DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Datadog Announces Integration with Amazon Security Lake

Datadog | November 30, 2022 | Read time : 03:00 min

Datadog Announces Integration with Amazon Security Lake
Datadog, Inc., the monitoring and security platform for cloud applications, today announced a new integration with Amazon Security Lake. The integration, announced during AWS re:Invent, makes it easy for Amazon Security Lake users to send cloud security logs to Datadog in a standard format.

Building data pipelines in order to aggregate and route security logs to various security analytics solutions can be a cumbersome and time-consuming process. For Amazon Security Lake customers, Datadog's integration provides an easy way to send security logs to Datadog with minimal configuration required.

Once security logs are ingested into Datadog, customers can analyze and identify threats through out-of-the-box detection rules or by writing custom security rules. They can also do deeper investigations using Datadog's log management tools.

"Amazon Security Lake makes it easier for teams to manage their cloud security data and analyze it with partner solutions of their choice," said Rod Wallace, General Manager for Amazon Security Lake. "Datadog's integration with Amazon Security Lake will allow customers to collect their security logs to improve their cybersecurity posture and send them to Datadog for analysis leveraging an open source schema."

"Security threat detection and investigation is dependent on an effective logging strategy that ensures critical logs are being properly analyzed. However, managing dozens of log integrations from cloud-hosted accounts and entities can be cumbersome and lead to gaps in visibility. "Amazon Security Lake and Datadog are working together to provide an easy way to set up and manage important log integrations for Datadog Cloud SIEM, giving customers deep visibility into their most critical infrastructure."

Pierre Betouin, SVP of Security Products at Datadog

About Datadog
Datadog is the monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.

Spotlight

Agari and PhishLabs analyzed hundreds of thousands of phishing and social media attacks targeting enterprises, their employees, and brands. This report uses the data from those attacks to present key trends shaping the threat landscape. Security leaders and practitioners can use this information to better understand these threat

Spotlight

Agari and PhishLabs analyzed hundreds of thousands of phishing and social media attacks targeting enterprises, their employees, and brands. This report uses the data from those attacks to present key trends shaping the threat landscape. Security leaders and practitioners can use this information to better understand these threat

Related News

PLATFORM SECURITY,SOFTWARE SECURITY

Phosphorus Launches New xIoT Security Capabilities to Discover and Disable Risky Devices Prohibited by the U.S. Government

Phosphorus | December 13, 2022

Phosphorus, the leading provider of proactive and full-scope security for the extended Internet of Things (xIoT), today announced new security features that will enable organizations to discover and monitor their networks for the presence of xIoT devices that the U.S. government deems a significant security risk. The new features also include the capability to remotely disable and remove the devices from the network. Phosphorus’s security update follows the FCC’s ban on the sale or importation of devices made by several Chinese manufacturers that it considers to pose “an unacceptable risk to national security of the United States or the security or safety of United States persons.” The Covered List includes video surveillance and telecommunications equipment produced by Huawei Technologies, ZTE Corporation, Hytera Communications, Hangzhou Hikvision Digital Technology, and Dahua Technology (and their subsidiaries and affiliates). “The Phosphorus xIoT Security Platform is the industry’s only solution that can discover the presence of these prohibited devices and remotely render them inert at scale. “These unique capabilities will empower enterprises and government organizations across the U.S. to discover, disable, and remove banned or potentially dangerous devices from their enterprise environments.” John Vecchi, Chief Marketing Officer at Phosphorus Advanced Discovery Capability A recent study by Phosphorus’s global research division, Phosphorus Labs, found that organizations consistently struggle to identify all of their xIoT devices – this means many companies may not realize they have banned devices lurking inside their networks. According to its research, 80% of enterprise security teams can’t identify the majority of their xIoT devices and customer estimates of xIoT inventories are consistently off by 40-60%. Phosphorus’s Enterprise xIoT Security Platform has unique capabilities for discovering xIoT assets, and it is the only technology platform able to communicate with these devices (ranging from security cameras to PLCs) in their native languages. This enables a high degree of accuracy, granularity, and speed when discovering and analyzing these devices to create comprehensive inventories of xIoT assets that include device type, brand, model, firmware version, credential status, default/enabled protocols, certificate status, and more. Disabling and Isolating High-Risk Devices Phosphorus empowers organizations by giving them direct control over every single device in their wide-ranging xIoT deployments. Through the platform’s Hardening and Remediation capabilities, organizations can update and rotate a device’s credentials, manage firmware, disable remote services, turn off unnecessary connectivity features, check for valid certificates, and reboot the device. For organizations that have detected banned xIoT technologies in their networks, specific device-level actions such as changing passwords, disabling services and reducing connectivity will be critical for limiting the potential risks of these devices prior to their removal from the network. World’s First and Only Proactive xIoT Security Platform Phosphorus’s Enterprise xIoT Security Platform is the industry’s only consolidated xIoT security offering, delivering state-of-the-art Attack Surface Management, Hardening and Remediation, and Detection and Response across the full range of IoT, OT, and Network-connected devices – spanning both new and legacy devices. For the first time in industry history, teams in IT, Facilities, and Security are able to collaborate on a single platform to safely discover, assess, remediate, and monitor their xIoT devices. Phosphorus is now the solution of choice for enterprises to secure devices that were previously unknown or overlooked, beginning with fundamental xIoT security hygiene. The company’s Enterprise xIoT Security Platform is currently deployed in Fortune 100, Fortune 500, and government networks. ABOUT PHOSPHORUS Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our Enterprise xIoT Security Platform delivers Attack Surface Management, Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, and Network device vulnerabilities—including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Searchlight Security Launches New Ransomware Group Module With Threat Intelligence from the Dark Web

Searchlight Security | December 16, 2022

Searchlight Security, the dark web intelligence company, has today launched Ransomware Search and Insights, a new strategic enhancement to its Cerberus platform. Ransomware Search and Insights automatically collates data from active ransomware groups to help organizations and law enforcement agencies to investigate, track, and gather intelligence on live ransomware activity. This curated view of ransomware groups means that patterns in tactics, incidents, and victimology can be observed in real-time, helping analysts to bolster their threat intelligence, and gain the upper hand on ransomware groups. "Although ransomware has been one of the most pressing threats for several years, it still remains persistent because security teams and law enforcement agencies have been on the back foot, playing catch-up with the ever changing tactics and profiles of ransomware groups. “With visibility into the dark web presence of active ransomware threat actors, analysts can better understand how they are currently operating, therefore gaining a critical advantage over groups.” Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security Enabling Enterprises to Pre-empt Attacks Ransomware Search and Insights allows organizations to observe the victims of threat actors, posts on leak sites, and track known group members, all in one place - significantly reducing time and resources spent individually researching each threat group. With previously unseen insight into ransomware activity as it is happening, they can also identify which ransomware groups are targeting organizations that match their profile (e.g. industry, geography, business size) and tailor their defenses with a better understanding of which group is most likely to attack them. Empowering Law Enforcement Cerberus’ Ransomware Search and Insights provides investigators with the most up-to-date intelligence for their fight back against cybercrime. Ransomware groups pose a significant risk to national security through the persistent threat to critical infrastructure. As ransomware groups use the dark web to conduct their campaigns with impunity, tracking the activity of prolific threat actors on marketplaces and forums can help law enforcement agencies’ efforts to disrupt and take down these groups. “The Ransomware Search and Insights module was born from our work with national law enforcement agencies who require real-time insights to investigate and take down ransomware groups. We have listened to and collaborated with them to address these needs and bring the next evolution of threat hunting to life,” explained Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security. “Investigators can now work smarter, not harder, with live intelligence on ransomware operators collated and delivered to them.” Ransomware Intelligence for MSSPs Dark web monitoring is emerging as one of the fastest growing offerings amongst Managed Security Service Providers (MSSPs), driven in no small part by increased customer demand to stay one step ahead of attackers and prevent disruptive ransomware incidents. Ransomware Search and Insights provides MSSPs with a valuable tool that integrates into their existing offering, with the ability to deliver easy-to-digest overviews of ransomware activity to customers, or action intelligence internally to protect their client base from emerging threats. Ransomware Search and Insights is now available on Cerberus. For more information on the threat intelligence that can be gathered from Ransomware Search and Insights, download our free report: Dark Web Profiles: The Most Prolific Ransomware Groups of 2022. About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Mendix and Software Improvement Group Introduced a New Cybersecurity Solution

Mendix | January 24, 2023

Mendix, a Siemens business and world leader in modern enterprise app development, and Software Improvement Group (SIG), a unique technology and advisory firm for software quality, security, and improvement, have announced the launch of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to address risks and vulnerabilities immediately. Sigrid®, SIG's software assurance guidance platform, powers Mendix QSM. It delivers a complete perspective on the effect of security findings on business goals by combining more than 20 top-tier security scanning technologies. With Mendix QSM, the users can scan their Mendix apps, including third-party libraries, for security flaws and incorrectly configured security models, rank for compliance with major industry standards such as OWASP, ISO 5055, and PCI, and receive risk mitigation recommendations and clear guidance. Mendix QSM is based on application model static analysis. SIG experts have mapped Mendix models to the ISO 25010 maintainability model using Mendix model metadata. This enables its applications to be compared against a database of thousands of projects, including open-source initiatives. Mendix QSM also presents a five-star rating of the quality of the software. About Mendix Mendix is an industry-leading low-code application development platform for enterprises. With Mendix, you can transform a spreadsheet into an app, establish a portfolio of enterprise-wide apps, and upgrade a core system, among other things. In addition, the platform provides continuous collaboration between software developers and users, speeds up the application development lifecycle, and enables iterative deployment at scale. As a result, businesses can rapidly develop modern, adaptable applications with a tool that maintains the highest levels of security, quality, and governance. The platform has been used by over 4,000 of the world's leading enterprises. Mendix is a division of Siemens. About Software Improvement Group (SIG) Software Improvement Group (SIG) assists companies in gaining confidence in the technology they trust. Its mission is to get the software right for a healthier digital world by combining intelligent technology with human expertise. It drills into the build quality of enterprise software and architecture by monitoring, measuring, and benchmarking it against the world's largest software analysis database. As a result, organizations can use software assurance to uncover the variables driving the total cost of ownership of the software and make fact-based decisions to lower costs, reduce risk, improve time to market, and accelerate digital transformation.

Read More