DATA SECURITY, ENTERPRISE IDENTITY

Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface

Illumio | September 29, 2022 | Read time : 03:00 min

Illumio Introduces New Solution to Stop Endpoint Ransomware
Illumio, Inc., the Zero Trust Segmentation company, today announced Illumio Endpoint®, a reimagined way to prevent breaches from spreading to clouds and data centers from laptops. Hybrid work has expanded the attack surface, introducing new threats and making organizations more vulnerable, so it’s become increasingly important for employees to have secure access to applications and data wherever they are located. Unlike other Zero Trust Segmentation solutions, Illumio Endpoint lets your policy follow your teams’ laptops wherever they work, whether at home, in the office, or at a coffee shop. With Illumio Endpoint, the first device that gets infected will also be the last.

Organizations are more interconnected and vulnerable in hybrid workplaces, and the attack surface is growing increasingly complex. Additionally, attacks on hybrid work environments are more expensive, costing an average of about $600K more than the global average. Even with endpoint detection and response tools in place, endpoints still get breached – according to ESG, 76 percent of organizations experienced a ransomware attack in the past two years alone.

Illumio Endpoint includes:

Extended visibility and segmentation policy controls for macOS and Windows devices, allowing organizations to see risk and stop attacks from spreading from laptops, workstations, and VDIs.
A single, unified console to see and manage visibility and segmentation policy across endpoints, clouds, and data centers, making Zero Trust Segmentation easier, faster, and more efficient for security teams.
Work from anywhere support with segmentation policy that follows the device, so organizations have the confidence that their networks are secure, and their employees can remain productive while working from anywhere.
The ability to control application access so users can only reach the necessary applications from their device, not the entire data center and cloud, minimizing the organization's risk from vulnerable or compromised endpoints.

"Before Illumio, we had only a slim idea of what kind of communications were running across our network. But with Illumio, we clearly see exactly what's connecting to individual endpoints.

David Ault, VP of Information Security at Telhio Credit Union

“The hybrid workforce is here to stay, which exposes organizations to a more complex attack surface and more risk, particularly on the endpoint,” said Mario Espinoza, Chief Product Officer at Illumio. “It’s important to have tools that can detect and respond to an identified breach, but unidentified attacks can spread throughout the organization to access critical data and assets when Zero Trust Segmentation is not in place to proactively contain the breach. With Illumio Endpoint, security leaders will gain the comprehensive protection needed to build resilience to attacks throughout their hybrid IT and as employees work from anywhere.”

“Ransomware and other cyberattacks often involve end user devices somewhere in the attack chain, moving laterally on to other higher-value assets,” said Dave Gruber, Principal Analyst, ESG. “Because attackers continue to find ways in and move laterally fast, prevention, detection and response mechanisms can fall short stopping these fast-moving attacks. Containment strategies such as Zero Trust Segmentation across endpoint devices can proactively stop ransomware and other fast-moving attacks from spreading to critical infrastructure and assets, reducing risk.”

About Illumio
Illumio, the Zero Trust Segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.

Spotlight

This checklist of best practices will save you time and help you understand what to look for when selecting a WAS solution, whether you have a handful of apps or thousands.

Spotlight

This checklist of best practices will save you time and help you understand what to look for when selecting a WAS solution, whether you have a handful of apps or thousands.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

BlueVoyant Recognized with Microsoft Verified Managed XDR Solution Status

BlueVoyant | October 21, 2022

BlueVoyant, an industry-leading cyber defense company that combines internal and external cybersecurity, today announced it has achieved Microsoft verified Managed Extended Detection and Response (MXDR) solution status. By achieving this status, BlueVoyant has proven its robust MXDR services, which include a Security Operations Center (SOC) with 24x7 year-round proactive hunting, monitoring, and response capabilities, are all built on tight integrations with the Microsoft Security platform. This solution combines expert-trained technology with human-led services and has been verified by Microsoft engineers. "BlueVoyant and Microsoft both recognize that the best cyber defense is advanced technology backed by human-led expertise. "We are honored to be teaming with Microsoft to deliver a Microsoft verified Managed XDR Solution. Earning verified MXDR solution status is among other recent accolades BlueVoyant received from Microsoft. Both companies recognize that cybersecurity is a team sport, and we look forward to continuing to work closely with Microsoft to deliver the very best in cybersecurity to our joint customers." Milan Patel, global head of managed security services (MSS) at BlueVoyant Said Rob Lefferts, corporate vice president, modern protection and SOC, for Microsoft: "With malicious attacks on the rise, we understand security is front and center for our customers. That is why I am excited to congratulate BlueVoyant on achieving Microsoft Verified: Managed Extended Detection and Response solution status. [Its] solution closely integrates with Microsoft 365 Defender and Microsoft Sentinel and has been verified by Microsoft Security engineering to ensure that it provides comprehensive service coverage across the Microsoft Security portfolio." BlueVoyant is a managed security service provider (MSSP) member of the Microsoft Intelligent Security Association (MISA). The company was a finalist in the Microsoft Security Excellence Awards, given by MISA, for Security MSSP of the Year. "The Microsoft Intelligent Security Association is comprised of some of the most reliable and trusted security companies across the globe," said Maria Thomson, Microsoft Intelligent Security Association lead. "Our members share Microsoft's commitment to collaboration within the cybersecurity community to improve our customers' ability to predict, detect, and respond to security threats faster. We're thrilled to recognize and welcome BlueVoyant's MXDR solution to the MISA portfolio." Earning verified MXDR solution status is among a long list of recognition BlueVoyant has received from Microsoft. Earlier this year, BlueVoyant was named the Microsoft Security U.S. Partner of the Year, a finalist in the Microsoft Canada Impact Awards in two categories — Healthcare Impact Award and Security Impact Award — and one of Microsoft's top 150 managed security partners. In 2021, BlueVoyant was named a Microsoft Security 20/20 Partner Awards Winner for Top MDR (Managed Detection and Response) Team. About BlueVoyant BlueVoyant combines internal and external cyber defense capabilities into an outcomes-based platform called BlueVoyant Elements™. Elements is cloud-native and continuously monitors your network, endpoints, attack surface, and supply chain plus the clear, deep, and dark web for vulnerabilities, risks, and threats; and takes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independent solutions or together as a full-spectrum cyber defense platform. BlueVoyant's approach to cyber defense revolves around three key pillars — technology, telemetry, and talent — that deliver industry-leading cybersecurity to more than 700 clients across the globe.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

OpenText partners with MAD Security to improve response time to cyberthreats and shrink the attack surface

OpenText | October 20, 2022

Today, OpenText™ , a global leader in information management with an extensive security solution portfolio, announced a partnership between OpenText Network Detection & Response (NDR) technology and MAD Security. This joint solution from OpenText and MAD Security will empower customers to cut false positive security alerts significantly and protect sensitive government data against advanced cyber threats. MAD Security, a managed security service provider (MSSP) that helps contractors and other small and medium sized enterprises detect potential breaches and prevent attackers from disrupting operations or exfiltrating data, knows firsthand that government contractors are a prime target for cyber-attacks, from phishing and social engineering to malware and ransomware. To strengthen its cybersecurity capabilities, MAD Security decided to augment its offering with NDR capabilities. The aim was to continuously monitor and analyze raw enterprise network traffic, creating a baseline of network behavior that would help analysts hunt down emerging threats faster. "In the past, MAD Security has relied on an anomaly-based intrusion detection system to find indicators of compromise (IOCs). While this approach was effective for analyzing north-south traffic across small networks, it was a challenge to pinpoint IOCs across larger networks with significant volumes of east-west traffic. "If we could reduce the time our analysts spent drilling down into the data, we could accelerate our response and improve cost efficiency—ultimately providing a more competitive service. Working with OpenText, we can now detect and correlate events, investigate the data and notify the client in an average of just 6.5 minutes—less than half of SLA." Jeremy Conway, CEO at MAD Security MAD Security selected OpenText NDR because of the level of visibility it provides. The company can now look beyond individual subsets of endpoint and log data to build up a clear picture of what happened and when during an attack—even if the network traffic is encrypted. MAD Security uses OpenText NDR to make sure remediation efforts are successful, for example, by monitoring for new IOCs during its cleanup effort to detect whether the attacker is changing tactics or switching to an alternate toolset. An end-to-end network security platform, OpenText NDR simplifies network threat detection by combining smart packet capture (Smart PCAP) and rich network metadata generation, delivering a clear view of even the most complex networks. With OpenText NDR, MAD Security can gain insights faster than ever through deep packet inspection, behavioral anomaly detection, IOC matching, and AI-powered analytics. "We are thrilled to be able to count MAD Security among our many incredible customers and are proud to see not just our solutions working for the organization but also be part of its growth and success," said Muhi Majzoub, Executive Vice President and Chief Product Officer at OpenText. "By supporting MAD Security with OpenText NDR, we were able to help the company achieve its growth target while keeping its analyst team lean." About OpenText OpenText, The Information Company™, enables organizations to gain insight through market leading information management solutions, powered by OpenText Cloud Editions.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Netskope Further Improves Risk Visibility on AWS, Strengthening Customers' Security Posture

Netskope | December 01, 2022

Netskope, a global leader in secure access service edge (SASE), is announcing new support of Amazon Web Services (AWS) to further improve visibility of risks and threats on AWS services, resulting in even stronger security postures for customers. Through this work, Netskope will support the launch of AWS Verified Access and Amazon Security Lake to drive innovation for enterprises running on AWS. As the cybersecurity landscape becomes more complex and multifaceted, organizations want to confidently know their data, employees, and resources are safe from potential attacks. Netskope has helped thousands of customers, including more than 25 of the Fortune 100, improve their security posture through integrated zero trust network access (ZTNA), secure web gateway (SWG), cloud access security broker (CASB), cloud security posture management (CSPM), storage scanning with data loss prevention (DLP), cloud firewall, Borderless WAN, and more. By meeting the rigorous standards of supporting the launch of AWS Verified Access and Amazon Security Lake, Netskope and customers can have greater confidence in the company's deep technical expertise on AWS and its proven track record in securing even the most complex cloud journeys. "As organizations search for seamless support and unification of their cloud security services, our work with AWS will help customers achieve even better visibility and protection in a cloud-first, hybrid work environment. "Hybrid work today happens in the office, at home, or on the go, and with this new support of Amazon Security Lake and AWS Verified Access, we'll help customers navigate their cloud security journey by securing data from anywhere, on any device." Andy Horwitz, Vice President, Business Development and Technology Alliances at Netskope Netskope will support Amazon Security Lake and AWS Verified Access by providing visibility and real-time data and threat protection when accessing cloud services, applications, and data. Customers can expect broader and more granular data sharing to expose cloud threats and security gaps, better alert prioritization so security teams can remediate the highest threats first, and a stronger security posture with faster remediation strategies in place. "Netskope and AWS continue to help organizations with security capabilities they need to protect their users and data everywhere," said Chris Grusz, Director, ISV Partner and AWS Marketplace Business Development. "Netskope is a trusted security provider for many cloud-first organizations, and the expanded relationship with AWS will allow customers to better realize the full value of their AWS Security investments." About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More