Posted on

Ungerboeck’s Latest Acquisition Enables Launch of Risk Management Tool for Venues and Events

Ungerboeck's Latest Acquisition Enables Launch of Risk Management Tool for Venues and Events

ST. LOUIS, May 24, 2022 (GLOBE NEWSWIRE) — Ungerboeck, the global leader in event management software, announced today that it has acquired the products developed by risk management agency Reliance Risk and will be debuting an industry-first application for mitigating risk to events and venues.

Risk management is an essential part of venue management and event planning. As the industry continues to be impacted by major shocks like the COVID-19 pandemic, terrorism, accidents, and severe weather incidents, Ungerboeck is committed to helping its customers better manage risks of all kinds.

The acquisition of both Reliance Risk products, RiskSense101 and VRM360, gives Ungerboeck the power to offer a valuable new solution: Risk Manager by Ungerboeck. The new application is specifically designed to give venue and event organizers a better understanding of threats and help them be proactive instead of reactive in the face of potential issues. 

“The unique nature of events dictates the need for a customized, simple, but powerful technology solution to help mitigate and monitor risk,” said Wayne Middleton, founder of Risk Sense Technologies and co-developer of the new application. “We have built this into Risk Manager by Ungerboeck and are grateful for the shared vision, passion, and global reach that Ungerboeck brings to help our industry manage risk.”

Steve Mackenzie, Executive Vice President of Ungerboeck, said the new application fills a void in the market. 

“Over the past few years, several events have become major headlines for all the wrong reasons,” he said. “Think of the Manchester Arena bombing, the shooting in Las Vegas, or the Astroworld crowd incident. By offering this tool, we are ensuring venue and event operators are equipped to identify potential risks and produce the necessary tasks and reports to back up the process.” 

Before joining the Ungerboeck family, Middleton’s risk management software was already used in venues across the Asia Pacific Region. Now thanks to Ungerboeck’s global reach, thousands of additional organizations will benefit. 

“Qudos Bank Arena, along with the larger ASM Global operated venues throughout Australia, have held a license to the software for over seven years. It has been an important tool in helping us understand the risks that our venues encounter and ensure that we have taken appropriate measures to mitigate them,” said Steve Hevern CVE, General Manager of Qudos Band Arena. “We congratulate Wayne and Ungerboeck on this global partnership and look forward to more innovative technology that will help us continue to host safe and successful events.” 

Middleton will continue in his role as Managing Director of Reliance Risk, and as a risk management consultant, setting the benchmark for best practices across the industry.

“We’ll build on the unique system that Wayne, a world-renowned risk management expert, has developed over the past decade,” Mackenzie said. “This is incredibly exciting for the market to finally have access to a dedicated risk management software.” 

About Ungerboeck

Ungerboeck provides industry-leading event and venue management software to over 50,000 users in more than 50 countries, empowering the people that bring people together. Its comprehensive platform offers event professionals powerful Software as a Service (SaaS) technology that provides a 360-view of their business, allowing them to cut costs, save time, and increase revenue. Founded in 1985, Ungerboeck is headquartered in the United States, with regional presence in Germany, France, Mexico, England, Australia, Mainland China, Hong Kong, and Singapore. ungerboeck.com

About Reliance Risk

Reliance Risk is a risk management consultancy established to provide quality risk management and safety support. We offer services across the risk spectrum with expertise in health and safety, business risk, business continuity and resilience, security, and emergency management. Many of our consultants have international risk management experience working across a range of industry sectors and we draw upon our network of technical experts to provide the right solution for client needs.


        
Posted on

Ermetic launches open source tool that analyzes AWS CloudTrail AccessDenied events – Help Net Security

Ermetic launches open source tool that analyzes AWS CloudTrail AccessDenied events - Help Net Security

Ermetic released a free open source tool for managing AccessDenied Events in Amazon Web Services (AWS) that automates time consuming cloud access policy troubleshooting and correction.

Ermetic Access Undenied on AWS

Access Undenied on AWS analyzes AWS CloudTrail AccessDenied events, scans the environment to identify and explain the reasons for the events, and offers actionable least-privilege remediation suggestions.

The project is led by Noam Daham, research lead at Ermetic.

“Even if you know the policy type causing ‘access denied’, which isn’t always the case, you still need to find the policy and the statement inside the policy causing the denial, and replace it with a least-privilege alternative,” Noam Dahan. “Basically, you give the Access Undenied on AWS tool a CloudTrail event with an “Access Denied” outcome, and it will tell you how to fix it!”

Access Undenied on AWS addresses some of the peskiest Access Denied challenges encountered by DevOps and security teams on a daily basis, including:

  • Some AccessDenied messages still do not provide details. Among the services for which some, or even many, messages are lacking in detail are: S3, IAM, STS, CloudWatch, EFS, DynamoDB, Redshift, Opensearch and ACM.
  • When the reason for AccessDenied is an explicit deny, users can have difficulty tracking down the specific policy and statement that generated the explicit deny. Specifically, when the reason is an explicit deny in a service control policy (SCP), it is difficult to find and assess every single policy in the organization that applies to the account.
  • Meanwhile, when the problem is a missing allow statement, it can still be challenging to create the least-privilege policy that allows the desired access without granting excessive permissions.

Access Undenied on AWS is available now and supports policies for many resources and some of the most common condition keys. This open source project is also soliciting input from the community through contributions of new issues in the repository.