DATA SECURITY

Cyble Launches Dedicated Managed Security Service Provider (MSSP) Program to Empower Industry-leading MSSPs

Cyble | June 16, 2022

Cyble
Cyble, the Y Combinator-backed leader in AI-powered global cyber threat intelligence, is proud to announce its latest threat intelligence platform for the Managed Security Service Providers (MSSPs). Through the new program, Cyber MSSP partners can benefit from a comprehensive dashboard comprising advanced threat intelligence and cybercrime monitoring and mitigation. It will be instrumental in enabling both customers and partners to work in tandem towards achieving their cybersecurity goals.

The platform is designed to empower Cyble’s MSSP partners with an enhanced control to provide, configure, and monitor all services provided by Cyble Vision as a software suite to its end customers. This new update brings in features such as a multi-admin management console, seamless access to the user hierarchy dashboard for the easy understating of customer distribution and ownerships, centralized dashboards and consoles for access, and the ability to manage and maintain end-user dashboards from their own accounts. Additionally, it also enables tracking of all customer alerts, thereby fostering early intervention and safeguarding customer assets & interests.

Manish Chachada, COO and Co-founder of Cyble, said, “The launch of our MSSP program is a key development in Cyble’s journey. It will enable our partners to extend Cyble’s Threat Intelligence, Digital Risk Protection Services, and Darkweb and Cybercrime Monitoring capabilities to customers worldwide, ensuring seamless integration with their environment. We are completely committed to the needs of our clients and partners, and the ability of our MSSP program to provide users with a single intuitive dashboard for AI-enabled threat management, advanced threat hunting, and mitigation response has been a key differentiating factor against competitors.”

“Strategic partnership is a critical necessity for organizations due to the unprecedented need to quickly and efficiently address takedowns, incident response, 3rd party risk scoring, and monitoring emerging risks etc. The MSSP program will pave way for cost savings with ROI and access to increased visibility, operational efficiencies, control, and actionable intelligence for our partners' clients.”

Mandar Patil, Vice President International Market and Customer Success at Cyble

The MSSP platform comes with upgraded threat detection abilities backed by AI-based innovation, unlimited scalability, open platform with the capability to integrate effectively, and is governed by the GDPR privacy mandates. The news closely follows Cyble’s recent announcement on being the winner in 8 categories of the prestigious 10th Annual Global InfoSec Awards by the elite Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine.

“We are incredibly excited to release this core module to a broader partner base and can’t wait to help a larger enterprise community. This is an outcome of having worked tirelessly to design a solution that enhances the threat detection and proactive mitigation capabilities of our clients. MSSP partners look for nothing more than comprehensive, easy-to-navigate, secure solutions that provide the best-in-class threat intelligence and digital risk protection. Our solution does just that! Our excitement knows no bounds as we look forward to strengthening our existing strategic MSSP partnerships besides onboarding new partners worldwide,” said Beenu Arora, CEO, and Co-founder of Cyble.

About Cyble
Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure on the Surface web, Deepweb, and Darkweb. Its prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Blackbird Ventures, Xoogler, and Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Start-ups, along with several other industry recognitions. Headquartered in Georgia, United States, and with offices in Dubai, Australia, Singapore, and India, Cyble has a global presence.

Spotlight

The cornerstones of a proactive security strategy are vulnerability management and risk assessment. However, traditional "scan-and-patch" vulnerability scanning approaches are inadequate for dynamic, virtualized environments. Traditional scanners cannot track changes in real time, so they cannot accurately measure constantly changing risks. Anyone charged with securing IT assets needs to understand the dynamic security risks inherent to virtualized environments, and more importantly, what to do to mitigate those risks. This whitepaper explores the challenges of securing a virtualized environment and gives actionable solutions to address them.

Spotlight

The cornerstones of a proactive security strategy are vulnerability management and risk assessment. However, traditional "scan-and-patch" vulnerability scanning approaches are inadequate for dynamic, virtualized environments. Traditional scanners cannot track changes in real time, so they cannot accurately measure constantly changing risks. Anyone charged with securing IT assets needs to understand the dynamic security risks inherent to virtualized environments, and more importantly, what to do to mitigate those risks. This whitepaper explores the challenges of securing a virtualized environment and gives actionable solutions to address them.

Related News

SOFTWARE SECURITY

LogRhythm Accelerates Threat Detection Capabilities with Innovations to Product Suite

LogRhythm | July 06, 2022

LogRhythm, the company helping busy and lean security operation teams save the day, today announced the launch of version 7.9 of the LogRhythm SIEM Platform and updates to LogRhythm NDR and LogRhythm UEBA. “LogRhythm arms security teams with intelligent analytics and automated responses to reduce cybersecurity exposure, eliminate blind spots and quickly shut down attacks,” said Kish Dill, chief product and customer officer at LogRhythm. "The company is changing the way we work by becoming customer-centric throughout our whole organization. We are listening to our customers and promise to deliver quarterly innovations that address the challenges our customers face every day. We recognize that security teams don’t have time to spare on long processes and inefficient workflows. With these latest updates, security teams will have the tools they need to make operations more effective and efficient to defend their organization against today’s top threats.” LogRhythm 7.9, LogRhythm NDR and LogRhythm UEBA (formerly CloudAI) provide new features designed to help security teams overcome everyday obstacles by accelerating threat response, improving workflows and simplifying processes, including: Faster time to value through improved analyst workflows Enhanced automation with Admin API: LogRhythm 7.9 improves the Admin API by adding system monitoring management (LogRhythm SysMon) endpoints to the API library. This enables SIEM administrators to connect through the Admin API and manage the SysMon agent, allowing for automated process batching. Embedded Expertise: LogRhythm accelerates customer time to value through its out of the box LogRhythm SmartResponse™. LogRhythm 7.9 includes added and enhanced SmartResponses to its already extensive library of over 120 integrations. Enable packet capture in UI: LogRhythm NDR users can download PCAP files for specific incidents and cases to pull in more detail, helping investigations and improving threat hunting. Easier and faster event log filtering: LogRhythm 7.9 includes a new way to filter logs at the agent. Users can now select the types of Windows event logs the agent queries, accelerating the time to process logs and removing the burden on the collection pipeline. Expanded threat detection capabilities Enhanced LogRhythm NDR detection models: Users can detect a wider array of ransomware attacks with LogRhythm NDR’s improved analytics capabilities. Advanced analytics models: LogRhythm UEBA offers advanced UEBA analytics as a cloud-native, easy to deploy add-on for LogRhythm 7.9 users. Models were improved and new models added to ensure today's complex attacks can be detected and anomalies requiring priority attention can be identified, further reducing alert fatigue and accelerating response times. Policy violation alerts: LogRhythm NDR offers alerts about expired certificates, weak ciphers used in connections, and authentication activity happening in clear text, offering additional context to what could represent a risk. Extended flexibility Controlled overages with powerful license metering reporting: LogRhythm added a new reporting feature to make licensing overages more visible and easier to understand by displaying any overages in the past 30 days. This feature will help teams better manage license usage and costs. Expanded endpoint integrations: LogRhythm now includes Cisco Secure Endpoint (formerly AMP for Endpoints) in its family of EDR integrations. About LogRhythm LogRhythm helps busy and lean security operations teams save the day — day after day. There’s a lot riding on the shoulders of security professionals — the reputation and success of their company, the safety of citizens and organizations across the globe, the security of critical resources — the weight of protecting the world.

Read More

SOFTWARE SECURITY

WhiteSource Rebrands as Mend

Mend | May 30, 2022

WhiteSource, a pioneer in application security, has rebranded to Mend. Within the Mend Application Security Platform, the business is also delivering the industry's first automatic remediation for custom code security concerns, as well as integrating Mend Supply Chain Defender (previously WhiteSource Diffend) in its JFrog Artifactory plugin. Mend protects all parts of your program by automating repair, prevention, and protection from issue to solution, rather than just detection and proposed solutions. With revenue increasing by 800% in the previous three years and enterprise net retention reaching 127% in 2021, the firm recruited 350 new clients in the last year. Mend has over 1,000 clients, including more than 25% of the Fortune 100, and is committed to spending its most recent investment ($75 million series D announced in April 2021) on general development as it extends outside the Software Composition Analysis (SCA) industry. This includes the purchase of Diffend in April 2021, as well as the acquisitions of SAST companies Xanitizer and DefenseCode in February of this year. The Mend Application Security Platform is the result of strategic acquisitions and the company's unique automated remediation capabilities. The platform is the first to automatically detect and correct application security gaps including both open source and bespoke code, combining automated remediation for static application security testing (SAST) with Mend's current capacity to do so for software composition analysis (SCA). "Attackers are increasingly targeting applications as the weakest link to go after organizations, and at the same time, pressure to deliver software faster has never been higher. Organizations face undeniable tension to do both, better. Mend breaks the tradeoff between security and development delivery timelines by providing a solution that automates the reduction of the software attack surface while removing most of the burden of application security, allowing development teams to deliver quality, secure code, faster." Rami Sass, Co-founder and CEO of Mend Josh Johnson, Manager of Solutions Architecture, Defy Security said that "Whether open-source or proprietary code, the application security industry has mostly focused on vulnerability detection and management. Mend has an interesting approach of automating the remediation of code vulnerabilities. While the company is announcing this new name, as a partner of Mend, we are excited for it to further its commitment to solving code-based security challenges with automated-remediation. Defy Security looks forward to seeing Mend extend automation for closing security gaps."

Read More

PLATFORM SECURITY

Uptycs consolidates cloud security with CNAPP

Uptycs | June 07, 2022

Uptycs, the first cloud-native security analytics platform that enables cloud and endpoint protection from a single solution, unveiled new capability to address critical cloud-native application protection platform (CNAPP) use cases today at the RSA Conference. In order to offer these functionalities, telemetry from the necessary attack surfaces is ingested into the Uptycs SQL-powered data lake for real-time and historical analysis. With a single data and control plane, this platform architecture allows enterprises to consolidate security tools as they progressively embrace cloud-native software development and operations. Gartner estimates that by 2025, 70% of enterprises will reduce the number of providers safeguarding the life cycle of cloud-native apps to no more than three. Gartner advises security and risk management executives implementing a consolidation approach as follows: "Evaluate security platforms where data and control planes are shared; use this consolidation to develop common rules and close gaps and vulnerabilities across legacy silos." "Security organizations face fast-changing threats while struggling to hire and retain technical talent. At the same time, organizations are accelerating digital transformation by adopting new cloud-native technologies and operations. Unlike other security vendors that take a portfolio approach—lightly integrating separately acquired products—Uptycs addresses these challenges by extending our SQL-powered analytics platform to cover key CNAPP use cases." Ganesh Pai, CEO and co-founder of Uptycs The Uptycs system generalizes telemetry at the collection point into SQL tables, allowing for real-time analysis and correlation as data flows into the cloud. This enables columnar compression as well as rapid query speeds over petabytes of data. According to Gartner: "Securing cloud-native applications offers enterprises the opportunity to redesign security approaches. Rather than treat development and runtime as separate problems—secured and scanned with a collection of separate tools—enterprises should treat security and compliance as a continuum across development and operations. They should look to consolidate tools into cloud-native application protection platforms where possible."

Read More