DATA SECURITY

CompTIA ISAO Adds Real-time Cybersecurity Threat Analysis and Intelligence Resources from Sophos

CompTIA | August 05, 2021

Advanced cybersecurity threat analysis and intelligence capabilities are now available from the CompTIA Information Sharing and Analysis Organization (ISAO) through an expanded collaboration with global next-generation cybersecurity leader Sophos and it industry-leading and highly acclaimed threat research lab, SophosLabs.

The announcement of the new cyber capabilities was made today by CompTIA, the nonprofit association for the information technology (IT) industry and workforce.

CompTIA ISAO members can directly submit suspicious URLs and files through the ISAO's Cyber Forum to SophosLabs Intelix™ for rapid analysis to determine if they are known or zero-day cybersecurity threats. SophosLabs Intelix combines petabytes of threat intelligence derived from decades of SophosLabs threat research with Sophos AI tools and techniques, bringing a powerful new source of threat intelligence to the CompTIA ISAO and its managed services provider (MSP), vendor, distributor, and associate members.

"SophosLabs research illustrates how adversaries are constantly changing their tactics, techniques and procedures (TTPs) to breach targets, move laterally and carry out ransomware and other attacks," said Simon Reed, senior vice president, SophosLabs. "The only way to effectively fight modern cybercrime is if we do it together. That's why Sophos is committed to sharing actionable threat intelligence with the CompTIA community. This new integration gives member organizations advanced abilities to quickly investigate suspicious URLs and files to determine their risk and to understand what happens if they are opened or executed. Powered by machine learning, SophosLabs Intelix predictively convicts never-before-seen threats, and is constantly improving based on the collective input of community intelligence."

"This is a real differentiator for our members, who can access a powerful analysis resource to identify, classify and prevent threats, further protecting themselves and more importantly, their customers," said MJ Shoer, senior vice president and executive director of the CompTIA ISAO.

The new integration expands Sophos' support of the CompTIA ISAO. As a Silver Industry Partner, Sophos has been contributing detailed threat analysis from SophosLabs Uncut to the CompTIA ISAO.

"This is a significant addition to the resources available to our members," Shoer added. "It is the latest example of the support that industry partners such as Sophos have for the CompTIA ISAO, and the commitment we all have to make the industry more secure."

The CompTIA ISAO is a community of nearly 1,200 member companies that share best practices, cyber threat intelligence, educational content and more to help address ever-evolving cyber threats. Working closely with public and private cybersecurity agencies and organizations, the CompTIA ISAO is helping its members understand the threat landscape, defend against current and future attacks and raise cybersecurity awareness throughout the global tech industry.

About CompTIA
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world's economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce.

About Sophos
Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today's most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K.

Spotlight

A Denial of Service (DoS) attack attempts to deny a user access to a network resource or services. A Distributed Denial of Service (DDoS) attack originates from multiple sources, making it far more difficult to defend.

Spotlight

A Denial of Service (DoS) attack attempts to deny a user access to a network resource or services. A Distributed Denial of Service (DDoS) attack originates from multiple sources, making it far more difficult to defend.

Related News

DATA SECURITY

Achieve Partners Backs Cybersecurity Platform to Tackle Global Talent Shortage

Achieve Partners | September 06, 2021

Achieve Partners today announced the acquisition of Metmox, a leading Managed Security Service Provider (MSSP) to Fortune 500 companies. The acquisition is the latest in Achieve's new fund, which builds apprenticeship programs that provide on-the-job skills training and connections to career pathways in high-growth industries. "While cyber threats are growing in number and sophistication amid increasing levels of remote work and cloud adaption, the global security workforce is struggling to keep up," said Srikanth Parepally, CEO of Metmox. "Achieve's acquisition of Metmox is about building new pipelines of talent that can help America's most important businesses keep hackers at bay, and solve one of the most urgent challenges facing the future of business and society." Although there are nearly 500,000 unfilled cybersecurity positions in the U.S., and more than eight in 10 employers report a shortage of cybersecurity skills, the industry remains all but closed-off to entry-level workers. Eighty-five percent of cybersecurity jobs require at least 3 years of work experience, and 88 percent require a bachelor's degree. As part of its investment in Metmox, Achieve Partners will lead the development of a large-scale cybersecurity apprenticeship program that will prepare entry-level talent to succeed in cybersecurity careers with apprentices transitioning to full-time roles with Metmox and its clients. "As the world of work becomes increasingly remote and the digital transformation of the labor market accelerates, the need for cybersecurity solutions has never been greater," said Ira Goldstein, Metmox Board Chairman. "We're creating a faster, cheaper pathway to help fill the millions of open cybersecurity positions worldwide while also enabling employers to tap new talent pools to meet one of their most critical needs." "The cybersecurity infrastructure of businesses and governments alike will remain vulnerable until we're able to train the workers who can act as our first line of defense," said Aanand Radia, Managing Director at Achieve Partners. "In partnership with Metmox, we're helping the country's largest employers close a widening talent gap, in order to better protect the complex systems that keep the economy – and society – functioning." About Achieve Partners Achieve Partners is engineering the future of learning and earning by investing in cutting edge technologies and novel business models to bolster skill development and secure the future of work for millions of Americans. By harnessing digital transformation to build new models for learning and new pathways to good jobs, Achieve is helping to level the playing field, improve socioeconomic mobility, and rekindle the American Dream. www.achievepartners.com About Metmox Metmox is a next generation Managed Security and Network Solutions Provider delivering meaningful outcomes to secure customers through technology innovation and investing in talent, paired with an extreme focus on customer satisfaction. As the pace of change accelerates, our tools and expertise build custom-tailored methods to cyber-secure Metmox clients. Metmox is ranked as one of the top security operations providers in the world by MSSP Alert's Top 250 list in 2020.

Read More

DATA SECURITY

Optiv Security Launches Next-Gen Managed XDR to Stop Threats Earlier in Attack Lifecycle, Minimize Business Impact

Optiv | August 09, 2021

Optiv Security, the leading end-to-end cybersecurity solutions partner, launched its Managed Extended Detection and Response (MXDR) offering at Black Hat USA 2021. The technology-independent offering enables clients to take rapid and decisive action against today's most critical cyberattacks and strengthen their security posture. "Optiv MXDR brings simplicity, transparency and automation to clients' environments, enhancing existing defenses to counter known and emerging threats with confidence and speed," said David Martin, chief services officer for Optiv. "What's more, we can seamlessly leverage the power of Optiv to extend and layer the offering with a full suite of complementary services like remediation, incident response, threat hunting, and beyond." Optiv MXDR is the only managed cloud-based, next-gen advanced threat detection and response service that ingests data across various layers of technologies to correlate, normalize, enrich, and enable automated responses to malicious activity in real-time. By automating incident investigation with actionable insights, organizations can detect threats faster and prioritize which threats to mitigate first, significantly reducing the attack surface. "We know the threat landscape; both what's at stake and how to circumvent threat actors while significantly reducing time to detect and respond," said John Ayers, XDR vice president for Optiv. "We meet clients where they are and customize our continuously managed approach to ease the burden of the unknown and allow teams to detect, respond and remediate threats faster while also automating deeper investigation for future improvements." Devo has been named a foundational partner in Optiv MXDR, delivering scalable, cloud-native logging and security analytics via the Devo Platform, enabling full visibility across cloud and on-premise environments for Optiv customers. "Security teams are eager to learn more about XDR as they look to consolidate their security stack for greater efficiency and accuracy in threat detection and response," said Ted Julian, SVP of Product at Devo. "Two constraints have always stood in their way: lack of real-time access to historical data, and the inability to collect and analyze the massive data volumes associated with modern operational environments. Devo eliminates these concerns and is uniquely qualified to power solutions like Optiv's MXDR." Optiv delivers threat management solutions to more than 60 percent of Fortune 500 companies. View the complete MXDR service brief and find out how organizations can enhance their security posture with Optiv. Optiv Security: Secure your security.TM Optiv is a security solutions integrator "one-stop" trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, cyber operations, identity and data management, and integration and innovation, helping organizations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment.

Read More

DATA SECURITY

Use NetSPI's New Ransomware Attack SimulationTo Improve Ransomware Attack Resiliency

NetSPI | June 18, 2021

The leader in attack surface management and enterprise penetration testing, NetSPI, has announced its new service for ransomware attack simulation., In collaboration with its ransomware security experts, the new service enables organizations to emulate ransomware families of real-world to find and fix dangerous susceptibilities in their defenses for cybersecurity. Major cybersecurity gaps were exposed globally in the recent ransomware attacks. The Biden administration in the U.S. urges all business leaders to take enough precautions to get away from ransomware. Deputy national security advisor for emerging and cyber technology, Anne Neuberger, recommends various companies in a recent memo to use third-party pentester to test the security of the systems and the ability to defend a sophisticated cyber-attack effectively. NetSPI closely collaborates during a ransomware attack simulation engagement with companies to simulate sophisticated ransomware techniques, tactics, and procedures (TTPs) utilizing its tailor-made technology for breach and attack simulation. Following each engagement, organizations get access to NetSPI's technology to run custom plays independently and unceasingly assess how well their cybersecurity platform will hold up to a ransomware attack. About NetSPI NetSPI, the leader in attack surface management and enterprise security testing, has a partnership with the most significant global cloud providers, nine of the top 10 U.S. banks, many of the Fortune® 500, and three of the world's five largest healthcare companies. NetSPI experts perform deep dive manual penetration testing of network, application, and cloud occurrence surfaces, historically testing over 1 million resources to find 4 million specific vulnerabilities. NetSPI is headquartered in Minneapolis, MN, and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Read More