Astrix Security

24/01/2023

Visit our brand-new website product page, which recently went live 🥳

We wanted to update our website to make it more engaging for all of our users - As well as provide valuable information on how organizations can benefit from the productivity third-party app connections provide, without opening themselves up to greater risk 🔒

On our new product page, you'll find:
🛡️ A dashboard overview
🛡️ Sample connectivity map showing potential risks
🛡️ Information on how to gain visibility, detect threats, remediation, and complete lifecycle management

Have a look and let us know your thoughts!

👉 https://hubs.la/Q01z3Gj00

20/01/2023

Who's excited for Cybertech Tel-Aviv? We are ✋

Astrix Security will be there on both days to talk all things third-party security 🛡️

Book a meeting with us and learn how to unleash the power of integrations!

Learn more: https://hubs.la/Q01yKXhv0

18/01/2023

*CircleCI has confirmed that customers' secrets and encryption keys were stolen.*

This breach joins a series of attacks, in which attackers use stolen access tokens and API keys granted to third-party applications in order to breach companies' core systems, such as GitHub, and steal sensitive data and code 🔓

In this blog post, we cover:
🛡️ How the hacker found and abused these access tokens
🛡️ Why MFA, SSO, and other identity access solutions fall short in such attacks
🛡️ How to protect your access tokens moving forward

Learn more in this blog by Idan Gour: https://hubs.la/Q01yrddQ0

CircleCI has confirmed that customers' secrets and encryption keys were stolen. Learn more about the breach, it's implications for third-party integrations, and how to minimize the risks of similar breaches.

16/01/2023

Great news incoming… Alon Jackson has been admitted to the Forbes Technology Council!

In his first article, he discusses one of the major threats facing hyper-connected enterprises - Third-party apps and Low-code/no-code integration platforms 🔒

While app-to-app connectivity resulted in incredible leaps in productivity, it also presents new vulnerabilities as these unmonitored connections are often ungoverned connections between the organization’s core systems and third-party applications.

Learn what is driving the rapid adoption of these platforms, the pros and cons of using them, and how they can be secured: https://hubs.la/Q01y6Fdq0

12/01/2023

Coming to you live from the USA 🦅

We're delighted to announce the opening of our New York office 🗽!

Due to our anticipated growth in 2023 with our climbing employee headcount, growing customer roster and expansion into the United States we have opened up shop in NYC!

"We're seeing a huge demand for solutions that provide security teams holistic visibility into all app-to-app connections" says our CEO and Co-Founder Alon Jackson.

In 2022 we raised 15M in seed funding, with additional funding from Kmehin Ventures and this year alone, we've grown our customer base five-fold attracting enterprises such as Agoda, Figma (recently acquired by Adobe) and Exabeam, an S&P 500 REIT company.

Read the full press release and learn about our latest development here: https://hubs.la/Q01xSxgc0

11/01/2023

**Slack breached - 6 things you can do to reduce your attack surface**

Slack announced its GitHub code repositories had been breached over the new year holiday weekend.

The incident involved threat actors gaining access to Slack's externally hosted GitHub repositories via a "limited" number of stolen Slack employee tokens.

In this article, we discuss the attack, how it occurred, and more importantly, what you can do to protect yourself: https://hubs.la/Q01xHW-T0

The Slack attack proves that organizations must protect API keys as vigorously as they protect passwords. Here are 6 tips to help you avoid similar attacks.

09/01/2023

We'll be at Cybertech TLV at the end of the month. Will you?

Come stop by our booth to learn how allow you can safely unleash the power of app-to-app integration and automation.

Learn how to take control of your third-party app connections.

See you there! 👋
https://hubs.la/Q01wY8b90

06/01/2023

**CircleCI Security Alert - Astrix Security recommendations**

Following a possible breach, CircleCI published a security alert urging their customers to rotate all CircleCI secrets, specifically API keys and tokens, to prevent supply chain attacks ⚠️

However, detecting all the connections of CircleCI to an organisation’s core systems might be a tedious and time-consuming task since these connections are usually created without any governance from the security team or proper vetting process and documentation.

In this blog, we have listed the most common connections to CircleCI from organizations’ core systems (based on our continuous observations), and the recommended remediation steps required 🛡️

Learn more: https://hubs.la/Q01x9lcx0

Following a possible breach, CircleCI published a security alert urging their customers to rotate all CircleCI secrets to prevent supply chain attacks.

04/01/2023

New Year, New Us!
💡💡TL;DR Our website has had a makeover💡💡
It's been a labor of love, but we have to thanks all the team that have got us here.
Our new website now truly reflects what we do: Allow you to securely connect your core systems to third-party cloud services.

Our new website details exactly how we do that. Our shiny new product page details our features and capabilities including a look at our dashboard, our connectivity map, how we detail individual app risks, our remediation workflows and how we tackle lifecycle management.

Let us know your thoughts and feedback in the comments!
Homepage: https://astrix.security/
Product Page: https://hubs.la/Q01wYcKx0