NETWORK THREAT DETECTION

Axonius Integrates with the New, Enhanced Amazon Inspector to Deliver Comprehensive Cyber Asset Attack Surface Management

Axonius | December 06, 2021

Axonius, a leader in cybersecurity asset management, today announced an integration with the new Amazon Inspector, an automated security assessment service. The integration will enable mutual customers to better understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure.

Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure. The solution automatically discovers all running Amazon Elastic Compute Cloud (Amazon EC2) instances and container images residing in Amazon Elastic Container Registry (Amazon ECR), at any scale, and immediately starts assessing them for known vulnerabilities. Because Axonius delivers a complete inventory of assets from many correlated data sources, customers can gain a comprehensive view of their cloud security posture, including vulnerability data found from Amazon Inspector.

"Customers are burdened by the increasing number of security tools to protect the sprawl of cloud, physical, and virtual assets in their environments,It's not easy for them to surface which assets are not covered by their security controls that should be, or if they are covered, whether the control is actually working. Customers are exhausted with the highly manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius, customers can get a unified view of their assets and dramatically accelerate the process of strengthening security posture across all of their assets.”

Mark Daggett, vice president of worldwide channels and alliances, Axonius

Comprehensively Track and Assess the Security of AWS Assets: In just a few clicks, the Axonius Query Wizard can identify any AWS assets that have not been assessed with Amazon Inspector. Customers can also easily search for a set of assets based on their last scan time, or segment AWS assets with known vulnerabilities by common vulnerabilities and exposures (CVE) severity, CVE ID, and more. It can also be used to track the Amazon Inspector usage and coverage.

Manage Vulnerabilities Within a Broader Context: Beyond simply identifying known vulnerabilities, Axonius delivers correlated data from tools such as endpoint detection and response, privilege access management, and more to help cloud security, DevOps, and security operations teams prioritize which vulnerabilities to remediate first. With an endless backlog of vulnerabilities to manage, this level of context is imperative to helping teams mitigate the vulnerabilities that are more likely to be exploited, or that would have the most impact if exploited.

Improve Cloud Compliance Based on Industry Benchmarks: Customers can also ensure that their AWS assets adhere to security best practices, such as the CIS AWS Foundations Benchmark. Using Axonius and Amazon Inspector, cloud security teams can prioritize which assets pose the most risk due to any detected vulnerability or deviation from security standards and best practices.

“To be effective, security and DevOps teams need to prioritize vulnerability remediation based on business impact”, said Michael Fuller, director of product management, AWS Security Services. “With the new Amazon Inspector, we’ve dramatically simplified continuous and automated vulnerability assessment for customers across their entire organization, whether they have one AWS account or five thousand. The Axonius integration then brings developers more contextual asset data to help prioritize vulnerability remediation.”

About Axonius
Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps, and automatically validates and enforces policies. Deployed in minutes, the Axonius cyber asset attack surface management (CAASM) solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions, and informing business-level strategy. Cited as one of the fastest growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of devices for customers around the world.

Spotlight

Ask a group of security analysts aboiJt the challenges of woklng In cybersecurity, and you’ll likely hear some common themes, like a high volume of security alerts and a shortage of skilled cybersecurity talent. In response to these challenges, security teams have turned to security orchestration, automation and response (SOAR)

Spotlight

Ask a group of security analysts aboiJt the challenges of woklng In cybersecurity, and you’ll likely hear some common themes, like a high volume of security alerts and a shortage of skilled cybersecurity talent. In response to these challenges, security teams have turned to security orchestration, automation and response (SOAR)

Related News

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Netwrix Privilege Secure Now Reduces Attack Surface

Netwrix Corporation | February 27, 2023

Netwrix, a leading cybersecurity provider, has recently launched a new version of Netwrix Privilege Secure (formerly Netwrix SbPAM) that extends its zero-standing privileges (ZSP) approach to databases, ensuring privileged accounts only exist for necessary time periods. The rebranded product now includes additional features, such as integrated discovery capabilities to identify all privileged accounts across the IT ecosystem. Improved metadata and keystroke search capabilities for faster threat identification and investigation across live and recorded privileged sessions. Additionally, the product offers a wider range of out-of-the-box reports, customization options, and favorites for generating reports for internal and external auditors. The new version also includes expanded controls for managing service accounts, allowing users to pause, resume, undo, and roll back changes. Netwrix's Senior VP of Products, Jeff Warren, commented, "Netwrix Privilege Secure now eliminates standing privileged accounts across on-premises databases, further reducing the attack surface for both external and internal threats." He further emphasized, "Our innovative ZSP approach replaces risky privileged accounts with ephemeral accounts that grant the minimum access required and that exist only as long as needed — thwarting adversaries seeking elevated access to move laterally and complete their attacks." (Source – PR Newswire) About Netwrix Corporation Netwrix is a leading provider of data security solutions that help security professionals reduce the risk of a breach and limit the impact of attacks. It has been simplifying the process of identifying and protecting sensitive data, as well as detecting, responding to, and recovering from attacks, since its inception in 2006. Over 13,000 organizations worldwide trust Netwrix solutions to enhance their security and compliance posture by addressing all three primary attack vectors: identity, data and infrastructure.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Tenable Delivers Cloud Security Posture Management for Multi-cloud and Hybrid Environments

GlobeNewswire | March 23, 2023

Tenable®, the Exposure Management company, today announced significant advancements to Tenable Cloud Security, a unified and scalable Cloud Security Posture Management (CSPM) and vulnerability management solution delivered on the Tenable One exposure management platform, and expanded availability of Tenable Agentless Assessment for Microsoft Azure. Hybrid and multi-cloud strategies enable organizations to satisfy unique business requirements and accelerate innovation. But managing highly complex and distributed cloud environments – each with its own security tools, processes and specialized skill requirements – is neither easy nor straightforward. As a result, security issues such as simple misconfigurations and excessive privileges – the root cause of the majority of cloud breaches – can go unseen. Tenable Cloud Security enables organizations to achieve consistent cloud security and compliance by bringing all cloud vulnerabilities, misconfigurations and drift across multi-cloud and cloud-native environments to the forefront, providing organizations with a unified cloud security solution that simplifies and scales cloud security posture management. Tenable Cloud Security’s built-in best practices consistently enforce security posture and compliance across environments, detecting and preventing risky configurations from ever reaching cloud runtimes. When deployed as part of Tenable One, customers gain advanced vulnerability prioritization capabilities and automated remediation workflows, enabling security and DevOps teams to prioritize remediation efforts where they can have the biggest impact on security and compliance posture. “Cloud environments are in a constant state of change, meaning that security, compliance and governance is a ‘never-done’ job,” said Nico Popp, chief product officer, Tenable. “With more than half of data breaches occurring in the cloud, organizations are racing against the clock and cannot afford for weak code to go into runtime. To effectively scale security at the speed and scale of the cloud, the pendulum must swing from reactive threat detection and response to exposure management and preventive cloud security posture management.” Additional new and enhanced CSPM features include: Continuous Discovery and Assessment - Improved cloud account onboarding enables organizations to continuously discover and assess both managed and unmanaged cloud accounts, limiting blind spots and minimizing risks. Most Comprehensive Policy Portal, Views and Content - New policy portal makes it easy to view and customize over 1,500 out-of-the-box policies spanning 20 industry benchmarks and regulations. Enriched by the expertise and speed of Tenable Research, including the industry’s most comprehensive library of 71,000 known vulnerabilities, Tenable Cloud Security has 2.6 times more cloud Center for Internet Security (CIS) certifications than any other cloud security vendor. Organizations can visualize misconfiguration details, impacted resources and all the context needed to quickly remediate issues. With the new low code policy group editor, organizations can create custom policy groups enabling security teams to build custom policy groups leveraging existing policies. Automated Cloud-to-Cloud Drift Detection - New drift detection enables organizations to maintain compliance by detecting configuration drift in runtime and between Infrastructure-as-Code (IaC), automating pull requests including corrected code or step-by-step instructions to the right owner, or applying remediation code automatically to significantly reduce mean-time-to-remediation. Enhanced Reporting and Collaboration: Enhanced reporting capabilities enable security teams to accurately report on key metrics to executive leadership while increasing cross functional collaboration between security operations and compliance teams. Report and share security posture findings by role, function or by industry benchmarks and regulatory frameworks – such as CIS, SOC 2 and 20+ others. About Tenable Tenable® is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies.

Read More

SECURITY AUDIT AND COMPLIANCE, WIRELESS AND MOBILE SECURITY

Forescout Announces Launch of Forescout XDR

Forescout Technologies Inc. | March 02, 2023

On March 1, 2023, Forescout Technologies, a leading automated cybersecurity solutions provider, launched Forescout XDR to enhance enterprises' investigation, detection, and response capabilities against advanced threats across their extended enterprises. Currently, security operation centers (SOCs) are inundated with an average of 450 alerts per hour, and analysts often spend precious time correlating low-fidelity alerts and chasing false positives. Forescout XDR uses data science and automation to generate a single high-fidelity alert every hour from 50 million logs ingested, reducing the number of alerts that warrant further investigation and thus enabling analysts to focus on legitimate attacks. Forescout XDR is vendor- and EDR-agnostic and collects data from over 170 sources, including security, cloud/SaaS infrastructure and enrichment sources, as well as dozens of leading vendors. Forescout XDR contains over 70 threat information sources and 1500 confirmed detection rules and models. With data onboarding included, customers may become operational in hours, actively identifying, investigating, and responding to risks. SOCs till now have excluded critical devices that are increasingly common points of attack, such as industrial control systems (ICS), operational technology (OT), building management systems (BMS), and IoT and medical devices. Furthermore, the technological stack on which SecOps teams have been forced to rely has made it impossible to respond to these threats promptly and thoroughly. The technology integration with Forescout's network access control solution facilitates proactive prevention of attacks by reducing the attack surface through restriction of compromised or non-compliant devices from connecting to their networks and automating response workflows that can immediately touch every connected device throughout the enterprise. Thus helping reduce the blast radius of an attack in real-time, allowing proper mitigation or remediation measures to be completed. Forescout XDR includes a multi-tenant architecture and supports local data storage while also providing an aggregated global view of threats and SOC performance. It is ideal for large firms, global corporations, and organizations with regional managed security service providers (MSSPs) and SOCs. The SaaS licensing pricing model is based on the total amount of endpoints in the enterprise, offering customers the flexibility to leverage the data sources they need to support their use cases without concern for fluctuating costs associated with cloud log storage. About Forescout Technologies Inc. Forescout Technologies, Inc. protects the Enterprise of Things through comprehensive identification, segmentation, and enforcement of compliance with every connected device. The company's enterprise-class platform has been widely deployed across managed and unmanaged IT, IoT, and OT devices, making it a trusted choice for Fortune 1000 companies. Forescout provides organizations with the most extensive device intelligence in the world, enabling them to classify risks precisely, detect irregularities, and promptly remediate cyber threats without harming essential business assets.

Read More