SOFTWARE SECURITY

Group-IB Included Among Major Cybersecurity Consulting Companies by Independent Research Firm

Group-IB | August 26, 2021

Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has been included in the Forrester overview of the global cybersecurity consulting providers "Now Tech: Global Cybersecurity Consulting Providers, Q3 2021". The report covers 36 major global cybersecurity consulting firms.  

The demand for superior cybersecurity consulting services continues to increase every year. According to the Forrester's Analytics Business Technographics Security Survey, 31% of enterprise security decision-makers expect to increase spending on cybersecurity consultants and systems integrators by 5% or more in 2021. Digital transformation challenges brought by pandemic have spurred this demand further. To reinforce their cybersecurity risk programs, CISO are tapping into purpose-built strategic and tactical cybersecurity expertise.

The Forrester analysts included Group-IB service offering in the category of consultancies – the providers which "offer clients a broad range of audit, consulting, and advisory services, including cybersecurity consulting. They have a diverse set of assets and intellectual property to help clients solve security problems."

Cybersecurity services have always been the key drivers of Group-IB's technological leadership enriching the company's global threat intelligence and hunting ecosystem with first-hand understanding of adversary tactics. The company's contribution to high-profile cyber investigations in partnership with international law enforcement, and incident response engagements in more than 60 countries bring in-depth knowledge of criminal schemes. Group-IB's battle-tested experts carried out more than 1,200 successful investigations over 18 years around.

While many corporate cybersecurity teams struggle to manage multiple vendors, Group-IB offers its customers a single point of accountability and security consulting expertise trusted by the international automotive, fintech, retail companies. The company provides consulting services at every stage of the attack lifecycle: before (Security Assessment, Compromise Assessment, Incident Response Readiness Assessment), during (Incident Response and Incident Response Retainer), and after the attack (Digital Forensics and Cyber Investigation).


About Group-IB
Group-IB is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, headquartered in Singapore. The company's threat intelligence and research centers are located in the Middle East (Dubai), the Asia-Pacific (Singapore), Europe (Amsterdam), and Russia (Moscow).
Group-IB's Threat Intelligence & Attribution system has been named one of the best in class by Gartner, Forrester, and IDC. Group-IB's Threat Hunting Framework (earlier known as TDS) intended for the proactive search and the protection against complex and previously unknown cyberthreats has been recognized as one of the leaders in Network Detection and Response by the leading European analyst agency KuppingerCole Analysts AG, while Group-IB itself has been recognized as a Product Leader and Innovation Leader. Gartner identified Group-IB as a Representative Vendor in Online Fraud Detection for its Fraud Hunting Platform. In addition, Group-IB was granted Frost & Sullivan's Innovation Excellence award for its Digital Risk Protection (DRP), an Al-driven platform for identifying and mitigating digital risks and counteracting brand impersonation attacks with the company's patented technologies at its core.

Spotlight

MINIMISE ENTERPRISE CYBERSECURITY RISK WITH CLOUD-BASED WAF, POWERED BY TATA COMMUNICATIONS. When you need to safeguard your enterprise web applications from the growing risk of a cybersecurity breach or malicious hack, our Cloud Web Application Firewall (WAF) provides robust defence against sophisticated and targeted attacks. Combining powerful protection against known and emerging threats with the cost efficiency of a comprehensive managed service, Cloud WAF makes it easy to maintain consistent security policies for all your web applications, from a single source.

Spotlight

MINIMISE ENTERPRISE CYBERSECURITY RISK WITH CLOUD-BASED WAF, POWERED BY TATA COMMUNICATIONS. When you need to safeguard your enterprise web applications from the growing risk of a cybersecurity breach or malicious hack, our Cloud Web Application Firewall (WAF) provides robust defence against sophisticated and targeted attacks. Combining powerful protection against known and emerging threats with the cost efficiency of a comprehensive managed service, Cloud WAF makes it easy to maintain consistent security policies for all your web applications, from a single source.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Palo Alto Networks Announces Medical IoT Security to Protect Connected Devices Critical to Patient Care

Palo Alto Networks | December 05, 2022

As healthcare providers use digital devices such as diagnostic and monitoring systems, ambulance equipment, and surgical robots to improve patient care, the security of those devices is as important as their primary function. Today, Palo Alto Networks (NASDAQ: PANW) announced Medical IoT Security — the most comprehensive Zero Trust security solution for medical devices — enabling healthcare organizations to deploy and manage new connected technologies quickly and securely. Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust by continuously verifying every user and device. "The proliferation of connected medical devices in the healthcare industry brings a wealth of benefits, but these devices are often not well secured. For example, according to Unit 42, an alarming 75% of smart infusion pumps examined on the networks of hospitals and healthcare organizations had known security gaps. "This makes security devices an attractive target for cyberattackers, potentially exposing patient data and ultimately putting patients at risk." Anand Oswal, senior vice president of products, network security at Palo Alto Networks While a Zero Trust approach is critical to help protect medical devices against today's innovative cyberthreats, it can be hard to implement in practice. Through automated device discovery, contextual segmentation, least privilege policy recommendations and one-click enforcement of policies, Palo Alto Networks Medical IoT Security delivers a Zero Trust approach in a seamless, simplified manner. Medical IoT Security also provides best-in-class threat protection through seamless integration with Palo Alto Networks cloud-delivered security services, such as Advanced Threat Prevention and Advanced URL Filtering. The new Palo Alto Networks Medical IoT Security uses machine learning (ML) to enable healthcare organizations to: Create device rules with automated security responses: Easily create rules that monitor devices for behavioral anomalies and automatically trigger appropriate responses. For example, if a medical device that typically only sends small amounts of data unexpectedly begins to use a lot of bandwidth, the device can be cut off from the internet and security teams can be alerted. Automate Zero Trust policy recommendations and enforcement: Enforce recommended least-privileged access policies for medical devices with one click using Palo Alto Networks Next-Generation Firewalls or supported network enforcement technologies. This eliminates error-prone and time-consuming manual policy creation and scales easily across a set of devices with the same profile. Understand device vulnerabilities and risk posture: Access each medical device's Software Bill of Materials (SBOM) and map them to Common Vulnerability Exposures (CVEs). This mapping helps identify the software libraries used on medical devices and any associated vulnerabilities. Get immediate insights into the risk posture of each device, including end-of-life status, recall notification, default password alert and unauthorized external website communication. Improve compliance: Easily understand medical device vulnerabilities, patch status and security settings, and then get recommendations to bring devices into compliance with rules and guidelines, such as the Health Insurance Portability Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and similar laws and regulations. Verify network segmentation: Visualize the entire map of connected devices and ensure each device is placed in its designated network segment. Proper network segmentation can ensure a device only communicates with authorized systems. Simplify operations: Two distinct dashboards allow IT and biomedical engineering teams to each see the information critical to their roles. Integration with existing healthcare information management systems, like AIMS and Epic Systems, helps automate workflows. Healthcare organizations are using Palo Alto Networks products to secure the devices that deliver cutting-edge care to millions of patients all over the world. "Establishing and maintaining acute situational awareness of the Internet of Medical Things (IoMT) environment is paramount to establishing an effective enterprise cybersecurity program. The ability to accurately detect, identify and respond to cyber threats is critical to ensuring minimal operational impact to clinical operations during a cyber event," said Tony Lakin, CISO, Moffitt Cancer Center. "Palo Alto Networks IoT capability seamlessly integrates with our continuous monitoring processes and threat-hunting operations. The platform consistently provides my teams with actionable information to allow them to proactively manage the threat surface of our medical device portfolio." "With thousands of devices to manage, healthcare environments are extremely complex and require intelligent security solutions capable of doing more. Palo Alto Networks understands this requirement and is leveraging machine learning (ML) for Medical IoT security. Adding intelligence will enable providers to improve operational efficiency, which will enhance patient and practitioner experience and alleviate the burden of an ongoing IT skills shortage," said Bob Laliberte, principal analyst, ESG. "Healthcare providers continue to be high-value targets for attackers. This reality, combined with the diversity of medical IoT devices and their inherent vulnerabilities, points to a real need for device security that is purpose-built for healthcare use cases. The ability to defend against threats targeting critical care devices while maintaining operational availability and strengthening the alignment of device governance responsibilities between IT and Biomed engineering teams is quickly becoming a necessity for the protection of patient data and lives," said Ed Lee, research director, IoT and Intelligent Edge Security, IDC. About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Aunalytics Launches Security Patching Platform as a Service

Aunalytics | September 27, 2022

Aunalytics, a leading data management and analytics company delivering managed IT and data platform services for mid-sized and enterprise businesses, today initiated its Security Patching Platform, Co-managed Patching as a Service to complement the company’s Advanced Security solution suite. Windows OS and supported 3rd party patch management allow for tighter security in the defense against cyberattacks and the new offering ensures active remediation. According to a 2022 Data Breach Investigations Report by Verizon, around 70 percent of successful cyberattacks exploited known vulnerabilities with available patches, making it important to update operating systems and applications regularly to prevent such attacks. Now, Aunalytics’ new technology as a service includes the tools, structure, strategy and intelligence for managing patch deployment and is a complete solution with best practices, templates, libraries, and built-in alert thresholds. Lack of security patching leads to vulnerabilities within an organization’s information systems, internal controls, or system processes, which can then be exploited by cybercriminals. Using a collection of tools, cyber attackers use the vulnerability to gain unauthorized access to corporate systems and data. Identifying and resolving vulnerabilities is very important since a successful exploit can lead to a full-scale system breach. Workstation and server application patching ensures that organizations have baseline protection against the latest security vulnerabilities, preventing such attacks before they occur. However, patching can be difficult to manage and update in real-time as software fixes are published on an ongoing basis. Setting up and coordinating manual patching across an organization can be extremely cumbersome, taking days to organize, schedule, and execute across an entire company. McKinsey cites good patch management as a top proactive maintenance measure that can help organizations prevent cyberattacks. However, knowing the priority level for patch installment can be confusing and lead to poor patch management as a result. Enlisting the help of a partner to employ security patching best-practices can add true value to many organizations. Aunalytics patch detection, download, and installment methods are developed considering each client's security and uptime requirements and prioritized in order of threat potential. Aunalytics’ experienced security patching team proactively monitors for updates, eliminating worry for end users and server administrators. As part of the new service, users gain access to comprehensive security solutions with customized alerting and vulnerability prioritization, leveraging proprietary solutions and processes. The platform facilitates collaboration between IT and security teams and includes the following capabilities: Inventory and performance management and proactive alerting Patch deployment control strategy, prioritization, planning Patch vetting and blacklisting intelligence Windows Operating System patch management Supported 3rd Party Patch Management Anti-Malware DNS-based Malware Protection Device Encryption Management Innovative management tool library “Security patch exploits can have extremely damaging effects on an organization, decreasing revenues or causing reputational damage, making it imperative to have security patching in place. “Aunalytics’ Security Patching Platform services allow for the rapid resolution of these concerns to maintain the highest levels of cyber-resiliency.” Chris Nicholson, Vice President of Managed IT Services About Aunalytics Aunalytics is a leading data management and analytics company delivering Insights-as-a-Service for mid-sized businesses and enterprises. Selected for the prestigious Inc. 5000 list for two consecutive years as one of the nation’s fastest growing companies, Aunalytics offers managed IT services and managed analytics services, private cloud services, and a private cloud-native data platform for data management and analytics. The platform is built for universal data access, advanced analytics and AI -- unifying distributed data silos into a single source of truth for highly accurate, actionable business information.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

1Password Acquires Passage Identity to Power a Passwordless Future

1Password | November 07, 2022

1Password, a leader in human-centric security and privacy, today announced the acquisition of Passage, a developer-first passwordless authentication company. 1Password will use Passage's technology to launch a passwordless authentication platform for enterprises – enabling a safer, simpler, and more secure end-user experience across any platform or device. "1Password is focused on empowering companies and consumers to have safer and simpler digital experiences. As the world evolves, that means helping companies and consumers navigate all the complexities on the path to a passwordless future," said Jeff Shiner, chief executive officer of 1Password. "With today's Passage acquisition, we are committing to giving businesses and end users what they want and deserve: the convenience of passwordless without compromising security." Together, 1Password and Passage Identity will enable developers, businesses, and consumers to make progress toward a passwordless future by accelerating adoption of passkeys. Passkeys represent the opportunity to replace passwords in favor of more secure and seamless user experiences. With passkeys, the pain of forgotten passwords is a thing of the past, and users minimize exposure to phishing attacks. For businesses, passwordless authentication can improve top- and bottom-line revenue by eliminating forgotten customer passwords and reducing sign-up friction. "Passwords are ubiquitous, but ever-changing requirements can make them a hassle to use, and that can harm the user experience and cause real ramifications for businesses. "1Password's market leadership and human-centric mission make them a natural fit to achieve our shared vision of a secure, user-friendly experience that enables businesses to deliver a frictionless and safe experience to users on any device – no QR codes required." Cole Hecht, co-founder and chief executive officer of Passage The entire Passage team, including co-founders Cole Hecht (CEO) and Anna Pobletts (CTO), will bring their technical expertise and exclusive focus on passkey authentication to 1Password. The Passage team will continue to focus on developing passkey-first authentication for consumer-facing businesses. This solution will be available in beta in early 2023. The FIDO Alliance is an open industry association focused on improving authentication standards to minimize password use and improve online security. "Enterprises around the world are rapidly adopting FIDO-based solutions in order to accelerate the journey toward a safer, passwordless future," said Andrew Shikiar, executive director and CMO of the FIDO Alliance. "With the Passage acquisition, 1Password has bolstered their solution offering which stands to help more companies reduce reliance on passwords in favor of user-friendly and unphishable FIDO authentication." About 1Password 1Password's human-centric security keeps people safe, at work and at home. Our solution is built from the ground up to enable anyone – no matter the level of technical proficiency – to navigate the digital world without fear or friction. The company's award-winning security platform is re-shaping the future of authentication, including passwordless. 1Password is trusted by over 100,000 businesses such as IBM, Slack, Snowflake, Shopify, and Under Armour and protects the most sensitive information of millions of individuals and families across the globe. The company's ultimate goal is to help consumers and businesses get more done in less time – with security and privacy as a given.

Read More