Flashpoint Improves Business Risk Intelligence Platform

eWeek | April 24, 2019

Flashpoint Improves Business Risk Intelligence Platform
Flashpoint announced on April 24 that it is updating its Business Risk Intelligence (BRI) platform with new capabilities designed to help organizations get more actionable value from threat intelligence data. Flashpoint is in the business of providing threat intelligence to organizations about potential risks from different threats and attackers. In the new Flashpoint platform update, the company is integrating visibility into account and card shops from the dark web, where attackers trade and sell user and payment card information. Insight into how known application vulnerabilities are being used by threat actors is also enhanced, alongside an improved dashboard to help make it easier for organizations to prioritize and utilize threat data. Flashpoint is also adding new alerting capabilities to its platform for industry alerting on threats that impact specific verticals. We've seen that organizations want to keep their finger on the pulse of what's going on in their industry or their sector," Josh Lefkowitz, Flashpoint CEO, told eWEEK. "So what we've done is we've built multi language, keyword patterns that are specific to the requirements of particular verticals." For example, Lefkowitz said that retail organizations will be most interested in finding out about new point-of-sale malware variants, while in the legal community insider threats are a primary focus.

Spotlight

Data! Yes that’s the big talk of the decade. In this TEDx Talk we gain a new perspectives on data awareness with Frank. Why it matters, and the direct and indirect reasons linking to that. Frank is the co-founder and Chief Technology Officer of AEGIS Solutions Group. He is based in the United States and Hong Kong and focuses on global cybersecurity and other complex and high priority systems and integration problems. He brings a wide range of experience and insights on the security challenges facing connected businesses worldwide. His current client base includes Fortune 500 companies, government agencies and fast growing technology companies in the United States and Asia.

Spotlight

Data! Yes that’s the big talk of the decade. In this TEDx Talk we gain a new perspectives on data awareness with Frank. Why it matters, and the direct and indirect reasons linking to that. Frank is the co-founder and Chief Technology Officer of AEGIS Solutions Group. He is based in the United States and Hong Kong and focuses on global cybersecurity and other complex and high priority systems and integration problems. He brings a wide range of experience and insights on the security challenges facing connected businesses worldwide. His current client base includes Fortune 500 companies, government agencies and fast growing technology companies in the United States and Asia.

Related News

DATA SECURITY

HUB Security acquires the leading Cyber Security Comsec for NIS 70M

HUB Security | September 30, 2021

HUB Security ("HUB" or the "Company"), announces today the acquisition of Comsec Global for NIS 70 million, of which HUB will pay NIS 40 million in cash and NIS 30 million in its own shares. The Shares consideration are under a share sale lock-up provision for a period of 6 months post closing of the transaction. The main goal of the acquisition is to dramatically increase HUB Security's global sales and distribution infrastructure by over 40 countries, which will enable the Company to more than double its revenues and significantly accelerate penetration of HUB's unique cyber-security solutions in global enterprises. HUB has developed a technology that can cause a paradigm shift in the Cyber Security market, HUB's solution was considered to be the Holy Grail long awaited by governments and enterprises worldwide. The combination between the two companies creates a unique entity that has a strong foundation of global cyber business coupled with an unparalleled growth potential that leverages upon a 40-country sales infrastructure. In our opinion, this is a classic case of 1+1 equals 10 and not two. Mr. Rony Sternbach, Comsec Chairman and controlling shareholder. Comsec is one of the leading companies in Israel's cybersecurity sector. Founded in 1987, the company was a pioneer in data security and now has an extensive customer base spanning over a thousand leading companies in 40 countries across five continents. It operates four consulting and distribution companies and has subsidiaries in the UK and the Netherlands. The company offers a broad spectrum of services to its clients, providing comprehensive solutions in application security, security, and source code testing. These include application lifecycle development consulting, infrastructure security, and communication security. It further provides security auditing via several models; Threat Modeling, penetration tests, Black Box and comprehensive White Box audit Design Review, and more. Comsec's annual sales turnover is approx NIS 120 million. Its customers include banking, insurance, hi-tech, communications, industrial, retail, large-scale infrastructures, and local and central government bodies and ministries. Comsec is a one-stop shop for all their cybersecurity needs. HUB Security was established in 2017 by veterans of the IDF's 8200 and 81 intelligence units. The company specializes in protecting sensitive commercial information and has an advanced encrypted computing solution for companies and organizations aimed at preventing hostile intrusions and the theft of sensitive commercial information. Hub offers cybersecurity solutions to, amongst others, the AI, Fintek, and critical infrastructure sectors. The company employs 400 employees, and its offices are located in Israel and the United States.

Read More

Cisco to Secure Its Blockchain-as-a-Service (BaaS) Platform for enterprise security

Cisco | June 10, 2020

Cisco has done some work on its own enterprise blockchain tools, the networking firm is also using blockchain internally. Cisco’s StealthWatch Cloud will be embedded in the enterprise blockchain platform offered by Lambda 256. The StealthWatch solution uses machine learning and behavioral modeling to respond to cybersecurity threats. South Korea’s Lambda 256 has partnered with Cisco for the security of its Blockchain as a Service (BaaS) platform, Luniverse. Cisco’s StealthWatch Cloud will be embedded in the enterprise blockchain platform offered by Lambda 256. The StealthWatch solution uses machine learning and behavioral modeling to respond to cybersecurity threats. Luniverse supports Hyperledger Fabric in its BaaS hosting offering. Even though this offering is enterprise focused, the company’s heritage is in the cryptocurrency sector. Lambda 256 is part of Dunamu, which operates the Upbit crypto exchange and also a venture investment fund with ten blockchain investments. While Cisco has done some work on its own enterprise blockchain tools, the networking firm is also using blockchain internally. Four months ago, it partnered with NEC to use blockchain to ensure the authenticity of its networking equipment and make sure software is not tampered with. Cisco is also a participant in the Trust Your Supplier offering from Chainyard to manager supplier qualifications. Other members include IBM, Lenovo and Nokia. Read more: CISCO'S 6 UNPATCHED INTERNAL SERVERS COMPROMISED While most technologies aim to improve enterprise and societal problems, blockchain technology could stand out given its transparency and security while remaining decentralized and inclusive. ~ Cisco Much has been written about blockchain’s potential as well as its unfulfilled promises. While blockchain is distributed and secure, verifying transactions through the network can be slow. As observers have indicated, blockchain could change industries, from finance to healthcare. From its origins as an airtight validation mechanism for bitcoin, a digital currency, enterprise blockchain technology has made its way into a range of industries, as it secures any valued digital asset. It does so by recording digital asset transactions—payments, medical records, votes, and potentially many other things. Blockchain is seen as immutable and secure because the permanent, append-only ledger is distributed among blocks across many physical storage nodes. Code can be embedded in the blockchain to customize its security and behavior even further. The result is a network of nodes that can locate relevant data – but that is protected from malicious hackers, because the hack would have to solve every hash solution in the chain–and the hash solutions are all spontaneous. It's easy to see how the complexity of the security rules outlined above, computationally intensive as they are, would make a blockchain as slow as molasses–and most are. Early blockchains could manage only one or two transactions per second, and even today, five to seven transactions per second is considered blindingly fast. That's a deal breaker in many scenarios. Conceptually, a blockchain is a decentralized, distributed network. In practice, however, since every node in the network is aware of every transaction, a consensus protocol is required–and that forces a tradeoff between decentralization and low transaction throughput. The methodologies emerging for scenario-specific blockchain implementation inevitably add a layer of complexity to an already complex undertaking. This complexity is the cost of doing business for a technology that swings for the fences quite assertively in an Internet-driven world, rife with security threats and infrastructural compromise. But any enterprise capable of wrestling with the intricate elegance of blockchain in the first place should be up to that task, and should reap game-changing rewards. Read more: GOOGLE TOP CHOICE FOR CYBERCRIMINALS FOR BRAND-IMPERSONATION SPEAR-PHISHING CAMPAIGNS

Read More

DATA SECURITY

Salt Security to Launch Salt Labs to Increase Global Awareness of API Security Threats

Salt Security | July 16, 2021

The leading API security company, Salt Security, has announced today the launch of a now-public forum for publishing research on API vulnerabilities, Salt Labs. It will be a resource for enterprises looking to harden infrastructure against API risk through its vulnerability and threat research and industry reports. In addition, advancing the operation of Salt Security to offer complete API security and accelerate business improvement by making APIs attack-proof will also be a basis of more widespread public consciousness of API safety threats. API security concerns are a significant inhibitor of business modernization. For example, 66% of establishments have delayed the placement of a new application because of API security anxieties, according to the Salt Security State of API Security Report. To counter these concerns, Salt Labs will provide research and reports that organizations can use to progress their API security pose and alleviate threats affecting API-centric businesses. Several API security gaps are highlighted in today's inaugural vulnerability research at a large financial institution. Salt Labs researchers identified inadequate authorization for function access, susceptibility to parameter tampering, insufficient data access, and improper input filtering across the financial platform used by thousands of financial partners and customers. The Salt Labs researchers exploit these vulnerabilities to demonstrate that: 1. Any user could launch an application-level denial of service attack that would render entire applications unavailable. 2. Any user could read any financial records of any customer, despite lacking the proper authorization. 3. Any user could tamper with authentication parameters and take over any account. 4. Any user could delete any customer's user accounts across the financial platform. About Salt Security Salt Security was originated in 2016 by alumni of the Israeli Defense Forces (IDF) and serial businessperson executives in the cybersecurity field and is based in Silicon Valley and Israel. Salt Security protects the APIs that form the core of every new application. Its API Security Platform is the industry's first patented solution to stop the next generation of API attacks, using machine learning and AI to mechanically and unceasingly recognize and protect APIs.

Read More