DATA SECURITY

IBM to Expand Security Portfolio with Plans to Acquire ReaQta

IBM | November 03, 2021

IBM Security today announced an expansion of its cybersecurity threat detection and response capabilities with its plans to acquire ReaQta. ReaQta's endpoint security solutions are designed to leverage AI to automatically identify and manage threats, while remaining undetectable to adversaries. This move will expand IBM's capabilities in the extended detection and response (XDR) market, aligning with IBM's strategy to deliver security with an open approach that extends across disparate tools, data and hybrid cloud environments.

As part of today's announcement, IBM also detailed a new suite of XDR offerings under the QRadar brand. IBM QRadar XDR helps security analysts break down the silos between the proliferation of point products in the industry – providing comprehensive visibility across security tools and data sources, whether in the cloud or on-premises, and equipping security teams with the insights and automation they need to act quickly. Upon closing, ReaQta's offerings will become part of this portfolio, adding expanded native XDR capabilities to IBM's security portfolio aimed at helping clients adopt continuous monitoring and rapid response as part of a zero trust approach.

Companies today are struggling to secure increasingly dispersed IT environments, with the proliferation of devices, users, and technologies spreading across clouds and on-premises infrastructure. As a result, security events are becoming more difficult and costly to detect and contain, with data breaches costing over $4 million per incident and taking an average of 212 days to identify, according to the 2021 Cost of a Data Breach Report from IBM and Ponemon Institute.

"Complexity has created a cloak that attackers are operating under, furthering their ability to circumvent defenders,The future of security is open, using technologies that can connect the security insights that are buried across disparate tools and advanced AI to identify and automatically respond to threats more quickly across their entire infrastructure, from endpoint to cloud. With our expanded capabilities via QRadar XDR and the planned addition of ReaQta, IBM is helping clients get ahead of attackers with the first XDR solution that reduces vendor lock-in via the use of open standards."

Mary O'Brien, General Manager, IBM Security

IBM Announces Intent to Acquire ReaQta
IBM's planned acquisition of ReaQta further differentiates the company's portfolio of connected, open security tools to unify and speed response to security threats. ReaQta, whose primary business office is located in the Netherlands with headquarters in Singapore, will join the IBM Security business unit upon closing. ReaQta was built by an elite group of cybersecurity experts and researchers with AI and machine learning expertise and extensive backgrounds in security operations. Financial terms were not disclosed.  The transaction is expected to close later this year, subject to customary closing conditions and required regulatory reviews.

ReaQta's behavioral-based platform helps stop known and unknown threats in real-time and can be deployed in a hybrid model – on premise or in the cloud as well as air gapped environments. Through deep learning done natively on the endpoint the platform constantly improves on defining threat behavior tailored to each business per endpoint, allowing it to block any abnormal behavior. ReaQta's platform also leverages a unique 'Nano OS' that monitors the operating systems from the outside, helping to prevent interference by adversaries.

"Our mission at ReaQta has been to better equip the defenders, who are tirelessly striving to stay ahead of cyber threats, with advanced technology to quickly identify and block new attacks," said Alberto Pelliccione, CEO at ReaQta. "Joining forces with IBM will enable us to enhance and scale our unique AI capabilities across all types of environments via a proven platform for threat detection and response."

QRadar XDR Suite: Open, Connected Approach to XDR
An evolution of the IBM QRadar security intelligence portfolio, IBM QRadar XDR is a suite of security software built on IBM's open, cloud-native security platform, Cloud Pak for Security. IBM QRadar XDR spans the core foundational capabilities of threat detection, investigation, and response to help organizations modernize their existing IT and security infrastructure.

IBM is implementing an open connected approach to XDR, leveraging its commitment to open security and the Open Cybersecurity Alliance, as well as alliances and integrations with 200 plus cloud and security vendors, creating the industry's largest XDR ecosystem. The QRadar XDR suite also includes IBM native security technologies that customers can choose to leverage for Security Information and Event Management (SIEM), Network Detection and Response (NDR), and Security Orchestration Automation and Response (SOAR).

Now with the addition of ReaQta, the QRadar XDR suite will also include an option for Endpoint Detection and Response (EDR), allowing IBM to provide native capabilities for all core XDR functions, while also providing clients the option to leverage existing investments and third-party tools across IBM's broad partner ecosystem. IBM QRadar XDR will also be designed to deliver more accurate alerts while helping reduce manual processes via pre-built detection and response automations.

IBM QRadar XDR is also designed to be deployed by managed security service providers, including IBM and others.

Connecting Existing Investments
Building further on IBM's open approach to XDR, the company also introduced XDR Connect, which helps companies connect and automate threat detection and response across existing toolsets. Part of the QRadar XDR suite, XDR Connect provides a unified streamlined workflow for alert triage, investigation and threat hunting, automated root cause analysis, and response, by connecting to organizations' existing tools or IBM's own XDR technologies.

XDR Connect offers a centralized management of security incidents with pre-defined detection and response rules via more than 30 open source, pre-built integrations, and data connectors. It also provides access to the latest threat intelligence insights and data from IBM and third parties. This unique approach allows companies to better capitalize on existing security investments, modernize with new security tools and data sources, and simplify their overall security operations with unified, AI-driven workflows designed for faster, streamlined response.

About ReaQta
ReaQta is a top-tiered AI Autonomous Detection & Response platform, built by an elite group of cyber security experts and AI/ML researchers. Built with advanced automated threat-hunting features, ReaQta allows organizations to eliminate the most advanced threats in real-time. As experts in AI and behavioral analysis, ReaQta's proprietary dual-AI engines provide organizations across all industries with autonomous, real-time and fully customizable endpoint security, minus the complexity. As a result of automation coupled with intuitive design, ReaQta's customers and partners benefit from performance improvements and are now able to manage and secure more endpoints without the need for highly skilled staff.

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.

Spotlight

Today’s digitally transformed organizations handle vast volumes of data that is at perpetual risk for loss and leakage, either intentionally through data breaches or unintentionally through employee errors. With cybercrime damages expected to reach $10.5 trillion annually by 2025, 1 organizations must protect their threat surface holistically.

Spotlight

Today’s digitally transformed organizations handle vast volumes of data that is at perpetual risk for loss and leakage, either intentionally through data breaches or unintentionally through employee errors. With cybercrime damages expected to reach $10.5 trillion annually by 2025, 1 organizations must protect their threat surface holistically.

Related News

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

BlueVoyant Research Reveals Defending Digital Supply Chains Remains a Business Challenge

BlueVoyant | November 14, 2022

BlueVoyant, an industry-leading cyber defense company that combines internal and external cybersecurity, today released the findings of its third annual global survey into supply chain cyber risk management. The study reveals that 98% of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain. This is up slightly from 97% of respondents last year. Digital supply chains are made of the external vendors and suppliers who have network access that could be compromised. "The survey shows that supply chain cybersecurity risk has not decreased and, in fact, more enterprises than ever have reported being negatively impacted by a cybersecurity disturbance in their supply chain," said Adam Bixler, BlueVoyant's global head of supply chain defense. "The good news is that across industries and regions, organizations are making supply chain defense a priority, but these organizations need to better monitor suppliers and work with them to remediate issues to reduce their supply chain risk." Other key survey findings include: 40% of respondents rely on the third-party vendor or supplier to ensure adequate security. In 2021, 53% of companies said they audited or reported on supplier security more than twice per year; that number has improved to 67% in 2022. These numbers include enterprises monitoring in real time. Budgets from supply chain defense are increasing, with 84% of respondents saying their budget has increased in the past 12 months. The top pain points reported are internal understanding across the enterprise that suppliers are part of their cybersecurity posture, meeting regulatory requirements, and working with suppliers to improve their security. "While supply chain defense is a challenge, there are solutions for enterprises to better defend against this risk," said James Rosenthal, BlueVoyant's CEO and co-founder. "Enterprises should continuously monitor their supply chain to be able to quickly remediate threats. As companies are being negatively impacted by supply chain disturbances, they must prioritize this risk with the appropriate budget." The study was conducted by independent research organization, Opinion Matters, and recorded the views and experiences of 2,100 chief technology officers (CTOs), chief security officers (CSOs), chief operating officers (COOs), chief information officers (CIOs), chief info security officers (CISOs), and chief procurement officers (CPOs) responsible for supply chain and cyber risk management in organizations with more than 1,000 employees across a range of industries. These include: business services, financial services, healthcare and pharmaceutical, manufacturing, utilities and energy, and defense. It covered 11 countries: U.S., Canada, Germany, Austria, Switzerland, France, the Netherlands, the United Kingdom, Australia, the Philippines, and Singapore. The 2021 research was also conducted by Opinion Matters and recorded the views and experiences of 1,200 CTOs/CSOs/COOs/CIOs/CISOs/CPOs in similar enterprises and the same industries. It covered six countries: U.S., Canada, Germany, the Netherlands, the U.K., and Singapore. Analysis of the responses from different commercial sectors revealed considerable variations in their experiences of supply chain risk: While healthcare and pharmaceutical was the third-highest vertical in terms of experiencing greater board scrutiny for supply chain risk at 42%, the sector also indicates the lowest likelihood to increase budget for external resources to bolster supply chain cybersecurity, by a margin of 7% below the next closest vertical. This sector is also the least likely of any vertical (34%) to have no way of knowing if an issue arises with a third party's environment. The energy sector was most likely to report negative impact from at least one supply chain breach in the last year (99%) but 49% are monitoring supply chain cyber risk regularly or in real time, and 44% are updating senior leadership monthly or more frequently. In addition, energy companies say they are increasing their budget for supply chain cyber risk by an average of 60%. In manufacturing, 64% of respondents say that supply chain cyber risk is on their radar and 44% say they have established an integrated enterprise risk management program. About BlueVoyant BlueVoyant combines internal and external cyber defense capabilities into an outcomes-based platform called BlueVoyant Elements™. Elements is cloud-native and continuously monitors your network, endpoints, attack surface, and supply chain plus the clear, deep, and dark web for vulnerabilities, risks, and threats; and takes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independent solutions or together as a full-spectrum cyber defense platform. BlueVoyant's approach to cyber defense revolves around three key pillars — technology, telemetry, and talent — that deliver industry-leading cybersecurity to more than 700 clients across the globe.

Read More

INFOSEC PROJECT MANAGEMENT,PLATFORM SECURITY,SOFTWARE SECURITY

NowSecure Unveils Its Latest Offering, Mobile Pen Testing-as-a-Service (PTaaS)

NowSecure | January 03, 2023

NowSecure, the leader in standards-based mobile app security and privacy software, announced the introduction of its latest solution, NowSecure Mobile Pen Testing as a Service (PTaaS), which will bridge the gap between manual and automated mobile security assessments for continuous security. NowSecure PTaaS is designed to provide mobile developers and security teams with a more cost-effective and efficient pen testing solution. The solution combines periodic expert manual assessments with continuous automated testing to optimize comprehensive coverage at a higher frequency. With this combination, the all-inclusive portal and service can instantly discover concerns early in the developer pipeline, provide consulting help to repair security issues promptly, and accelerate the release of high-quality software into production. As organizations struggle with tightening budgets in conjunction with an increased threat of mobile cyber assaults, there is an industry demand for a cost-effective, higher-coverage, higher-frequency, mobile AppSec testing solution. "According to Coalfire and NowSecure's 4th Annual Penetration Risk Report, 99% of mobile applications pose security or privacy threats." By integrating NowSecure's latest offering, Mobile PTaaS, CISOs and security leaders can optimize their budget for penetration testing while prioritizing continuous, comprehensive security testing. The NowSecure Mobile PTaaS cloud-based platform, built on tens of thousands of pen tests and over 12 years of mobile application security experience, provides a comprehensive set of automatic, continuous, and manual assessments, including: Expert pen testing periodically depending on the specific demand and timeline On-demand and continuous security testing is built into the CD/CI and dev toolchains Automatic ticket generation with incorporated remedial resources Consultation with an experienced pen tester on remediation Optional industry standard(s) certifications and validations All-in-one SAST, IAST, DAST, APISec, and SBOM Simple-to-use dedicated SaaS platform About NowSecure A Chicago-based mobile security company, NowSecure safeguards the worldwide mobile app economy as the leading authority in standards-based mobile application privacy and security automation. The company is trusted by the most demanding enterprises for its comprehensive security testing solution package for DevSecOps, mobile app supply-chain monitoring, Pen Testing as a Service (PTaaS), professional mobile pen testing, and training courseware. NowSecure actively contributes to and supports the open-source mobile security community, industry standards, and certifications such as ADA MASA, OWASP MASVS, NIAP, ioXt, and others. The firm is SOC 2-certified and has been recognized by Gartner, IDC, TAG Cyber, and Deloitte Fast 500.

Read More