ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
LogRhythm | January 06, 2023
On January 05, 2023, LogRhythm, the company that empowers security teams to tackle an ever-changing threat landscape with confidence, introduced a variety of expanded capabilities and integrations for its security operations solutions. The enhancements improve LogRhythm's capacity to serve as a much-needed force multiplier for security teams that are required to defend against cyberattacks with confidence, effectiveness, and efficiency.
This update follows the release of LogRhythm Axon, an innovative, cloud-native security operations platform launched in October. In addition, the organization is launching new visualizations and advanced analytics that provide seamless visibility into potential security threats.
Axon and its latest updates are designed to simplify the experience of security analysts by making it easier for teams to identify, examine, and report on potential threats, easing the burden of managing risks and the operating infrastructure. In addition, these improvements span the entire suite of LogRhythm's offerings to collectively facilitate threat detection and resolution by SOC teams, improving analyst productivity and effectiveness.
The key features of the updates include the following:
LogRhythm Axon:
New out-of-the-box and custom analytics rules that have rules for MITRE ATT&CK detections.
Using the Observation Workflow, customers can quickly investigate log observations raised by analytics.
Reduce time spent searching for data through new markdown and histogram widgets.
LogRhythm UEBA:
New detection models allow for the detection of elusive threats for Windows systems.
LogRhythm NDR:
Integration with Microsoft EDR improves blind spot detection and endpoint visibility.
Enhanced analyst experience through expanded UI improvements.
The new configuration page enables to import of data from VirusTotal smoothly.
LogRhythm SIEM:
The improved collection administrative workflow reduces the time required to configure, deploy, and manage log sources that involve Open Collector.
Expanded and updated LogRhythm's library of supported log sources.
Improved audit logging makes it easier to detect suspicious activity and track significant changes made by users.
About LogRhythm
LogRhythm, Inc. is an American security intelligence firm founded in 2003 that specializes in SIEM, log management, network and endpoint monitoring, forensics, and security analytics. With a comprehensive array of high-performance security, compliance, and operations solutions, LogRhythm is built to address a rapidly evolving world of cybersecurity threats. In addition, LogRhythm combines a versatile and comprehensive security operations platform, advisory services, and technology partnerships to help SOC teams defend sensitive data.
Read More
DATA SECURITY, ENTERPRISE SECURITY
IronNet | February 13, 2023
IronNet, Inc. (IronNet), a pioneer in transforming cybersecurity through collective defense℠, recently announced the execution of an initial federal contract to deliver cybersecurity services to the United States Navy's Naval Sea Systems Command (NAVSEA), the largest of the Navy's five "systems commands." The agreement was entered following the successful completion of a pilot program that provided NAVSEA with the IronNet Collective Defense Platform.
As nation-state cyber threats against the Defense Industrial Base (DIB) program of the Department of Defense (DoD) continue to increase, IronNet strengthens the DIB's cybersecurity prevention and protection of third-party and supply chain cyber risk. This support corresponds with the DoD's initiatives to encourage DIB entities to provide information and share anonymized cyber threat indicators that they deem helpful for notifying the government and others in order to counter threat actor activities more effectively. The IronNet Collective Defense Platform will allow each contractor in the NAVSEA DIB program to boost its network threat visibility while also integrating them in real-time through a private IronNet Collective Defense Community for NAVSEA.
Through linked alerts, automated triage, and extended hunt assistance, the IronNet Collective Defense Platform acts as an early warning system for all participating corporations and organizations, increasing network security. In addition, IronNet's platform was recently updated to increase alert fidelity and analyst workflow by strengthening embedded risk scoring for more accessible alert prioritizing. These improvements result in much lower alert loads, false positives, and a shorter time to investigate.
NAVSEA will have enhanced visibility of the current threat landscape, with situational context, thanks to the IronNet Collective Defense Platform, and will be able to increase the effectiveness of existing defenses and cybersecurity solutions used by its DIB contractors. Continuous monitoring of known and undiscovered threats contributes to meeting Cybersecurity Maturity Model Certification (CMMC) parameters.
The IronNet Collective Defense Platform offers timely actionable, and relevant cyber attack intelligence earlier in case of an incursion before a threat can have a substantial impact, allowing DIB firms and the Navy to defend US Naval intellectual property better.
About IronNet
IronNet, founded in 2014, is a leading cybersecurity company transforming how businesses, industries, and governments safeguard their networks. It leverages the abilities of its top-tier cybersecurity operators' real-world, public and private sector, offensive and defensive cyber expertise and integrates their deep tradecraft knowledge into its industry-leading solutions to address the most complex cyber challenges affecting business today. The company's solutions use behavioral analytics, artificial intelligence and machine learning techniques to assist private and public companies in discovering unexpected risks across critical infrastructure.
Read More
PLATFORM SECURITY,SOFTWARE SECURITY
Vijilan Security | January 17, 2023
Vijilan, a leading provider of cybersecurity services, announced that it had become a CrowdStrike Powered Service Provider (CPSP) partner. As a CPSP partner, Vijilan will offer managed observability services and managed endpoint detection and response (EDR) powered by the CrowdStrike Falcon platform to its partner communities of managed service providers and IT professionals.
CrowdStrike has transformed security with the CrowdStrike Falcon platform, a unified security platform with a single, lightweight agent that safeguards and empowers the people, processes, and technologies that drive modern enterprise. CrowdStrike protects the most important areas of enterprise risk, such as cloud workloads and endpoints, identity and data, to keep customers ahead of the latest adversaries and stop breaches.
As a CPSP partner, Vijilan will provide the following:
Managed Endpoint Detection and Response: With leading EDR at its center, CrowdStrike correlates third-party and native cross-domain telemetry to provide unprecedented investigative efficiency, high-confidence detections, and quick, confident responses from one unified, threat-centric command console.
Managed Observability: Designed with a unique index-free architecture and advanced compression technology that reduces the amount of hardware needed, CrowdStrike Falcon LogScale is a unified log management and observability solution. It allows organizations to analyze, store, and retain log data at scale, giving them insights that can be used for various security and non-security purposes.
Kevin (KayVon) Nejad, Vijilan's CEO, said, "With CrowdStrike, we are delivering better-together security solutions to businesses of any size and a last line of defense when hackers have already passed through the organization's security appliances and tools." He also added, "Vijilan complements CrowdStrike's EDR capabilities through cross correlation of telemetry data from networks, devices, users, applications and data used by most MSPs and MSSPs."
(Source – Cision PR Newswire)
About Vijilan Security
Founded in 2014, Vijilan is a U.S.-based LLC specialized in cybersecurity threat management. With more than 20 years of experience monitoring security, Vijilan has mastered the art of finding threats and incident response. Partners of Vijilan include Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs) that deliver managed IT services to industries like banking, education, healthcare, government and manufacturing. They rely on security solutions and security experts from Vijilan to deliver managed extended Detection and Response (mXDR) for its customers in the United States, the middle east, Asia-Pacific, and Europe.
Read More