DATA SECURITY
Balbix | August 04, 2021
Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the launch of its Automated Cyber Risk Quantification (CRQ) solution. Balbix's new offering allows organizations to produce a single, comprehensive view of their cyber risk in dollars (or other currencies) so they can prioritize and fix security vulnerabilities faster and reduce breach risk by 95% or more. For example, to protect itself against ransomware attacks, an organization could use Balbix to identify the assets that would be most costly if held to ransom and quickly act to reduce these risks.
Automated cyber risk quantification
Calculating breach risk in monetary terms provides a common language that organizations - from security engineers and IT admins to the CISO, CFO and CIO - can use to prioritize projects and spending, and track the effectiveness of their overall cybersecurity program. However, most organizations have struggled with measuring cyber risk due to their reliance on complicated manual processes and dozens of isolated IT, security and business tools.
The Balbix Automated CRQ solution uses machine learning and automation to quantify both the likelihood and the impact of a potential breach, and remove complex and error-prone tasks. As a result, organizations can:
Build a unified cybersecurity asset management program
Prioritize enterprise vulnerabilities
Quantify cyber risk in monetary terms
Customize security analytics and board-level reporting
"Balbix is an industry-leading platform that consolidates cyber risks into a single reportable model," said Rhonda Gass, Chief Information Officer at Stanley Black & Decker. "This technology is enabling us to scorecard our risk remediation performance and gain continuous visibility into open security issues."
"The Infosec industry has struggled for a long time to quantify the security posture of their organizations in clear cyber risk terms denominated in Dollars (or Euros, Pounds, Yen, etc.),'' said Jon Oltsik, Senior Principal Analyst and Fellow at ESG. "As a result, the right decisions don't get made, leaving the enterprise vulnerable to attack and compromise. Balbix's innovative offering has the promise of changing this equation."
Seamless data collection
Balbix also released new streaming and snapshot connectors. Streaming connectors are agentless and connect via API to the data source and pull in data on a specified schedule and thus are easy to deploy and manage. Snapshot connectors are used to ingest data using .csv or other formats. Organizations can use these connectors to ingest data from dozens of data sources including vulnerability assessment tools, CMDB, EDR, firewalls, SIEM, MDM systems, AppSec systems, OT/IoT management systems, Active Directory, DNS/DHCP and cloud infrastructure APIs. Moreover, the connectors are highly scalable. For example, Balbix typically ingests several 100s of terabytes per day from customers with environments containing 250,000 assets.
"We are very pleased to introduce our new cyber risk quantification offering," said Gaurav Banga, Founder and CEO of Balbix. "Cybersecurity tools generate mountains of data. Traditionally, infosec teams have had to sift through massive vulnerability scans, attack simulation reports and app vulnerability results to prioritize issues that should be addressed first. Then they had to explain their actions to non-cyber stakeholders in business risk terms. This has been an impossible job. The new Balbix Automated CRQ solution makes easy work of this task by automating much of the workflow."
About Balbix
Balbix provides the world's leading platform for cybersecurity posture automation. Using Balbix, organizations can discover, prioritize and mitigate unseen risks and vulnerabilities at high velocity. With seamless data collection and petabyte-scale analysis capabilities, Balbix is deployed and operational within hours, and helps to decrease breach risk immediately. Balbix counts many global 1000 companies among its rapidly growing customer base and was named a "Cool Vendor" by Gartner in 2018.
Read More
DATA SECURITY
Vectra AI | August 06, 2021
Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.
As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found:
64% of DevOps respondents are deploying new workload services weekly or even more frequently
78% of organizations are running AWS across multiple regions (40% in at least three)
71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.)
The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include:
30% of organizations surveyed have no formal sign-off before pushing to production
40% of respondents say they do not have a DevSecOps workflow
71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers.
Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure.
"Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness."
Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS.
To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report or read our companion blog.
About Vectra
Vectra is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office 365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem.
Read More
DATA SECURITY
EnGenius Technologies Inc | November 12, 2021
EnGenius Technologies Inc., a worldwide manufacturer of future-proof enterprise networking solutions, today introduced two brand new cloud-managed Wi-Fi 6 security access points, the ECW230S and ECW220S with the EnGenius AirGuard™ system.
As remote network access and a growing number of Bluetooth/IoT devices create more attack surfaces than ever before, enterprise networks are increasingly vulnerable to data breaches and cyber-attacks. In response, EnGenius has expanded its security features to include new Wi-Fi 6 cloud-managed security access points ideal for information-sensitive financial, medical, and distributed enterprise networks.
Unlike other Wi-Fi security solutions that scan outside peak times, the EnGenius Cloud security APs come equipped with EnGenius AirGuard™, an intelligent wireless security system that identifies and neutralizes threats 24/7. Using dedicated scanning radios, AirGuard™ security APs scan the environment non-stop for attacks—evil twins, rogue APs, flood detection, man-in-the-middle attacks, and radio frequency jammers—without degrading network performance at all.
The new security APs also feature professional-grade RF spectrum analysis that visualizes radio frequencies at a glance to ensure all SSIDs are authorized, and the most efficient channels are utilized. Its zero-wait DFS avoids disruption from radar detection and provides an uninterrupted change of channels when needed. In addition to identifying unauthorized devices, the security APs also detect all Bluetooth devices nearby.
Keeping your network secure is challenging. According to recent statistics, phishing is responsible for 90% of enterprise data breaches that are costing billions of dollars in lost revenue and downtime. Rogue devices are often the gateway to such attacks. EnGenius is moving aggressively into the Wi-Fi network security space, offering end users a seamless all-in-one cloud-managed security solution without the need to purchase multiple off-the-shelf solutions to handle costly cyberattacks.
Key Features:
Wireless intrusion detection system (WIDS) - for threat detection
Wireless intrusion protection system (WIPS) - for attack remediation
Dedicated scanning radios - for 24/7 wireless security monitoring
RF spectrum analysis - for identifying clean channels and ensuring all SSIDs are legitimate
Wi-Fi 6 technology - for high-performance Wi-Fi in high-density, multi-device environments
Zero-wait DFS – to avoid client disruption when radar is detected on DFS channels
Bluetooth 5 low energy – for BLE device detection and location-based extended advertising.
"With over twenty years of delivering high-quality networking solutions, we are excited to continue leading the industry by strengthening our industry-acclaimed cloud management system with an integrated high-performance wireless security solution. The ECW230S and ECW220S will be able to identify and prevent Wi-Fi security threats in real time without any performance degradation,We are determined to provide our customers with even stronger security tools to counter the constant, increasingly sophisticated attacks on their networks and sensitive enterprise data."
Andy Chang, global vice president of marketing and sales at EnGenius Technologies
About EnGenius
EnGenius Technologies is a leading global manufacturer of pioneering wireless communications that empower mobility, enhance productivity, and embrace simplicity. For more than 20 years, EnGenius has shipped millions of radios that provide feature-rich, reliable, personalized voice and data solutions worldwide, making connected networks simple, smart, and secure. EnGenius Cloud solutions deliver reliable performance, easy installation, predictive analysis, and real-time insights to drive the success of your business. A leader in premise mobility communications, the EnGenius cordless business telephone systems and durable handsets provide reliable, long-range connectivity to handle the great outdoors, multi-story buildings, and the most challenging of environments.
Read More