DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Palo Alto Networks | December 05, 2022
As healthcare providers use digital devices such as diagnostic and monitoring systems, ambulance equipment, and surgical robots to improve patient care, the security of those devices is as important as their primary function. Today, Palo Alto Networks (NASDAQ: PANW) announced Medical IoT Security — the most comprehensive Zero Trust security solution for medical devices — enabling healthcare organizations to deploy and manage new connected technologies quickly and securely. Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust by continuously verifying every user and device.
"The proliferation of connected medical devices in the healthcare industry brings a wealth of benefits, but these devices are often not well secured. For example, according to Unit 42, an alarming 75% of smart infusion pumps examined on the networks of hospitals and healthcare organizations had known security gaps. "This makes security devices an attractive target for cyberattackers, potentially exposing patient data and ultimately putting patients at risk."
Anand Oswal, senior vice president of products, network security at Palo Alto Networks
While a Zero Trust approach is critical to help protect medical devices against today's innovative cyberthreats, it can be hard to implement in practice. Through automated device discovery, contextual segmentation, least privilege policy recommendations and one-click enforcement of policies, Palo Alto Networks Medical IoT Security delivers a Zero Trust approach in a seamless, simplified manner. Medical IoT Security also provides best-in-class threat protection through seamless integration with Palo Alto Networks cloud-delivered security services, such as Advanced Threat Prevention and Advanced URL Filtering.
The new Palo Alto Networks Medical IoT Security uses machine learning (ML) to enable healthcare organizations to:
Create device rules with automated security responses: Easily create rules that monitor devices for behavioral anomalies and automatically trigger appropriate responses. For example, if a medical device that typically only sends small amounts of data unexpectedly begins to use a lot of bandwidth, the device can be cut off from the internet and security teams can be alerted.
Automate Zero Trust policy recommendations and enforcement: Enforce recommended least-privileged access policies for medical devices with one click using Palo Alto Networks Next-Generation Firewalls or supported network enforcement technologies. This eliminates error-prone and time-consuming manual policy creation and scales easily across a set of devices with the same profile.
Understand device vulnerabilities and risk posture: Access each medical device's Software Bill of Materials (SBOM) and map them to Common Vulnerability Exposures (CVEs). This mapping helps identify the software libraries used on medical devices and any associated vulnerabilities. Get immediate insights into the risk posture of each device, including end-of-life status, recall notification, default password alert and unauthorized external website communication.
Improve compliance: Easily understand medical device vulnerabilities, patch status and security settings, and then get recommendations to bring devices into compliance with rules and guidelines, such as the Health Insurance Portability Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and similar laws and regulations.
Verify network segmentation: Visualize the entire map of connected devices and ensure each device is placed in its designated network segment. Proper network segmentation can ensure a device only communicates with authorized systems.
Simplify operations: Two distinct dashboards allow IT and biomedical engineering teams to each see the information critical to their roles. Integration with existing healthcare information management systems, like AIMS and Epic Systems, helps automate workflows.
Healthcare organizations are using Palo Alto Networks products to secure the devices that deliver cutting-edge care to millions of patients all over the world.
"Establishing and maintaining acute situational awareness of the Internet of Medical Things (IoMT) environment is paramount to establishing an effective enterprise cybersecurity program. The ability to accurately detect, identify and respond to cyber threats is critical to ensuring minimal operational impact to clinical operations during a cyber event," said Tony Lakin, CISO, Moffitt Cancer Center. "Palo Alto Networks IoT capability seamlessly integrates with our continuous monitoring processes and threat-hunting operations. The platform consistently provides my teams with actionable information to allow them to proactively manage the threat surface of our medical device portfolio."
"With thousands of devices to manage, healthcare environments are extremely complex and require intelligent security solutions capable of doing more. Palo Alto Networks understands this requirement and is leveraging machine learning (ML) for Medical IoT security. Adding intelligence will enable providers to improve operational efficiency, which will enhance patient and practitioner experience and alleviate the burden of an ongoing IT skills shortage," said Bob Laliberte, principal analyst, ESG.
"Healthcare providers continue to be high-value targets for attackers. This reality, combined with the diversity of medical IoT devices and their inherent vulnerabilities, points to a real need for device security that is purpose-built for healthcare use cases. The ability to defend against threats targeting critical care devices while maintaining operational availability and strengthening the alignment of device governance responsibilities between IT and Biomed engineering teams is quickly becoming a necessity for the protection of patient data and lives," said Ed Lee, research director, IoT and Intelligent Edge Security, IDC.
About Palo Alto Networks
Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
LogRhythm | December 20, 2022
LogRhythm, the company empowering security teams to defend against an ever-evolving threat landscape today announced its partnership with SentinelOne, an autonomous cybersecurity platform company. Together, LogRhythm and SentinelOne provide an integrated enterprise security solution to prevent, detect, and respond to threats in your environment. The combined solution streamlines security operations and improves response workflow, helping overwhelmed security teams cut through the noise and gain precise insights into cybersecurity threats.
Legacy solutions have been unable to keep up with the speed, sophistication, and scope of attacks, in which organizations lack the context and global visibility necessary to address these challenges, leaving them vulnerable to attacks. To remain on top of threats, it's essential for enterprises to understand what's occurring in their network and across their endpoints. However, without a centralized way to collect and action log data, that mission can be overwhelming for security teams.
“We are thrilled to formally announce our integration with SentinelOne. This partnership brings together two remarkable platforms that will provide our customers with incomparable visibility for analysts, allowing them to cut through the noise, and recognize and respond to incidents more quickly and effectively. “LogRhythm is committed to helping customers defend themselves against cyberattacks and we will continue to do so by partnering with leading and innovative cybersecurity companies to expand our offerings.”
Andrew Hollister, Chief Information Security Officer at LogRhythm
LogRhythm’s security analytics automatically incorporate rich endpoint telemetry from SentinelOne, enabling real-time threat protection and providing in-depth analytics for comprehensive security monitoring. LogRhythm SmartResponse™ capability leverages the SentinelOne API to effect automated response to malicious activities, such as automatically blacklisting hash values, or disconnecting affected machines from the network, as well as providing capabilities to collect additional information during an investigation. SmartResponse actions may be triggered directly by an Analytic running in LogRhythm’s patented Analytics Engine, or manually launched by an Analyst from the Web Console.
Key benefits of this integration include:
Expanded Visibility: Centralize data collection with events from SentinelOne managed user endpoints and cloud workloads
Focused automation: Initiate automatic endpoint mitigation with LogRhythm SmartResponse actions
Reduced Complexity: Prebuilt integrations and dashboards streamline SOC operations and improve ROI
“Our XDR strategy incorporates the integrations and technologies SentinelOne customers value. We’re excited about our partnership with LogRhythm,” said Yonni Shelmerdine, VP XDR Product Management at SentinelOne. “LogRhythm offers extensive support for - and integration across - the Singularity XDR platform, helping our customers from around the globe protect against modern cyberattacks and reduce risk.”
This announcement marks yet another milestone in the company’s momentous year. In addition to the release of LogRhythm Axon earlier this Fall, a groundbreaking, cloud-native security operations platform, LogRhythm also recently announced its integration with Gigamon that provides customers with a comprehensive view of network traffic.
About LogRhythm
LogRhythm helps busy and lean security operations teams save the day — day after day. There’s a lot riding on the shoulders of security professionals — the reputation and success of their company, the safety of citizens and organizations across the globe, the security of critical resources — the weight of protecting the world.
LogRhythm helps lighten this load. The company is on the frontlines defending against many of the world’s most significant cyberattacks and empowers security teams to navigate an ever-changing threat landscape with confidence. As allies in the fight, LogRhythm combines a comprehensive and flexible security operations platform, technology partnerships, and advisory services to help SOC teams close the gaps. Together, LogRhythm and our customers are ready to defend.
About SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.
Read More
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Nozomi Networks | January 25, 2023
On January 24, 2023, Nozomi Networks Inc., one of the leaders in OT and IoT security, announced Nozomi ArcTM, the industry's first IoT and OT endpoint security sensor, intended to accelerate time to full operational resilience exponentially. Nozomi Arc is designed to automatically deploy across a large number of locations and devices anywhere a company needs visibility, and it provides vital data and insights about essential assets and network endpoints. This data is utilized to better analyze and prevent attacks, as well as correlate user behavior, without straining existing resources or interrupting mission-critical networks.
Arc is a game-changer in terms of comprehensive asset visibility, deployment speed, and network coverage across complex and remote OT and IT networks. Nozomi Arc is designed to:
Be deployed remotely
Analyze endpoint vulnerabilities
Accelerate monitoring deployments in mission-critical systems; and
Identify compromised hosts
Nozomi Networks Co-founder and CPO, Andrea Carcano, said, "Operational resiliency is the top business priority for critical infrastructure organizations, which can only be achieved by lowering cyber risks and increasing security." He added, "Nozomi Arc accelerates time to resiliency by transforming every computer on the network into an OT security sensor. It quickly extends visibility to attack surfaces and threats inside endpoint hosts and their local networks. With Nozomi Arc, users can quickly corollate more information from more sources for better diagnostics and faster time to response."
(Source – GlobeNewswire)
With Nozomi Arc, users get the following advantages:
Faster time to resiliency: Nozomi Arc removes time, resource, geographic, and internal policy limits from network-based deployments.
Lower cyber risk and increased security: The only OT solution in the market that can identify malicious hardware.
Extended visibility and context: In addition to illuminating additional assets, devices, and possible vulnerabilities, Arc detects process irregularities and questionable user behavior.
Lower operational overhead: Because Arc can be remotely deployed through a software download, Nozomi Arc does not need extensive network adjustments to be implemented anywhere in the world, even in the most remote locations.
About Nozomi Networks
Nozomi Networks, with headquarters in San Francisco, California, accelerates digital transformation by defending the world's critical infrastructure, industrial enterprises, and government enterprises from cyber-attacks. Its technology provides OT and IoT environments with superior network and asset monitoring, threat detection, and analytics. As a result, customers rely on the company's solution to reduce risk and complexity while increasing operational resiliency. In addition, the organization provides zero-trust security by delivering contextual data for policy decisions, such as endpoint posture checks, baseline monitoring, and device role data.
Read More