Software Security
ZeroFox | September 22, 2023
ZeroFox, an industry-leading provider of enterprise software-as-a-service for external cybersecurity, has announced the unveiling of multiple anti-phishing product enhancements. These updates solidify ZeroFox's position as the world leader in digital risk protection. Developed using cutting-edge AI/ML technologies and designed by a team of top-tier security experts, these new anti-phishing features boost escalated alert volume, reduce the occurrence of false positives, and expedite the process from threat identification to initial disruption and successful takedowns for all our customers.
The importance of these new features cannot be overstated, especially given the rising threat landscape. In the first half of 2023, ZeroFox Intelligence has recorded a substantial increase in the volume and complexity of phishing attacks, including a 30% surge in domain takedowns compared to the first half of 2022. New ZeroFox phishing trend research also highlights the adoption of evasion techniques like cloaking alongside emerging tactics such as SEO poisoning and phishing-as-a-service. These developments underscore the critical role of these new capabilities in safeguarding against evolving cyber threats.
Continuous and Complete Protection Against Domain-based Threats
ZeroFox adopts a unique approach to phishing compared to email security and conventional anti-phishing providers. Its strategy revolves around the identification, disruption, and elimination of the domains necessary for launching phishing campaigns. With daily monitoring of over 65 million domains, ZeroFox combats various threats like typo squats, subdomain spoofs, homoglyphs, and other malicious domain and URL-based attacks, effectively shielding customers and preventing any disruptions to business operations.
Incorporate advanced domain protection capabilities to enhance their cybersecurity measures, aiming to achieve substantial and measurable business outcomes:
Reduce Phishing Risks with Anti-Cloaking Capabilities:
Strengthen Compliance and Trust with SSL Monitoring
Secure Brand Identity with Favicon Search
Improve Operational Efficiency with Enhanced Subdomain Coverage
Enhance User Experience (UX) with Weblog Monitoring
Mike Price, Chief Technology Officer of ZeroFox, said,
ZeroFox has been detecting and disrupting phishing attacks for the last decade, constantly enhancing our solution to protect our customers from changing phishing techniques used by threat actors, including the widespread use of malicious cloaking and subdomains techniques.
[Source – Globe Newswire]
Price stated that the enhanced capabilities being announced represented their ongoing commitment to tackling the increasing phishing challenge encountered by security teams. He emphasized that as phishing continued to evolve, ZeroFox would remain a trusted anti-phishing partner dedicated to safeguarding customers from both current and future phishing techniques.
About ZeroFox
ZeroFox, a prominent enterprise software-as-a-service provider in the field of external cybersecurity, has revolutionized security beyond the corporate perimeter on the internet, where businesses conduct their operations and threat actors are active. Their platform seamlessly integrates cutting-edge AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust set of breach, incident, and takedown response tools. This enables them to uncover and disrupt various threats, including phishing and fraud campaigns, botnet exposures, impersonations, credential theft, data breaches, and physical threats that target domains, brands, personnel, and assets.
Read More
Network Threat Detection
PR Newswire | October 04, 2023
Kyndryl (NYSE: KD), the world's largest IT infrastructure services provider, today announced a strategic global alliance with Palo Alto Networks to provide end-to-end network and cybersecurity services, including the launch of a new service offering, powered by Prisma SD-WAN for enterprises and Industry 4.0 customers.
The alliance brings together Palo Alto Networks industry-leading platform security capabilities with Kyndryl's advanced network security services expertise to design, build, manage, and modernize mission-critical networking for customers across industries.
The companies are joining forces to capitalize on emerging opportunities in the SD-WAN infrastructure market that IDC estimates will grow at a compound annual growth rate of 10.1% through 2027. As the demands of enterprise mobility accelerate, enterprises are looking for greater operational agility to support their digital transformation. Businesses need to support the growing number of devices used to access the corporate network and cloud-based applications, while also meeting evolving security and compliance requirements.
Kyndryl and Palo Alto Networks are partnering to help businesses deliver consistent security and an enhanced user experience for customers everywhere, and across industries such as services, manufacturing, energy, healthcare, and retail. Kyndryl's new SD-WAN offering, powered by Prisma SD-WAN, will enable customers to transform and modernize their networks and meet the growing bandwidth demands of the proliferation of devices and cloud traffic. The new approach to network connectivity will provide a single pane of glass management to their networks, and simplifies deployment to branch-offices and edge services. By helping customers transition into a flexible and scalable network, Kyndryl will be able to help enterprises build a roadmap and incorporate new security paradigms such as SASE with Kyndryl Consulting services.
At Kyndryl, we are at the forefront of helping enterprises with their network transformation to meet the growing trends of remote work, multi-devices usage, and cloud and data access. As organizations move away from traditional hardware-centric models to OPEX consumption models, the need for agile, highly secure and reliable networks is imperative, said Stephen Leonard, SVP of Global Strategic Alliances, Kyndryl. We are delighted to partner with Palo Alto Networks to provide robust and versatile network security services that will provide many benefits to our customers.
"Together with Kyndryl, we are enabling enterprises to digitally transform confidently and innovate securely, while reaping the benefits of consolidating disparate security solutions into an integrated, best of breed platform," said Prem Iyer, SVP of Global Ecosystems for Palo Alto Networks. "We are committed to helping our joint customers achieve better security outcomes while protecting the modern connected organization from increasingly sophisticated attacks."
The global partnership between Kyndryl and Palo Alto Networks builds on the companies' established collaboration around security services and solutions. In July Kyndryl launched its new Security Operations as a platform (SOaap) solution leveraging Palo Alto Networks Cortex technology to drive operational savings and time-to-value through automation and orchestration.
Earlier this year, Kyndryl and Palo Alto Networks, together with Nokia, established an innovation lab in support of joint enterprise customers. By the end of the year, customers will be able to view innovative industrial edge use cases running on cloud, 4.9G/LTE and 5G private wireless connectivity. This will include remote manufacturing process control and real-time analytics on factory production sites, provisioning and management of mobile devices to improve the employee and frontline worker experience for onboarding and communication, and IT and OT security integration for worker safety and operational efficiencies. Kyndryl's industrial edge platform will be integrated with a multi-factor zero trust model built on Palo Alto Networks next-generation firewalls, run on Nokia's MXIE Industrial edge as part of Nokia Digital Automation Cloud (DAC)'s solutions, and with end-to-end managed services provided by Kyndryl.
About Kyndryl
Kyndryl (NYSE: KD) is the world's largest IT infrastructure services provider, serving thousands of enterprise customers in more than 60 countries. The company designs, builds, manages and modernizes the complex, mission-critical information systems that the world depends on every day. For more information, visit www.kyndryl.com.
Read More
Platform Security
GlobeNewswire | September 29, 2023
Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced it has formed the Veterans Program Advisory Council, made up of a global board of esteemed members from organizations that support the military veterans community across the Five Eyes countries: United States, United Kingdom, New Zealand, Canada, and Australia. Members will provide counsel on how Fortinet can continue meeting the needs of military veterans looking to transition into the cybersecurity field.
Military veterans have many complementary skillsets that make them ideal candidates for cybersecurity roles, including discipline, problem-solving under immense pressure, situational awareness, and an understanding of the importance of maintaining a strong defense posture. With the industry facing a talent shortage with an estimated 3.4 million security roles needing to be filled worldwide, the veteran community can play a key role in filling critical cyber roles with access to training, mentorship, and employment opportunities.
Yet, the Fortinet 2023 Cybersecurity Skills Gap Global Research Report found that 43% of organizations indicated difficulty in recruiting qualified veterans for cybersecurity roles. At the same time, veteran turnover is high in the industry, with one key reason being the shortage of staff, leading to overwork and burnout.
To further address these hurdles veterans face, the esteemed members of the Veterans Program Advisory Council with extensive backgrounds working with the military veteran community and as veterans themselves will help Fortinet strengthen its Veterans Program offerings by providing guidance on how to continue reskilling and upskilling veterans so they can start and stay in various cyber career pathways.
Veterans Program Advisory Council members (listed in alphabetical order) include:
Chris Barlow, Managing Director at Cerco IT Ltd (U.K.)
Marty Donoghue, Chief Executive of the RNZRSA (New Zealand)
Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (U.K.)
Tom Marsland, Board Chairman and CEO at VetSec, Inc. (U.S.)
Heath Moodie, Director of Vets in Cyber (Australia)
James Murphy, Director of TechVets Programme, The Forces Employment Charity (U.K.)
Bryan Radliff, CyberVets Program Manager at Onward to Opportunity, D’Aniello Institute for Veterans and Military Families (U.S.)
Patrick Shaw, Founder of Cyber Catalyst (Canada)
Mark Wilcox, Head of Cyber Training, Permanent Opportunities and Partnership at Cerco IT Ltd (U.K.)
Fortinet’s Commitment to Supporting Veterans to Close the Cyber Skills Gap
The Veterans Program Advisory Council will help build on the Veterans Program's success in providing more cybersecurity training pathways for military veterans with both existing technical background or no IT experience. Fortinet provides Veterans Program members access to its Network Security Experts (NSE) Certification Program curriculum to help them transition into the cybersecurity field and advance in their security careers through access to cyber training, professional development resources, and employment opportunities. This year, the Veterans Program is celebrating five years of helping military service members, veterans, and military spouses receive the fundamental resources they need to transition into cyber roles.
Fortinet has also been recognized as a 2023 VETS Indexes Recognized Employer, further underscoring the company’s commitment to supporting the veteran community throughout their careers.
Veterans Program Advisory Council Members Biographies
Chris Barlow, Managing Director at Cerco IT Ltd (U.K.)
Chris Barlow joined Cerco in 2003, and has since established a recruitment division for graduates through Cerco Training, a large proportion of which were British forces veterans. Chris acquired the entire business in 2017, and the company has continued to grow, prosper, and develop further. The vision for Cerco is to become a market leader in taking novice talent and guiding them to the highest levels of IT support and cybersecurity. Chris has made employment connections for new engineers with global IT companies such as Fujitsu, Hewlett-Packard, and IBM.
Marty Donoghue, Chief Executive of the RNZRSA (New Zealand)
Marty Donoghue has been chief executive of the RNZRSA since October 2020. Marty has a 35-year track record of transformational leadership, successfully building and managing teams and mobilizing volunteers in New Zealand and internationally across defense, sport, science, and in the not-for-profit sector. Marty served in the New Zealand Army for 25 years and is a veteran of Bosnia, Angola, Bougainville, and Iraq.
Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (U.K.)
Colin Grimes joined TechVets from the education sphere, where he worked as a primary school teacher with particular responsibility for computing across the curriculum. During his time in education, he also worked as a consultant to schools for the National Centre of Computing Education, delivering training to schools in computing and remote learning, leaning on lessons learned during the COVID-19 pandemic. Before this, he enjoyed a 24-year career as an air battle management specialist in the Royal Air Force. He also served as an instructor within the U.K. School of Air Battle Management, where he was responsible for training the next generation of air surveillance specialists.
Tom Marsland, Board Chairman and CEO at VetSec, Inc (U.S.)
Tom Marsland is a cybersecurity professional with over 21 years of experience in the information technology and nuclear power industry. He has also served over 21 years in the U.S. Navy and has a BS in IT security and an MS in cybersecurity. He is the board chairman of VetSec and the VP of technology and technical services at Cloud Range.
Heath Moodie, Director of Vets in Cyber (Australia)
Heath is the director of Vets in Cyber, where he is helping to build a mentoring program, running community events, and partnering with industry-leading training providers to offer employment assistance to veterans. As a five-year Australian Army infantry veteran, Heath transitioned into cybersecurity and was immediately confronted with the different cultures between the military community and civilian life. Wanting to be the change that he needed, Heath created a grassroots organization, Vets in Cyber, which is focused on helping to build a community around veterans to offer them the support they need within the cybersecurity industry.
James Murphy, Director of TechVets Programme, The Forces Employment Charity (U.K.)
James Murphy joined TechVets from Government Digital Services in the Cabinet Office, where he was employed as the head of threat intelligence, providing strategic cyber threat intelligence advice to key decision makers within central government with specific focus on protecting national infrastructure. Prior to this, James served for 19 years in the British military, deploying to Northern Ireland, East Africa, and Afghanistan with the infantry, receiving lifelong injuries as a result of enemy action. James then served the remainder of his service in intelligence, developing the army’s exploitation capability, providing support to U.K. Defence Engagement in East Asia before delivering strategic support to global joint military operations.
Bryan Radliff, CyberVets Program Manager at Onward to Opportunity (O2O) (U.S.)
Bryan Radliff serves as the CyberVets program manager in the Onward to Opportunity Program for the D’Aniello Institute for Veterans and Military Families (IVMF) at Syracuse University. CyberVets is a skills-to-job pathway that aims to fast-track veterans into high-demand cyber careers by providing no-cost employment training, industry certifications, and career services to transitioning service members, veterans, and military spouses. Bryan is a 31-year veteran of the U.S. Army, serving as an enlisted medical supply specialist, infantryman, and an armor/cavalry officer before retiring as a lieutenant colonel.
Patrick Shaw, Founder of Cyber Catalyst and Tech Vets (Canada)
Founder of Cyber Catalyst and co-founder of Coding For Veterans (CFV), Pat initiated Cyber Catalyst Talent Solutions to assist veterans achieve meaningful and rewarding careers using the skills developed through their upskilling or reskilling studies. Pat curated the CFV secure software development and the cybersecurity curriculum and established the learning approach aligning widely recognized industry certification exams to meet the cyber talent needs of employers. Cyber Catalyst Talent Solutions offers job-focused microcredentialing and certifications in support of job placement. Tech Vets Canada engages veterans and military family members with career mentorship and learning support.
Mark Wilcox, Cyber Training, Opportunities and Partnership at Cerco IT Ltd (U.K.)
Mark has over 30 years of commercial software development experience, the majority of which has involved web technologies. Throughout his career, Mark has developed and supported complex systems for a range of clients, including the London Stock Exchange, Lloyds Bank, Ryman stationers, Debenhams, and Woolworths. In January 2022, Mark joined Cerco IT to head up the cybersecurity training and employment division. As a key architect of Cerco's Cradle to Cyber training program, an initiative to provide advanced network security skills to Cerco’s trained graduates (many of whom are ex-armed forces), Mark continues to forge relationships with internationally renowned tech and training partners, such as Fortinet and CompTIA.
About Fortinet
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.
Read More