SOFTWARE SECURITY

Foresite Cybersecurity Begins XDR & Compliance Platform

Foresite Cybersecurity | June 02, 2022

Foresite Cybersecurity
Foresite Cybersecurity, a leading cybersecurity and compliance provider, announced today that it is transitioning from technical services to a product-led Open XDR SaaS platform. The platform will provide a distinct edge for mid-market enterprises by allowing them to consolidate security data from several sources into a single spot to acquire a holistic view of their security and policy compliance maturity.

"Our strategy is to provide our customers with an open, extensible platform to enable them to understand their risk and compliance posture. The ProVision Open XDR platform will deliver on the single vision of our customers security posture, allowing not only discovery, response, and remediation, but also providing real-time risk and maturity scores."

Matt Gyde, Chairman and CEO of Foresite Cybersecurity

Mid-market organizations have battled for years to achieve adequate cybersecurity due to a lack of in-house experience or funding, with many not understanding where to start. The growing trend of remote employment has only made things more complicated.

Duane Shugars, Foresite Cybersecurity Chief Technology Officer said that "The market demanded an easier, more simplified model to be protected from cyberattacks and compliant to support business supply chain requirements. We are developing our Open XDR platform to easily absorb all log data, use advanced data science techniques, proprietary machine learning and natural language models, and supply chain illumination to simplify cybersecurity, maturity and compliance."

ProVision Open XDR is a cloud-native platform that will be available in Q3 2022 and will employ machine learning to enable insight across the whole IT ecosystem. In the case of an attack, the vendor-agnostic platform allows any cybersecurity technology in the customer's ecosystem, including firewalls, EDR, NDR, and many more, to monitor events, resulting in quicker remediation and reduced economic damage.

Spotlight

How the Hackers Get In – Experiences from Real-Life Security Breaches - Part 2. In the second of a 3 part series of short videos, Don Smith, Dell SecureWorks Technology Director, shares how to get into the mindset of actors presenting threats to your organisation.

Spotlight

How the Hackers Get In – Experiences from Real-Life Security Breaches - Part 2. In the second of a 3 part series of short videos, Don Smith, Dell SecureWorks Technology Director, shares how to get into the mindset of actors presenting threats to your organisation.

Related News

SOFTWARE SECURITY

Aqua Launches the Industry’s First Out-of-the-Box Runtime Security with Advanced Protection Against the Most Sophisticated Threats

Aqua Security | July 26, 2022

Aqua Security, the leading pure-play cloud native security provider, today announced the launch of out-of-the-box runtime protection with minimal configuration to stop attacks in real time on running workloads. Protection is composed of new curated and optimized default security controls, as well as advanced threat intel from observations of real attacks on cloud native environments. Both the controls and threat intel are the result of knowledge gained through years of securing customers’ live production environments. Customers can now apply this knowledge to achieve trusted and advanced runtime protection in minutes without requiring in-depth knowledge of their applications and environments. Using eBPF technology and threat intel from cyber research team Aqua Nautilus to identify advanced threats, Aqua surfaces the most critical issues in real time while also implementing a set of controls to protect running workloads immediately, without disrupting the business. “Aqua is transforming the runtime security paradigm. “Traditional runtime security requires security teams to have a great deal of cloud native knowledge, and as a result has been slow to adopt. Aqua is removing this barrier to adoption by making cloud workload threat protection immediately effective and easy for security professionals.” Amir Jerbi, CTO and co-founder, Aqua Security Stopping Attacks in Real Time with Runtime Security Recent data from Nautilus shows that one in three live attacks could be missed when relying exclusively on snapshot scanning of running workload images. Nautilus also found tens of thousands of instances of in-memory attacks and fileless attacks in a one-month period—attacks that would not be seen or stopped without kernel-level visibility. Aqua’s detection of anomalous behavior goes beyond point-in-time snapshots and catches malicious behavior of known and unknown threats in real time—this includes both known CVEs and zero-day exploits that have yet to be discovered. The new default runtime controls are based on ongoing recommendations from Aqua Nautilus, who detect and analyze 80,000 attacks a month using Aqua’s open source eBPF-based threat detection engine, Aqua Tracee. The result is real-time visibility at the kernel level that alerts customers the moment an attacker breaches a running workload, reducing attackers’ dwell time from months to milliseconds. Aqua’s Runtime Protection solution is part of Aqua’s fully integrated Cloud Native Application Protection Platform (CNAPP), the Aqua Platform. Customers of the Aqua Platform also have access to the entire, full set of customizable, advanced runtime capabilities if and when they decide to define and implement more stringent policies. Key benefits of Aqua Runtime Protection include: Discover attacks immediately with continuously updated kernel-level behavioral detection. Updates are based on cloud native threat research from Aqua Nautilus along with years of experience securing customer workloads in production. Respond faster and reduce attacker dwell time by stopping attacks with pattern-based anti-malware in production and the option to block or delete malware on access. Simplify incident investigation and rapidly determine the impact and attack path of a security incident with a detailed incident timeline including rich contextual information. “Unlike overly complex runtime solutions, legacy solutions not designed for cloud-native applications, or solutions that can’t detect in real time, our goal with this release is to provide runtime security that is simple to deploy, giving you effective real-time security out-of-the-box,” said Jerbi. “What this boils down to is that, unlike alternative solutions, Aqua’s Platform will both detect sophisticated attacks and stop them in real time.” Aqua’s out-of-the-box Runtime Protection is now available and will make an industry debut at AWS re:Inforce on July 26-27 in Boston at Booth 104. To learn more, visit Aqua’s YouTube. About Aqua Security Aqua Security stops cloud native attacks and is the only company with a $1 Million Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry’s most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston and Ramat Gan, Israel, with Fortune 1000 customers in over 40 countries.

Read More

SOFTWARE SECURITY

Palo Alto Networks Unit 42 Helps Customers Better Address Cybersecurity Threats Through New Managed Detection and Response Service

Palo Alto Networks | August 05, 2022

The need for managed detection and response (MDR) is soaring as attack surfaces grow, cloud usage skyrockets and the cybersecurity skills gap widens. Palo Alto Networks, the global cybersecurity leader, today introduced Unit 42 Managed Detection and Response (Unit 42 MDR) to address this need with a new service that can offer continuous 24/7 threat detection, investigation and response. This offering brings together Palo Alto Networks acclaimed Cortex XDR with Unit 42's industry-leading threat intelligence, which includes insights from incident response cases. Because Unit 42 MDR is built on Cortex XDR, it is optimized to not just prioritize alerts but also to massively reduce the number of alerts customers receive. This helps customers detect more suspicious activity than they would have otherwise. "As cyberattacks continue to rise, many organizations are being asked to handle advanced threats with limited resources and without the right expertise. This will not lead to good results. "Palo Alto Networks Unit 42 brings a unique combination of innovative cybersecurity technologies and a world-class threat intelligence team which allows us to provide customers with rapid detection and response to critical cyberthreats." Wendi Whitmore, senior vice president, Palo Alto Networks Unit 42 The new Unit 42 MDR service offers customers cybersecurity experts to help identify and respond to security alerts and potential threats in real time, enabling businesses to focus security operations (SecOps) personnel on other organizational security priorities. The service provides organizations with monitoring, threat hunting and response/remediation capabilities, including: Continuous Monitoring & Response: Security experts monitor alerts, events and indicators 24x7x365. The Unit 42 MDR team uses a mix of proprietary processes, infrastructure and enrichment to accelerate detection, response and threat hunting to help quickly stop malicious activity most likely to impact your organization. Proactive Threat Hunting: World-class threat hunters search environments for complex attacks using deep knowledge of XDR data sources and the latest threat intelligence from Palo Alto Networks. This helps organizations stay ahead of emerging attack campaigns, malware and vulnerabilities. Security Posture Optimization: Experts provide periodic health checks of an organization's posture and detailed recommendations on policy changes to help facilitate addressing risks before they become issues. "Cyberattacks are emerging and evolving faster than ever," said Tom Osteen, CIO, Enloe Medical Center. "Intervening and addressing threats at the earliest stage is crucial. With Unit 42 MDR we have confidence that we can quickly identify and stop malicious activity to help keep our organization safe and secure." In a recent report, IDC said, "It is not a surprise to state that organizations continue to struggle with persistent security talent shortages and the rising costs to retain these scarce security resources. Security teams with already limited resources are overwhelmed by the heavy workload and responsibility." The report also stated, "Organizations are analyzing their current risks and accelerating their security services investments to ease pressure on their teams and strengthen their overall security posture to meet the growing cyberthreats."* About Cortex XDR Cortex XDR® is the world's first detection and response solution that natively integrates network, endpoint and cloud data to stop sophisticated attacks. It is designed to stop attacks with the power of AI and comprehensive data. XDR is critical to effective security. The latest Palo Alto Networks 2022 Unit 42 Incident Response Report highlights that when a breach occurs, 44% of the cases involved a business that did not have or did not fully deploy an endpoint detection and response or XDR security solution. About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

DATA SECURITY,SOFTWARE SECURITY

Appgate Launches Technology Alliance Partnership Program to Help Customers Simplify and Accelerate Zero Trust Advancement

Appgate | September 08, 2022

Appgate (OTC: APGT), the secure access company, today announced the launch of its Technology Alliance Partnership program and four of the program’s featured partners: Illumio, Menlo Security, CrowdStrike and Amazon Web Services (AWS). Appgate’s Technology Alliance Partnership program is designed to help organizations unlock greater performance from their cybersecurity investments and accelerate Zero Trust security adoption. This growing ecosystem of partners demonstrates Appgate’s vision and commitment to build purposeful product integrations that enable its customers to automate cybersecurity processes, optimize operations, reduce risk and improve the user experience. “While many organizations have embraced the principles of Zero Trust security, the reality is their goals cannot be met with any single product, vendor or platform. Our Technology Alliance Partnership program is designed to make it easier for our customers to navigate this complex landscape, simplify deployments and get the most out of their cybersecurity investments. “We’re thrilled to bring more value to our customers through our partnerships with Illumio, Menlo Security, CrowdStrike and AWS.” Barry Field, CEO, Appgate Zero Trust requires all users, devices and workloads—whether inside or outside an organization’s network—to be authenticated, authorized and continuously validated before receiving access to applications and data. Appgate’s Technology Alliance Partnership program enables partners to integrate with the company’s industry-leading Zero Trust Network Access (ZTNA) solution, Appgate SDP, through robust API integrations, clear documentation and dedicated support. Together, Appgate and its technology partners offer comprehensive offerings that help their customers reach Zero Trust goals with ease and speed: Illumio The combination of Appgate SDP and Illumio Core, a leading micro-segmentation solution, enables joint customers to achieve full-compass dynamic Zero Trust segmentation. Appgate SDP ensures secure access to workloads via the network perimeter (north-south traffic) by creating user-to-workload access controls that are cloaked, fine-grained and dynamic. Illumio Core micro-segments workloads within the interior (east-west traffic) to eliminate excess workload-to-workload interconnectivity. When co-deployed and integrated together, these solutions immediately improve any organization’s Zero Trust posture. “Security teams are turning to Zero Trust strategies to build resilience throughout their hybrid IT environments but find that no single vendor or solution can achieve their goals alone—an ecosystem-based approach is required,” said John Skinner, Vice President of Business Development at Illumio. “Both Zero Trust segmentation and ZTNA are important pillars of any Zero Trust strategy. Illumio is delighted to join forces with Appgate to deliver best-of-breed Zero Trust solutions in both categories to our customers to ensure minor breaches can’t grow to become disasters.” Menlo Security The combination of Appgate SDP and the Menlo Security Cloud Platform delivers a comprehensive secure access solution that safeguards all internet traffic, Software-as-a-Service (SaaS) applications and private networked resources. With this integration, enterprises can shift to a seamless, high-security Zero Trust framework with industry-leading data and threat protection, enabling users to browse the internet and access SaaS apps and private enterprise resources safely and securely. “The evolution toward hybrid workforces and public and private cloud infrastructures requires organizations to deploy a new approach to ensure secure access to web and SaaS applications and confidential enterprise data without affecting the user experience or productivity,” said Sanjit Shah, Head of Strategic Alliances, Menlo Security. “Teaming with Appgate enables our joint customers to adopt a comprehensive and scalable ZTNA-based approach that improves deployment and management flexibility, while providing secure web access to application workloads across public and private clouds using Menlo’s Cloud Security Platform with Isolation Core and Zero Trust private access to hybrid resources and IT infrastructure via Appgate SDP.” CrowdStrike Appgate’s integration with CrowdStrike helps organizations reduce their attack surface and mitigate lateral movement. Appgate SDP gathers intelligence provided through CrowdStrike Falcon Zero Trust Assessment (ZTA) to assess user, device and workload risk postures at the time of authentication and on an ongoing basis. This dynamic functionality makes it possible to leverage device health or behavioral changes provided by the CrowdStrike Falcon platform to build policy controls that restrict or deny access, preventing lateral movement across the network. AWS Enterprises that utilize the strong security foundations provided by AWS can augment the network security of their environments with Appgate SDP, which leverages AWS-native capabilities like tagging and auto scaling to provide fine-grained access and enterprise-grade scale. Appgate SDP ensures that only authorized users connect to AWS and hybrid architectures with multiple encrypted tunnels. Appgate SDP is available in the AWS Marketplace. About Appgate Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles. This people-defined security approach enables fast, simple and secure connections from any device and location to workloads across any IT infrastructure in cloud, on-premises and hybrid environments. Appgate helps organizations and government agencies worldwide start where they are, accelerate their Zero Trust journey and plan for their future.

Read More