PLATFORM SECURITY

Anxinsec proposed a protection solution for advanced threats to defend against 0-day exploits and fileless attacks

Anxinsec | August 30, 2021

In the Beijing Cyber Security Conference 2021 from August 26th to 28th, Anxinsec was invited to attend along with more than 200 top domestic and international cyber security experts. During the conference, Anxinsec, a pioneer and leader in memory protection, presented a novel solution to prevent advanced threats.

Recently, the world witnessed the rise of massive ransomware attacks, such as the SolarWinds attack or the Kaseya supply chain attack. These kinds of advanced threats are usually deliberate attempts by professional hacking organizations performing long-term infiltration strikes with the ultimate goal of destroying or stealing data in order to achieve a political or economic result. The rise of massive attacks have raised the alarm for the global cyber security defense system and proved that the current endpoint security isn't enough against today's advanced threats.

Today's advanced threat happened in memory and kernel space are increasingly common. In May 2020, Google engineers counted 912 security flaws with high and critical levels in Chrome since 2015 and found that 70% were memory-level vulnerabilities. Microsoft security engineer said at the 2019 Israel Cyber Security Conference, 70% of the vulnerabilities fixed in Microsoft's products in the past 12 years are memory security flaws.

With the growing trend of threat actors moving lower in the stack into hardware and firmware, 0-day vulnerability exploits and files attacks account for a large proportion of the prevailing attack methods today. These attacks are extremely destructive and less visible with the current EDR techniques. Chinese cyber security start-up Anxinsec provides a novel solution to this rising threat. Through implementing hardware virtualization technology, it lowers the line of defence from the application level to system and hardware level. The Anxinsec memory protection solution based on CPU instruction and memory set can effectively prevent the risk of data breaches and tampering at the memory level.

Meanwhile, Anxinsec has a strong expert service team, can provide industry-leading security consulting, penetration testing, security maintenance, security operations and emergency response services. One of the main services the company provides in UAE is security expert service. Other services include enterprise mobility management (EMM), which includes mobile device management, mobile application lifecycle management, building enterprise mobile security framework, and unified endpoint management.

Spotlight

DearBytes is committed to providing a safe environment for its clients to take maximum advantage of today's most leading-edge information technologies. Their challenge is to continue to meet clients' ever-changing security requirements through growing lineup of managed services. They chose McAfee to overcome this challenge. They have implemented McAfee enterprise security manager, ePolicy orchestrator, vulnerability manager and network security platform. The results of implementing McAfee were offers clients flexibility to choose from a range of deployed or managed services, provides highly integrated intelligence for comprehensive security management and delivers centralized management of all client security environments for greater efficiencies.

Spotlight

DearBytes is committed to providing a safe environment for its clients to take maximum advantage of today's most leading-edge information technologies. Their challenge is to continue to meet clients' ever-changing security requirements through growing lineup of managed services. They chose McAfee to overcome this challenge. They have implemented McAfee enterprise security manager, ePolicy orchestrator, vulnerability manager and network security platform. The results of implementing McAfee were offers clients flexibility to choose from a range of deployed or managed services, provides highly integrated intelligence for comprehensive security management and delivers centralized management of all client security environments for greater efficiencies.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data

Neosec | November 16, 2022

Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity data to enable organizations to fully see and store API data, removing the possibility of keeping sensitive data at-rest. Today, many organizations are blind to the threats lurking within their API traffic. Even worse, organizations are forced to implement basic logging of its API traffic that doesn't contain the meaningful information about who accessed, what records were accessed or manipulated and how. There exists a justified fear of logging sensitive data or being out of compliance, and with the lack of technology that can perform it at scale, they prefer to log with low fidelity. Those logs tell you that "somebody modified or accessed a record" but typically don't disclose who accessed it, which record, or what action was performed. This decision also results in a downstream issue of "insufficient logging", which is noted by the Open Web Application Security Project as one of the top security problems in its 2021 OWASP API Top 10. "Insufficient logging" is poor for incident forensics and, in practice, means that you can't detect abuse or investigate a case, even if you know it happened. Tokenization is the process of substituting a sensitive data element, like a credit card number, for a non-sensitive equivalent that has no intrinsic or exploitable value or meaning. Neosec's automated tokenization is part of its 'privacy by design' philosophy and is already deployed successfully at customers around the world in financial services, insurance and hospitality companies among others. The process allows retaining tokenized API activity data for the purposes of performing true behavioral analytics over time, ensures that sensitive data is never stored at rest, and enables only the customer to de-tokenize, based on the strictest data privacy practices. "Solving API security starts with basic visibility and the ability to see how the APIs are used. The problem is that virtually every company logs API activity with low fidelity that doesn't enable this basic visibility. "In order to perform true behavioral analytics and investigate cases you must store and examine historical data. But if this analysis is performed on un-tokenized data you risk storing PII and creating compliance issues. Neosec successfully retains all API activity data, in the highest fidelity, and ensures it meets data privacy standards." Giora Engel, co-founder and chief executive officer, Neosec This focus on data and the visibility it brings is what previously defined the creation of the EDR (Endpoint Detection & Response) security space. "Trying to implement API security without enabling basic visibility of activity is like going back to the antivirus age before the advent of EDR. Visibility into API activity allows you to detect threats, understand behavior, investigate and remediate" said Engel. The Neosec API security solution discovers and maintains an up-to-date inventory of all APIs in use by an organization and then uses machine learning and behavioral analytics on tokenized data to find fraud and abuse by third parties and attackers. Neosec also enables proactive API threat hunting and investigations without storing any sensitive data. The automated API data tokenization is now a capability of the Neosec platform and is fully available. There is no extra cost for use of this unique capability. About Neosec Neosec is re-inventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities together with a team of expert threat hunters. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

BigID Announces Native Data Security Controls for Snowflake

BigID | September 23, 2022

BigID, the leading data intelligence platform that enables organizations to know their enterprise data and take action for privacy, security, and governance, today announced native data security controls for Snowflake, alongside becoming the first Snowflake partner to achieve Snowflake Ready Technology Validation in both" Data Security" and "Data Cataloging". BigID provides Snowflake customers with simplified access control, a data-centric approach to data masking, and accelerated security controls to better manage and protect their data. With Snowflake Ready Technology Validation, these integrations make it easier than ever for joint customers to manage and protect their sensitive data in Snowflake Data Cloud. As a validated solution in both data security and data cataloging, customers can: Gain continuous control of their snowflake data and automatically detect new and changed data Automatically find and classify all types of data - including dark data - alongside sensitive, regulated,critical, and personal data Streamline access policy definitions with a data-driven approach Apply intelligent tag-based data masking based on sensitivity and type "With this validation, our customers gain the trust and confidence that BigID has been battle tested against Snowflake best practices across deployment, performance, security, compliance, and more. "We're thrilled to continue to deepen our relationship with Snowflake, and drive innovation together across the modern tech stack." Nimrod Vax, Head of Product at BigID About BigID BigID's data intelligence platform enables organizations to know their enterprise data and take action for privacy, security, and governance. Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape. BigID has been recognized for its data intelligence innovation as a 2019 World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, the 2021 Inc 5000 as the #19th fastest growing company and #1 in Security, a Business Insider 2020 AI Startup to Watch, and an RSA Innovation Sandbox winner.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Malwarebytes Launches Managed Detection and Response Solution to Reinforce Security Operations of Resource-Limited Organizations

Malwarebytes | October 13, 2022

Malwarebytes™, a global leader in real-time cyber protection, today launched Malwarebytes Managed Detection and Response (MDR), which combines EDR technology and human-delivered security expertise to provide 24/7 threat hunting, monitoring, and response. Amid a shortage of skilled cybersecurity professionals, many organizations lack the time and expertise to monitor and validate security alerts around-the-clock. Teams also struggle to fully utilize the forensics and threat hunting tools provided by EDR platforms and can miss identifying hidden threats before they become infections. Without the time for thorough incident investigations of the scope and root cause of an event, organizations are left with ineffective remediation plans and risk repeating the incident cycle. By providing world-class security analysts, third-party intelligence, and threat analysis tools, Malwarebytes MDR can extend the capabilities of existing teams or completely fill the need of organizations lacking dedicated security staff. The Malwarebytes MDR analysts are constantly monitoring and triaging alerts, hunting for hidden threats, and either directly remediating or providing customized guidance to organizations. For any SMB or MSP with more alerts than they can handle, Malwarebytes MDR enables organizations to prioritize critical alerts, detect advanced malware attacks, analyse past indicators-of-compromise, and bolster ongoing resiliency. "There simply aren't enough hours in the day for most organizations to adequately address a barrage of alerts. But they don't have to do it alone. "We've recruited an incredible team of dedicated experts across the globe and empowered them with our award-winning tools and AI-based threat modeling to be a powerful force-multiplier for SMBs and MSPs. This is just the beginning as we continue to accelerate product innovation and deliver new services to secure chronically underserved SMBs and empower MSPs to be their heroes." Bob Shaker, Vice President of Managed Services at Malwarebytes Specifically, Malwarebytes MDR will: Supplement security expertise: Augments security staff with an instant team of experts to correlate threat data, enrich alerts and respond to threats 24/7. Expedite threat response: Bolsters cyber resilience with effective protection and flexible remediation options to detect and respond to attacks as they occur. Reduce security costs: Quick time-to-value and improved efficiency for security operations with technology-supported, expert services that significantly reduce security costs. Advance security posture: Built upon Malwarebytes' industry-tested and proven Malwarebytes EDR which applies advanced data analytics and near real-time threat intelligence to detect zero-day and other hidden threats. Provide rapid time-to-value: Automated onboarding that gets SMBs and MSPs from purchase to service operation fast and easy. Assist in meeting compliance requirements: Prevents threats to security, availability, integrity, and privacy of customer data in support of compliance with the broad range of regulatory requirements. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, that mission has expanded to provide cyber protection for everyone. Malwarebytes provides consumers and organizations with device protection, privacy, and prevention through effective, intuitive, and inclusive solutions in the home, on-the-go, at work, or on campus. A world-class team of threat researchers and security experts enable Malwarebytes to protect millions of customers and combat existing and never-before-seen threats using artificial intelligence and machine learning to catch new threats rapidly. These capabilities have been lauded by independent third parties including, among others, MITRE Engenuity, MRG Effitas, AV-TEST (consumer and business), G2 Crowd and CNET. With threat hunters and innovators across the world, the company is headquartered in California with offices in Europe and Asia.

Read More