Gomboc.ai

Don't you love it when products save you time on menial tasks? One of the best examples as a security leader is the endless security questionnaires you get from vendors/customers. And having products that automate that task is really cool, right? Now, think about the amount of time spent dealing with alerts from your CSPM. Again, countless engineering hours were spent figuring out the right fix for these and crafting the configuration change to address them. Wouldn't it be cool to automate this too? That's exactly what we do at Gomboc.ai... And guess what? Questionnaires come up less often, cost you less to address, and have marginal to zero impact on your actual security. Remediating your CSPM alerts, which show up more frequently, is expensive and has a major impact on your security. Let's move on from alerting (or buying solutions that have no security impact), to fixing. The first dozen fixes are on me if you DM or ask for a PoC online ;-)

If there's one thing we're mostly excited about from this update, is being able to showcase our upcoming updated PoC process. Less time, more value. That's all we can say for now (and we apologize in advance to the rest of the security vendors, but that's just in our DNA. Alerting doesn't work; it's all about the actual work/remediation!).

No one wants to be part of the 1 million alert club. Would love to see post backs for those feeling this pain and if you have any strategies for dealing with it.

Check out our founder and CEO's opening keynote at HackFest! And have a chance to understand what sort of AI we are working on, and why our customers see such a huge value in what we deliver...

Cloud security is finally high on the CISO’s priority list after over a decade. Why? ☁️ Increased cloud adoption ☁️ Skyrocketing data ☁️ Growing trust in cloud after many years We at Gomboc.ai are pleased to be recently included in Scale’s "New Categories and Opportunities" chart under the IAC category. From the article: “Given that IAC templates are essentially ground zero for infrastructure configurations, the “furthest left” practice in cloud security is scanning, generating, or modifying these templates to prevent misconfigurations in the first place.” Infrastructure as Code (IAC) is a method of defining your infrastructure configurations in code, instead of using the cloud provider’s console/UI. There’s lots more to discover about IAC and how Gomboc is an emerging leader in the space. Check out the full article here: https://lnkd.in/g_5AeBsy

Low quality recording, high quality point. Our CEO, Ian Amit, talks about how products need to actually provide fixes to security issues. Not just raising more alerts!

17 Startups Using AI to Revolutionize Cybersecurity Join Google for Startups Program. Seventeen innovative #startups from #Europe and the #US. are the newest members of the Google for Startups Growth Academy: AI for Cybersecurity program. These companies, selected for their cutting-edge approaches to tackling cybersecurity challenges, will benefit from Google’s extensive tools, expertise, and resources to enhance their solutions and protect global digital infrastructure. With increasing concerns over cybersecurity, intensified by recent global events, this cohort is poised to make significant impacts. The program kicks off on February 15 at the Google Safety Engineering Center in #Munich, offering three months of tailored workshops and mentoring from Google’s AI and cybersecurity experts. Meet the startups revolutionizing cybersecurity: Alma Security (New York, U.S.): Provides end-to-end app protection with seamless integration and no code changes required. Authologic (Warsaw, Poland): Builds a global e-ID hub for digital IDs, identity wallets, and bank IDs. BforeAI (Montpellier, France): Predicts attacks and defends against fake websites and accounts. Blacklight AI | OwlGaze (London, UK): Uses AI to detect and prevent cyber threats before they escalate. Cakewalk (Berlin, Germany): Streamlines access management with automated app discovery and secure on-boarding. Buster.Ai (Paris, France): Transforms LLMs into secure, industry-specific AI tools. ETHIACK (Coimbra, Portugal): Offers autonomous ethical hacking to identify and address system vulnerabilities. Gomboc.ai (New York, U.S.): Fixes cloud security issues automatically while ensuring system functionality. HACKERverse® (Chicago, U.S.): Provides an AI-driven marketplace for cybersecurity solutions with automated demos. Kriptos (Miami, U.S.): Uses AI to automatically classify and label documents, preventing data leakage. LetsData (Dover, U.S.): Delivers real-time threat detection and disinformation monitoring in over 50 countries. Nijta (Lille, France): Enhances privacy by anonymizing voices in recorded customer calls using AI. Patchstack (Pärnu, Estonia): Focuses on the security lifecycle of open-source projects, identifying and fixing vulnerabilities. Quantum Dice (Oxford, UK): Enables secure encryption with a patented Quantum Random Number Generator. ShareID (Neuilly-sur-Seine, France): Offers authentication-as-a-service, pairing government IDs with facial scans for enhanced security. Talsec (Brno, Czech Republic): Provides app developers with tools to protect against hackers and malware. Zepo (Ciudad Real, Spain): Uses AI to address human risks in cybersecurity, safeguarding employees and digital workplaces. These startups will leverage Google’s resources to drive innovation and improve cybersecurity practices worldwide. For more details about the Google for Startups Growth Academy and its offerings, visit startup.google.com. #startups #entrepreneurinsider

We are happy to share that our product has been nominated for the 2024 Product Awards, presented by Products That Count. These awards celebrate the most influential and innovative products leading the global digital revolution. It is a privilege for our product to be part of this distinguished group, and we look forward to seeing the finalists and winners very soon! #2024productawards #productawards #productmanagement

Cloud Security Nightmare: Shared Responsibility Gone Wrong https://lnkd.in/gEXaV4bb New research reveals a major security vulnerability in AWS’ Application Load Balancer. The issue? People weren't validating token signers, a common misstep in cloud setups. This highlights a fundamental problem with the shared responsibility model: cloud providers often push the burden of security onto their customers. Keeping up with constant API changes and documentation updates is nearly impossible. Since cloud providers can’t see their customers’ environments, the burden falls to cloud consumers. How can we ensure secure cloud environments when even minor configuration oversights can lead to major breaches? To my friends in the security community: - How do you help your companies (or customers) manage through these types of situations? - Where do you feel the pain of mastering all of this cloud configuration knowledge? - What could we do to make these types of situations more manageable? It’s time to leverage AI to “RTFM” continuously for us and put information at the fingertips of practitioners to make our clouds efficient and secure. #cloudsecurity #aws #sharedresponsibility #cybersecurity

Charlotte, NC! Gomboc will be sponsoring FutureCon on September 5th. Join us for a day of learning and finally getting solutions that remediate rather than alert (we're all tired of endless alerts, aren't we?).