DATA SECURITY

AdvIntel & KPMG LLP announce alliance around cyber threat detection and ransomware response

AdvIntel | October 01, 2021

AdvIntel, a leading cybersecurity threat prevention and loss avoidance company with a unique and unparalleled ability to detect and disrupt ransomware and KPMG LLP, the global audit, tax and advisory firm, today announced an alliance around AdvIntel's "Andariel" Threat Prevention & Loss Avoidance Platform.

The profile of ransomware victims has moved upmarket over the past year as the adversaries have enhanced their capabilities faster than cyber defenses at an alarming trend.

 The state of the current cyber security market is full of uncertainties. The current breach response is traditionally reactive, leading to a breach after a breach. Now, with the unique alliance, we are effectively reversing the traditional breach paradigm with the vision to disrupt breaches before they turn into ransomware. Our goal is to bring the world closer to a ransomware-free future via the proactive and preventative breach response.

According to AdvIntel CEO, Vitali Kremez

Andariel' s ability to track botnet initial compromises enables AdvIntel' s customers to take action before data and personally identifiable information is leaked, which could prevent regulatory, reputational, and legal losses related to data breach legal liability.

Ed Goings, KPMG National Lead for Cyber Response Services stated "Intelligence of this level is a complete game changer. Many companies state they provide threat intelligence, but this is the first time I have seen actionable intelligence that can be used to potentially identify corporate ransomware attacks before they happen."

Moreover, some of the tracked botnets have a unique relationship with some of the monitored ransomware families. Therefore, by timely identifying botnet activity in their systems, AdvIntel's clients can identify and potentially avert tremendous losses from ransomware attacks.

Incident response case support through Andariel enables a corporate cyber investigation team by providing immediate information on the "patient zero", the way cyber infection spreads through the system, as well as the vulnerabilities which lead to the compromise. Andariel aims to significantly decrease the time and resources spent on investigations, as well as to decrease the insurance claims and coverage of the remediation effort.

AdvIntel and KPMG will jointly go to market to combat cyber incidents, by providing early-warning alerting, applied threat detection, and long-term strategic threat intelligence. AdvIntel and KPMG are already working jointly with several cyber insurance providers around the threat prevention and loss avoidance needs of their customer base.

About AdvIntel
AdvIntel is the world's first and only cybercrime and adversarial disruption firm which leverages Andariel, a next-generation threat prevention and loss avoidance platform which has visibility beyond a company's own internal network. Andariel sheds light on the botnet and breach ecosystem in order to spot threats and compromises preemptively and proactively. Whether prolific botnets, ransomware syndicates, cyber extortionists, carders, advanced persistent threat groups, or crimeware operators, Andariel ensures ultimate visibility into these threats before they actualize and do harm.

About KPMG LLP
KPMG LLP is the U.S. firm of the KPMG global organization of independent professional services firms providing audit, tax and advisory services. The KPMG global organization operates in 146 countries and territories and has close to 227,000 people working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients. Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

Spotlight

Die Gebäude, in denen wir leben und arbeiten, werden intelligenter und stärker vernetzt. Aktuell werden die Szenen Realität, die wir bisher nur aus Science-Fiction-Filmen kennen: Durch die steigende Anzahl an IoT-Geräten verwandeln sich unsere Wohnungen und Büros in „intelligente Gebäude”, die selbstständig Entscheidungen treffe

Spotlight

Die Gebäude, in denen wir leben und arbeiten, werden intelligenter und stärker vernetzt. Aktuell werden die Szenen Realität, die wir bisher nur aus Science-Fiction-Filmen kennen: Durch die steigende Anzahl an IoT-Geräten verwandeln sich unsere Wohnungen und Büros in „intelligente Gebäude”, die selbstständig Entscheidungen treffe

Related News

DATA SECURITY

Neosec Integrates its API Security Platform With Kong's API Gateway to Protect Enterprises from Business Abuse, Fraud and Data Theft

Neosec | December 07, 2021

Neosec, the pioneer in discovering and protecting APIs using behavioral analytics, today announced that it has formed a strategic partnership with Kong Inc. to integrate its API security platform with Kong Gateway to provide a complete enterprise-class solution for managing and securing APIs and microservices. Kong provides the world's most popular API gateway, built for hybrid, multi-cloud environments optimized for microservices and distributed architectures. Neosec enables Kong customers to easily gain enterprise API security capabilities to protect their critical business processes. Neosec continuously discovers all APIs, and using API behavioral analytics, detects abuse and automatically orchestrates conditional responses on specific consumer entities into the Kong API gateway. The technology integration is the first API security solution with closed loop feedback into an API gateway. "As more enterprises embrace digital transformation initiatives and expose APIs, core aspects of business processes are increasingly put at risk. In this modern environment, API security cannot only create alerts for a security team to evaluate, but it must also work with existing API technologies in creating automated responses,Our strategic partnership with Kong enables the platforms to natively work together using their existing Kong Gateway Enterprise deployment without requiring any changes to the production pipeline." Giora Engel, chief executive officer, Neosec With this integration, Kong Gateway provides an excellent way to manage the complexities of deploying and using APIs, while the Neosec platform augments the security posture with API discovery, risk assessment, and AI-powered behavioral analysis, detection and response. As a result of security incidents, the Neosec integration automatically creates security policies in Kong Gateway and enables automated responses. Kong Gateway includes API authentication, authorization, logging, traffic control, caching and administration. Neosec ingests access logs from popular technologies like CDNs, Web app firewalls and API gateways. The Neosec platform enables API discovery and automatically flags meaningful anomalous behaviors within them. The combined solution enables enterprises to embrace the power of digital business while minimizing the risks without any changes to the production pipeline. "The stakes for API exposure continue to climb as companies rely more heavily on open infrastructure and connecting applications, systems and data with each other as well as with customers and partners," said Reza Shafii, vice president of products at Kong Inc. "We are excited to partner with Neosec and have its platform natively integrated with Kong Gateway and exclusively available to our customers with an Enterprise subscription. Offering the world's most popular API gateway and the leading service connectivity platform, Kong has vastly eased the burden of using microservices and APIs for distributed applications, and the combined solution now more fully addresses the risks and exposure running within APIs." Neosec is strategically forming technology partnerships with leading providers of digital business infrastructure including CDNs and API gateways and management solutions. Neosec API Security is available for all Kong enterprise customers to protect their existing APIs. About Kong Inc. Kong creates software and managed services that connect APIs and microservices natively across and within clouds, Kubernetes, data centers and more using intelligent automation. Built on an open source core, Kong's service connectivity platform enables digital innovation by allowing organizations to reliably and securely manage the full lifecycle of APIs and services for modern architectures, including microservices, serverless and service mesh. By providing developer teams with unprecedented architectural freedom, Kong accelerates innovation cycles, increases productivity, and seamlessly bridges legacy and modern systems and applications. About Neosec Neosec is reinventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security.

Read More

DATA SECURITY

Smithers Announces the Launch of Information Security Services

Smithers | May 25, 2021

Smithers, a leading provider of testing, consulting, information, and compliance services, is pleased to announce the launch of its information security services department. This agency will provide auditing and certification services for NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC), as well as other customized information security offerings. Smithers Quality Assessments Division offers 25+ years of high-touch, value-added third-party auditing expertise to the CMMC program, including trained, professional auditors to perform CMMC assessments for organizations that are current suppliers to the United States (US) Department of Defense, as well as those looking to meet the requirements of being a supplier. Smithers' information security service offering ensures the security of clients' sensitive data by delivering reliable assessments on time and with a high level of touch. "Information security threats continue to intensify as a significant concern to organizations of all sizes," says Jeanette Preston, President of Smithers Quality Assessments Division. "As a matter of business continuity, many companies would be required to ensure sensitive data security as a requirement to do business with defense, governmental agencies, and highly regulated industries." The information security services department will be launched and led by Aaron Troschinetz, General Manager for Smithers Quality Assessments Division in North America. "During audits, we see that clients have a genuine need for these facilities," Troschinetz says. "Companies do not need multiple vendors because we provide information security in addition to our existing auditing and certification services. Smithers is now capable of serving as their full-service trusted partner." About Smithers Smithers is a multinational provider of testing, consulting, information, and compliance services that were founded in 1925 and is headquartered in Akron, Ohio. Smithers serves customers in the transportation, life science, packaging, fabrics, parts, consumer, and energy sectors through laboratories and operations in North America, Europe, and Asia. Smithers integrates science, technology, and business expertise to provide accurate data on time and with a high touch, allowing consumers to innovate with confidence.

Read More

ENTERPRISE SECURITY

MRK Technologies Adds New Autonomous Penetration Tests

MRK Technologies | April 18, 2022

MRK Technologies, a cybersecurity risk management company, has announced a collaboration with Horizon3.ai to assist its clients tackle the ever-evolving ransomware threat with a new Autonomous Penetration Tests as a Service (APTaaS). Penetration testing can be automated and executed as often as needed to guarantee all systems are safe utilizing Horizon3.ai's NodeZero platform. John Tookman, Chief Revenue Officer and Senior Vice President of MRK Technologies said that "We pride ourselves on continuously bringing the best technology to our customers. We're excited to add Horizon3.ai's NodeZero platform to our managed security services, which allows us to help ensure our customers' systems are secure." He further added that, "In the last couple of years, we've doubled down on our efforts to build out our Security Operations Center in order to provide best-in-class service offerings to our customers. Adding APTaaS is just the next step in continuing to achieve our mission of helping our customers achieve a stronger security posture amidst the ever-evolving threat landscape." Annual penetration testing is often seen as a compliance necessity rather than a value addition. Many pentests merely provide a snapshot of a network that is only relevant for a limited time. This new continuous APTaaS is a real SaaS product that assists cybersecurity teams in constantly identifying and fixing vulnerabilities in their systems before attackers can use them. "Threat actors know how to chain together network misconfigurations, vulnerabilities, harvested credentials, and dangerous product defaults to create attack vectors you never imagined would be exploitable. Our partnership with MRK Technologies allows us to provide APTaaS to customers, helping them to harden their security postures with pentests that can run as often as they wish." Snehal Antani, CEO and co-founder of Horizon3.ai This new product complements MRK Technologies' Security Operations Center's existing managed securities portfolio, which includes Managed Detection & Response (MDR/EDR), Managed Security Information & Event Management (SIEM), Managed Deception Technology, and Managed Network Detection.

Read More