Palo Alto Networks | August 05, 2022
The need for managed detection and response (MDR) is soaring as attack surfaces grow, cloud usage skyrockets and the cybersecurity skills gap widens. Palo Alto Networks, the global cybersecurity leader, today introduced Unit 42 Managed Detection and Response (Unit 42 MDR) to address this need with a new service that can offer continuous 24/7 threat detection, investigation and response. This offering brings together Palo Alto Networks acclaimed Cortex XDR with Unit 42's industry-leading threat intelligence, which includes insights from incident response cases. Because Unit 42 MDR is built on Cortex XDR, it is optimized to not just prioritize alerts but also to massively reduce the number of alerts customers receive. This helps customers detect more suspicious activity than they would have otherwise.
"As cyberattacks continue to rise, many organizations are being asked to handle advanced threats with limited resources and without the right expertise. This will not lead to good results. "Palo Alto Networks Unit 42 brings a unique combination of innovative cybersecurity technologies and a world-class threat intelligence team which allows us to provide customers with rapid detection and response to critical cyberthreats."
Wendi Whitmore, senior vice president, Palo Alto Networks Unit 42
The new Unit 42 MDR service offers customers cybersecurity experts to help identify and respond to security alerts and potential threats in real time, enabling businesses to focus security operations (SecOps) personnel on other organizational security priorities. The service provides organizations with monitoring, threat hunting and response/remediation capabilities, including:
Continuous Monitoring & Response: Security experts monitor alerts, events and indicators 24x7x365. The Unit 42 MDR team uses a mix of proprietary processes, infrastructure and enrichment to accelerate detection, response and threat hunting to help quickly stop malicious activity most likely to impact your organization.
Proactive Threat Hunting: World-class threat hunters search environments for complex attacks using deep knowledge of XDR data sources and the latest threat intelligence from Palo Alto Networks. This helps organizations stay ahead of emerging attack campaigns, malware and vulnerabilities.
Security Posture Optimization: Experts provide periodic health checks of an organization's posture and detailed recommendations on policy changes to help facilitate addressing risks before they become issues.
"Cyberattacks are emerging and evolving faster than ever," said Tom Osteen, CIO, Enloe Medical Center. "Intervening and addressing threats at the earliest stage is crucial. With Unit 42 MDR we have confidence that we can quickly identify and stop malicious activity to help keep our organization safe and secure."
In a recent report, IDC said, "It is not a surprise to state that organizations continue to struggle with persistent security talent shortages and the rising costs to retain these scarce security resources. Security teams with already limited resources are overwhelmed by the heavy workload and responsibility." The report also stated, "Organizations are analyzing their current risks and accelerating their security services investments to ease pressure on their teams and strengthen their overall security posture to meet the growing cyberthreats."*
About Cortex XDR
Cortex XDR® is the world's first detection and response solution that natively integrates network, endpoint and cloud data to stop sophisticated attacks. It is designed to stop attacks with the power of AI and comprehensive data.
XDR is critical to effective security. The latest Palo Alto Networks 2022 Unit 42 Incident Response Report highlights that when a breach occurs, 44% of the cases involved a business that did not have or did not fully deploy an endpoint detection and response or XDR security solution.
About Palo Alto Networks
Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.
Cribl | August 04, 2022
Cribl, the leader in enabling open observability, today announced a new partnership with SentinelOne, an autonomous cybersecurity platform company. The partnership enables SentinelOne customers to leverage Cribl's observability product suite to streamline cybersecurity triage, optimize data collection, and provide security teams control of their data.
By integrating Cribl's observability product suite with Singularity XDR, SentinelOne customers can now unlock the value of all observability data. Key benefits include the ability to: 1) Operationalize endpoint and extended detection and response (EDR & XDR) of data sources in joint customer environments, 2) Streamline for triage and investigative functions in the Security Operations Center (SOC), and 3) Progress cybersecurity programs with enhanced threat intelligence, threat hunting, and adversary simulation.
"Today's cybersecurity risk levels are increasingly associated with the ability to understand data across enterprise assets. "Our partnership with Cribl helps optimize data collection at scale, enabling security teams to minimize risk and save time."
Chuck Fontana, SVP Business Development at SentinelOne
"We're excited to partner with the SentinelOne team," said Zac Kilpatrick, VP of Channel and Alliances at Cribl. "To keep up with persistent threats and the ever-changing security landscape, SOC activity must move from reactivity to proactivity. SentinelOne's autonomous and proactive approach to cybersecurity is differentiated in the market and aligns with Cribl's objective of optimizing analytics platform cost and performance."
Integration with SentinelOne's Cloud Funnel
Cribl's product suite now integrates with SentinelOne's Cloud Funnel, a data subscription enabling XDR data to be stored locally in an enterprise's data lake. This solution works with any data type, such as file, process, DNS, flow, behavioral, registry, commands, scripts, and more. Cloud Funnel's flexibility provides SentinelOne customers the ability to choose which data type they need, optimize it to find the right signal, and route it for maximum efficiency - all at machine speed.
Integration with DataSet
Cribl Stream now supports SentinelOne's DataSet as a destination to seamlessly route data from legacy log analytics solutions. DevOps and IT teams choose DataSet to analyze data in real-time, effortlessly scale to petabytes, and cost-effectively retain data for longer periods of time for compliance and audit purposes. The new integration enables Cribl customers to pipeline their data to DataSet without changing their data instrumentation, collection, and ingestion.
SentinelOne and Cribl will also continue bringing new offerings to market, including integrating Cribl Stream into SentinelOne's Singularity XDR platform.
Cribl makes open observability a reality for today's tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It's enterprise software that doesn't suck, enables tech professionals to do what they need to do, and gives them the ability to say "Yes." With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA.
Cowbell | May 26, 2022
Cowbell Cyber, the leading supplier of cyber insurance for small and medium-sized businesses (SMEs), announced the availability of its Cyber Risk Heatmap today. The Heatmap—the market's most data-rich and dynamic assessment of cyber risk portfolios—gives rapid insight into the distribution of covered risk across Cowbell's agencies and brokers, insurance and reinsurance partners, and underwriters' portfolios. Cowbell and its partners can now establish a balanced book of business, manage growth for profitability, and reduce the overall risk profile of each portfolio thanks to better visibility.
As per a recent Cowbell study, 71% of policyholders want their cyber insurance provider to provide advice to reduce risk exposure. The difficulties of regularly monitoring cyber risk at the portfolio and individual account levels lead to risk selection blind spots. Cowbell proves its creativity by removing these shortcomings at the portfolio level for all stakeholders. As a result, the frequency and severity of reported claims are reduced. Cowbell's continually monitored risk pool currently includes 24 million SMEs, accounting for 75% of the total SME market in the United States.
In a world where cyber insurance is becoming harder to obtain due to the volatile nature of cyber risks, Cowbell Cyber Heatmap allows us and our partners to quickly analyze the standing of any insurance book of business. The innovation Cowbell has brought to the cyber insurance landscape has, once again, allowed us to remain steadfast in our approach to properly assess and cover risk in the most rigorous manner."
Rajeev Gupta, co-founder, and chief product officer at Cowbell Cyber.
The Cowbell Variables underpin the Heatmap, a collection of risk rating factors that analyze the organization's cyber risk in real-time and then match it to the most applicable coverage for the company. Cowbell's Cyber Risk Framework provides the underlying technology, which involves security controls from multiple standards, including the NIST Cyber Security Framework, COBIT, the Payment Card Industry Data Security Standard (PCI DSS), and the most recently revised NIST Cybersecurity Supply Chain Risk Management (C-SCRM) program, augmented by Cowbell's proprietary controls.
Cowbell's Cyber Risk Heatmap is free to all of Cowbell's 16,000 agency producers and is constantly updated to incorporate the most recent risk profile data to assure accuracy.