SOFTWARE SECURITY

Aqua Launches the Industry’s First Out-of-the-Box Runtime Security with Advanced Protection Against the Most Sophisticated Threats

Aqua Security | July 26, 2022 | Read time : 03:00 min

Aqua Security
Aqua Security, the leading pure-play cloud native security provider, today announced the launch of out-of-the-box runtime protection with minimal configuration to stop attacks in real time on running workloads. Protection is composed of new curated and optimized default security controls, as well as advanced threat intel from observations of real attacks on cloud native environments. Both the controls and threat intel are the result of knowledge gained through years of securing customers’ live production environments. Customers can now apply this knowledge to achieve trusted and advanced runtime protection in minutes without requiring in-depth knowledge of their applications and environments.

Using eBPF technology and threat intel from cyber research team Aqua Nautilus to identify advanced threats, Aqua surfaces the most critical issues in real time while also implementing a set of controls to protect running workloads immediately, without disrupting the business.

“Aqua is transforming the runtime security paradigm. “Traditional runtime security requires security teams to have a great deal of cloud native knowledge, and as a result has been slow to adopt. Aqua is removing this barrier to adoption by making cloud workload threat protection immediately effective and easy for security professionals.”

Amir Jerbi, CTO and co-founder, Aqua Security

Stopping Attacks in Real Time with Runtime Security

Recent data from Nautilus shows that one in three live attacks could be missed when relying exclusively on snapshot scanning of running workload images. Nautilus also found tens of thousands of instances of in-memory attacks and fileless attacks in a one-month period—attacks that would not be seen or stopped without kernel-level visibility.

Aqua’s detection of anomalous behavior goes beyond point-in-time snapshots and catches malicious behavior of known and unknown threats in real time—this includes both known CVEs and zero-day exploits that have yet to be discovered. The new default runtime controls are based on ongoing recommendations from Aqua Nautilus, who detect and analyze 80,000 attacks a month using Aqua’s open source eBPF-based threat detection engine, Aqua Tracee. The result is real-time visibility at the kernel level that alerts customers the moment an attacker breaches a running workload, reducing attackers’ dwell time from months to milliseconds.

Aqua’s Runtime Protection solution is part of Aqua’s fully integrated Cloud Native Application Protection Platform (CNAPP), the Aqua Platform. Customers of the Aqua Platform also have access to the entire, full set of customizable, advanced runtime capabilities if and when they decide to define and implement more stringent policies.

Key benefits of Aqua Runtime Protection include:

  • Discover attacks immediately with continuously updated kernel-level behavioral detection. Updates are based on cloud native threat research from Aqua Nautilus along with years of experience securing customer workloads in production.
  • Respond faster and reduce attacker dwell time by stopping attacks with pattern-based anti-malware in production and the option to block or delete malware on access.
  • Simplify incident investigation and rapidly determine the impact and attack path of a security incident with a detailed incident timeline including rich contextual information.

“Unlike overly complex runtime solutions, legacy solutions not designed for cloud-native applications, or solutions that can’t detect in real time, our goal with this release is to provide runtime security that is simple to deploy, giving you effective real-time security out-of-the-box,” said Jerbi. “What this boils down to is that, unlike alternative solutions, Aqua’s Platform will both detect sophisticated attacks and stop them in real time.”

Aqua’s out-of-the-box Runtime Protection is now available and will make an industry debut at AWS re:Inforce on July 26-27 in Boston at Booth 104. To learn more, visit Aqua’s YouTube.

About Aqua Security
Aqua Security stops cloud native attacks and is the only company with a $1 Million Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry’s most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston and Ramat Gan, Israel, with Fortune 1000 customers in over 40 countries.

Spotlight

"Malware. It’s a term that is getting a lot of attention in today’s connected world from reporters, business owners, and IT experts. In the network security world, malware is malicious software that falls into one of these categories: adware, spyware, virus, worm, Trojan, rootkit, backdoors, keyloggers, ransomware, and browser hijackers. While different types of malware affect systems differently, they often share common objectives, whether that is to steal sensitive data, gain access to unauthorized applications or privileges, and/or disrupt business."

Spotlight

"Malware. It’s a term that is getting a lot of attention in today’s connected world from reporters, business owners, and IT experts. In the network security world, malware is malicious software that falls into one of these categories: adware, spyware, virus, worm, Trojan, rootkit, backdoors, keyloggers, ransomware, and browser hijackers. While different types of malware affect systems differently, they often share common objectives, whether that is to steal sensitive data, gain access to unauthorized applications or privileges, and/or disrupt business."

Related News

DATA SECURITY, PLATFORM SECURITY, SECURITY AUDIT AND COMPLIANCE

Skybox Security Unveils Industry's First SaaS Solution for Security Policy and Vulnerability Management Across Hybrid Environments

Skybox Security | October 12, 2022

Skybox Security today announced the next generation of its award-winning Security Posture Management Platform – including the industry's first Software-as-a-Service (SaaS) solution for Security Policy and Vulnerability Management. Propelling its global customer base into the next era of proactive cybersecurity, major innovations advance its platform that continuously tests attack feasibility, exposure, remediation options, and compliance across hybrid environments. "Today, we're delivering on our mission of building the world's leading Security Posture Management platform. "Skybox equips customers with the hybrid network modeling, path analysis, and automation they need to reduce the risk of a significant data breach by 55%. Our latest innovations are significant for customers that deploy on-prem, as well as customers that will benefit from our new SaaS solution. The new Skybox Cloud Edition offering capitalizes on the speed, scale, innovation, and productivity benefits powered by the cloud to drive the pursuit of broader digital business opportunities." Skybox Security CEO and Founder Gidi Cohen Expansion into Cyber Asset Attack Surface Management Challenging the status quo through a dynamic, fresh approach to Cyber Asset Attack Surface Management (CAASM), Skybox visualizes all assets through API integrations, identifies and prioritizes vulnerabilities using proprietary threat intelligence, sees gaps in security controls, and automatically provides remediation options. In addition, significant advancements to the proprietary Skybox network model enable customers to dynamically model operational technology, IT, and hybrid cloud environments – including all networking and security data related to a specific asset. According to Gartner Research: "CAASM enables security teams to improve basic security hygiene by ensuring security controls, security posture, and asset exposure are understood and remediated. Organizations that deploy CAASM reduce dependencies on homegrown systems and manual collection processes, and remediate gaps either manually or via automated workflows. Organizations can visualize security tool coverage, support attack surface management (ASM) processes, and correct systems of record that may have stale or missing data."1 Industry's first solution to automatically map vulnerabilities to malware type Skybox also introduced the industry's first Security Posture Management solution that connects Vulnerability Management with Threat Hunting. Building on its Exposure Management process that emphasizes publicly known vulnerabilities and identifies control gaps, Skybox now also associates vulnerabilities to malware by name, category, and distinct classes – including ransomware, Remote Access Trojans (RATs), botnets, cryptocurrency miners, trojans, and more. "Executives and board members want to know if their cybersecurity teams are staying ahead of the latest celebrity malware such as TrickBot, REMCOS, FormBook, AZORult, Ursnif, Agent Tesla, and NanoCore," said Ran Abramson, Threat Intelligence Analyst, Skybox Research Lab. "Powered by Skybox threat intelligence, CISOs have automated analysis that can prove they retired millions of malware and exploits. No other cybersecurity solution can provide customers with our advanced vulnerability prioritization and threat trend reporting." Expanded integrations eliminate complexity, reduce administrative burden, and provide more effective cybersecurity With over 150 integrations, Skybox Security is the only solution that builds an extensive model of a customer's unique hybrid environment, including all of the customer’s L3 devices. Expanded integrations include: Amazon Web Services (AWS): Expanded cloud capabilities include support of AWS firewalls in distributed mode. Reduce risk while validating compliance by eliminating permissive, obsolete, shadowed, and redundant rules. Cisco Application Centric Infrastructure (ACI): Adding new capabilities to its Cisco ACI integration, Skybox now delivers granular visibility into ACI Fabric tenants across spanning networking, micro-segmentation policies, and device attributes. Palo Alto Networks Prisma Cloud: Furthering its commitment to shift-left security practices, vulnerabilities in container images across DevOps toolchains can now be identified and prioritized for remediation via the Skybox multi-factor risk scoring algorithm. Skybox Cloud Edition accelerates customer value with increased flexibility, scalability, business agility, and resiliency Skybox Cloud Edition delivers the capabilities of the Skybox Security Posture Management Platform in a Software-as-a-Service (SaaS) offering to unlock additional business agility and resiliency benefits. First SaaS solution for Security Policy Management: Leapfrogging the competition, Cloud Edition capabilities reduce software installation maintenance tasks. Streamlined licensing and deployment are designed to meet customer demand. Advanced Vulnerability and Exposure Management: With the industry's most flexible deployment options for Vulnerability and Exposure Management (both on-premises and SaaS versions), customers can select the deployment model that aligns with their corporate and regulatory requirements. Limitless scalability: Manage security policies, prioritize vulnerabilities, and remediate exposures across the most complex on-premises, cloud, operational technology (OT), and hybrid environments. Automate, verify, and operationalize risk reduction. Faster deployment options: Cuts deployment time and reduces the need for procuring hardware, performing testing, and installing updates – enabling customers to unlock value faster. Customers with vast, global environments will reap huge benefits due to the size and diversity of their attack surface. Instant automatic updates: Customers benefit immediately from the latest product innovations and platform updates. Upgrades are much less disruptive, with no need for change management resources. Seamless, automated upgrades are critical given the dynamic threat and regulatory landscapes. Guaranteed availability: The solution is hosted in AWS for outstanding stability, performance, and guaranteed availability. Additionally, 24/7 monitoring of the tenants, across both the Network Operations Center (NOC) and Security Operations Center (SOC), maintains optimal network performance and performs real-time analysis for continuous threat mitigation. About Skybox Security Over 500 of the largest and most security-conscious enterprises in the world rely on Skybox for the insights and assurance required to stay ahead of dynamically changing attack surfaces. Our Security Posture Management Platform delivers complete visibility, analytics, and automation to quickly map, prioritize and remediate vulnerabilities across your organization. The vendor-agnostic solution intelligently optimizes security policies, actions, and change processes across all corporate networks and cloud environments. With Skybox, security teams can now focus on the most strategic business initiatives while ensuring enterprises remain protected.

Read More

DATA SECURITY, PLATFORM SECURITY

Privacera Expands Google Cloud Capabilities with Latest Release to Dataproc to Provide Enterprise-Grade Data Security Governance

Privacera | October 11, 2022

Privacera, the only open-standards based data security governance leader founded by the creators of Apache Ranger™, today announced native support for Dataproc. This integration allows users to define and enforce fine-grained level access control to Dataproc with Apache Hive, Apache Spark, and Presto. Privacera already natively integrates and supports a number of Google Cloud Platform (GCP) services such as BigQuery and Google Cloud Storage. Privacera helps enterprise data teams protect sensitive data and enable privacy across all on-premise, hybrid and multi-cloud data sources while reducing time to insights by automating outdated, manual governance processes. With the availability of Privacera's native integration to Dataproc, organizations will be able to accelerate their migration to GCP by securely managing data access policies across diverse on-premise and GCP data sources. This will significantly reduce the efforts around data migrations to the cloud through increased automation and consistent policy management, and the ability to ensure compliance through an open, consistent and proven standard. For users of Apache Ranger who are looking to build new secure data applications in the cloud, with Privacera, they can now leverage the same security and governance capabilities that they are familiar with to more sources, at enterprise scale, and greater functionality, since Privacera is based on Apache Ranger open standards. "Expanding the sources that we support and contributing to the Apache Ranger community increases the ability for our customers to leverage their existing investments in secure and consistent data access policies. "Our customers, including a large consumer credit reporting agency that uses GCP and Privacera as part of their modern data stack, can now extend their capabilities to discover and secure sensitive data sets across numerous GCP data services while migrating safely to the cloud." Privacera CEO Balaji Ganesan Privacera offers Dataproc users the following extended privacy and governance capabilities: Centralized management and enforcement of tag-based data access control policies across GCP and other cloud data services Policies for fine-grained access controls for Apache Hive, Apache Spark,and Presto Customizable, out-of-the-box compliance, audit, and governance reports for CCPA, GDPR, LGPD, HIPAA, RTBF, and more Dynamic encryption, decryption, and masking (column masking and row filtering) Broad integrations with identity management systems like corporate AD/LDAP, Okta, and SCIM SOC 2 Type 2 compliant, enterprise-grade SaaS data access governance solution that can be configured in minutes Hardened deployment of Apache Ranger with high-availability About Privacera Founded in 2016 by the creators of Apache Ranger™, Privacera's SaaS-based data security and access governance platform enables data and security teams to simplify data access, security, and privacy for data applications and analytical workloads. The Privacera platform supports compliance with regulations such as GDPR, CCPA, LGPD, and HIPAA. Privacera provides a unified view and control for securing sensitive data across multiple cloud services such as AWS, Azure, Databricks, GCP, Snowflake, and Starburst. The Privacera platform is utilized by Fortune 500 customers across finance, insurance, life sciences, retail, media, and consumer industries, as well as government agencies to automate sensitive data discovery, mask sensitive data, and manage high-fidelity policies at petabyte scale on-premises and in the cloud.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Malwarebytes Launches Managed Detection and Response Solution to Reinforce Security Operations of Resource-Limited Organizations

Malwarebytes | October 13, 2022

Malwarebytes™, a global leader in real-time cyber protection, today launched Malwarebytes Managed Detection and Response (MDR), which combines EDR technology and human-delivered security expertise to provide 24/7 threat hunting, monitoring, and response. Amid a shortage of skilled cybersecurity professionals, many organizations lack the time and expertise to monitor and validate security alerts around-the-clock. Teams also struggle to fully utilize the forensics and threat hunting tools provided by EDR platforms and can miss identifying hidden threats before they become infections. Without the time for thorough incident investigations of the scope and root cause of an event, organizations are left with ineffective remediation plans and risk repeating the incident cycle. By providing world-class security analysts, third-party intelligence, and threat analysis tools, Malwarebytes MDR can extend the capabilities of existing teams or completely fill the need of organizations lacking dedicated security staff. The Malwarebytes MDR analysts are constantly monitoring and triaging alerts, hunting for hidden threats, and either directly remediating or providing customized guidance to organizations. For any SMB or MSP with more alerts than they can handle, Malwarebytes MDR enables organizations to prioritize critical alerts, detect advanced malware attacks, analyse past indicators-of-compromise, and bolster ongoing resiliency. "There simply aren't enough hours in the day for most organizations to adequately address a barrage of alerts. But they don't have to do it alone. "We've recruited an incredible team of dedicated experts across the globe and empowered them with our award-winning tools and AI-based threat modeling to be a powerful force-multiplier for SMBs and MSPs. This is just the beginning as we continue to accelerate product innovation and deliver new services to secure chronically underserved SMBs and empower MSPs to be their heroes." Bob Shaker, Vice President of Managed Services at Malwarebytes Specifically, Malwarebytes MDR will: Supplement security expertise: Augments security staff with an instant team of experts to correlate threat data, enrich alerts and respond to threats 24/7. Expedite threat response: Bolsters cyber resilience with effective protection and flexible remediation options to detect and respond to attacks as they occur. Reduce security costs: Quick time-to-value and improved efficiency for security operations with technology-supported, expert services that significantly reduce security costs. Advance security posture: Built upon Malwarebytes' industry-tested and proven Malwarebytes EDR which applies advanced data analytics and near real-time threat intelligence to detect zero-day and other hidden threats. Provide rapid time-to-value: Automated onboarding that gets SMBs and MSPs from purchase to service operation fast and easy. Assist in meeting compliance requirements: Prevents threats to security, availability, integrity, and privacy of customer data in support of compliance with the broad range of regulatory requirements. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, that mission has expanded to provide cyber protection for everyone. Malwarebytes provides consumers and organizations with device protection, privacy, and prevention through effective, intuitive, and inclusive solutions in the home, on-the-go, at work, or on campus. A world-class team of threat researchers and security experts enable Malwarebytes to protect millions of customers and combat existing and never-before-seen threats using artificial intelligence and machine learning to catch new threats rapidly. These capabilities have been lauded by independent third parties including, among others, MITRE Engenuity, MRG Effitas, AV-TEST (consumer and business), G2 Crowd and CNET. With threat hunters and innovators across the world, the company is headquartered in California with offices in Europe and Asia.

Read More