DNSFilter | December 15, 2023
DNSFilter today announced the addition of a new Malicious Domain Protection feature to its protective DNS software, building on its machine learning capabilities. This feature bolsters DNSFilter's enterprise-grade defenses providing better visibility and protection against Domain Generation Algorithms used in malware, botnet and other malicious domains, in addition to other threat vectors. This expands the company's threat detection capabilities and its ability to block large lists of undesirable domains and the security threats they pose.
Enterprise security teams that manage and secure both modern and legacy infrastructure struggle to protect end users from all categories of web-based threats. DNSFilter scans every domain its customers access to identify zero-day threats and prevent access before they infiltrate the network. Malicious Domain Protection leverages new ML capabilities to assist in the identification of risky domain strings, which includes domain generation algorithms (DGA) and other threat vectors. DGAs are used in malware to generate up to 250,000 domain names each day for use as rendezvous points with their C&C servers.
Malicious Domain Protection can identify more threats, including phishing, cryptojacking, botnet, ransomware and other spam domains, and catch them sooner. In the testing phase, Malicious Domain Protection identified more than 7,000 risky domains not yet identified by any other feeds. Threats were identified up to 10 days ahead of other third-party feeds with one domain being caught 59 days ahead.
David Elkind, chief data scientist, DNSFilter, said: "We are constantly working to offer better awareness and remediation of threat vectors. DNSFilter has a powerful data collection engine, supplemented by third-party feeds and we are always innovating new ways to use this data to protect our customers. We intend to take full advantage of all this data to protect our customers. With this new addition, our customers have even more safeguards."
DNSFilter is redefining how organizations secure their largest threat vector: the Internet itself. DNSFilter is making the internet safer and workplaces more productive. In 2022 the threat protection leader blocked 9.1 billion threats, more than any other threat detection software globally. With 70% of attacks involving the Domain Name System (DNS) layer, DNSFilter provides protective DNS powered by machine learning that uniquely identifies 61% more threats than competitors on an average of seven days earlier, including zero-day attacks.
Over 26 million monthly users trust DNSFilter to protect them from phishing, malware, and advanced cyber threats. DNSFilter's brands include Webshrinker, its next generation web categorization software, and Guardian, a consumer app focused on privacy protection.
D3 Security | January 08, 2024
D3 Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. D3 Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.
“In the context of security, AI’s impact is likely to be profound, tilting the scales in favor of defenders and empowering organizations to defend at machine speed. At Microsoft, we are privileged to have a leading role in advancing AI innovation, and we are so grateful to our incredible ecosystem of partners, whose mission-driven work is critical to helping customers secure their organizations and confidently bring the many benefits of AI into their environments,” said Vasu Jakkal, Corporate Vice President, Microsoft Security.
D3 Security is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility.
“D3 has always pushed SOAR technology forward, be it through our deep research into integration design; our Event Pipeline, which reduces alert-handling time by up to 99%; or our operationalizing of the MITRE ATT&CK and D3FEND frameworks,” said Gordon Benoit, President, D3 Security. “By teaming with Microsoft in the Security Copilot Partner Private Preview, we will be able to use AI to evolve SOAR in ways that would have sounded impossible just a year ago.”
Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft's unique global threat intelligence and more than 65 trillion daily signals.
About D3 Security
D3 Security’s Smart SOAR™ (security orchestration, automation, and response) solves entrenched problems in cybersecurity by transforming separate tools into a unified ecosystem with multi-tier automation, codeless orchestration, and robust case management. Smart SOAR performs autonomous triage and reduces false positives so enterprise, MSSP, and public sector security teams can spend more time on real threats.
Product or service names mentioned herein may be the trademarks of their respective owners.
Fortinet | December 19, 2023
Fortinet (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the latest release of new, integrated operational technology (OT) security solutions and services. These additions further distance Fortinet’s industry-leading OT Security Platform from the rest of the market.
“We understand that OT differs significantly from traditional IT systems, and that’s why our OT Security Platform was purpose-built to provide integrated protection and risk management specific to industrial environments,” said John Maddison, Chief Marketing Officer and EVP, Product Strategy at Fortinet. “Rising attacks on critical infrastructure have made OT security more important than ever before. With today’s news, Fortinet continues to empower customers with the most sophisticated OT solutions and intelligence in the industry.”
The Need for Integrated OT-Specific Security
The number of industrial devices connected beyond their network boundaries is rapidly increasing, and CISOs now face skyrocketing risks across their OT environments. In fact, Fortinet found that three-fourths of OT organizations reported at least one intrusion in the last year, and nearly one-third reported being victims of a ransomware attack. To solve this challenge, organizations need an integrated security approach designed specifically for industrial solutions that enables policy enforcement across the entire attack surface, consolidates point products, and reduces operational overhead.
Bolstering the Fortinet OT Security Platform with New and Enhanced Offerings
The Fortinet OT Security Platform is an integrated portfolio of cybersecurity products, solutions, and security services designed specifically for industrial networks and powered by real-time OT threat intelligence. Because the OT Security Platform is a part of the Fortinet Security Fabric, it empowers customers with deep visibility across their entire environment and securely facilitates IT/OT convergence. The platform also gives organizations the ability to implement a zero-trust model within OT environments, including secure remote access to OT assets and systems for remote employees and contractors.
OT Security Platform updates announced today, which build on improvements unveiled earlier this year, span two key pillars of the Security Fabric:
Secure Networking for OT
The new FortiSwitch Rugged 424F is an industrial-class ethernet switch (IES) designed to address the requirements of digital substations and the power utility industry. The switch supports real-time OT networking protocols and integrates with FortiGate Next-Generation Firewalls (NGFWs) for comprehensive security and access control.
The new FortiAP 432F access point meets Class 1, Division 2 requirements for use in hazardous OT environments. It can segment industrial Wi-Fi networks to prevent attacks from spreading across unprotected devices and systems. This expansion of the IP67-rated access-point line now enables the deployment of additional OT applications in industries such as oil and gas.
The new FortiExtender Vehicle 211F wireless gateway is a semi-ruggedized mobility solution for connected fleets, mobile systems, and OT deployments. It was also designed to meet the requirements of the AT&T FirstNet wireless communications network for first responders.
FortiOS, Fortinet’s operating system, has been updated with the OT View dashboard, which correlates and displays important OT data. This dashboard makes it easy for organizations to understand their entire attack surface—both IT and OT—and take action from a single console.
Security Operations and Services for OT
FortiAnalyzer now includes OT-specific analytics, risk, and compliance reports, providing security operations teams with faster threat detection, asset and vulnerability correlation, and reporting.
FortiNDR, which supports on-premises, cloud, and hybrid deployments, can now analyze more than 15 different OT-network protocols. It also includes AI-powered OT-network behavior analysis to identify malicious network activity and files.
FortiDeceptor, Fortinet’s deception technology for early breach and attack isolation, now supports 30 OT protocols and additional OT decoys to protect diverse industrial environments.
The FortiGuard OT Security Service boasts the industry’s deepest OT threat intelligence database and now covers more than 70 OT protocols and more than 4,000 OT application and device vulnerability signatures. These signatures enable strict access control policies on network traffic and provide virtual patching for vulnerable OT assets.
FortiGuard Outbreak Alerts, an industry-leading cybersecurity resource, now includes critical information about OT-specific threats. This empowers customers with the information they need to harden their systems against new and emerging attacks following the NIST Cyber Security Framework.
"IT and OT are converging and these colliding environments are increasing overall risk. Our clients require robust OT solutions and services without extensive deployments that complicate administration and place additional strain on IT and security teams. Through the Fortinet OT Security Platform, we can provide clients with a unified approach of safeguarding both the carpeted side of a business as well as the concrete side of the business. We eagerly anticipate introducing these updated and novel offerings to our customer community." – Dan Sanderson, VP of Strategy, Cyber Advisors
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.