PLATFORM SECURITY

Anxinsec proposed a protection solution for advanced threats to defend against 0-day exploits and fileless attacks

Anxinsec | August 30, 2021

In the Beijing Cyber Security Conference 2021 from August 26th to 28th, Anxinsec was invited to attend along with more than 200 top domestic and international cyber security experts. During the conference, Anxinsec, a pioneer and leader in memory protection, presented a novel solution to prevent advanced threats.

Recently, the world witnessed the rise of massive ransomware attacks, such as the SolarWinds attack or the Kaseya supply chain attack. These kinds of advanced threats are usually deliberate attempts by professional hacking organizations performing long-term infiltration strikes with the ultimate goal of destroying or stealing data in order to achieve a political or economic result. The rise of massive attacks have raised the alarm for the global cyber security defense system and proved that the current endpoint security isn't enough against today's advanced threats.

Today's advanced threat happened in memory and kernel space are increasingly common. In May 2020, Google engineers counted 912 security flaws with high and critical levels in Chrome since 2015 and found that 70% were memory-level vulnerabilities. Microsoft security engineer said at the 2019 Israel Cyber Security Conference, 70% of the vulnerabilities fixed in Microsoft's products in the past 12 years are memory security flaws.

With the growing trend of threat actors moving lower in the stack into hardware and firmware, 0-day vulnerability exploits and files attacks account for a large proportion of the prevailing attack methods today. These attacks are extremely destructive and less visible with the current EDR techniques. Chinese cyber security start-up Anxinsec provides a novel solution to this rising threat. Through implementing hardware virtualization technology, it lowers the line of defence from the application level to system and hardware level. The Anxinsec memory protection solution based on CPU instruction and memory set can effectively prevent the risk of data breaches and tampering at the memory level.

Meanwhile, Anxinsec has a strong expert service team, can provide industry-leading security consulting, penetration testing, security maintenance, security operations and emergency response services. One of the main services the company provides in UAE is security expert service. Other services include enterprise mobility management (EMM), which includes mobile device management, mobile application lifecycle management, building enterprise mobile security framework, and unified endpoint management.

Spotlight

You’re ready to transform how your organization gets work done. That means rethinking how employees collaborate and how customers interact with you. Convenience and productivity are at the core of these experiences and it’s critically important to harness modern, digital tools to provide them. This whitepaper helps you rethink t

Spotlight

You’re ready to transform how your organization gets work done. That means rethinking how employees collaborate and how customers interact with you. Convenience and productivity are at the core of these experiences and it’s critically important to harness modern, digital tools to provide them. This whitepaper helps you rethink t

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Armorblox to Enhance its NLU-based Data Protection Platform

Armorblox | December 26, 2022

Contents 1. Enhancement in the Company’s Email Security Solutions 2. How is Enhancements in the Solution Benefiting the Customers? Armorblox, anemerging email security solutions provider, recently announced the inclusion of Custom Role-Based Access Controls to its innovative cloud-delivered email security platform for enhancing the maintenance of data compliance and reducing data blindspots for individuals across the organization. Not every email is the same. When it comes to incoming threats, attackers tend to focus on emails that involve sensitive credentials or valuable data. According to the Armorblox Email Security Threat Report, in 2022, 87% of credential phishing attacks looked like common corporate workflows to trick victims, and 70% of spoofing attacks got past native email security layers. Thus, Armorblox has made improvements to Armorblox Advanced Data Loss Prevention and added Custom Role-Based Access Controls to make it safer from insider threats (RBAC). 1. Enhancement in the Company’s Email Security Solutions "According to a recent Market Research Future study, the demand for email security is anticipated to exceed US$ 11 billion by 2030." Armorblox has always been committed to putting security first, and this dedication goes beyond offering a best-in-class email security solution. Armorblox Advanced Data Loss Prevention's enhanced capabilities ensure that customers' most sensitive information is reliably protected across all content types and storage mediums. Coupled with its Armorblox Custom DLP Policies, companies are now able to set automated encryption actions and exceptions for sensitive data and confidential content per department or per user. Armorblox Custom Role-Based Access Controls provide fine-grained controls to security teams, which are necessary to set restriction levels and access for individuals, teams, and groups across the organization. 2. How is Enhancements in the Solution Benefiting the Customers? Through the enhancements to the Advanced DLP solution and the addition of Custom Role-Based Access Controls to the Armorblox platform, Armorblox is supporting the security-first approach that companies require. Customers will benefit in a variety of ways, including: Custom Access Controls: Create and assign custom roles with granular permissions to groups or individuals across security teams based on their job responsibilities. Sensitive Data Encryption: Prevent unauthorized disclosure of PII, PCI, and PHI by identifying and encrypting sensitive data across emails, attachments, and documents automatically. Reduce Data Blindspots: Ensure the implementation of appropriate restrictions and access levels for employee, organization, and third-party data. About Armorblox Founded in 2017, Armorblox is an email security solutions company headquartered in California, U.S., backed by Next47 and General Catalyst. The company provides technology that secures enterprise communications over email and other cloud office applications by leveraging deep learning and natural language technologies. The Armorblox platforms connect via APIs and analyze millions of signals to comprehend the context of communications in order to safeguard individuals and data from compromise. Over 58,000 enterprises use Armorblox to prevent BEC and targeted phishing attacks, protect critical PII and PCI, and automate the repair of user-reported email threats.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

GoSecure Releases Titan Identity for Enhanced Identity and Access System Security

GoSecure | February 16, 2023

On February 15, 2023, GoSecure, a leading Managed Extended Detection and Response (MXDR) and proficient advisory services provider, announced the release of Titan Identity, a solution combining technology with managed services to offer an affordable and immediately deployable solution that can help organizations to measurably enhance response times to credential theft. GoSecure Titan Identity is a detection service specifically designed to significantly minimize the time required to detect and respond to assaults aimed at enterprise identity systems such as Microsoft Active Directory. By employing real-time analysis of Active Directory and other event log data, the Titan Identity's alert technology with low false positives allows Incident Response teams to effectively utilize existing workflow systems and react promptly to commonplace but hazardous attacks that occur after the initial foothold, thereby ensuring the safeguarding of crucial business assets. The Key benefits of this service include the following: Significantly reduced response and detection times by enabling the Incident Response team to have continuous and ongoing visibility into identity attacks across enterprise hosts, virtual machines, servers, containers, desktops, and laptops. Improved return on previous (SOAR)/ (SIEM) investments by leveraging the SIEM infrastructure, facilitating new SOAR playbooks with automated actions, and permitting the use of out-of-SIEM logs that surpass indexing and storage budget. Increased productivity for analysts by significantly minimizing the occurrence of false positives, eliminating the need for an additional user interface, and providing alerts with enriched messages. Enabled verifiable accuracy through automated and continuous testing and quantification of performance. Reduced deployment and change costs by avoiding network probes and sensors. Improved internal team's capabilities by granting access to a team of data scientists for expanding identity attack detection capabilities. Titan Identity is different from other anomaly or signature-based detection systems and is made up of over 30 distinct detectors and finely tuned machine learning models that are continuously evaluated to significantly minimize false positives, delivering high confidence alerts in mere seconds. The design facilitates the replacement of manual workflows with automation, capable of functioning with remarkable assurance. This flexible and adaptable service is complemented by the access of data science experts who ensure the accuracy and measurability of results via ongoing data flow monitoring, detector development, and detector performance tuning services. About GoSecure Founded in 2002, GoSecure is a leading cybersecurity solutions provider and offers cutting-edge managed security solutions and expert advisory services. Its GoSecure Titan® managed security solutions provide comprehensive, multi-vector protection to effectively counteract the latest cyber threats and offer a full suite of services that can extend the capabilities of clients' in-house teams. For more than a decade, it has been assisting clients in better understanding their security gaps, mitigating organizational risk, and improving their security posture through its advisory services, delivered by one of the industry's most reliable and skilled teams.

Read More

SECURITY AUDIT AND COMPLIANCE, WIRELESS AND MOBILE SECURITY

Forescout Announces Launch of Forescout XDR

Forescout Technologies Inc. | March 02, 2023

On March 1, 2023, Forescout Technologies, a leading automated cybersecurity solutions provider, launched Forescout XDR to enhance enterprises' investigation, detection, and response capabilities against advanced threats across their extended enterprises. Currently, security operation centers (SOCs) are inundated with an average of 450 alerts per hour, and analysts often spend precious time correlating low-fidelity alerts and chasing false positives. Forescout XDR uses data science and automation to generate a single high-fidelity alert every hour from 50 million logs ingested, reducing the number of alerts that warrant further investigation and thus enabling analysts to focus on legitimate attacks. Forescout XDR is vendor- and EDR-agnostic and collects data from over 170 sources, including security, cloud/SaaS infrastructure and enrichment sources, as well as dozens of leading vendors. Forescout XDR contains over 70 threat information sources and 1500 confirmed detection rules and models. With data onboarding included, customers may become operational in hours, actively identifying, investigating, and responding to risks. SOCs till now have excluded critical devices that are increasingly common points of attack, such as industrial control systems (ICS), operational technology (OT), building management systems (BMS), and IoT and medical devices. Furthermore, the technological stack on which SecOps teams have been forced to rely has made it impossible to respond to these threats promptly and thoroughly. The technology integration with Forescout's network access control solution facilitates proactive prevention of attacks by reducing the attack surface through restriction of compromised or non-compliant devices from connecting to their networks and automating response workflows that can immediately touch every connected device throughout the enterprise. Thus helping reduce the blast radius of an attack in real-time, allowing proper mitigation or remediation measures to be completed. Forescout XDR includes a multi-tenant architecture and supports local data storage while also providing an aggregated global view of threats and SOC performance. It is ideal for large firms, global corporations, and organizations with regional managed security service providers (MSSPs) and SOCs. The SaaS licensing pricing model is based on the total amount of endpoints in the enterprise, offering customers the flexibility to leverage the data sources they need to support their use cases without concern for fluctuating costs associated with cloud log storage. About Forescout Technologies Inc. Forescout Technologies, Inc. protects the Enterprise of Things through comprehensive identification, segmentation, and enforcement of compliance with every connected device. The company's enterprise-class platform has been widely deployed across managed and unmanaged IT, IoT, and OT devices, making it a trusted choice for Fortune 1000 companies. Forescout provides organizations with the most extensive device intelligence in the world, enabling them to classify risks precisely, detect irregularities, and promptly remediate cyber threats without harming essential business assets.

Read More