GhangorCloud Announces Partnership with Array Networks to Defend Enterprises Against Malicious Insider/Outsider Attacks

Application Delivery Networking Leader Teams with GhangorCloud to Strengthen Security Readiness
SAN JOSE, CA, UNITED STATES, April 29, 2025 / EINPresswire.com / -- GhangorCloud, a leading provider of intelligent information security and data privacy compliance enforcement solutions, today announced it has established an OEM partnership with Array Networks to bundle its 4th generation Advanced Data Protection platform with Array's security offerings. Through the partnership, Array Networks gains access to powerful cybersecurity capabilities, including automated data classification and policy enforcement, identity and role-based access control, real-time monitoring and incident response, and compliance and regulatory support.
GhangorCloud is a leading innovator that has rapidly gained adoption as users seek to counter advanced cyberthreats. The company experienced significant business momentum in 2024 with a 45% compound annual growth rate (CAGR) year-over-year and has expanded its global footprint, attracting customers across North America, the Middle East, and the Asia-Pacific regions. Most notably, GhangorCloud has secured new marquee clients, including Fortune 500 companies, underscoring its position as a trusted provider of advanced cyber security solutions. To celebrate the company's market success, GhangorCloud will re-brand as GC Cybersecurity in Q2.
GhangorCloud's 4th Generation Advanced Data Protection solution, delivered through its Information Security Enforcer (ISE) platform, introduces a next-generation architecture for protecting sensitive data across applications in hybrid and cloud environments. Leveraging patented AI-driven data classification and policy automation, the system identifies and classifies sensitive information in real-time and without manual intervention. It then enforces context-aware access controls based on user identity, role, and intent. The Advanced Data Protection solution monitors data flows at granular levels, enabling dynamic enforcement of security policies and preventing unauthorized transmissions or exfiltration events.
'We're committed to delivering best-in-class performance and security for modern enterprise infrastructures,' said Array Networks' CEO, Joe Hwang. 'By deploying GhangorCloud's 4th Generation Advanced Data Protection technology at our customers' sites, we are elevating our capabilities to a much more robust standard. GhangorCloud's powerful suite of capabilities provide the precision and automation necessary to protect against critical threats, so this partnership not only strengthens our cybersecurity posture but also empowers our customers to meet complex data compliance and privacy mandates with confidence.'
'This marks a milestone in expanding the reach and impact of our award-winning Advanced Data Protection technology,' said Tarique Mustafa, Founder, CEO and CTO of GhangorCloud, Inc. By aligning with a proven leader in application delivery networking, we're not only enhancing enterprise security outcomes but accelerating the growth of our global partner ecosystem. The collaboration exemplifies our strategy to work with world-class technology providers to deliver integrated, high-performance security solutions at scale, propelling our business momentum and enabling broader adoption across industries and geographies.'
Visit GhangorCloud (AKA: GC Cybersecurity) at the 2025 RSA Conference in San Francisco, from April 28th – May 1st in booth #5181.
Tweet this: GhangorCloud Announces OEM Partnership with Array Networks
to Defend Enterprises Against Malicious Insider and Outsider Attacks #Informationsecurity #Dataprivacycompliance #Compliance #ArtificialIntelligence #AI #eDiscovery #Dataclassification
About GhangorCloud
Headquartered in Silicon Valley, GhangorCloud (now GC Cybersecurity) is a leading provider of intelligent information security and data privacy compliance enforcement solutions. GhangorCloud's Information Security and Consumer Compliance solutions protect data based on its contextual and conceptual significance, using a powerful policy engine and security algorithms to identify, classify, and protect large volumes of information in real-time with unprecedented accuracy. The company is founded by Silicon Valley security veterans Tarique Mustafa and Bhanu Panda, and is backed by a team, board and advisors that include leading authorities from companies like Symantec, McAfee, Trend Micro, Cisco, Juniper, Alteon and Array Networks. For more information, see http://www.ghangorcloud.com/.
Joe Austin
email us here
Public Relations
Visit us on social media:
LinkedIn
YouTube
X
Legal Disclaimer:
EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Gizmodo

16 hours ago

• Gizmodo

What We Know So Far About the Supposed ‘Mother of All Data Breaches'

Data breaches are so common these days that, when a new one gets announced, most web users can do little more than yawn and mutter something like 'Yeah, no shit' before scrolling up to the next story in their newsfeed. This week, however, a breach was announced that was allegedly so earth-shatteringly huge that it managed to break through the internet's wall of collective cynicism. Dubbed the 'Mother of All Data Breaches,' the breach is said to involve some 16 billion user credentials, and impact a vast number of accounts on platforms like Facebook, Google, and Apple. The breach was initially reported by Cyber News, a site that focuses on web security, and was written by the site's deputy editor and researcher, Vilius Petkauskas. The story, published Wednesday, claims that the breach represents 'one of the largest data breaches in history.' Petkauskas's article describes the discovered breach as 'a plethora of supermassive datasets, housing billions upon billions of login credentials' that have been sourced from 'social media and corporate platforms to VPNs and developer portals.' This data is sourced from '30 exposed datasets' that researchers say contains 'tens of millions to over 3.5 billion records each.' Researchers say they were able to discover the exposed datasets due to insecure online protections, though they say the exposure was too short-lived for them to figure out who was 'controlling' the data. 'This is not just a leak – it's a blueprint for mass exploitation,' said researchers interviewed by the site. 'With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.' Cyber News's story was picked up by a number of mainstream outlets, including Forbes and Axios. However, no sooner had the news begun to circulate the internet than security professionals began to call the article's claims into question. According to critics, Cyber News isn't wrong per se about the number of credentials that have been exposed—and that's horrifying enough news on its own. However, some watchers maintain that this isn't a new breach (nor is it really a breach in the traditional sense), it's just data from a bunch of old breaches that have been stapled together and posted online. 'To be clear, this is not a new data breach, or a breach at all, and the websites involved were not recently compromised to steal these credentials,' writes Bleeping Computer. Meanwhile, vx-underground, an informational website that posts about malware samples found around the web, tweeted about the story, characterizing it as a 'fear mongering 16,000,000,000 password repackage password leak thingy which scared the normies and spread misinformation.' Unfortunately, large breaches happen all the time and, due to the way that the cybercriminal underworld is structured around the sharing of stolen data, data from many of these breaches is traded and re-traded across websites. Sometimes, collectors of that information will compile very large dossiers of those breaches and post it as something new—which is what researchers are claiming happened here. That said, Cyber News's story seems to contradict the claims being made by security researchers somewhat. It says that the data that has been uncovered is 'recent' and 'not merely recycled from old breaches.' The Cyber News story also now includes a disclaimer that says: 'This story, based on unique Cybernews findings and originally published on the website on June 18, is constantly being updated with clarifications and additional information in response to public discourse.' Gizmodo reached out to Cyber News for comment. The breach is still interesting for how it highlights the danger of one particular tool in the dark web cretin's toolkit, which is a malware appropriately known as the 'infostealer.' The infostealer—just as it sounds—is software that, once having infected a device, will suck out login credentials that have been saved in the computer's browser. A very effective tool, cybercriminals can use the automated tools to swiftly compile large lists of personal information that can be used for compromise operations down the road. Regardless of whether this involves freshly leaked credentials or not, it might be a good time to freshen up your logins. Hackers' jobs are getting easier by the day.

Fast Company

a day ago

• Fast Company

Those security codes you ask to receive via text leave your accounts vulnerable. Do this instead

Do you receive login security codes for your online accounts via text message? These are the six- or seven-digit numbers sent via SMS that you need to enter along with your password when trying to access your bank accounts, health records, online photos, and more. This type of security is known as multifactor authentication (MFA) and is designed to keep your account secure even if someone knows your password. Without the additional security code, bad actors can't gain access to your data. Or at least that's the idea. It's increasingly becoming evident that security codes sent by text message may leave our data less secure than we thought. Fortunately, there are other, more secure ways to keep your accounts safe. Here's why it's probably a good idea to stop using SMS for your security codes, and what you can use instead. An opaque security code industry You may think that the text message you receive with the code you need to log into your account is coming from Amazon, Google, Meta, or whoever provides the service you are logging into. But it's probably not—and therein lies the security risk. Bloomberg and Lighthouse Reports just released an alarming report revealing that some of the most prominent tech companies recommending that users enable multifactor authentication—including Amazon, Google, and Meta—have used third-party companies to send their security codes to users via text. Some of these third-party companies have been linked to institutions in the surveillance industry and even government spy agencies. Additionally, some of the security codes that these third-party companies were responsible for transmitting have been associated with data breaches of individuals' accounts. Worse: the intermediaries operating in this space do so with little oversight from their tech giant clients or regulators. And Bloomberg and Lighthouse Reports' piece isn't the first to warn about the vulnerability that texted security codes expose users to. In December, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to the public, urging people to migrate away from receiving security codes via text. 'Do not use SMS as a second factor for authentication,' the CISA's memo warned. 'SMS messages are not encrypted—a threat actor with access to a telecommunication provider's network who intercepts these messages can read them.' But this vulnerability in texted security codes doesn't mean you should revert to using merely a password to access your accounts. Instead, you should consider a superior form of multifactor authentication—or upgrade to passwordless logins entirely. Get your security codes from an authenticator app instead Some websites and services are stuck in the past when it comes to multifactor authentication. That is, these websites do offer their users MFA, but only give the option of receiving security codes via text message—something the U.S. Cybersecurity and Infrastructure Security Agency now warns against. Thankfully, plenty of websites offer a more secure way to receive security codes: via an authenticator app. Simply put, an authenticator app is an application that resides on your phone or computer, storing all the various security codes for your online accounts that have multifactor authentication enabled. The code for each account in the authenticator app is unique, and it changes every 30 seconds. When you need to log in to a site that you have set up with multifactor authentication, you'll be prompted to enter your security code, which can be found in your authenticator app. And since these authenticator app codes always reside on your device, they can never be intercepted in transit, because they are never sent to you in the first place. Regardless of whether you use Windows, Mac, iPhone, or Android, you have numerous authenticator apps to choose from. These include Apple's own Passwords app, Google Authenticator, Microsoft Authenticator, LastPass Authenticator, and more. Even better, start using passkeys While authenticator apps are vastly more secure than text messages for getting your security codes, the safest login method no longer relies on codes—or even passwords—at all. I'm referring to passkeys, the passwordless login technology spearheaded by the FIDO Alliance, a consortium of tech companies including Amazon, Apple, Dell, Google, Meta, Microsoft, NTT, Samsung, and others. Passkeys are cryptographically complex from a technology perspective, but easy to use from a consumer perspective. When you add a passkey for one of your online accounts, you get one digital key, saved to your device, and the website gets a matching key. When you log into that website, the passkeys must match; otherwise, you won't get access to the account. You verify that you are the true holder of your passkey by confirming your identity with your biometrics—a facial or fingerprint scan, right from your phone or laptop. Passkeys can't be phished or guessed. And if one of your passkeys were stolen and put on someone else's device, it wouldn't work either. That's because the thief couldn't fool the passkey into thinking they were you since they don't have your face or fingerprint. And because passkeys don't require any alphanumeric input authentication—such as security codes—there's no code you need to worry about either. Passkeys are also synced to the cloud via your device's password manager, so if you lose your device, you can quickly regain access to all your passkeys from your, for example, Apple or Google account. The only drawback to passkeys is that not all online accounts support them. Still, each month, more and more sites are offering users the option for passkey logins. However, if your accounts don't support passkeys yet, you should still enable multifactor authentication. Just remember to opt to receive your security codes via an authenticator app rather than a text message.

Yahoo

3 days ago

• Yahoo

FTC reminds car dealers to protect customer data

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Dive Brief: The Federal Trade Commission on Monday warned auto dealers that recently updated regulations require them to protect customer data. The FTC modernized the Safeguards Rule twice in the past five years, and now it wants car dealers to understand their responsibilities. The guidance reflects the commission's continued interest in protecting driver privacy, despite the change in political leadership following President Donald Trump's election in 2024. Dive Insight: The Safeguards Rule, mandated in a 1999 law, is one of the FTC's core cybersecurity regulations. The commission updated the regulation in 2021 to require more specific security precautions from covered companies, and in 2023, it broadened those requirements to include notifications within 30 days of data breaches affecting at least 500 people. Among the covered industries: car dealers that offer financing to customers. In a Frequently Asked Questions document, the commission explained how car dealers should comply with the rule's requirements to 'develop, implement, and maintain a comprehensive written information security program that is sufficient to protect customer information.' The document describes 10 elements of a compliant program, including written risk assessments, regular evaluations of protective measures, employee training, third-party vendor oversight and incident-response plans. The document explains the difference between compliance with the Safeguards Rule and the Privacy Rule, answers questions about potential dealership practices and describes how dealers must ensure that their third-party service providers comply with the law. The security and privacy of car customers' data — especially the reams of sensitive information collected by cars themselves — has become a pressing issue as vehicles incorporate more internet-connected technology. Tesla's car privacy issues have garnered significant attention, but other carmakers have also faced scrutiny, including General Motors, whose customers sued it in August 2024 for selling their driving data without notice. The FTC has pursued cybersecurity and privacy cases more vigorously under Democratic leadership, but Republicans have grown increasingly willing to hold companies accountable for mishandling data. The Texas attorney general's office has been scrutinizing car companies' sale of driving data to third parties, including insurance companies. In January, the office sued the insurer Allstate as part of that investigation.