PLATFORM SECURITY

BT launches transformational new security platform, Eagle-i, to predict and prevent cyber attacks

BT Group | October 18, 2021

  • Relentless growth and ever-changing nature of the threat landscape dictates a new, proactive approach to cyber security
  • Customers to benefit from advances in AI and automation, combined with BT's networking expertise, in transformational cyber defence platform
  • Eagle-i builds on BT's recent security investment and partner ecosystem to address issues such as a more than 50 per cent increase in malware traffic over the last 6 months

Business and public sector bodies continue to face an exponential growth in the volume and complexity of cyber attacks, with new research from BT identifying a more than 50 per cent increase in malware traffic over the last six months. Alongside a global shortage of skilled security professionals, organisations around the world are struggling to keep a lid on evolving cyber threats and maintain their defences.

In response, BT is launching its most sophisticated cyber defence platform yet — Eagle-i. It combines BT's industry-leading network insight with advances in AI and automation to predict, detect and neutralise security threats before they get a chance to inflict damage. The platform has been designed to self-learn from the intelligence provided by each intervention, so that it constantly improves its threat knowledge and dynamically refines how it protects customers across a multi-cloud environment.

Eagle-i will utilise an AI layer to provide real-time detection of issues and intelligent automated responses, enabling users to significantly speed up their reaction to security issues and outpace their cyber threats. It is also uniquely able to integrate with technologies from across the security ecosystem so that organisations can both optimise their capabilities and spot any holes in their defences without having to replace existing investments. The platform will underpin how BT protects its global operations and provide phased enhancements and increased functionalities for all BT's managed security services.

Security is now at the top of the boardroom and government agenda yet many organisations are seeing their cyber risks increase to unmanageable levels. This situation demands a new, proactive approach. Eagle-i leverages the latest advances in AI and automation to continually monitor, learn and evolve so customers can stay a step ahead of cyber criminals.

Kevin Brown, managing director, BT Security

About BT
BT Group is the UK's leading telecommunications and network provider and a leading provider of global communications services and solutions, serving customers in 180 countries. Its principal activities in the UK include the provision of fixed voice, mobile, broadband and TV (including Sport) and a range of products and services over converged fixed and mobile networks to consumer, business and public sector customers. For its global customers, BT provides managed services, security and network and IT infrastructure services to support their operations all over the world. BT consists of four customer-facing units: Consumer, Enterprise, Global and its wholly-owned subsidiary, Openreach, which provides access network services to over 650 communications provider customers who sell phone, broadband and Ethernet services to homes and businesses across the UK.

Spotlight

Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.

Spotlight

Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.

Related News

PLATFORM SECURITY, SOFTWARE SECURITY, API SECURITY

Traceable AI Announces the Industry’s First API Security Reference Architecture for a Zero Trust World

Businesswire | June 06, 2023

Traceable AI, the industry's leading API security company, today announced the release of the industry's first API Security Reference Architecture for Zero Trust. This groundbreaking reference architecture serves as a guide for security leaders as the industry addresses the urgency of integrating API Security into Zero Trust Security initiatives. Zero Trust, a cybersecurity framework that emphasizes continuous verification and helps to minimize the attack surface, has proven effective in enhancing security for many organizations, from large enterprises, to the US Government. However, traditional Zero Trust approaches have primarily focused on network-level controls and identity access management, neglecting the critical API layer. Traceable’s API Security Reference Architecture is aligned with the NIST Zero Trust Architecture, a publicly available, vendor-neutral framework widely adopted by government entities such as CISA, DoD, DISA, NSA, GSA and NCCoE, as well as by many leading cybersecurity vendors. By leveraging the NIST framework, Traceable ensures compatibility, interoperability, and adherence to industry standards, making it a reliable and trusted guide for organizations implementing Zero Trust for their APIs. The extensive reference architecture provides organizations with a prescriptive methodology to operationalize Zero Trust for APIs: Advanced API Security: The reference architecture gives organizations a way to implement robust security measures specifically designed for APIs, including eliminating implied or persistent trust for APIs, thereby minimizing the risk of API-related vulnerabilities, attacks, and data breaches. Comprehensive Risk Management: The reference architecture recommends incorporating automatic user authentication and authorization, granular data access policies, and asset risk assessments, can organizations can effectively manage and mitigate risks associated with API access and usage. Increased Visibility and Control: The architecture explains why organizations should obtain granular visibility, which allows organizations to monitor and record all API transactions, enabling better analysis, threat detection, and incident response capabilities. Improved Compliance and Data Protection: The automatic identification and classification of sensitive data sets ensure compliance with data protection regulations such as HIPAA, GDPR, and PCI-DSS, reducing the risk of regulatory penalties and reputational damage. Seamless Automation and Orchestration: The reference architecture recommends integration with XDR, SIEM, and SOAR solutions, so organizations can enhance their overall security posture, automate response actions, and streamline security operations. Scalability and Flexibility: The architecture offers a flexible distribution model for PEPs and data collection points, allowing organizations to scale their API security infrastructure based on their unique requirements and architecture. Future-Proofing: By aligning with the NIST Zero Trust Architecture and industry standards, organizations adopting the API Security Reference Architecture can ensure compatibility, interoperability, and the ability to evolve alongside emerging technologies and security best practices. Traceable’s API Security Reference Architecture for Zero Trust introduces a new approach to secure APIs using Zero Trust concepts, acknowledging their unique security requirements. It provides organizations with a comprehensive framework to implement Zero Trust controls specifically tailored to APIs, ensuring the protection of digital assets and mitigating the risk of data breaches. Dr. Chase Cunningham weighs in on Traceable’s approach: "APIs provide a new means of applying controls across enterprise applications, " says Dr. Cunningham, “However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with Zero Trust principles. By combining Zero Trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively." Throughout the past year, Traceable has continued to reaffirm its commitment to extending Zero Trust methodologies to API Security. With the addition of Zero Trust creator John Kindervag and Dr. Zero Trust, Chase Cunningham as Traceable advisors, Traceable continues to strengthen its expertise in this space. To date, Traceable has become a valuable partner to a number of large enterprises as the industry turns its eyes toward the importance of API security. With the rollout of their Zero Trust API Access solution alongside this reference architecture, Traceable continues to lead the industry toward the advancement of API security. This reference architecture is now available for organizations to explore and implement, empowering them to achieve complete API security in a Zero Trust world. About Traceable Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Uptycs Integrates with Amazon Security Lake to Enable the Correlation of its CNAPP and XDR Security Telemetry with a Vast Ecosystem of Security Tools

Prnewswire | June 01, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced an integration with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes security data from across AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers. The integration with Uptycs helps organizations speed up threat detection and incident response by correlating Uptycs telemetry and events with data from a vast number of other security tools. With the proliferation of technologies and environments, security teams need to spend time setting up one-to-one integrations between their tools to correlate threat activity. This is expensive and delays response to security threats. In contrast, a shift up approach to cybersecurity does not need complex integrations and intermediary systems to connect the dots. The premise involves getting the data in a standardized format right out of the gate, and streaming it up into a data lake so security teams can do cross-correlations that speed up threat detection and response. The OCSF project offers a consistent approach towards cybersecurity telemetry by providing a standard schema for common security events, defining versioning criteria to facilitate schema evolution, and including a self-governance process for security log producers and consumers. This enables organizations to easily bring together data from multiple security tools. "We are excited to bring the security telemetry from Uptycs into Amazon Security Lake," says Ganesh Pai, CEO and co-founder of Uptycs. "A key tenet of the shift up approach to cybersecurity is to stream normalized security telemetry into a data lake, moving security analytics processing power to the cloud. Uptycs and AWS customers can now enjoy enhanced protection and faster reaction time as they benefit from standardized OCSF-based telemetry across their on-prem and cloud workloads." Using the OCSF format, Uptycs and Amazon Security Lake allow organizations to have a consistent telemetry, enabling them to easily correlate data from a variety of security, SIEM, and SOAR tools. Uptycs, an AWS Security Competency Partner, will send a wealth of OCSF-formatted data from on-premises and cloud assets to Amazon Security Lake, including behavioral threat detections from endpoints and cloud workloads, anomaly detections, policy violations, risky policies, misconfigurations, and vulnerabilities. Uptycs prospects and customers can get started with the Amazon Security Lake integration by contacting Uptycs. About Uptycs Your developer's laptop is just a hop away from cloud infrastructure. Attackers don't think in silos, so why would you have siloed solutions protecting public cloud, private cloud, containers, laptops, and servers? Uptycs reduces risk by prioritizing your responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across your modern attack surface—all from a single platform, UI, and data model. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SimSpace Expands Partnership with Cymulate to Bolster Customers' Cybersecurity Capabilities

Prnewswire | May 17, 2023

SimSpace, the industry leader in military-grade cyber ranges is today announcing the expansion of their ecosystem. The SimSpace Cyber Force Platform will now help Cymulate customers evaluate and validate their security stack with SimSpace's cyber ranges. According to Cybersecurity Ventures, the total cost of cybercrime in 2023 is expected to hit $8tr and $10.5tr in 2025. Defending against the nation state tactics, techniques and procedures now targeting businesses will be on the mind of every board member and CISO this year. Adopting continuous security improvements will be the key that unlocks cybersecurity resilience, a major theme in Gartner's 2023 cybersecurity predictions. How organizations manage their cyber risk will dictate their security posture and financial optimization in the coming year. SimSpace's Cyber Force platform enables listed companies and critical national infrastructure organizations around the world to test their networks in the highest-fidelity simulated environments commercially available. SimSpace's cyber range will enhance Cymulate customers' ability to perform market-leading team assessments, live-fire exercises and vulnerability exposure. Carolyn Crandall, Chief Security Advocate at Cymulate believes the partnership will reinforce testing and training capabilities for leading businesses: "Our priority is to strengthen the cyber resilience and exposure assessment of our mutual customers, and SimSpace's cyber range will be an integral component in achieving this. Businesses around the world trust Cymulate's breach-and-attack platform to validate their critical processes. With SimSpace's high-fidelity emulation, Cymulate customers can further benefit from the integrated live-fire training and real-world testing capabilities they provide." William "Hutch" Hutchison, co-founder and CEO of SimSpace Inc sees the partnership as an opportunity for growth: "We are excited to develop our partnership with Cymulate to provide world-class cyber readiness training for our mutual partners." "As our customers continue to face unprecedented cybersecurity challenges, this partnership will allow them to continuously develop and improve their defensive abilities. SimSpace's Cyber Force Platform was born out of a need for the highest level of threat detection which has developed into a business necessity in 2023. As bad actors elevate the complexity and frequency of attack paths today, SimSpace's cyber range provides government-grade protection for platforms such as Cymulate to achieve unparalleled cyber preparedness." About Cymulate The Cymulate platform provides threat exposure assessment, Breach and Attack Simulation (BAS), and Continuous Automated Red Teaming (CART) for delivering real-time visibility to vulnerabilities, understanding the efficacy of security controls, and automated testing. The Cymulate platform continuously assesses, optimizes, and rationalizes the state of security controls, while creating baselines for proving security efficacy across the full cyber kill chain and for continuous improvement. About SimSpace SimSpace is the global leader in military-grade cyber ranges, founded by experts from U.S. Cyber Command and MIT's Lincoln Laboratory to respond to a new era of unprecedented cyber threat. The company's Cyber Force Platform enables the most sophisticated enterprises, governments, and critical national infrastructure organizations to find intelligence-driven answers to the most vexing security, governance, training, and cyber readiness questions. SimSpace provides high-fidelity cyber security simulations, training, and safe live-fire exercises previously only available to the U.S. Cyber Command and the world's most advanced intelligence agencies. Now, Fortune 2000 financial, retail, insurance, and other commercial markets can access nation-state level security capabilities to protect their critical assets, with an average reduction in cyber operational costs of 30% and a 40% reduction in breaches.

Read More