Software Security
Palo Alto Networks | November 08, 2023
Palo Alto Networks plans to acquire Talon Cyber Security to enhance its Secure Access Service Edge (SASE) solution.
Talon's Enterprise Browser technology, when integrated with Prisma SASE, will provide secure access to business applications.
The acquisition reflects the importance of adapting SASE solutions to ensure consistent security for unmanaged devices.
Palo Alto Networks, a global cybersecurity leader, has announced its intent to acquire Talon Cyber Security, an enterprise browser technology pioneer, to enhance its Secure Access Service Edge (SASE) solution and provide comprehensive protection for managed and unmanaged devices. In today's digital landscape, unmanaged devices often connect to enterprise applications without adequate security measures, making them susceptible entry points for attackers seeking to access sensitive information.
Lee Klarich, Chief Product Officer of Palo Alto Networks, emphasized the importance of securing all work activity through an Enterprise Browser without compromising device privacy to protect users and applications effectively. He continued that the integration of Talon's technology with Prisma SASE aims to provide consistent security for all users and devices. Anand Oswal, SVP and GM at Palo Alto Networks highlighted the significance of securing unmanaged devices with the same robust security as managed devices, especially in today's dynamic threat landscape. HE further stated that the combination of Prisma SASE and Talon's Enterprise Browser is poised to revolutionize security measures in modern digital environments.
Talon Cyber Security's Enterprise Browser technology offers an innovative solution that, when integrated with Prisma SASE, will enable users to securely access business applications from any device, including non-corporate devices, while ensuring a seamless user experience. This strategic move by Palo Alto Networks addresses the evolving security challenges in a connected world.
Talon's Co-Founder and CEO, Ofer Ben-Noon, acknowledged the shifting work models and user preferences and the need for powerful last-mile security solutions. Talon's Enterprise Browser is designed to offer familiar user experiences with enterprise-grade protection. Ben emphasized that partnership with Palo Alto Networks is seen as a catalyst to accelerate its mission of delivering superior outcomes for customers.
Talon, founded by Ofer Ben-Noon and Ohad Bobrov, secured the RSA Conference's Innovation Sandbox contest in 2022. The co-founders will continue to lead their teams within the Prisma SASE team at Palo Alto Networks upon the completion of the acquisition.
Anand Oswal, Senior Vice President and General Manager at Palo Alto Networks, highlighted the advantages and security risks associated with Bring Your Own Device (BYOD) policies. He noted that Talon's Enterprise Browser provided security teams enhanced visibility and control over work-related Software as a Service (SaaS) and web activity across all devices, including personal and unmanaged endpoints. Anand emphasized the need for Secure Access Service Edge (SASE) solutions to adapt in order to secure unmanaged devices with the same consistent security measures applied to managed devices. This would enable users to access business applications securely from any device and location.
Read More
Enterprise Security
VentureBeat | September 27, 2023
Microsoft announced a series of new enterprise security features today that use artificial intelligence (AI) to help defend Windows 11 against increasingly sophisticated cyberattacks. The tech giant claims its new AI capabilities will reduce security incidents by 60% and firmware attacks by 300% for businesses using the latest version of its software.
Microsoft’s vice president of enterprise and OS security, David Weston, explains in a company blog post that was published today specifically how AI is being used to fortify Windows 11 against sophisticated attacks, ranging from malware to firmware threats, and even nation-state attacks.
At the heart of this AI-focused security upgrade is the integration of Microsoft’s Pluton Security Processor and Secured-core PCs. Both systems leverage AI algorithms to isolate sensitive data and provide defense against potential threats. IT professionals should note that these Secured-core PCs are reported to be 60% more resilient to malware than non-Secured-core PCs, a significant improvement in system defenses.
Microsoft’s AI strategy also appears to be forward-thinking, with the company starting to adopt memory safe languages like Rust for traditional attack targets. Rust’s memory safety features without garbage collection make it an ideal language for building reliable and efficient systems, further multiplying the cybersecurity benefits.
The end of passwords? Microsoft’s groundbreaking move
Perhaps most notable among today’s announcements is Microsoft’s push towards a passwordless future, a move that could fundamentally alter the landscape of cybersecurity.
Microsoft’s AI will now be used to develop and implement passkeys — unique, unguessable cryptographic credentials securely stored on a user’s device, which have the potential to replace traditional multi-factor authentication. This is a substantial leap forward in phishing protection, making it considerably more difficult for hackers to exploit stolen passwords.
Microsoft says that its AI system analyzes more than 65 trillion security signals per day— with more than 4,000 password attacks every second — to identify suspicious login attempts and request additional identity verification when needed in the new system.
The company also revealed a new capability called Config Refresh that relies on AI to detect and revert unwanted changes to device policies in near real-time. This allows IT teams to lock down device settings while leveraging intelligence to accommodate legitimate policy updates.
Microsoft pioneers a new cybersecurity path with AI
The company’s commitment to AI solutions aligns with its longstanding strategy of positioning itself as a leader in enterprise computing. By weaving AI into the fabric of Windows 11, Microsoft is demonstrating its commitment to providing businesses with secure, reliable, and forward-thinking solutions.
Business analysts see this as a clear indicator of Microsoft’s strategy to leverage its AI prowess to drive growth and cement its position in the enterprise data and AI market. Given the increasing importance of cybersecurity in the modern business landscape, Microsoft’s investment in AI could pay significant dividends.
However, the real test of these new AI-powered features will be their effectiveness against real-world threats. As cyber threats continue to evolve, so too must our defenses. If Microsoft’s AI enhancements can live up to their promise, they will represent a significant advance in cybersecurity and a potent tool in the fight against cybercrime.
As AI continues to transform enterprise data and security, it’s clear that companies like Microsoft are leading the charge. By harnessing the power of AI, Microsoft is not just shaping its future but also the future of cybersecurity as a whole. Only time will tell how these developments play out, but one thing is certain: the era of AI-driven cybersecurity is here, and Microsoft is at its helm.
Read More
Security Audit and Compliance
Lumen Technologies | September 13, 2023
Lumen Technologies announces the launch of key security enhancements to its industry-leading secure access service edge product.
The company’s SASE Solutions represents a first-of-its-kind, fully digital experience for purchasing, configuring, and overseeing enterprise SASE.
The latest features incorporated into Lumen SASE Solutions are security service edge and cloud-hosted gateways.
On September 12, 2023, Lumen Technologies, a leading provider of Secure Access Service Edge (SASE) solutions, committed to advancing human progress through technology facilitating the connection of people, data, and applications, announced the addition of key enhancements to its landmark SASE product. The addition of new features makes lumen SASE solutions even more simplified and flexible for customers.
Lumen SASE Solutions represents a pioneering, entirely digital experience for purchasing, configuring, and managing enterprise SASE. This is a significant step in Lumen's ongoing efforts to drive innovation and foster growth. Notably, the SASE product improvements launch are a direct outcome of valuable customer feedback.
The Lumen SASE approach focuses on simplification in order to deliver flexible, secure, and scalable SASE solutions to organizations of all sizes and industries.
Senior Director of SASE Product Management at Lumen, Darren Wolner, said,
There has been a rapid adoption of cloud-based services as more organizations implement hybrid work, but security is paramount to any cloud-based experience. This means savvy organizations soon realized a whole new set of requirements and challenges. We quickly enhanced the product to fit their requirements.
[Source – Cision PR Newswire]
Darren mentioned that Lumen has a strong focus on meeting customer wants and needs. He cited the latest SASE updates as a prime illustration of this commitment.
The new capabilities added to Lumen SASE Solutions include:
Security Service Edge (SSE)
SSE encompasses a suite of integrated, cloud-centric security capabilities, which feature cloud-hosted gateways. These capabilities are designed to ensure secure access to websites, facilitate the safe sharing of sensitive data, and manage user permissions for software-as-a-service (SaaS) applications. These solutions are delivered in partnership with prominent SD-WAN and security providers.
Cloud-hosted Gateways
Cloud-hosted gateways offer organizations the flexibility to adopt 'grow as they go' network and security management features as they scale without the necessity of on-premises equipment.
In addition to the global expansion of Lumen technologies, customers based in the US can now deploy premise-based SASE services to locations in EMEA and Canada.
Pete Finalle, Research Manager with IDC, stated,
The new, hybrid perimeter – encompassing the main office down to the remote workforce – has collided with multi-cloud resources. This has created numerous networking and security complexities that are difficult to solve without a customer outcomes-based approach, which few companies can provide.
[Source – Cision PR Newswire]
Finalle pointed out that Lumen has a distinctive position to deliver real business outcomes through a comprehensive, cloud-based network security stack. This stack significantly benefits from Lumen's presence in both network and cloud infrastructure. Additionally, he mentioned that the company's digital customer experience and managed approach to resolving the intricate security and networking challenges allow them to mitigate the deployment and management difficulties that frequently hinder the adoption of SASE.
Read More