DATA SECURITY

IBM to Expand Security Portfolio with Plans to Acquire ReaQta

IBM | November 03, 2021

IBM Security today announced an expansion of its cybersecurity threat detection and response capabilities with its plans to acquire ReaQta. ReaQta's endpoint security solutions are designed to leverage AI to automatically identify and manage threats, while remaining undetectable to adversaries. This move will expand IBM's capabilities in the extended detection and response (XDR) market, aligning with IBM's strategy to deliver security with an open approach that extends across disparate tools, data and hybrid cloud environments.

As part of today's announcement, IBM also detailed a new suite of XDR offerings under the QRadar brand. IBM QRadar XDR helps security analysts break down the silos between the proliferation of point products in the industry – providing comprehensive visibility across security tools and data sources, whether in the cloud or on-premises, and equipping security teams with the insights and automation they need to act quickly. Upon closing, ReaQta's offerings will become part of this portfolio, adding expanded native XDR capabilities to IBM's security portfolio aimed at helping clients adopt continuous monitoring and rapid response as part of a zero trust approach.

Companies today are struggling to secure increasingly dispersed IT environments, with the proliferation of devices, users, and technologies spreading across clouds and on-premises infrastructure. As a result, security events are becoming more difficult and costly to detect and contain, with data breaches costing over $4 million per incident and taking an average of 212 days to identify, according to the 2021 Cost of a Data Breach Report from IBM and Ponemon Institute.

"Complexity has created a cloak that attackers are operating under, furthering their ability to circumvent defenders,The future of security is open, using technologies that can connect the security insights that are buried across disparate tools and advanced AI to identify and automatically respond to threats more quickly across their entire infrastructure, from endpoint to cloud. With our expanded capabilities via QRadar XDR and the planned addition of ReaQta, IBM is helping clients get ahead of attackers with the first XDR solution that reduces vendor lock-in via the use of open standards."

Mary O'Brien, General Manager, IBM Security

IBM Announces Intent to Acquire ReaQta
IBM's planned acquisition of ReaQta further differentiates the company's portfolio of connected, open security tools to unify and speed response to security threats. ReaQta, whose primary business office is located in the Netherlands with headquarters in Singapore, will join the IBM Security business unit upon closing. ReaQta was built by an elite group of cybersecurity experts and researchers with AI and machine learning expertise and extensive backgrounds in security operations. Financial terms were not disclosed.  The transaction is expected to close later this year, subject to customary closing conditions and required regulatory reviews.

ReaQta's behavioral-based platform helps stop known and unknown threats in real-time and can be deployed in a hybrid model – on premise or in the cloud as well as air gapped environments. Through deep learning done natively on the endpoint the platform constantly improves on defining threat behavior tailored to each business per endpoint, allowing it to block any abnormal behavior. ReaQta's platform also leverages a unique 'Nano OS' that monitors the operating systems from the outside, helping to prevent interference by adversaries.

"Our mission at ReaQta has been to better equip the defenders, who are tirelessly striving to stay ahead of cyber threats, with advanced technology to quickly identify and block new attacks," said Alberto Pelliccione, CEO at ReaQta. "Joining forces with IBM will enable us to enhance and scale our unique AI capabilities across all types of environments via a proven platform for threat detection and response."

QRadar XDR Suite: Open, Connected Approach to XDR
An evolution of the IBM QRadar security intelligence portfolio, IBM QRadar XDR is a suite of security software built on IBM's open, cloud-native security platform, Cloud Pak for Security. IBM QRadar XDR spans the core foundational capabilities of threat detection, investigation, and response to help organizations modernize their existing IT and security infrastructure.

IBM is implementing an open connected approach to XDR, leveraging its commitment to open security and the Open Cybersecurity Alliance, as well as alliances and integrations with 200 plus cloud and security vendors, creating the industry's largest XDR ecosystem. The QRadar XDR suite also includes IBM native security technologies that customers can choose to leverage for Security Information and Event Management (SIEM), Network Detection and Response (NDR), and Security Orchestration Automation and Response (SOAR).

Now with the addition of ReaQta, the QRadar XDR suite will also include an option for Endpoint Detection and Response (EDR), allowing IBM to provide native capabilities for all core XDR functions, while also providing clients the option to leverage existing investments and third-party tools across IBM's broad partner ecosystem. IBM QRadar XDR will also be designed to deliver more accurate alerts while helping reduce manual processes via pre-built detection and response automations.

IBM QRadar XDR is also designed to be deployed by managed security service providers, including IBM and others.

Connecting Existing Investments
Building further on IBM's open approach to XDR, the company also introduced XDR Connect, which helps companies connect and automate threat detection and response across existing toolsets. Part of the QRadar XDR suite, XDR Connect provides a unified streamlined workflow for alert triage, investigation and threat hunting, automated root cause analysis, and response, by connecting to organizations' existing tools or IBM's own XDR technologies.

XDR Connect offers a centralized management of security incidents with pre-defined detection and response rules via more than 30 open source, pre-built integrations, and data connectors. It also provides access to the latest threat intelligence insights and data from IBM and third parties. This unique approach allows companies to better capitalize on existing security investments, modernize with new security tools and data sources, and simplify their overall security operations with unified, AI-driven workflows designed for faster, streamlined response.

About ReaQta
ReaQta is a top-tiered AI Autonomous Detection & Response platform, built by an elite group of cyber security experts and AI/ML researchers. Built with advanced automated threat-hunting features, ReaQta allows organizations to eliminate the most advanced threats in real-time. As experts in AI and behavioral analysis, ReaQta's proprietary dual-AI engines provide organizations across all industries with autonomous, real-time and fully customizable endpoint security, minus the complexity. As a result of automation coupled with intuitive design, ReaQta's customers and partners benefit from performance improvements and are now able to manage and secure more endpoints without the need for highly skilled staff.

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.

Spotlight

Many companies’ focus on cybersecurity is increasing as they embrace digitalization and the Internet of Things (IoT). Organizations, irrespective of size and industry, are constantly under attack, and regulatory authorities are strengthening laws to protect data. As more and more behemoths like Facebook face data leakage incidents, companies, regulators and the public alike are paying more attention to data protection and privacy issues. As all this is happening, internal risks are also increasing because of factors including the rise of shadow IT, a lack of employee education about information security, and increasingly sophisticated attacks. Many successful breaches, especially Trojan and phishing attacks, are caused by users’ thoughtless behavior.

Spotlight

Many companies’ focus on cybersecurity is increasing as they embrace digitalization and the Internet of Things (IoT). Organizations, irrespective of size and industry, are constantly under attack, and regulatory authorities are strengthening laws to protect data. As more and more behemoths like Facebook face data leakage incidents, companies, regulators and the public alike are paying more attention to data protection and privacy issues. As all this is happening, internal risks are also increasing because of factors including the rise of shadow IT, a lack of employee education about information security, and increasingly sophisticated attacks. Many successful breaches, especially Trojan and phishing attacks, are caused by users’ thoughtless behavior.

Related News

SOFTWARE SECURITY

BlueVoyant Recognized as the 2022 Microsoft U.S. Security Partner of the Year Winner

BlueVoyant | July 05, 2022

BlueVoyant, a rock-solid cyber defense platform company converging internal and external security, today announced it has won the 2022 Microsoft Security U.S. (MSUS) Partner of the Year award. The Microsoft Partner of the Year Awards recognize Microsoft partners who have developed and delivered outstanding Microsoft-based applications, services, and devices during the past year. The MSUS Partner Awards were created to supplement Microsoft's Partner of the Year program, both of which recognize outstanding work by Microsoft partners. The MSUS awards highlight US-specific partner impact. "BlueVoyant and Microsoft both recognize that cybersecurity is a team sport. "BlueVoyant has developed enablement technologies and scalable services to help customers maximize their Microsoft Security investments — bringing together the very best of both companies to drive the outcomes our customers demand. We are honored that Microsoft named BlueVoyant its prestigious U.S. Security Partner of the Year, among other recent accolades. We look forward to continuing to work closely with Microsoft to deliver the very best in cybersecurity to our joint customers." Milan Patel, global head of managed security services (MSS) at BlueVoyant The MSUS Partner of the Year Award recognizes BlueVoyant's commitment and trust that stands behind the company's cloud-native and outcomes-based platform, BlueVoyant Elements™. The platform helps companies across a variety of industries improve their cyber defense posture. Elements not only continuously monitors for problems, but also takes action against any vulnerabilities, risks, or threats, usually in a matter of minutes. The platform is based on three key pillars that help give clients the advantage over attackers — technology, telemetry, and talent. BlueVoyant has more than 700 customers, and 650 employees across five continents, with a proven track record of sustained high growth. The U.S. Security Partner of the Year award is the latest in a long list of accolades BlueVoyant has won from Microsoft. In 2021, BlueVoyant was named a Microsoft Security 20/20 Partner Awards Winner for Top MDR (Managed Detection and Response) Team. BlueVoyant was a 2022 finalist in the Microsoft Security Excellence Awards for Security MSSP (Managed Security Service Provider) of the Year. In addition, the company is a finalist for the Microsoft Canada 2022 Impact Awards in two categories — Healthcare Impact Award and Security Impact Award. BlueVoyant was also named as one of Microsoft's top 150 managed security partners. In May, BlueVoyant announced that the company was a key design partner for Microsoft's three new security services, including Microsoft Security Experts for hunting, a proactive threat hunting expert service; Microsoft Security Experts for XDR, a new hunting service that extends beyond endpoint hunting; and Microsoft Enterprise Security Services for customers looking for more tailored, hands-on help with security posture management, modernization and proactive hunting. About BlueVoyant BlueVoyant converges internal and external cyber defense capabilities into an outcomes-based, cloud-native platform called BlueVoyant Elements™. Elements continuously monitors your network, endpoints, attack surface, and supply chain as well as the open, deep, and dark web for vulnerabilities, risks, and threats; and takes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independent solutions or together as a full-spectrum cyber defense platform. BlueVoyant's approach to cyber defense revolves around three key pillars — technology, telemetry, and talent — that deliver rock-solid cyber defense capabilities to more than 700 customers across the globe.

Read More

PLATFORM SECURITY

Splashtop and Acronis Integrate and Bring Scalable Remote Support to Acronis’ Cyber Protect Cloud Solution

Splashtop, Acronis | July 06, 2022

Managed Service Providers (MSPs) using Acronis for endpoint protection management can now initiate Splashtop remote control sessions directly from within the console to provide faster, reliable support for client workloads. CUPERTINO, Calif. and MIAMI, FL, July 6, 2022 — Splashtop and Acronis today announced a partnership that integrates solutions for secure remote access and support with Acronis Cyber Protect Cloud, an all-in-one data and cybersecurity protection platform. This integration alleviates downtime by enabling MSP technicians to access and take control of computers to troubleshoot and resolve issues directly from the Acronis Cyber Protect Cloud console – resulting in increased customer satisfaction and decreased costs. Acronis Cyber Protect Cloud unites backup and next-generation, AI-based anti-malware, antivirus, and endpoint protection management in one solution. With Splashtop integrated, service providers can instantly access all their clients’ managed devices directly from the Acronis console, enabling faster remediation of incidents, reliable support, and increased efficiency by providing instant access to endpoints. Now, not only are client workloads protected with a world-class integrated solution, but they can be easily and immediately accessed in case of an incident. Service providers can deliver on-demand help desk support to any end user computer or mobile device remotely using Splashtop, regardless of device type or operating system. They can also enable their end users to remotely access their work computers, all from a centralized platform. “No business is safe in the current cyberthreat landscape, and they are looking to Managed Service Providers who specialize in cyber protection services,” said Acronis Vice President and General Manager, Americas, Pat Hurley. “Acronis provides the air-tight protection MSPs need, while Splashtop’s intuitive interface allows issues to be resolved without delay, reducing costs associated with downtime.” Managed Service Providers can execute service requests faster, exceed SLAs and increase overall customer satisfaction by enabling this free-of-charge integration with Splashtop. Client workloads are protected with a world-class cyber protection solution that is easily accessible in the event of an incident. Users enjoy: Quick onboarding: The Acronis-Splashtop integration enables users to initiate immediate, one-click access to all managed workloads. Easy remote desktop access for managed devices: Support distributed teams and devices with ease, whether employees are working from home, from the office, or on the go. Native features during remote sessions: Take advantage of Splashtop’s high performance features, including file transfer, remote reboot, share technician desktop, chat and more. The synergy between Acronis Cyber Protect Cloud and Splashtop allows service providers to deliver superior remote support — silently, seamlessly and on time — through a reliable, direct connection. “Security is the backbone of everything we do at Splashtop, so we are proud to partner with such a trusted and proven cyber protection platform,” said Thomas Deng, Co-Founder and SVP of Product Management at Splashtop. “Acronis leaves no stone unturned when it comes to the protections and support it offers service providers and their clients.” 200,000 businesses and 30 million end users around the world securely use Splashtop, including large banks, sports & entertainment companies, educational institutions, healthcare organizations and government agencies. To learn more about the Acronis Splashtop integration, visit solutions.acronis.com/splashtop and Splashtop.com/integrations/acronis. About Splashtop Splashtop is a leader in secure remote access and support. Its solutions for flexible work, learning and IT support deliver an ‘in-person experience’ that is as fast, simple and secure as being in front of an on-site machine. Splashtop delivers high performance with 4k quality at 60fps; advanced security features and compliance; one application for access and support for all devices and operating systems; and instant global support with direct access to an expert. More than 30 million users, including those in 85% of Fortune 500 enterprises, enjoy Splashtop products globally. Splashtop.com About Acronis Acronis unifies data protection and cybersecurity to deliver integrated, automated cyber protection that solves the safety, accessibility, privacy, authenticity, and security (SAPAS) challenges of the modern digital world. With flexible deployment models that fit the demands of service providers and IT professionals, Acronis provides superior cyber protection for data, applications, and systems with innovative next-generation antivirus, backup, disaster recovery, and endpoint protection management solutions powered by AI. With advanced anti-malware powered by cutting-edge machine intelligence and blockchain based data authentication technologies, Acronis protects any environment – from cloud to hybrid to on premises – at a low and predictable cost. Founded in Singapore in 2003 and incorporated in Switzerland in 2008, Acronis now has more than 2,000 employees and offices in 34 locations worldwide. Its solutions are trusted by more than 5.5 million home users and 500,000 companies, and top-tier professional sports teams. Acronis products are available through over 50,000 partners and service providers in over 150 countries and 26 languages.

Read More

DATA SECURITY,NETWORK THREAT DETECTION,PLATFORM SECURITY

NetSPI Launches Partner Program to Broaden Delivery of Offensive Security Services

NetSPI | August 18, 2022

NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the launch of the NetSPI Partner Program which empowers its global channel and technology partners to deliver offensive security services during a time when it's needed most. Partners within the program can offer end users NetSPI's proven vulnerability management technologies and human-delivered offensive security services, allowing both the partner and NetSPI to expand product and service offerings, further develop customer relationships, and enter new markets. Additionally, last month NetSPI joined the AWS Marketplace, simplifying the procurement process for enterprise organizations with existing AWS relationships by allowing them to purchase NetSPI's offerings directly via the marketplace. The program is led by NetSPI's Vice President of Business Development and Strategic Alliances, Lauren Gimmillaro. Gimmillaro has a track record of launching four successful partner programs, consisting of working with channel, referral, reseller, and technology partners. "As today's global attack surface evolves and cybercriminals become more sophisticated in nature, it's critical to provide end users with the tools, services, and skill sets they need to take an offensive approach to security," said Gimmillaro. "Centered around our customer-first approach, the NetSPI Partner Program will allow our team to extend our world-class pentesting capabilities to a variety of diverse and trusted partners, strengthening organizations' cyber security efforts across the globe." The NetSPI Partner Program encompasses the following partnership types: Channel Partners: NetSPI provides its full suite of security services and products through a global channel network of referral and reseller partners. To meet partners' requirements, the programs include a tier-based model consisting of referral fees, preferred client pricing, and reseller discounts. Technology Partners: Security and third-party software companies help build meaningful integrations with NetSPI to improve overall customer experiences. For both, NetSPI offers technical and sales support to help partners achieve their business and go-to-market goals. "Through the NetSPI Partner Program, SecureLink has been able to provide enterprises in the Middle East and Africa region access to NetSPI's continuous and scalable suite of offensive security solutions. "With NetSPI, we are proud to offer unmatched sophistication, methodology, and value to our global customer base." Manish Pardeshi, director of cybersecurity practices at SecureLink "Apiiro is proud to be part of the NetSPI Partner Program. The partnership has provided our customers with next-gen, context aware pentesting capabilities and NetSPI customers with our ability to detect and fix critical risks in cloud-native applications," said John Leon, vice president of business development at Apiiro. "Being a member of the NetSPI Partner Program allows us to achieve our sales goals while providing mutual customers with industry leading services and expertise." About NetSPI NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world's five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ penetration testing and vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over 1 million assets to find 4 million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Read More