ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Living Security | January 02, 2023
Living Security, the pioneer in human risk management, announced entering into a strategic partnership with GuidePoint Security, a renowned value-added reseller (VAR) that enables enterprises to make more informed cybersecurity decisions and reduce their risk exposure.
The partnership will combine GuidePoint Security's ecosystem with Living Security's industry-leading human risk management products and security awareness training.
"According to the Computer Emergency Response, cyberattacks have been ranked as the fifth most significant danger for the year 2020 and have become the standard in both the public and private sectors."
Each day, the number of cybersecurity events continues to rise, and the vast majority of these problems can be traced back to human action. Using a data-driven methodology, Living Security enables security directors to identify the most vulnerable elements of their workforce in order to decrease human risk exposure, control the contribution to overall risk over time, and alter organizational behavior.
About Living Security
Living Security's objective is to transform human risk in order to generate a dramatic increase in human behavior, organizational security culture, and information security program efficacy.
With the company's Human Risk Management platform, Living Security connects each employee with creative and pertinent context and content while simultaneously enabling management to recognize, report on, and proactively mitigate the risk posed by human behavior. Living Security is trusted by security-conscious firms such as MasterCard, MassMutual, Verizon, Biogen, Hewlett Packard, AmerisourceBergen, and Target.
About GuidePoint Security
GuidePoint Security offers dependable cybersecurity insights, solutions, and services that enable businesses to make risk-averse decisions. The company's specialists serve as trusted advisors by evaluating the cybersecurity posture and ecosystem in order to identify risks, maximize resources, and deploy the most appropriate solutions. GuidePoint's unparalleled knowledge has enabled a third of Fortune 500 organizations and over half of U.S. cabinet-level agencies to enhance their security posture and decrease risk.
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
LogRhythm | January 06, 2023
On January 05, 2023, LogRhythm, the company that empowers security teams to tackle an ever-changing threat landscape with confidence, introduced a variety of expanded capabilities and integrations for its security operations solutions. The enhancements improve LogRhythm's capacity to serve as a much-needed force multiplier for security teams that are required to defend against cyberattacks with confidence, effectiveness, and efficiency.
This update follows the release of LogRhythm Axon, an innovative, cloud-native security operations platform launched in October. In addition, the organization is launching new visualizations and advanced analytics that provide seamless visibility into potential security threats.
Axon and its latest updates are designed to simplify the experience of security analysts by making it easier for teams to identify, examine, and report on potential threats, easing the burden of managing risks and the operating infrastructure. In addition, these improvements span the entire suite of LogRhythm's offerings to collectively facilitate threat detection and resolution by SOC teams, improving analyst productivity and effectiveness.
The key features of the updates include the following:
New out-of-the-box and custom analytics rules that have rules for MITRE ATT&CK detections.
Using the Observation Workflow, customers can quickly investigate log observations raised by analytics.
Reduce time spent searching for data through new markdown and histogram widgets.
New detection models allow for the detection of elusive threats for Windows systems.
Integration with Microsoft EDR improves blind spot detection and endpoint visibility.
Enhanced analyst experience through expanded UI improvements.
The new configuration page enables to import of data from VirusTotal smoothly.
The improved collection administrative workflow reduces the time required to configure, deploy, and manage log sources that involve Open Collector.
Expanded and updated LogRhythm's library of supported log sources.
Improved audit logging makes it easier to detect suspicious activity and track significant changes made by users.
LogRhythm, Inc. is an American security intelligence firm founded in 2003 that specializes in SIEM, log management, network and endpoint monitoring, forensics, and security analytics. With a comprehensive array of high-performance security, compliance, and operations solutions, LogRhythm is built to address a rapidly evolving world of cybersecurity threats. In addition, LogRhythm combines a versatile and comprehensive security operations platform, advisory services, and technology partnerships to help SOC teams defend sensitive data.
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Balbix | December 19, 2022
Balbix, the leader in cybersecurity posture automation, announced its support for Microsoft Azure today. With these new capabilities, Balbix now supports the three top cloud service providers – Microsoft Azure, Amazon Web Services and Google Cloud Platform – as well as traditional environments. Balbix also announced enhanced platform support for the Microsoft ecosystem, including Azure services, Windows, Microsoft Store apps and Azure Active Directory single sign-on.
McKinsey estimates that by 2025, organizations aspire to have 60 percent of their IT environments in the cloud. Yet, according to the Cybersecurity Insiders State of Security Posture Report, 62 percent of organizations lack confidence in their security posture. These findings highlight the growing need for effective cloud security solutions.
Balbix's support for Azure cloud services includes Azure Virtual Machines, Azure Service Bus Messaging, Azure Key Vault, Azure Blob Storage, Azure Cosmos DB, Azure Kubernetes Service (AKS), Azure SQL Database, Azure AKS Deployments, and Azure Functions. A new API-based Balbix Connector for Microsoft Azure and optional sensors for virtual machines capture data from Azure for analysis by the Balbix brain.
Cybersecurity teams can now:
Get comprehensive, real-time visibility of Azure assets, categorized into compute, storage, network, containers, database, security, and identity.
Capture system details for virtual machines, including network, storage, open ports, users, software bill of materials (SBOM) and security controls.
Combine Azure cloud data with data from other tools to map over 400 cybersecurity, IT and business attributes to assets.
Obtain visibility into misconfigurations – the most commonly exploited attack vector in cloud-hosted environments.
Leverage (optional) Balbix host sensors to gain visibility into additional types of vulnerabilities, such as unpatched software vulnerabilities, weak credentials, and trust issues.
Unified Visibility for Multi-Cloud Environments
Balbix's new support for Azure means that organizations now have access to an integrated Cyber Asset Attack Surface Management (CAASM) solution that works across the top three cloud providers, traditional data center and office environments, and mobile employee devices. Cybersecurity practitioners get a single tool to automatically combine data from disparate solutions into a unified view of their assets.
Balbix provides more than just visibility. Unlike other solutions, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) capabilities. This tight integration enables maximally automated identification, prioritization and mitigation of security issues. Gaps in security controls are identified and rectified quickly. CISOs and their teams can calculate cyber risk for the entire enterprise, across cloud and non-cloud assets, in dollars, and make cybersecurity decisions, informed by real-time data and insights.
"Multi-cloud deployments have added additional complexity for cybersecurity practitioners. These challenges include fragmented visibility across cloud and non-cloud environments and an inability to prioritize vulnerabilities enterprise-wide," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "With support for Microsoft Azure, Balbix now helps users address these challenges across the top three cloud providers."
Broad Support for the Microsoft Ecosystem
Balbix's support for Microsoft Azure also adds to its broader support for the Microsoft ecosystem. These capabilities include security posture automation for assets running Windows and other Microsoft software, and third-party software products running on those assets. For Windows OS, Balbix provides a consolidated view of patch status and compliance across all assets with recommended fixes based on patch precedence.
"I'm very excited to announce our support for Microsoft Azure cloud services. Organizations can manage their cyber risk for Microsoft Azure, multi-cloud and hybrid environments using a single integrated and maximally automated paradigm. "With this software release, we've also enhanced our support for Windows to help Microsoft customers better protect their infrastructure."
Gaurav Banga, Founder and CEO of Balbix
In addition, Balbix now allows security teams to manage the security posture of applications downloaded from the Microsoft Store. Balbix is also announcing a new integration with Microsoft Azure Active Directory single sign-on.
Balbix enables businesses to reduce cyber risk by quickly identifying and mitigating their riskiest cybersecurity issues. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate their cloud and on-premise asset inventory, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data, not opinions.