DATA SECURITY

IBM to Expand Security Portfolio with Plans to Acquire ReaQta

IBM | November 03, 2021

IBM Security today announced an expansion of its cybersecurity threat detection and response capabilities with its plans to acquire ReaQta. ReaQta's endpoint security solutions are designed to leverage AI to automatically identify and manage threats, while remaining undetectable to adversaries. This move will expand IBM's capabilities in the extended detection and response (XDR) market, aligning with IBM's strategy to deliver security with an open approach that extends across disparate tools, data and hybrid cloud environments.

As part of today's announcement, IBM also detailed a new suite of XDR offerings under the QRadar brand. IBM QRadar XDR helps security analysts break down the silos between the proliferation of point products in the industry – providing comprehensive visibility across security tools and data sources, whether in the cloud or on-premises, and equipping security teams with the insights and automation they need to act quickly. Upon closing, ReaQta's offerings will become part of this portfolio, adding expanded native XDR capabilities to IBM's security portfolio aimed at helping clients adopt continuous monitoring and rapid response as part of a zero trust approach.

Companies today are struggling to secure increasingly dispersed IT environments, with the proliferation of devices, users, and technologies spreading across clouds and on-premises infrastructure. As a result, security events are becoming more difficult and costly to detect and contain, with data breaches costing over $4 million per incident and taking an average of 212 days to identify, according to the 2021 Cost of a Data Breach Report from IBM and Ponemon Institute.

"Complexity has created a cloak that attackers are operating under, furthering their ability to circumvent defenders,The future of security is open, using technologies that can connect the security insights that are buried across disparate tools and advanced AI to identify and automatically respond to threats more quickly across their entire infrastructure, from endpoint to cloud. With our expanded capabilities via QRadar XDR and the planned addition of ReaQta, IBM is helping clients get ahead of attackers with the first XDR solution that reduces vendor lock-in via the use of open standards."

Mary O'Brien, General Manager, IBM Security

IBM Announces Intent to Acquire ReaQta
IBM's planned acquisition of ReaQta further differentiates the company's portfolio of connected, open security tools to unify and speed response to security threats. ReaQta, whose primary business office is located in the Netherlands with headquarters in Singapore, will join the IBM Security business unit upon closing. ReaQta was built by an elite group of cybersecurity experts and researchers with AI and machine learning expertise and extensive backgrounds in security operations. Financial terms were not disclosed.  The transaction is expected to close later this year, subject to customary closing conditions and required regulatory reviews.

ReaQta's behavioral-based platform helps stop known and unknown threats in real-time and can be deployed in a hybrid model – on premise or in the cloud as well as air gapped environments. Through deep learning done natively on the endpoint the platform constantly improves on defining threat behavior tailored to each business per endpoint, allowing it to block any abnormal behavior. ReaQta's platform also leverages a unique 'Nano OS' that monitors the operating systems from the outside, helping to prevent interference by adversaries.

"Our mission at ReaQta has been to better equip the defenders, who are tirelessly striving to stay ahead of cyber threats, with advanced technology to quickly identify and block new attacks," said Alberto Pelliccione, CEO at ReaQta. "Joining forces with IBM will enable us to enhance and scale our unique AI capabilities across all types of environments via a proven platform for threat detection and response."

QRadar XDR Suite: Open, Connected Approach to XDR
An evolution of the IBM QRadar security intelligence portfolio, IBM QRadar XDR is a suite of security software built on IBM's open, cloud-native security platform, Cloud Pak for Security. IBM QRadar XDR spans the core foundational capabilities of threat detection, investigation, and response to help organizations modernize their existing IT and security infrastructure.

IBM is implementing an open connected approach to XDR, leveraging its commitment to open security and the Open Cybersecurity Alliance, as well as alliances and integrations with 200 plus cloud and security vendors, creating the industry's largest XDR ecosystem. The QRadar XDR suite also includes IBM native security technologies that customers can choose to leverage for Security Information and Event Management (SIEM), Network Detection and Response (NDR), and Security Orchestration Automation and Response (SOAR).

Now with the addition of ReaQta, the QRadar XDR suite will also include an option for Endpoint Detection and Response (EDR), allowing IBM to provide native capabilities for all core XDR functions, while also providing clients the option to leverage existing investments and third-party tools across IBM's broad partner ecosystem. IBM QRadar XDR will also be designed to deliver more accurate alerts while helping reduce manual processes via pre-built detection and response automations.

IBM QRadar XDR is also designed to be deployed by managed security service providers, including IBM and others.

Connecting Existing Investments
Building further on IBM's open approach to XDR, the company also introduced XDR Connect, which helps companies connect and automate threat detection and response across existing toolsets. Part of the QRadar XDR suite, XDR Connect provides a unified streamlined workflow for alert triage, investigation and threat hunting, automated root cause analysis, and response, by connecting to organizations' existing tools or IBM's own XDR technologies.

XDR Connect offers a centralized management of security incidents with pre-defined detection and response rules via more than 30 open source, pre-built integrations, and data connectors. It also provides access to the latest threat intelligence insights and data from IBM and third parties. This unique approach allows companies to better capitalize on existing security investments, modernize with new security tools and data sources, and simplify their overall security operations with unified, AI-driven workflows designed for faster, streamlined response.

About ReaQta
ReaQta is a top-tiered AI Autonomous Detection & Response platform, built by an elite group of cyber security experts and AI/ML researchers. Built with advanced automated threat-hunting features, ReaQta allows organizations to eliminate the most advanced threats in real-time. As experts in AI and behavioral analysis, ReaQta's proprietary dual-AI engines provide organizations across all industries with autonomous, real-time and fully customizable endpoint security, minus the complexity. As a result of automation coupled with intuitive design, ReaQta's customers and partners benefit from performance improvements and are now able to manage and secure more endpoints without the need for highly skilled staff.

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.

Spotlight

With the introduction of sophisticated threats such as advanced phishing and malware, authentication can become less effective. Authentication methods can be bypassed by fraudsters and traditional risk-based authentication solutions can cause many users to be unnecessarily challenged and disrupted, yet do not manage to reduce fraud. As fraud rises, there is a strong need for fraud tools that can detect account takeover and fraudulent transactions. IBM® Security Trusteer Pinpoint Criminal Detection software offers a next generation approach that helps address the challenges of traditional risk engines.

Spotlight

With the introduction of sophisticated threats such as advanced phishing and malware, authentication can become less effective. Authentication methods can be bypassed by fraudsters and traditional risk-based authentication solutions can cause many users to be unnecessarily challenged and disrupted, yet do not manage to reduce fraud. As fraud rises, there is a strong need for fraud tools that can detect account takeover and fraudulent transactions. IBM® Security Trusteer Pinpoint Criminal Detection software offers a next generation approach that helps address the challenges of traditional risk engines.

Related News

UL Joins ISA Global Cybersecurity Alliance as a Founding Member to Advance Industrial Cybersecurity

prnewswire | October 22, 2020

UL, a leading global safety science company, today announced that it is joining the International Society of Automation (ISA) Global Cybersecurity Alliance (ISAGCA) as a founding member. UL brings more than 125 years of safety and 20 years of cybersecurity experience to help accelerate ISAGCA's mission to advance state-of-the-art cybersecurity for industrial automation and control systems globally. UL's cybersecurity expertise includes a global network of security experts and advisers, industry-leading customer partners, specialized expertise in global security standards, frameworks and best practices, and independent third party experience in cybersecurity evaluation, testing and certification for industry 4.0. UL's broad experience in industrial IoT (IIoT) cybersecurity brings value to the alliance's primary goals of structuring cybersecurity in a globally consistent manner and promoting adoption of the ISA/IEC 62443 series of standards.

Read More

DATA SECURITY

AT&T Cybersecurity Introduces a New Managed Endpoint Security Solution

AT&T Cybersecurity | April 20, 2021

Through its partnership with SentinelOne, AT&T* has introduced a managed endpoint security solution. AT&T Managed Endpoint Security with SentinelOne correlates endpoint threat identification with a single software agent that combines Antivirus, Endpoint Protection, Endpoint Detection and Response, and IoT security functions. The new solution protects endpoints from malware and other cyberattacks while still monitoring increasingly sophisticated vulnerabilities in a corporate network or cloud system. AT&T Managed Endpoint Security with SentinelOne includes threat monitoring and management by AT&T Security Operations Center (SOC) analysts 24 hours a day, seven days a week. Customers will benefit from a single SOC team delivering constant surveillance of separate threat detection stacks for better network visibility and quicker endpoint threat detection when combined with AT&T Managed Threat Detection and Response. Why is this important? Businesses are faced with expanding network perimeters that need security. Endpoint cyberattacks and adversary sophistication are on the rise. As a result, SOC teams can become overburdened with alerts and data that have a little background for identifying problems. This is particularly difficult when tracking endpoints for security and identification in both on-premises and cloud environments. The willingness of SOC teams to view threats holistically from a single agent is critical for reacting to threats effectively and confidently. To do this, threat identification and response on endpoints need to be coordinated and automated by correlated security alerts. AT&T Managed Endpoint Security scales and augments security departments that are understaffed or overburdened. What makes this new cybersecurity solution different? AT&T Managed Endpoint Security with SentinelOne monitors any process that happens on and between each endpoint, using Artificial Intelligence (AI) and Machine Learning on the agent to detect and counteract threats at machine speed. The autonomous agent protects an endpoint even though it is turned off, allowing today's remote workers to function. AT&T, as one of the world's leading Managed Security Services Providers (MSSPs), recognizes that the network edge is continuously shifting and expanding, which can generate security gaps that must be identified with greater visibility. AT&T Managed Endpoint Security with Sentinel One provides the visibility and operates to secure you 24 hours a day, 7 days a week. AT&T SOC analysts have trusted experts who have specialist threat hunting, monitoring, and response capability. To secure your endpoints, AT&T and SentinelOne have combined their systems and enabled coordinated and automatic incident response. Additional integrations between AT&T Alien Labs, SentinelOne, and the AT&T SOC add layers of context for the SOC management team to obtain greater insights that contribute to improved and quicker threat detection and response.

Read More

DATA SECURITY

CyberHat secures $15 million in funding to expand its CYREBRO Enterprise-Level Cybersecurity Protection to Small and Medium-Sized Businesses

CYREBRO | April 22, 2021

CYREBRO, the one-of-a-kind SOC as a stage arrangement by CyberHat declared today it has gotten $15 million in Series B financing, driven by Prytek, with support from InCapital, Mizrahi Bank, and past financial backer, Mangrove. This brings the complete organization subsidizing raised to date to $22M. Upheld by a group of digital specialists, CYREBRO is democratizing admittance to best-of-breed network safety assets, changing how organizations today run their security tasks to rapidly react to and relieve digital dangers. CYREBRO is the principal innovation freethinker cloud-based security tasks focus (SOC) that is spearheading the SOC-as-a-Platform model. CYREBRO applies extensive endeavor level information security to associations against new dangers that have emerged from the distant workplace, including under-resourced private companies that have become ideal objectives for digital assaults. The new subsidies will be utilized to extend CYREBRO's SOC-as-a-Platform to fulfill the detonating need for vigorous, versatile, straightforward, and basic security activities arrangements. Bringing to bear aptitude and conveying bespoke answers for undertakings across businesses, the subsidizing will speed up carry out of its contribution to the little to-medium estimated (SMB) market, separating hindrances to getting to fundamental network protection arrangements beforehand unattainable to the SMB client. Ludicrous year alone more than 47% of independent companies have encountered an information break or digital assault, and these occurrences can cut down a whole organization. CYREBRO empowers organizations to unify online activities of the whole security stack, putting the force of big business grade SOC into the moderateness and adaptability of cloud-based assistance. "CYREBRO is the subsequent stage in the advancement of working network safety and we are pleased to pioneer the SOC as a staged market," clarified Nadav Arbel, CEO of CyberHat. "Getting this round with our new and existing financial backers will empower us to speed up the improvement of CYREBRO and reinforce our range in the SMB market. We have made it our central goal to empower 1st-grade security tasks for associations of any size and any innovation stack, and all things considered, we are exceptionally eager to see the colossal development in CYREBRO customers across the globe." CYREBRO's SOC stage is upheld by a group of cutting-edge digital examiners and measurable agents good to go, 24x7. The stage coordinates with any current security frameworks, devices, and programming, including all cloud-based stages and interior organization gadgets. CYREBRO offers a "turnkey" answer for SOC necessities, including the SIEM innovation (whenever required), danger chasing, danger insight, full-level investigators, analytical capacities, and a top notch IR accessible as needs are. Many universally settled organizations have effectively picked CYREBRO as their digital tasks stage to safeguard against information penetrates and assaults. This incorporates SMBs just as a basic foundation and enterprises like clubs, worldwide retailers, banks, insurance agencies, and other Fortune 500 organizations. Presently every SMB will approach these equivalent undertaking apparatuses and digital assurance assets. "Prytek bunch, through our corporate endeavor arm, is eager to put resources into CyberHat. Cyberhat's answer will provide for our oversaw administrations to arm extra SOC capacities per request," said Arnon Shiboleth, Prytek Co-CEO. "We anticipate cooperating with the group as they keep on growing the innovation into new business sectors to satisfy the worldwide need." About CYREBRO CYREBRO was established in 2013 by CyberHat to help organizations take digital security to new and exceptional statures. Today, our central goal is to change network safety tasks by putting the force of an undeniable Security Operations Center (SOC) in the possession of any client in any association. Our group of head network protection specialists has built up the business' first on the web, innovation freethinker SOC-as-a-Platform. From vital observing to proactive danger chasing, sped up episode reaction, and upgraded consistency, we cover the full extent of safety needs. About Prytek Prytek imagined a news idea of a Business Operating Platform as a Service permitting banks to rethink whole activities. Prytek works in training, monetary help, digital and HR areas.

Read More