'We measure our success based on customer satisfaction, loyalty and retention,' says Strobes CEO Venu Rao

Vulnerability Management Platform for Companies
Venu Rao is a successful entrepreneur and cybersecurity professional who excels in developing client relationships by addressing their challenges and providing affordable and convenient validated solutions. With more than 15 years of experience in technology, product development, marketing and sales, he deeply understands the IT industry. As the Co-founder & CEO of Strobes Security, he is helping clients improve their cybersecurity posture by solving significant problems in the vulnerability management space with innovative solutions.
Read his interview to know his thoughts about the cybersecurity landscape and the importance of having customer-centric solutions.

By streamlining the detection, analysis, and response process, seamless security automation can help ensure faster remediation from vulnerabilities and threats.

Media 7: Hello Venu, thank you for your time. Could you share with us the factors that motivated you to pursue your current career path and describe your career trajectory?
Venu Rao:
I have always been inclined towards technology and entrepreneurship. My entrepreneurial journey has been interesting and a roller-coaster ride. I started with an IT staffing business, then scaled up to offshore IT development, and eventually developed a GPS-based Vehicle Tracking system in 2008. Although we made decent penetration in the Indian market, the GPS VTA product couldn't grow as expected because it was ahead of its time. After a break and a few years of working as a Business Head at a tech company, I am back to entrepreneurship with WeSecureApp. Innovation in technology and problem-solving using cutting-edge technologies has always been my primary motivation.

M7:  Please share with us some of the most rewarding experiences or accomplishments of your professional journey.
VR:
I was fascinated by the James Bond car, and with a team we have built a technology that allowed tracking and monitoring of vehicles during a time when smartphones were not yet prevalent, 2G was limited to metros and Tier 1 cities, and there was no cloud technology available. With a simple SMS, one could switch off the car, operate the air conditioning, and set up geo-fencing, among other features. Although the product did not achieve success, I believe that the journey of developing and marketing a new technology has brought me immense satisfaction and valuable lessons.

M7: Can you tell us a bit about the history of Strobes Security and how the company was founded?
VR:
Strobes Security was destiny for us. My co-founders are my cousins, and in 2015, when we met, all of us were in a transitional phase. I wanted to get back into entrepreneurship, Akhil, who is a hacker, was looking for a new path, and Srini, who had over 20 years of experience in the US market, was also in a similar situation. With our deep family history, we knew each other's strengths and working style in such detail that it was a no-brainer to team up and offer cybersecurity consulting services to enterprise customers.

Read more: 'Data is the answer to a more effective digital transformation,' says SonicWall's Diane Walker


Implementing a customer-centric approach involves putting the needs and preferences of the customers at the forefront of the organization's strategy, decision-making, and operations.

M7: What types of security services does Strobes Security offer, and how do they differ from other companies in the industry?
VR:
We are known for being one of the best offensive security companies in the industry. The Strobes platform offers solutions for multiple use-cases, including Pentest as a Service (PTaaS), DevSecOps, and Vulnerability Management. Our customers trust us for the following reasons:

aVulnerability Prioritization Technology: Our platform employs advanced technology to prioritize vulnerabilities, ensuring that our clients focus on the most critical issues first.
b. More than 75 connectors: We have over 75 connectors that integrate with various scanners, CI-CD, ITSM, and SIEM platforms, providing our clients with a seamless experience.
c. Scanner & tool agnostic platform: Our platform is not limited to specific scanners or tools, making it easier for clients to work with the tools they prefer.
d. Dashboards for visibility and cyber risk quantification: We provide our clients with dashboards that offer visibility into their security posture, allowing them to quantify their cyber risks.
e. Hybrid framework: We use a hybrid framework that combines both manual and automated testing to conduct offensive security assessments, ensuring that our clients receive accurate and reliable results.


M7: According to you, what are the best practices that a company dealing with vulnerability management should follow?
VR:
 a. Establish a formal vulnerability management program: The company should establish a formal vulnerability management program that includes policies, procedures, and guidelines for managing vulnerabilities.
b. Conduct regular vulnerability assessments: It should conduct regular vulnerability assessments of its systems and networks to identify potential vulnerabilities.
c. Prioritize vulnerabilities based on risk: It should prioritize vulnerabilities based on their severity and potential impact on the organization.
d. Develop a patch management plan: It should have a patch management plan that outlines the process for applying patches to systems and software.
e. Implement security controls: It should implement security controls to reduce the likelihood of vulnerabilities being exploited.
f. Monitor for new vulnerabilities: It should monitor for new vulnerabilities and incorporate them into its vulnerability management program.
g. Provide employee training: It should provide employee training on how to identify and report potential vulnerabilities.
h. Conduct incident response planning: It should have an incident response plan in place that includes procedures for responding to a security breach or vulnerability.
i. Conduct regular audits: It should conduct regular audits of its vulnerability management program to ensure that it is effective and up-to-date.

By following these best practices, companies can minimize the risk of security breaches and protect their systems and data from potential threats.


M7: Please explain how Strobes Security prioritizes customer satisfaction and ensures that clients receive high-quality service.
VR: a. Understand our customers' needs:
One size does not fit all. Every customer is different and so are their requirements. We understand our customers’ requirements thoroughly and accordingly provide tailor-made solutions.
b. Empathize with our customers: We understand the challenges of being a CISO and someone responsible for the company's security posture. With a team of vCISOs and CISO Advisory Board, we empathize with our customers and genuinely share the inputs and suggestions to improve the security posture of their organization.
c. Extended team: We believe to be the extended security team rather than a vendor. With that approach, we ensure to provide amazing support in remediation and achieve their compliance goals

Read more: 'Innovative, strategic marketing that’s well-executed yields substantial ROI,' believes Ann Strackhouse Miller


Advanced Vulnerability Intelligence is an ongoing process, and organizations should continually monitor their systems and networks for new vulnerabilities and threats.

M7: How does seamless security automation ensure faster remediation from vulnerabilities and threats?
VR: a. Asset Discovery:
Automated tools like Storbes ReconX can be used to do reconnaissance to find all the public and internal assets and trigger vulnerability scans automatically to find the vulnerabilities.
b. Prioritization: Strobes VI can also help prioritize vulnerabilities and threats based on their severity, exploitability and impact. This can help security teams focus on the most critical issues first and ensure that they are addressed promptly.
c. Quick Analysis: Automated tools can analyze security events and incidents quickly, reducing the time it takes to investigate and understand the scope of the problem.
d. Automated Response: Once a vulnerability or threat is identified and analyzed, automated tools can initiate a response automatically. This can include actions such as blocking network traffic, quarantining infected systems, or deploying security patches.

Overall, by streamlining the detection, analysis, and response process, seamless security automation can help ensure faster remediation from vulnerabilities and threats. This can help organizations better protect their assets, reduce downtime, and minimize the impact of security incidents.


M7: What are some of the key considerations organizations should keep in mind when implementing Advanced Vulnerability Intelligence? Please shed light.
VR:
Implementing Advanced Vulnerability Intelligence is a critical process for any organization that wants to protect its assets from security threats. Here are some key considerations that organizations should keep in mind when implementing Advanced Vulnerability Intelligence:

a. Define the scope and objectives: It is important to define the scope and objectives of the Advanced Vulnerability Intelligence program. This includes identifying the systems, applications, and networks that need to be monitored, as well as the types of threats and vulnerabilities that the organization wants to be alerted to.

b. Determine the data sources: The quality of the data sources used in Advanced Vulnerability Intelligence is critical to the success of the program. Organizations should evaluate their existing sources of vulnerability data and identify additional sources that can provide relevant, timely, and accurate information.

c. Choose the right tools: There are a variety of tools available for Advanced Vulnerability Intelligence, ranging from vulnerability scanners to threat intelligence platforms. Organizations should evaluate their options and choose the tools that best fit their needs.

d. Establish a process for analyzing and prioritizing vulnerabilities: Once vulnerabilities are identified, it is important to have a process in place for analyzing and prioritizing them based on their severity, likelihood of exploitation, and potential impact.

e. Develop an action plan: Once vulnerabilities are identified and prioritized, organizations should develop an action plan for addressing them. This may include patching systems, reconfiguring networks, or implementing additional security controls.

f. Monitor and review: Advanced Vulnerability Intelligence is an ongoing process, and organizations should continually monitor their systems and networks for new vulnerabilities and threats. Regular reviews of the program can help identify areas for improvement and ensure that the program remains effective over time.

g. Ensure compliance: Depending on the industry or regulatory requirements, organizations may need to ensure compliance with certain standards or regulations. Compliance requirements should be factored into the Advanced Vulnerability Intelligence program to ensure that the organization meets all necessary obligations.


M7: How does your organization implement a customer-centric approach?
VR:
Implementing a customer-centric approach involves putting the needs and preferences of the customers at the forefront of the organization's strategy, decision-making, and operations. Here are the steps we take to implement a customer-centric approach:

a. Develop a customer-centric culture: A customer-centric culture involves building an organizational culture that places the customer at the center of everything that we do. This involves creating a shared vision, mission, and values that prioritize the customer experience.
b. Understand customer needs: We understand the needs, wants, and preferences of our customers.
c. Empower employees: We empower our employees to make decisions that benefit the customer. This includes providing training, tools, and resources to help employees deliver exceptional customer service.
d. Deliver a personalized experience: Customers today expect a personalized experience. We tailor our products, services, and interactions to meet the unique needs and preferences of each customer.
e. Continuously improve: Our approach involves continuously gathering feedback from customers and using it to improve the organization's products, services, and processes. This requires a culture of continuous improvement and a willingness to embrace change.
f. Measure success: Finally, we measure our success based on customer satisfaction, loyalty, and retention. This involves tracking key metrics, such as Net Promoter Score and Customer Lifetime Value.


M7: What are the future plans or goals of Strobes Security and how do you see the company evolving in the coming years?
VR:
With the current modules and upcoming features that will be rolled out in the coming weeks, we are moving towards building a next-generation offensive security platform. Our goal is to leverage the best of both worlds to protect our customers through the combination of security automation and security experts.

Over the next few years, we plan to establish a strong partner ecosystem globally, which will enable us to grow exponentially. Additionally, we will continue to innovate our product offerings while maintaining focus on building a positive culture within our organization.

ABOUT STROBES SECURITY

Strobes Security is a leading company in the vulnerability management field, offering flagship products such as PTaaS and VM365, as well as managed services that simplify the vulnerability reporting process. The company's risk-centered vulnerability management platform utilizes an inbuilt vulnerability intelligence engine that prioritizes critical patches, ensuring that the right vulnerabilities are fixed at the right time.
Strobes Security is guided by four pillars that include a risk-centric approach, seamless security automation, high-end vulnerability intelligence, and a customer-centric approach. To know more about Strobes Security please visit, https://www.strobes.co/.

More C-Suite on deck

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

‘In the industry, we've observed fragmentation, especially among larger organizations,’ says Chris Fisher

Media 7 | October 16, 2023

Chris Fisher is a seasoned marketing professional who specializes in digital marketing and demand generation to fuel business growth. I integrate product messaging and innovative strategies with data-driven marketing to achieve quantifiable outcomes. Read on to know his thoughts about safeguarding the layers of Cyber-security.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

‘In the industry, we've observed fragmentation, especially among larger organizations,’ says Chris Fisher

Media 7 | October 16, 2023

Chris Fisher is a seasoned marketing professional who specializes in digital marketing and demand generation to fuel business growth. I integrate product messaging and innovative strategies with data-driven marketing to achieve quantifiable outcomes. Read on to know his thoughts about safeguarding the layers of Cyber-security.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

Related News

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Software Security

Deepwatch Announces New Forensic-Focused Operations Service To Enhance Cyber Resilience

Deepwatch | January 09, 2024

Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience. Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting. According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.” Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include: Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization. Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads. Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle. Reporting and Reviews - Deepwatch provides customers with reports, including: Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations. Summary presentations on the solution engagement status, including but not limited to hunting reports. Up to two executive reviews of the solution and observables per year. Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria. Annual intelligence reports on incident lessons learned and predictions. Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report. Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities. “As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.” About Deepwatch Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Software Security

Deepwatch Announces New Forensic-Focused Operations Service To Enhance Cyber Resilience

Deepwatch | January 09, 2024

Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience. Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting. According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.” Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include: Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization. Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads. Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle. Reporting and Reviews - Deepwatch provides customers with reports, including: Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations. Summary presentations on the solution engagement status, including but not limited to hunting reports. Up to two executive reviews of the solution and observables per year. Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria. Annual intelligence reports on incident lessons learned and predictions. Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report. Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities. “As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.” About Deepwatch Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

Spotlight

Strobes Security, Inc.

Strobes Security, Inc.

Strobes Security is leading the way to disrupt the vulnerability management space with our flagship products VM365 and PTaaS. Our products and managed services aim to simplify the vulnerability reporting & management process, assuring end-to-end solutions via our risk-centered vulnerability manageme...

Events

Resources