post a Comment

Googles BeyondCorp Enterprise is a ZTA Service Using the Chrome Browser

2/1/2021
Google has announced an Enterprise version of its BeyondCorp implementation of zero-trust access (ZTA) technology for secure remote access. The novelty is that it has obviated the need for software agents on end-user devices by using the Chrome browser as its source of endpoint data. With BeyondCorp Enterprise, Google is expanding its offering to any company accessing applications in any location (on the companys premises or in any cloud) and thus becomes a fully fledged competitor in the ZTA market.

Post a Comment

On the Radar: SecureAge Delivers File-level Encryption on the Endpoint

1/29/2021
SecureAge Technology is a Singapore-based cybersecurity company with a product portfolio that spans data, endpoint, and network security. Omdia sees an opportunity for smaller vendors like SecureAge, who are not yet household names, to prosper with products that are differentiated by the strength of their security offering, its ease of use, and its manageability.

Post a Comment

On the Radar: Sonrai Security Delivers Cloud Permissions Management

1/21/2021
Sonrai Security offers a cloud permissions management (CPM) platform that surveys the access entitlements across a companys cloud data stores, recommends where they should be curtailed, and takes remedial action either through escalations or in an automated fashion if the customer so desires. Omdia was impressed with Sonrai Digs simplicity of deployment and with Sonrais straightforward charging mechanism.

Post a Comment

Cloud and Security are Hot in 2021, but Cloud Security is Incandescent

1/15/2021
Lacework raises an impressive $525 million in a funding round, while Red Hat spends an undisclosed amount on container security vendor StackRox, with a particular focus on Kubernetes (K8s) security, and F5 splashes out $500 million for edge app platform start-up Volterra. All these developments in the first week of 2021 put cloud and security front and center for the coming year, but also show that the place where these two trends intersect (i.e., cloud security), is at the epicenter of investment priorities for this year.

Post a Comment

On the Radar: Ermetic Uses Identity to Limit Permissions in the Cloud

1/12/2021
Ermetic provides security for data stores, databases, and some compute instances in the infrastructure- and platform-as-a-service (IaaS and PaaS) delivery modes of cloud computing. It does this with a software-as-a-service (SaaS) platform that refers to a companys identity and cloud infrastructures to manage the access rights granted both to human users and systems (applications, services, etc.). Omdia calls this emerging class of technology cloud permissions management (CPM).

Post a Comment

2021 Trends to Watch: Data Security

12/24/2020
This report will be of use to enterprise security teams researching current trends in encryption and privacy, plus business units moving data into the cloud. Vendors will benefit from Omdias take on what is driving customer uptake.

Post a Comment

Fundamentals of Next-Generation Application Security

12/18/2020
With the multiple disparate application security capabilities now being delivered as services from the cloud and packaged together by single vendors as part of broad portfolios, Omdia sees the emergence of a sector it calls next-generation application security (NGAS). In this fundamentals report, we consider the core capabilities being brought together for runtime security, then list the criteria we will use to gage and rank the vendors profiled in that report as leaders, challengers, or market prospects.

Post a Comment

Omdia Market Radar for Next-Generation Application Security: Runtime

12/17/2020
Defending web applications has never been more important. As ever more private applications (i.e., ones that face not the general public but rather an organizations employees and business partners) are relocated to the cloud and are accessed over the internet instead of a private WAN link, next-generation application security (NGAS) portfolios gain even greater importance.

Post a Comment

Alkiras "Network Cloud" Offers a New Twist on SASE

12/10/2020
Alkira, a networking startup that has just announced a $54m B round of VC funding, offers a service it calls a "network cloud," which represents an interesting new take on the current industry buzzword of secure access service edge (SASE). Rather than deploying a network of PoPs across all the leading CSPs, Alkiras approach is to deploy dedicated PoPs for each customer when they sign up to the service, as well as additional ones as the need arises.

Post a Comment

Omdia Market Radar: Outbound Email Security

11/18/2020
Omdia profiles four vendors of outbound email security, focusing on building in controls to offset risks from insider threats, i.e., scenarios in which sensitive, confidential, or the wrong information is sent to the wrong recipients.

Post a Comment

Introducing Zero-Trust Access

3/26/2020
It's too early to tell whether ZTA will be a VPN killer or not, but major players are ramping up products in this new class of security technology that focuses on the cloud.

Post a Comment
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25273
PUBLISHED: 2021-07-29
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
CVE-2021-36741
PUBLISHED: 2021-07-29
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the ...
CVE-2021-36742
PUBLISHED: 2021-07-29
A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privile...
CVE-2021-23418
PUBLISHED: 2021-07-29
The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.
CVE-2020-5329
PUBLISHED: 2021-07-29
Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.