DATA SECURITY

Cyber Threat Intelligence to be Launched by TruKno for the 99%

TruKno | July 15, 2021

TruKno has announced a new Cyber Threat Intelligence SaaS subscription. The subscription aims at helping various organizations to reduce the risk of cyber threats by empowering their entire IT security staff with actionable, easy-to-use, and real-time cyber threat dashboards.

Powered by digitization of commerce across the globe, growth of remote workers, the exponential rise of internet-connected devices, and surge in nation-state adversaries and well-financed organized cyber-crime groups, cybersecurity has become one of the main risks facing enterprises and organizations. New high-profile breaches have exposed that challengers are abusing zero-day or known susceptibilities to penetrate enterprise networks via aiming critical OT infrastructure, cryptojacking cloud environments, highly sophisticated supply chain attacks, etc.

Solution of TruKno can be consumed as SaaS-based threat dashboards or via easy-to-use Application Programming Interfaces (APIs) that enable enterprises to directly integrate TruKno Threat Intelligence into their existing security and risk management technologies & workflows. Further, TruKno is vigorously building a system of ‘out of the box’ product combinations for SIEM (Splunk Enterprise Security, LogRhythm, etc.), IOC enrichment (VirusTotal is available today), and Susceptibility Management (Tenable, Qualys, etc.).

About TruKno

TruKno is the leading and the first platform built from the ground up to take Cyber Threat Intelligence to the grassroots. Based in Denver, TruKno provides actionable, easy-to-use, and real-time APIs and cyber threat dashboards to allow security teams to decrease the jeopardy of breach by effortlessly keeping up with the ever-dynamic cyber threat setting.

Spotlight

Security Challenges: Integrating Mac into Windows Environments Apple® Mac devices are growing in corporate popularity by the day. It’s up to IT departments to make sure that these devices utilize all resources in the environment, as well as ensure they’re visible and managed. This can be a challenge, as Mac® and Windows are very different, and Mac devices remain a minority in Windows-dominant environments. Determining how to incorporate Mac into a Windows infrastructure includes a number of factors, such as: the number of devices that need support; what type of access they require; and what tools and systems an organization already has. IT departments also need to figure out how to integrate Mac with existing Windows and Active Directory domains. In Windows-centric organizations, managing Mac is not the highest priority on the IT project list for a variety of reasons. Few IT teams have expertise in managing Mac. Familiar techniques for managing PCs don’t help, and the best practices for dealing with Mac in a complex enterprise infrastructure can be convoluted and are not widely known.

Spotlight

Security Challenges: Integrating Mac into Windows Environments Apple® Mac devices are growing in corporate popularity by the day. It’s up to IT departments to make sure that these devices utilize all resources in the environment, as well as ensure they’re visible and managed. This can be a challenge, as Mac® and Windows are very different, and Mac devices remain a minority in Windows-dominant environments. Determining how to incorporate Mac into a Windows infrastructure includes a number of factors, such as: the number of devices that need support; what type of access they require; and what tools and systems an organization already has. IT departments also need to figure out how to integrate Mac with existing Windows and Active Directory domains. In Windows-centric organizations, managing Mac is not the highest priority on the IT project list for a variety of reasons. Few IT teams have expertise in managing Mac. Familiar techniques for managing PCs don’t help, and the best practices for dealing with Mac in a complex enterprise infrastructure can be convoluted and are not widely known.

Related News

Backed by Clearlake Capital and TA Associates, Ivanti announces MobileIron to further automate and safe endpoints

prnewswire | September 28, 2020

Ivanti, Inc. , which automates IT and Security Operations to discover, manage, secure and service from cloud to edge, and is backed by affiliates of Clearlake Capital Group, L.P. (together with its affiliates, "Clearlake") and TA Associates, today announced it has signed definitive agreements to acquire MobileIron Inc. ("MobileIron"), a leading provider of mobile-centric unified endpoint management solutions, and Pulse Secure LLC ("Pulse Secure"), a leading provider of secure access and mobile security solutions.

Read More

DATA SECURITY

Integrating with ServiceNow, SentinelOne to Unify IT and Security

SentinelOne | January 12, 2022

SentinelOne an independent cybersecurity platform firm has recently announced the launch of SentinelOne App for ServiceNow Security Incident Response (SIR).The integration brings together security and IT personnel for more effective incident response. Joint clients can utilize the ServiceNow platform to triage threats because SentinelOne is connected directly. The connection enables security, and IT teams to quickly implement a coordinated, comprehensive, and automated incident response plan across endpoints and cloud environments. Additionally, the SentinelOne Singularity Marketplace and the ServiceNow Store have the app. “The industry is under constant attack every day, as organizations grapple with vulnerabilities like log4j. Having enterprise-wide visibility and protection from SentinelOne Singularity helps our team understand the potential impact in just a few clicks. We use ServiceNow as our incident management and workflow automation platform - together our team has a single pane of glass for incident collaboration to mitigate threats in real-time.” - Identity and Endpoint Security Architect, Global Manufacturer Because ransomware and other forms of malware are becoming more common, IT and security teams must work together to prevent attacks. Unfortunately, many businesses rely on a slew of disparate tools to run their cybersecurity initiatives. As a result of the inefficiencies and alert fatigue, avoidable cyber events occur, posing a risk to the company. XDR solutions shift the paradigm, recasting cybersecurity as a problem of data and workflow automation. The SentinelOne App for ServiceNow Security Incident Response rapidly syncs threats from SentinelOne into the ServiceNow Incident Response module for a unified security program. An incident responder in ServiceNow can see all relevant incident details about the threat, such asthe event status and threat notes, as well as any additional context or notes produced in either platform. When the incident responder concludes that remedial action is required, ServiceNow can activate SentinelOne's automated response actions to destroy, quarantine, remediate, or even roll back any threat's potential impacts. “Streamlining threat investigation, response, and remediation workflows leads to significant risk reduction,Combining SentinelOne with ServiceNow gives defenders and incident responders the workflows they need to improve remediation across security and IT domains.” David Baldwin, Product Director, Ecosystem, SentinelOne

Read More

DATA SECURITY

Code42 and Okta Collaborate to speed up the Right Response During insider Risk Investigations.

Code42 | April 07, 2021

Code42, the pioneer in Insider Risk Management, today reported that its IncydrTM data risk detection and response product has been integrated with Okta Identity Cloud, the leading user identity management solution. The integration combines Code42's unique data-centric approach to insider risk with Okta's leading approach to identity and access, making it easier for security buyers to build Zero Trust data security environments. Since the integration automates access controls, provides additional user context, and automates response workflows for departing or high-risk users, security teams can execute smoother, more effective investigations. Today's distributed and remote workforces, enabled by the advancement of collaboration technology, have generated an exponential risk of data leakage by shifting the perimeter from the network to the endpoint,” said Ananth Appathurai, senior vice president of strategic partnerships and ecosystem at Code42. “The Code42-Okta integration is a powerful way to pair access controls with best practices for insider threats to enhance security postures.” Without proper access controls, data can be deliberately or accidentally exfiltrated. Users that exhibit potentially risky file behavior will have their permissions lowered so they no longer have access to confidential files thanks to the integration. Around the same time as permissions are restricted, a security investigation is conducted to review suspicious file movements so that effective response measures can be taken. Okta administrators and information security teams will use this mechanism to accelerate and coordinate cross-functional initiatives to reduce insider risk in their organizations. “Identity is crucial in KNOWING who is accessing data and where they are accessing it,” said Stephen Lee, vice president, technical strategy and partnerships at Okta, Inc. “Okta's goal is to enable everyone to use any technology safely. This integration begins in that direction, enabling enterprises to use access controls as an important tool for protecting data through their distributed workforces.” Using the Code42-Okta integration, security teams will use user identity to track high-risk users and optimize insider risk management platforms, as well as: • Reduce the risk of insider threats by automating and applying conditional user access controls based on predefined risk tolerance. • To identify behavior risk factors such as remote operation, off-hour file events, and attempts to hide exfiltration, provide additional useful information by provisioning role-based user attributes. • To accelerate investigations and efficiently mitigate insider threats, streamline and simplify response workflows for departing and high-risk employees. About Code42 Code42 is the market leader in Insider Risk Management. The Code42 Incydr solution, which is cloud-native, detects data loss, leaks, and theft quickly and speeds incident response – all without involving extensive implementations, complex policy management, or interfering with employee efficiency. Security experts will use Code42 to secure organizational data and reduce insider risks, all while fostering an open and inclusive atmosphere among employees. Code42's Insider Risk solution is FedRAMP authorized and can be configured for GDPR, HIPAA, PCI, and other regulatory frameworks. It is backed by security best practices and control requirements.

Read More