ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Tenable | March 13, 2023
Tenable®, the Exposure Management company, announced unveiling new features within Tenable OT Security, delivering greater protection for operational technology (OT), industrial control systems and critical infrastructure, regardless of deployment size or environment configuration.
The new feature keeps the CISO's organization front and center, making it easier to protect and maintain governance of the whole attack surface using the same tools and processes throughout their infrastructure, whether IT, OT, IoT, the cloud, or other platforms.
Tenable is ideally positioned to assist its customers in meeting their security needs by offering an all-encompassing solution for securing mixed environments. This latest update enhances Tenable OT Security's vulnerability detection capabilities with an improvement to the OT active scanner and a tighter integration with Tenable's Nessus, the market-leading vulnerability scanning solution. Tenable OT Security now provides companies with unparalleled scanning capabilities by leveraging the technology relied upon by over 40,000 security teams worldwide.
Key new capabilities include:
Increased Asset Discovery and Visibility
Advanced Vulnerability and Threat Detection
Enhanced Dashboards and Reporting
Amir Hirsh, General Manager of OT Security, Tenable, said, "We consistently hear from CISOs that they have been tasked with security for mixed environments that include both OT and IT technologies, but they don't have the requisite visibility to secure either well. The new capabilities added to Tenable OT Security provide our customers with full visibility, security and control of all their environments and assets, in one consolidated view." He added, "Now, our customers can leverage the full strength of Tenable OT active scanning, tightly integrated with embedded Nessus scans for IT assets, to create a clear view of all assets, their vulnerabilities, risk score, attack path analysis and more."
(Source – Globe Newswire)
This most recent upgrade also includes product localization abilities for Japanese, Chinese, French, and German, reducing training and support expenses for businesses operating in non-English speaking regions.
Headquartered in Columbia, MD, Tenable® is a leading company for Exposure Management. Tenable is relied upon by about 43,000 enterprises worldwide to comprehend and mitigate cyber risk. As the originator of Nessus®, Tenable leveraged its experience in vulnerabilities to provide the world's first platform capable of identifying and securing any digital asset on any computer platform. Over sixty percent of the Fortune 500, forty percent of the Global 2000, and significant government bodies are prospective clients of Tenable.
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Mendix | January 24, 2023
Mendix, a Siemens business and world leader in modern enterprise app development, and Software Improvement Group (SIG), a unique technology and advisory firm for software quality, security, and improvement, have announced the launch of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to address risks and vulnerabilities immediately.
Sigrid®, SIG's software assurance guidance platform, powers Mendix QSM. It delivers a complete perspective on the effect of security findings on business goals by combining more than 20 top-tier security scanning technologies. With Mendix QSM, the users can scan their Mendix apps, including third-party libraries, for security flaws and incorrectly configured security models, rank for compliance with major industry standards such as OWASP, ISO 5055, and PCI, and receive risk mitigation recommendations and clear guidance.
Mendix QSM is based on application model static analysis. SIG experts have mapped Mendix models to the ISO 25010 maintainability model using Mendix model metadata. This enables its applications to be compared against a database of thousands of projects, including open-source initiatives. Mendix QSM also presents a five-star rating of the quality of the software.
Mendix is an industry-leading low-code application development platform for enterprises. With Mendix, you can transform a spreadsheet into an app, establish a portfolio of enterprise-wide apps, and upgrade a core system, among other things. In addition, the platform provides continuous collaboration between software developers and users, speeds up the application development lifecycle, and enables iterative deployment at scale. As a result, businesses can rapidly develop modern, adaptable applications with a tool that maintains the highest levels of security, quality, and governance. The platform has been used by over 4,000 of the world's leading enterprises. Mendix is a division of Siemens.
About Software Improvement Group (SIG)
Software Improvement Group (SIG) assists companies in gaining confidence in the technology they trust. Its mission is to get the software right for a healthier digital world by combining intelligent technology with human expertise. It drills into the build quality of enterprise software and architecture by monitoring, measuring, and benchmarking it against the world's largest software analysis database. As a result, organizations can use software assurance to uncover the variables driving the total cost of ownership of the software and make fact-based decisions to lower costs, reduce risk, improve time to market, and accelerate digital transformation.
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
LogRhythm | January 06, 2023
On January 05, 2023, LogRhythm, the company that empowers security teams to tackle an ever-changing threat landscape with confidence, introduced a variety of expanded capabilities and integrations for its security operations solutions. The enhancements improve LogRhythm's capacity to serve as a much-needed force multiplier for security teams that are required to defend against cyberattacks with confidence, effectiveness, and efficiency.
This update follows the release of LogRhythm Axon, an innovative, cloud-native security operations platform launched in October. In addition, the organization is launching new visualizations and advanced analytics that provide seamless visibility into potential security threats.
Axon and its latest updates are designed to simplify the experience of security analysts by making it easier for teams to identify, examine, and report on potential threats, easing the burden of managing risks and the operating infrastructure. In addition, these improvements span the entire suite of LogRhythm's offerings to collectively facilitate threat detection and resolution by SOC teams, improving analyst productivity and effectiveness.
The key features of the updates include the following:
New out-of-the-box and custom analytics rules that have rules for MITRE ATT&CK detections.
Using the Observation Workflow, customers can quickly investigate log observations raised by analytics.
Reduce time spent searching for data through new markdown and histogram widgets.
New detection models allow for the detection of elusive threats for Windows systems.
Integration with Microsoft EDR improves blind spot detection and endpoint visibility.
Enhanced analyst experience through expanded UI improvements.
The new configuration page enables to import of data from VirusTotal smoothly.
The improved collection administrative workflow reduces the time required to configure, deploy, and manage log sources that involve Open Collector.
Expanded and updated LogRhythm's library of supported log sources.
Improved audit logging makes it easier to detect suspicious activity and track significant changes made by users.
LogRhythm, Inc. is an American security intelligence firm founded in 2003 that specializes in SIEM, log management, network and endpoint monitoring, forensics, and security analytics. With a comprehensive array of high-performance security, compliance, and operations solutions, LogRhythm is built to address a rapidly evolving world of cybersecurity threats. In addition, LogRhythm combines a versatile and comprehensive security operations platform, advisory services, and technology partnerships to help SOC teams defend sensitive data.