Home > News > featured news > Forescout Announces Launch of Forescout XDR

SECURITY AUDIT AND COMPLIANCE, WIRELESS AND MOBILE SECURITY

Forescout Announces Launch of Forescout XDR

Forescout Technologies Inc. | March 02, 2023 | Read time : 02:00 min

Forescout Announces

On March 1, 2023, Forescout Technologies, a leading automated cybersecurity solutions provider, launched Forescout XDR to enhance enterprises' investigation, detection, and response capabilities against advanced threats across their extended enterprises.

Currently, security operation centers (SOCs) are inundated with an average of 450 alerts per hour, and analysts often spend precious time correlating low-fidelity alerts and chasing false positives. Forescout XDR uses data science and automation to generate a single high-fidelity alert every hour from 50 million logs ingested, reducing the number of alerts that warrant further investigation and thus enabling analysts to focus on legitimate attacks.

Forescout XDR is vendor- and EDR-agnostic and collects data from over 170 sources, including security, cloud/SaaS infrastructure and enrichment sources, as well as dozens of leading vendors.

Forescout XDR contains over 70 threat information sources and 1500 confirmed detection rules and models. With data onboarding included, customers may become operational in hours, actively identifying, investigating, and responding to risks.

SOCs till now have excluded critical devices that are increasingly common points of attack, such as industrial control systems (ICS), operational technology (OT), building management systems (BMS), and IoT and medical devices. Furthermore, the technological stack on which SecOps teams have been forced to rely has made it impossible to respond to these threats promptly and thoroughly.

The technology integration with Forescout's network access control solution facilitates proactive prevention of attacks by reducing the attack surface through restriction of compromised or non-compliant devices from connecting to their networks and automating response workflows that can immediately touch every connected device throughout the enterprise. Thus helping reduce the blast radius of an attack in real-time, allowing proper mitigation or remediation measures to be completed.

Forescout XDR includes a multi-tenant architecture and supports local data storage while also providing an aggregated global view of threats and SOC performance. It is ideal for large firms, global corporations, and organizations with regional managed security service providers (MSSPs) and SOCs.

The SaaS licensing pricing model is based on the total amount of endpoints in the enterprise, offering customers the flexibility to leverage the data sources they need to support their use cases without concern for fluctuating costs associated with cloud log storage.

About Forescout Technologies Inc.

Forescout Technologies, Inc. protects the Enterprise of Things through comprehensive identification, segmentation, and enforcement of compliance with every connected device. The company's enterprise-class platform has been widely deployed across managed and unmanaged IT, IoT, and OT devices, making it a trusted choice for Fortune 1000 companies. Forescout provides organizations with the most extensive device intelligence in the world, enabling them to classify risks precisely, detect irregularities, and promptly remediate cyber threats without harming essential business assets.

Spotlight

PKI Problems: 7 Reasons Why Teams Struggle with PKI and Certificate Management

Whether public key infrastructure (PKI) is your passion or it’s something you wouldn’t touch with a 39-and-a-half-foot pole, it’s without a doubt become critical to the security of your organization. A rare few companies have an in-house expert or even an entire team dedicated to PKI, but for most, it’s more of a “hot potato” th

More featured news

Spotlight

PKI Problems: 7 Reasons Why Teams Struggle with PKI and Certificate Management

Whether public key infrastructure (PKI) is your passion or it’s something you wouldn’t touch with a 39-and-a-half-foot pole, it’s without a doubt become critical to the security of your organization. A rare few companies have an in-house expert or even an entire team dedicated to PKI, but for most, it’s more of a “hot potato” th

Related News

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

CertiK Launches Skynet for Community Web3 Due Diligence Tool

Globenewswire | April 04, 2023

CertiK, the leading provider of blockchain security solutions, is excited to announce the launch of Skynet for Community, an all-in-one security, due diligence, and insights platform for the Web3 ecosystem. Skynet for Community empowers users, investors, and community members to make informed decisions about Web3 projects by providing a comprehensive set of tools for research, analysis, and monitoring. With thousands of Web3 projects creating millions of points of data every day, it's easy to get lost in the noise. Skynet for Community’s rich data-driven insights help users to discover new projects, conduct due diligence on projects of interest, and keep up to date on the latest news and developments in the Web3 space. The platform aggregates a vast amount of data into Web3's most accessible due diligence tool. Skynet for Community puts security front and center, with the Security Leaderboard ranking projects according to their Security Score and market performance. The Verified Teams (KYC) Leaderboard lists and ranks projects based on the status of their CertiK KYC Badge, which is awarded to project teams that undergo a rigorous background investigation. Skynet for Community evaluates the security of Web3 projects through both manual and automated measures. The platform covers the majority of all Web3 projects using transparent metrics, regardless of their relationship with CertiK. Manual Signal Scores are determined by CertiK’s research analysts and security experts, who evaluate factors such as the quality of whitepapers, documentation, and other fundamental aspects of the project. Automatic Signal Scores are calculated in real-time by the underlying software and monitoring systems, which evaluate website cybersecurity, security incidents, and other factors. The signals are weighted based on their severity or potential impact, and the aggregate of qualitative and quantitative insights makes up the project’s final Security Score. Skynet for Community also includes tools such as Exchange Analyzer, which allows users to conduct due diligence on centralized exchanges by displaying their on-chain asset holdings; Skynet Alerts, a system that provides timely notifications on rugpulls and exploits in the cryptocurrency space; and Wallet Analyzer, which provides insights on wallet addresses and makes it easy to visualize and decipher on-chain transactions between wallets. "Skynet for Community is a revolutionary product that leverages CertiK's expertise in blockchain security to provide an independent, transparent, and comprehensive evaluation of Web3 projects," said Professor Ronghui Gu, co-founder and CEO of CertiK. "We are excited to launch this product and offer the Web3 community a powerful tool that makes it easy to do your own research." The launch of Skynet for Community marks a new era of transparency and accountability for the Web3 world as it provides a comprehensive evaluation of projects' security in real-time. With its uniquely comprehensive approach of combining manual and automated measures, CertiK's Security Score provides an independent lens through which all Web3 projects can be evaluated. To learn more about Skynet Community and to try out the suite of due diligence tools, visit skynet.certik.com or follow along on Twitter at @CertiK and @CertiKCommunity. About CertiK CertiK is a pioneer in blockchain security, leveraging best-in-class AI technology and expert manual review to protect and monitor blockchain protocols and smart contracts. Founded in 2018 by professors from Yale University and Columbia University, CertiK secures the Web3 world, by applying cutting-edge innovations from academia to enterprise, enabling mission-critical applications to scale with safety and correctness. CertiK has audited more than 3,900 Web3 projects and secured hundreds of billions of dollars of market capitalization.

Read More

ENTERPRISE SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Ambient.ai Launches AI-driven Forensics Tool to Improve Security

Ambient.ai | March 06, 2023

Ambient.ai, the company evolving physical security with computer vision intelligence, recently introduced its AI-Powered Forensics solution to power incident investigations in near real-time. New event-based and entity search capabilities enable teams to search by objects, complex actions, and non-biometric person descriptors such as shirt color, thereby reducing investigation times by over 90%. Security investigations require operators to analyze individual camera streams with search options limited to basic motion or person/object search, log into multiple applications, and wait for time-consuming video processing, which can take hours or days. Ambient's AI-Powered Forensics is wholly integrated with the camera system, enabling near-instantaneous search across camera networks when an incident occurs – eliminating lengthy wait times and processing, thereby reducing security investigations from hours to minutes. Entity Search builds upon Ambient.ai's first-of-its-kind event-based search and filtering capabilities, utilizing non-biometric identifiers for objects and people to locate key footage and sophisticated event signatures. Additionally, Conjunction Search enables users to filter footage by two or more entities, events, or attributes, thereby expanding the search parameter's scope. One-click sharing and archiving allow teams to instantly share footage to build detailed reports on incident timelines, speed up internal and external investigations and responses, and ensure security protocol compliance. With streamlined investigations, security teams can analyze footage to determine security efficacy, threat incidence, and vulnerabilities. The Ambient.ai Context GraphTM uses computer vision to identify entities, objects, and their connections across surveillance feeds and PACS alarms in the new AI-Powered Forensics. The platform uses the extensible graph for threat detection, signals intelligence, and response. In addition, the company continuously adds event and entity recognition signatures and uses human-in-the-loop feedback to improve performance. Ambient's AI-Powered Forensics capabilities have been tested in high-security environments, such as world-renowned museums and Fortune 500 companies. Today, innovative companies such as Adobe, Impossible Foods, and VMware rely on the company to improve their physical security. About Ambient.ai Ambient.ai offers cutting-edge computer vision intelligence solutions to transform enterprise security operations. Its platform utilizes AI to enable continuous physical security monitoring and automate the immediate dispatch of human resources, preventing security incidents before they occur. Ambient.ai is trusted by large enterprises, schools, and organizations worldwide and is the first platform to go beyond basic motion detection and image recognition, achieving near-human perception with automated situational context. Based in Palo Alto, California, Ambient.ai is leading the way in advancing physical security solutions.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Spin.AI Expands SpinOne Platform with New SaaS Security Capabilities: SaaS SPM, SaaS DLP and SaaS Ransomware Protection

Businesswire | April 20, 2023

Spin.AI, developer of the SpinOne SaaS security platform for mission-critical SaaS apps, today announced the significant expansion of its platform with new solutions to help enterprises proactively respond to the growing challenge of protecting SaaS data. This includes new capabilities around SaaS security posture management (SSPM), SaaS data leak prevention and data loss protection (SDLP), and SaaS ransomware detection and response (SRDR), as well as new integrations with JIRA and ServiceNow, and backup support for Slack. "The rising adoption of mission-critical SaaS applications, such as collaboration tools and CRMs, has resulted in a massive amount of new SaaS data that must be safeguarded for compliance, regulatory, and business continuity purposes,” said Dmitry Dontov, CEO and founder of Spin.AI. “The most recent enhancements to the SpinOne platform protect SaaS applications, automate manual processes, and minimize business downtime for organizations that rely on SaaS apps and SaaS data. With SpinOne, teams can reduce the time it takes to identify and remediate SaaS application risks from days and months to minutes and seconds." SpinOne is an all-in-one, SaaS security platform that protects SaaS data for mission-critical SaaS applications, including Google Workplace, Microsoft 365, Salesforce and now Slack, by delivering full visibility and fast incident response. It eliminates fundamental security and management challenges associated with protecting SaaS data by reducing the risk of data leak and loss, saving time for SecOps teams through automation, reducing downtime and recovery costs from ransomware attacks, and improving compliance. The new platform updates include: SSPM (SaaS Security Posture Management) – Offers automated security operations to help companies quickly detect and respond to misconfigurations while also providing inventory and assessment of unsanctioned third-party apps and extensions. This reduces security and compliance risks while minimizing manual workloads. SpinOne provides full visibility and control over SaaS apps, Cloud apps, Mobile apps, and browser extensions with OAuth access to collaboration tools. Additionally, SpinOne provides access to a database of 300,000+ apps and extensions assessed by its AI-driven algorithms, reducing risk assessment time from months to seconds. SaaS DLP (SaaS Data Leak Prevention and Loss Protection) – Mitigates unauthorized access to sensitive SaaS data with configurable access management and advanced reporting. Recovers lost data in a matter of minutes or hours (instead of the typical weeks or months) with integrated, automated SaaS backup and rapid incident response. SaaS Ransomware Detection and Response – Quickly detects and responds to in-progress ransomware attacks, minimizing downtime from an average of one month to up to 2 hours and preventing further encryption. Provides 24/7 ransomware monitoring and automated incident alerting, and can recover SaaS data in minutes, reducing recovery costs by 90%. This patented technology gives organizations the unique capability to limit files impacted and avoid throttling and API limits on recovery. JIRA and ServiceNow – Integrates with JIRA and ServiceNow to create alerts and incidents automatically, streamlining security operations processes for enterprise teams by eliminating the need for manual alert creation. SpinOne for Slack – Helps protect an organization’s Slack channels and messages to meet data protection and compliance requirements, ensure business continuity, and decrease recovery costs. You can easily set up automated 3x a day backup of your Slack data on AWS, GCP, Azure or BYOS. Enterprises use multiple point products to meet their security requirements, making it challenging to manage various dashboards, invoices, and support channels. Consequently, enterprises are consolidating on platforms that address significant issues in a single solution. This all-in-one SaaS security solution is what SpinOne provides. SpinOne can efficiently substitute existing vendors or complement an enterprise’s existing security stack, reducing overhead and complexity. “SaaS applications, such as Google Workspace and Microsoft 365 for example, have a significant number of controls and configurations,” said Davit Asatryan, Director of Product at Spin.AI. “One of the biggest challenges administrators face is configuring these applications for the best security posture. This new SpinOne update delivers the visibility needed to better understand configuration issues, set better policies, and respond faster, while aligning with existing regulations such as NIST, ISO, and SOC 2.” SpinOne protects the SaaS applications enterprises use on a daily basis, reducing the risk of downtime due to business disruptions, ensuring business continuity, and improving compliance. For more information including a deeper technical overview of the new SpinOne capabilities, please visit www.spin.ai/platform/spinone or request a demo at www.spin.ai/demo. About Spin.AI Spin.AI is a SaaS security company protecting enterprises against the risk of shadow IT, data leak and loss, ransomware, and non-compliance. SpinOne, the all-in-one SaaS security platform for mission-critical SaaS apps, protects SaaS data for Google Workspace, Microsoft 365, Salesforce, and Slack. SpinOne provides SaaS security posture management, SaaS DLP, and SaaS ransomware protection for more than 1,600 organizations worldwide to reduce downtime and recovery costs, improve compliance, and save time for SecOps teams. For more information, please visit: https://www.spin.ai/

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

CertiK Launches Skynet for Community Web3 Due Diligence Tool

Globenewswire | April 04, 2023

CertiK, the leading provider of blockchain security solutions, is excited to announce the launch of Skynet for Community, an all-in-one security, due diligence, and insights platform for the Web3 ecosystem. Skynet for Community empowers users, investors, and community members to make informed decisions about Web3 projects by providing a comprehensive set of tools for research, analysis, and monitoring. With thousands of Web3 projects creating millions of points of data every day, it's easy to get lost in the noise. Skynet for Community’s rich data-driven insights help users to discover new projects, conduct due diligence on projects of interest, and keep up to date on the latest news and developments in the Web3 space. The platform aggregates a vast amount of data into Web3's most accessible due diligence tool. Skynet for Community puts security front and center, with the Security Leaderboard ranking projects according to their Security Score and market performance. The Verified Teams (KYC) Leaderboard lists and ranks projects based on the status of their CertiK KYC Badge, which is awarded to project teams that undergo a rigorous background investigation. Skynet for Community evaluates the security of Web3 projects through both manual and automated measures. The platform covers the majority of all Web3 projects using transparent metrics, regardless of their relationship with CertiK. Manual Signal Scores are determined by CertiK’s research analysts and security experts, who evaluate factors such as the quality of whitepapers, documentation, and other fundamental aspects of the project. Automatic Signal Scores are calculated in real-time by the underlying software and monitoring systems, which evaluate website cybersecurity, security incidents, and other factors. The signals are weighted based on their severity or potential impact, and the aggregate of qualitative and quantitative insights makes up the project’s final Security Score. Skynet for Community also includes tools such as Exchange Analyzer, which allows users to conduct due diligence on centralized exchanges by displaying their on-chain asset holdings; Skynet Alerts, a system that provides timely notifications on rugpulls and exploits in the cryptocurrency space; and Wallet Analyzer, which provides insights on wallet addresses and makes it easy to visualize and decipher on-chain transactions between wallets. "Skynet for Community is a revolutionary product that leverages CertiK's expertise in blockchain security to provide an independent, transparent, and comprehensive evaluation of Web3 projects," said Professor Ronghui Gu, co-founder and CEO of CertiK. "We are excited to launch this product and offer the Web3 community a powerful tool that makes it easy to do your own research." The launch of Skynet for Community marks a new era of transparency and accountability for the Web3 world as it provides a comprehensive evaluation of projects' security in real-time. With its uniquely comprehensive approach of combining manual and automated measures, CertiK's Security Score provides an independent lens through which all Web3 projects can be evaluated. To learn more about Skynet Community and to try out the suite of due diligence tools, visit skynet.certik.com or follow along on Twitter at @CertiK and @CertiKCommunity. About CertiK CertiK is a pioneer in blockchain security, leveraging best-in-class AI technology and expert manual review to protect and monitor blockchain protocols and smart contracts. Founded in 2018 by professors from Yale University and Columbia University, CertiK secures the Web3 world, by applying cutting-edge innovations from academia to enterprise, enabling mission-critical applications to scale with safety and correctness. CertiK has audited more than 3,900 Web3 projects and secured hundreds of billions of dollars of market capitalization.

Read More

ENTERPRISE SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Ambient.ai Launches AI-driven Forensics Tool to Improve Security

Ambient.ai | March 06, 2023

Ambient.ai, the company evolving physical security with computer vision intelligence, recently introduced its AI-Powered Forensics solution to power incident investigations in near real-time. New event-based and entity search capabilities enable teams to search by objects, complex actions, and non-biometric person descriptors such as shirt color, thereby reducing investigation times by over 90%. Security investigations require operators to analyze individual camera streams with search options limited to basic motion or person/object search, log into multiple applications, and wait for time-consuming video processing, which can take hours or days. Ambient's AI-Powered Forensics is wholly integrated with the camera system, enabling near-instantaneous search across camera networks when an incident occurs – eliminating lengthy wait times and processing, thereby reducing security investigations from hours to minutes. Entity Search builds upon Ambient.ai's first-of-its-kind event-based search and filtering capabilities, utilizing non-biometric identifiers for objects and people to locate key footage and sophisticated event signatures. Additionally, Conjunction Search enables users to filter footage by two or more entities, events, or attributes, thereby expanding the search parameter's scope. One-click sharing and archiving allow teams to instantly share footage to build detailed reports on incident timelines, speed up internal and external investigations and responses, and ensure security protocol compliance. With streamlined investigations, security teams can analyze footage to determine security efficacy, threat incidence, and vulnerabilities. The Ambient.ai Context GraphTM uses computer vision to identify entities, objects, and their connections across surveillance feeds and PACS alarms in the new AI-Powered Forensics. The platform uses the extensible graph for threat detection, signals intelligence, and response. In addition, the company continuously adds event and entity recognition signatures and uses human-in-the-loop feedback to improve performance. Ambient's AI-Powered Forensics capabilities have been tested in high-security environments, such as world-renowned museums and Fortune 500 companies. Today, innovative companies such as Adobe, Impossible Foods, and VMware rely on the company to improve their physical security. About Ambient.ai Ambient.ai offers cutting-edge computer vision intelligence solutions to transform enterprise security operations. Its platform utilizes AI to enable continuous physical security monitoring and automate the immediate dispatch of human resources, preventing security incidents before they occur. Ambient.ai is trusted by large enterprises, schools, and organizations worldwide and is the first platform to go beyond basic motion detection and image recognition, achieving near-human perception with automated situational context. Based in Palo Alto, California, Ambient.ai is leading the way in advancing physical security solutions.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Spin.AI Expands SpinOne Platform with New SaaS Security Capabilities: SaaS SPM, SaaS DLP and SaaS Ransomware Protection

Businesswire | April 20, 2023

Spin.AI, developer of the SpinOne SaaS security platform for mission-critical SaaS apps, today announced the significant expansion of its platform with new solutions to help enterprises proactively respond to the growing challenge of protecting SaaS data. This includes new capabilities around SaaS security posture management (SSPM), SaaS data leak prevention and data loss protection (SDLP), and SaaS ransomware detection and response (SRDR), as well as new integrations with JIRA and ServiceNow, and backup support for Slack. "The rising adoption of mission-critical SaaS applications, such as collaboration tools and CRMs, has resulted in a massive amount of new SaaS data that must be safeguarded for compliance, regulatory, and business continuity purposes,” said Dmitry Dontov, CEO and founder of Spin.AI. “The most recent enhancements to the SpinOne platform protect SaaS applications, automate manual processes, and minimize business downtime for organizations that rely on SaaS apps and SaaS data. With SpinOne, teams can reduce the time it takes to identify and remediate SaaS application risks from days and months to minutes and seconds." SpinOne is an all-in-one, SaaS security platform that protects SaaS data for mission-critical SaaS applications, including Google Workplace, Microsoft 365, Salesforce and now Slack, by delivering full visibility and fast incident response. It eliminates fundamental security and management challenges associated with protecting SaaS data by reducing the risk of data leak and loss, saving time for SecOps teams through automation, reducing downtime and recovery costs from ransomware attacks, and improving compliance. The new platform updates include: SSPM (SaaS Security Posture Management) – Offers automated security operations to help companies quickly detect and respond to misconfigurations while also providing inventory and assessment of unsanctioned third-party apps and extensions. This reduces security and compliance risks while minimizing manual workloads. SpinOne provides full visibility and control over SaaS apps, Cloud apps, Mobile apps, and browser extensions with OAuth access to collaboration tools. Additionally, SpinOne provides access to a database of 300,000+ apps and extensions assessed by its AI-driven algorithms, reducing risk assessment time from months to seconds. SaaS DLP (SaaS Data Leak Prevention and Loss Protection) – Mitigates unauthorized access to sensitive SaaS data with configurable access management and advanced reporting. Recovers lost data in a matter of minutes or hours (instead of the typical weeks or months) with integrated, automated SaaS backup and rapid incident response. SaaS Ransomware Detection and Response – Quickly detects and responds to in-progress ransomware attacks, minimizing downtime from an average of one month to up to 2 hours and preventing further encryption. Provides 24/7 ransomware monitoring and automated incident alerting, and can recover SaaS data in minutes, reducing recovery costs by 90%. This patented technology gives organizations the unique capability to limit files impacted and avoid throttling and API limits on recovery. JIRA and ServiceNow – Integrates with JIRA and ServiceNow to create alerts and incidents automatically, streamlining security operations processes for enterprise teams by eliminating the need for manual alert creation. SpinOne for Slack – Helps protect an organization’s Slack channels and messages to meet data protection and compliance requirements, ensure business continuity, and decrease recovery costs. You can easily set up automated 3x a day backup of your Slack data on AWS, GCP, Azure or BYOS. Enterprises use multiple point products to meet their security requirements, making it challenging to manage various dashboards, invoices, and support channels. Consequently, enterprises are consolidating on platforms that address significant issues in a single solution. This all-in-one SaaS security solution is what SpinOne provides. SpinOne can efficiently substitute existing vendors or complement an enterprise’s existing security stack, reducing overhead and complexity. “SaaS applications, such as Google Workspace and Microsoft 365 for example, have a significant number of controls and configurations,” said Davit Asatryan, Director of Product at Spin.AI. “One of the biggest challenges administrators face is configuring these applications for the best security posture. This new SpinOne update delivers the visibility needed to better understand configuration issues, set better policies, and respond faster, while aligning with existing regulations such as NIST, ISO, and SOC 2.” SpinOne protects the SaaS applications enterprises use on a daily basis, reducing the risk of downtime due to business disruptions, ensuring business continuity, and improving compliance. For more information including a deeper technical overview of the new SpinOne capabilities, please visit www.spin.ai/platform/spinone or request a demo at www.spin.ai/demo. About Spin.AI Spin.AI is a SaaS security company protecting enterprises against the risk of shadow IT, data leak and loss, ransomware, and non-compliance. SpinOne, the all-in-one SaaS security platform for mission-critical SaaS apps, protects SaaS data for Google Workspace, Microsoft 365, Salesforce, and Slack. SpinOne provides SaaS security posture management, SaaS DLP, and SaaS ransomware protection for more than 1,600 organizations worldwide to reduce downtime and recovery costs, improve compliance, and save time for SecOps teams. For more information, please visit: https://www.spin.ai/

Read More

More featured news