Home > News > featured news > Immuta Announces the Release of Immuta Detect for Continuous Security Monitoring

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Immuta Announces the Release of Immuta Detect for Continuous Security Monitoring

Immuta | January 20, 2023 | Read time : 02:50 min

Immuta Announces the Release of Immuta Detect for Continuous Security Monitoring

On January 19, 2023, Immuta, a leading data security firm, announced the launch of its latest product, Immuta Detect. Immuta Detect notifies data and security teams about unsafe data access behavior with its continuous data security monitoring capabilities, therby enabling faster and more accurate risk response and improved data security posture management across advanced and modern cloud data platforms.

The product is the new vital component of Immuta's comprehensive Data Security Platform that offers security and access control, data activity monitoring and sensitive data discovery. The platform uniquely integrates with the leading cloud data platforms along with existing SIEM and Managed Detection and Response (MDR) tools.

As data sources and users in modern cloud settings increase, monitoring data usage and responding to threats becomes more challenging. This is critical for safeguarding against insider threats and adhering to rules and regulations. Existing strategies to solve these problems include manual and time-consuming audits of millions of log data records housed in disparate data sources. To stay up with business demands, data and security teams need improved ways for monitoring data access, address issues precisely, and quickly adjust to shifting risk appetites.

With Immuta Detect, customers can swiftly surface and prioritize data usage risks, decrease time to risk mitigation, and maintain data security by utilizing the following new features:

  • Advanced access behavior analytics - Immuta Detect consolidates data access logs, allowing data and security teams to continuously monitor and evaluate changes in user behavior and data access entitlements by source, user activity or query, as well as get insight into changes in data classification and security configuration.
  • Sensitive data views and indicators – The company offers a detailed analysis of each user and data activity in depth, summarizing activity across multiple criteria such as time frame, data access event categorization, sensitive data indicators, and most active data sources.
  • Risk severity detection and scoring - It automatically scores data based on its sensitivity and security, thereby enabling data and security teams to prioritize risks and receive real-time notifications about potential security incidents.

About Immuta

Founded in 2015 and headquartered in Boston, MA, Immuta is a leading cloud data access control provider. It offers data engineering and operations teams a unified platform for controlling access to analytical data sets in the cloud. Additionally, it helps businesses extract value from their cloud data by securing it and giving secure access. It automates access control for any type of data on any cloud service and across any computing infrastructure. The company is now trusted for data security by Fortune 500 organizations and government agencies all around the world.

Spotlight

How ReliaQuest GreyMatter Secures Mergers and Acquisitions

Whether it is absorbing an acquisition with a mixed technology stack, or managing security for operating companies rolling out a uniform technology stack, GreyMatter enables you to streamline security operations so you can increase visibility, reduce complexity, and manage risk.

More featured news

Spotlight

How ReliaQuest GreyMatter Secures Mergers and Acquisitions

Whether it is absorbing an acquisition with a mixed technology stack, or managing security for operating companies rolling out a uniform technology stack, GreyMatter enables you to streamline security operations so you can increase visibility, reduce complexity, and manage risk.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SANS Institute Introduces New Cybersecurity Training for IT Administrators

SANS Security Awareness | February 21, 2023

On February 20, 2023, SANS Security Awareness, a subsidiary of the SANS Institute, announced the release of "Security Essentials for IT Administrators," a new short-form technical training program. This series offers a comprehensive overview of cybersecurity fundamentals, aimed primarily at those with a foundational grasp of network administration and/or IT systems to keep them updated and informed in the ever-changing cybersecurity space. As more IT professionals, like network/system administrators and engineers, take on security responsibilities, it is important for an organization's overall security to have relevant training for this group. This series is intended to raise IT professionals' knowledge of the distinct threat landscape they face by drawing on the objectives of such popular SANS training courses as SEC301, SEC388, SEC401, and SEC504. The product line is available to enterprises seeking to improve their security preparedness and awareness by purchasing directly from SANS Security Awareness or via Microsoft's 'Defender for Office 365' bundle. John Byrne, General Manager of SANS Security Awareness, said, "The launch of the Security Essentials for IT Administrators course marks an exciting chapter in our mission to deliver high-quality security training to professionals in the industry, especially to these users who carry unique risk because of their privileged access and advanced skill set." (Source – Cision PR Newswire) He added, "We are thrilled Microsoft identified SANS to provide this comprehensive technical content series to provide the necessary knowledge and skills to help protect against the most pressing security threats facing organizations across the globe. These modules offer a powerful solution to organizations seeking to bolster their security posture and streamline workforce management for technical teams." (Source – Cision PR Newswire) AboutSANS Security Awareness Established in 1989, the SANS Institute is a cooperative research and education organization. It is the most trusted and, by far, the biggest supplier of cybersecurity certification and training for professionals in business and government institutions around the world. Reputed SANS instructors teach over 60 courses at cybersecurity events in person, online, and on demand. SANS Security Awareness, a division of SANS, gives organizations a complete and thorough security awareness solution that makes it easy and effective for them to manage their "human" cybersecurity risk. SANS also provides the InfoSec community with a wide range of free resources, such as consensus projects, webcasts, podcasts, research reports, and newsletters. It also runs the Internet Storm Center, which is the Internet's early warning system.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Vectra Unifies AI-driven Behavior-based Detection and Signature-based Detection in a Single Solution

Prnewswire | March 27, 2023

Vectra AI, the leader in AI-driven hybrid cloud threat detection and response, today announced the introduction of Vectra Match. Vectra Match brings intrusion detection signature context to Vectra Network Detection and Response (NDR), enabling security teams to accelerate their evolution to AI-driven threat detection and response without sacrificing investments already made in signatures. "As enterprises transform embracing digital identities, supply chains and ecosystems - GRC and SOC teams are forced to keep pace. Keeping pace with existing, evolving and emerging cyber threats requires visibility, context and control for both known and unknown threats. The challenge for many security organizations is doing so without adding complexity and cost," says Kevin Kennedy, SVP Products at Vectra. With the addition of Vectra Match, Vectra NDR addresses core GRC and SOC use cases enabling more efficient and effective: Correlation and validation of threat signals for accuracy. Compliance for network-based CVE detection with compensating controls. Threat hunting, investigation and incident response processes. "CISOs and their SOC teams across Asia Pacific are working with a challenging lack of visibility across their hybrid cloud environments, as attackers continue to evolve. Vectra NDR now enables security teams to unify signatures for known threats and AI-driven behavior-based detection for unknown threats in a single solution," comments David Sajoto, Vice President Vectra Asia Pacific Japan. According to Gartner®, "recent trends in the NDR market indicate many NDR offerings have expanded to capture new categories of events and to analyze additional traffic patterns. This includes new detection techniques: by adding support for more traditional signatures, performance monitoring, threat intelligence and sometimes malware detection engines. This move toward more multifunction network detection aligns well with the use case of network/security operations convergence, but also with midsize enterprises."1 "The attack surface cyber attackers have at their disposal continues to grow exponentially creating unknown threats on top of the tens of thousands of known vulnerabilities that exist. Attackers simply have exponentially more ways to infiltrate an organization and exfiltrate data -- and do so with far more frequency, velocity and impact. Keeping pace with attackers exploiting known vulnerabilities and unknown threats is an immense challenge for every Security, Risk and Compliance officer," says Ronald Heil, Global Risk Advisory Lead for Energy and Natural Resources and Partner at KPMG Netherlands. "Today, cyber-resilience and compliance requires complete visibility and context for both known and unknown attacker methods. Without it, disrupting and containing their impact becomes an exercise in brand reputation and customer trust damage control. Vectra Match capabilities allow us to combine both worlds, having the continued AI-based detection of real-time "movement", while also having the ability to check against specific Suricata indicators -- often required during incident response or proof of compliancy (e.g., Log4J). Consolidating AI-based and signature-based detection enables optimization, because in our case, less is more." "When it comes to shadow IT, we know people with admin rights are 'building boxes off the grid.' Our SOC team cannot protect what we cannot see, thus making these unknown systems prime targets for attackers. No doubt, behavior-based AI-driven detections are great for catching attackers deploying new, evasive methods, but when it comes to attackers leveraging CVEs to compromise unknown, unpatched systems, we need signature-based detection. Combining signature-based detection with behavior-based detection gives our SOC team visibility for both the known-unknown and unknown-unknown threats. It's the best of both worlds," says Brett Fernicola, Sr. Director, Security Operations at Anywhere.re. Vectra NDR with Vectra Match Vectra NDR - a key component of the Vectra platform - provides end-to-end protection against hybrid and multicloud attacks. Deployed on-premises or in the cloud, the Vectra NDR console is a single source of truth (visibility) and first line of defense (control) for attacks traversing cloud and data center networks. By harnessing AI-driven Attack Signal Intelligence, Vectra NDR empowers GRC and SOC teams with: AI-driven Detections that think like an attacker by going beyond signatures and anomalies to understand attacker behavior and zero in on attacker TTPs across the entire cyber kill chain post compromise, with 90% fewer blind spots and 3x more threats proactively identified. AI-driven Triage that knows what is malicious by utilizing ML to analyze detection patterns unique to the customer's environment to score how meaningful each detection is, thus reducing 85% of alert noise - surfacing only relevant true positive events that require analyst attention. AI-driven Prioritization that focuses on what is urgent by automatically correlating attacker TTPs across attack surfaces, evaluating each entity against globally observed attack profiles to create an attack urgency rating enabling analysts to focus on the most critical threats to the organization. Vectra NDR empowers security and risk professionals with next-level intrusion detection. Armed with rich context on both known and unknown threats, GRC and SOC teams not only improve the effectiveness of their threat detection, but the efficiency on their threat hunting, investigation and incident response program and processes. Vectra NDR with Vectra Match is available for evaluation and purchase today. For additional information, please visit the following resources. About Vectra Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. Only Vectra optimizes AI to detect attacker methods - the TTPs at the heart of all attacks - rather than simplistically alerting on "different." The resulting high-fidelity threat signal and clear context enables cybersecurity teams to rapidly respond to threats and stop attacks from becoming breaches. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure - both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

Read More

NETWORK THREAT DETECTION, PLATFORM SECURITY, SOFTWARE SECURITY

Deepwatch Enhances SecOps Platform to Detect and Contain Identity Threats

Deepwatch | February 08, 2023

On February 08, 2023, Deepwatch, the industry leader in advanced managed detection and response (MDR) security, announced new service offerings and enhancements to the Deepwatch SecOps Platform to enhance threat detection and containment across the organization. The introduction of Deepwatch MXDR for Identity enables enhanced detection and response to rising identity-based threats; Deepwatch MXDR for Endpoint now supports Microsoft Windows Defender, which allows automatic response capabilities on Windows endpoints; and Deepwatch SecOps Platform, user interface upgrades, provide customers with greater visibility into the efficacy of their security operations program – from practitioner dashboards to self-service, board-level metrics and reporting. Deepwatch offers comprehensive detection and automated reaction to cyber threats, as well as customized security recommendations from experienced professionals. The 24/7/365 protection provided by the Deepwatch SecOps Platform eliminates the risk and significantly enhances security posture. Based on advanced threat analytics, integrations with top security tools, and dynamic content libraries, Deepwatch's managed detection and response services (MXDR, MDR, and others) provide customers with an "always on" modern SOC that continuously adapts to the combat ever-changing threat landscape. Wesley Mullins, CTO at Deepwatch, said, "Deepwatch provides security teams the expertise, flexibility, user experience and support to rapidly accelerate their extended detection and response strategies to defend against threats targeting enterprises." He also added, "With the addition of Deepwatch MXDR for Identity, we can do more than shut down the endpoint or make a firewall rule on the fly. We can respond to a threat at every level across the customer's attack surface whether its network, cloud or identity." (Source – Business Wire) About Deepwatch Based in Florida, Deepwatch is the industry leader in managed security services, guarding businesses 24/7/365 from evolving cyber threats. Deepwatch, which is powered by Deepwatch's cloud security platform, provides the industry's quickest, most exhaustive detection and automatic response to cyber threats, along with customized advice from dedicated experts to mitigate risks and significantly improve security posture. Deepwatch is trusted by the world's biggest corporations, from the Fortune 100 to mid-sized businesses, to defend their businesses.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SANS Institute Introduces New Cybersecurity Training for IT Administrators

SANS Security Awareness | February 21, 2023

On February 20, 2023, SANS Security Awareness, a subsidiary of the SANS Institute, announced the release of "Security Essentials for IT Administrators," a new short-form technical training program. This series offers a comprehensive overview of cybersecurity fundamentals, aimed primarily at those with a foundational grasp of network administration and/or IT systems to keep them updated and informed in the ever-changing cybersecurity space. As more IT professionals, like network/system administrators and engineers, take on security responsibilities, it is important for an organization's overall security to have relevant training for this group. This series is intended to raise IT professionals' knowledge of the distinct threat landscape they face by drawing on the objectives of such popular SANS training courses as SEC301, SEC388, SEC401, and SEC504. The product line is available to enterprises seeking to improve their security preparedness and awareness by purchasing directly from SANS Security Awareness or via Microsoft's 'Defender for Office 365' bundle. John Byrne, General Manager of SANS Security Awareness, said, "The launch of the Security Essentials for IT Administrators course marks an exciting chapter in our mission to deliver high-quality security training to professionals in the industry, especially to these users who carry unique risk because of their privileged access and advanced skill set." (Source – Cision PR Newswire) He added, "We are thrilled Microsoft identified SANS to provide this comprehensive technical content series to provide the necessary knowledge and skills to help protect against the most pressing security threats facing organizations across the globe. These modules offer a powerful solution to organizations seeking to bolster their security posture and streamline workforce management for technical teams." (Source – Cision PR Newswire) AboutSANS Security Awareness Established in 1989, the SANS Institute is a cooperative research and education organization. It is the most trusted and, by far, the biggest supplier of cybersecurity certification and training for professionals in business and government institutions around the world. Reputed SANS instructors teach over 60 courses at cybersecurity events in person, online, and on demand. SANS Security Awareness, a division of SANS, gives organizations a complete and thorough security awareness solution that makes it easy and effective for them to manage their "human" cybersecurity risk. SANS also provides the InfoSec community with a wide range of free resources, such as consensus projects, webcasts, podcasts, research reports, and newsletters. It also runs the Internet Storm Center, which is the Internet's early warning system.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Vectra Unifies AI-driven Behavior-based Detection and Signature-based Detection in a Single Solution

Prnewswire | March 27, 2023

Vectra AI, the leader in AI-driven hybrid cloud threat detection and response, today announced the introduction of Vectra Match. Vectra Match brings intrusion detection signature context to Vectra Network Detection and Response (NDR), enabling security teams to accelerate their evolution to AI-driven threat detection and response without sacrificing investments already made in signatures. "As enterprises transform embracing digital identities, supply chains and ecosystems - GRC and SOC teams are forced to keep pace. Keeping pace with existing, evolving and emerging cyber threats requires visibility, context and control for both known and unknown threats. The challenge for many security organizations is doing so without adding complexity and cost," says Kevin Kennedy, SVP Products at Vectra. With the addition of Vectra Match, Vectra NDR addresses core GRC and SOC use cases enabling more efficient and effective: Correlation and validation of threat signals for accuracy. Compliance for network-based CVE detection with compensating controls. Threat hunting, investigation and incident response processes. "CISOs and their SOC teams across Asia Pacific are working with a challenging lack of visibility across their hybrid cloud environments, as attackers continue to evolve. Vectra NDR now enables security teams to unify signatures for known threats and AI-driven behavior-based detection for unknown threats in a single solution," comments David Sajoto, Vice President Vectra Asia Pacific Japan. According to Gartner®, "recent trends in the NDR market indicate many NDR offerings have expanded to capture new categories of events and to analyze additional traffic patterns. This includes new detection techniques: by adding support for more traditional signatures, performance monitoring, threat intelligence and sometimes malware detection engines. This move toward more multifunction network detection aligns well with the use case of network/security operations convergence, but also with midsize enterprises."1 "The attack surface cyber attackers have at their disposal continues to grow exponentially creating unknown threats on top of the tens of thousands of known vulnerabilities that exist. Attackers simply have exponentially more ways to infiltrate an organization and exfiltrate data -- and do so with far more frequency, velocity and impact. Keeping pace with attackers exploiting known vulnerabilities and unknown threats is an immense challenge for every Security, Risk and Compliance officer," says Ronald Heil, Global Risk Advisory Lead for Energy and Natural Resources and Partner at KPMG Netherlands. "Today, cyber-resilience and compliance requires complete visibility and context for both known and unknown attacker methods. Without it, disrupting and containing their impact becomes an exercise in brand reputation and customer trust damage control. Vectra Match capabilities allow us to combine both worlds, having the continued AI-based detection of real-time "movement", while also having the ability to check against specific Suricata indicators -- often required during incident response or proof of compliancy (e.g., Log4J). Consolidating AI-based and signature-based detection enables optimization, because in our case, less is more." "When it comes to shadow IT, we know people with admin rights are 'building boxes off the grid.' Our SOC team cannot protect what we cannot see, thus making these unknown systems prime targets for attackers. No doubt, behavior-based AI-driven detections are great for catching attackers deploying new, evasive methods, but when it comes to attackers leveraging CVEs to compromise unknown, unpatched systems, we need signature-based detection. Combining signature-based detection with behavior-based detection gives our SOC team visibility for both the known-unknown and unknown-unknown threats. It's the best of both worlds," says Brett Fernicola, Sr. Director, Security Operations at Anywhere.re. Vectra NDR with Vectra Match Vectra NDR - a key component of the Vectra platform - provides end-to-end protection against hybrid and multicloud attacks. Deployed on-premises or in the cloud, the Vectra NDR console is a single source of truth (visibility) and first line of defense (control) for attacks traversing cloud and data center networks. By harnessing AI-driven Attack Signal Intelligence, Vectra NDR empowers GRC and SOC teams with: AI-driven Detections that think like an attacker by going beyond signatures and anomalies to understand attacker behavior and zero in on attacker TTPs across the entire cyber kill chain post compromise, with 90% fewer blind spots and 3x more threats proactively identified. AI-driven Triage that knows what is malicious by utilizing ML to analyze detection patterns unique to the customer's environment to score how meaningful each detection is, thus reducing 85% of alert noise - surfacing only relevant true positive events that require analyst attention. AI-driven Prioritization that focuses on what is urgent by automatically correlating attacker TTPs across attack surfaces, evaluating each entity against globally observed attack profiles to create an attack urgency rating enabling analysts to focus on the most critical threats to the organization. Vectra NDR empowers security and risk professionals with next-level intrusion detection. Armed with rich context on both known and unknown threats, GRC and SOC teams not only improve the effectiveness of their threat detection, but the efficiency on their threat hunting, investigation and incident response program and processes. Vectra NDR with Vectra Match is available for evaluation and purchase today. For additional information, please visit the following resources. About Vectra Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. Only Vectra optimizes AI to detect attacker methods - the TTPs at the heart of all attacks - rather than simplistically alerting on "different." The resulting high-fidelity threat signal and clear context enables cybersecurity teams to rapidly respond to threats and stop attacks from becoming breaches. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure - both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

Read More

NETWORK THREAT DETECTION, PLATFORM SECURITY, SOFTWARE SECURITY

Deepwatch Enhances SecOps Platform to Detect and Contain Identity Threats

Deepwatch | February 08, 2023

On February 08, 2023, Deepwatch, the industry leader in advanced managed detection and response (MDR) security, announced new service offerings and enhancements to the Deepwatch SecOps Platform to enhance threat detection and containment across the organization. The introduction of Deepwatch MXDR for Identity enables enhanced detection and response to rising identity-based threats; Deepwatch MXDR for Endpoint now supports Microsoft Windows Defender, which allows automatic response capabilities on Windows endpoints; and Deepwatch SecOps Platform, user interface upgrades, provide customers with greater visibility into the efficacy of their security operations program – from practitioner dashboards to self-service, board-level metrics and reporting. Deepwatch offers comprehensive detection and automated reaction to cyber threats, as well as customized security recommendations from experienced professionals. The 24/7/365 protection provided by the Deepwatch SecOps Platform eliminates the risk and significantly enhances security posture. Based on advanced threat analytics, integrations with top security tools, and dynamic content libraries, Deepwatch's managed detection and response services (MXDR, MDR, and others) provide customers with an "always on" modern SOC that continuously adapts to the combat ever-changing threat landscape. Wesley Mullins, CTO at Deepwatch, said, "Deepwatch provides security teams the expertise, flexibility, user experience and support to rapidly accelerate their extended detection and response strategies to defend against threats targeting enterprises." He also added, "With the addition of Deepwatch MXDR for Identity, we can do more than shut down the endpoint or make a firewall rule on the fly. We can respond to a threat at every level across the customer's attack surface whether its network, cloud or identity." (Source – Business Wire) About Deepwatch Based in Florida, Deepwatch is the industry leader in managed security services, guarding businesses 24/7/365 from evolving cyber threats. Deepwatch, which is powered by Deepwatch's cloud security platform, provides the industry's quickest, most exhaustive detection and automatic response to cyber threats, along with customized advice from dedicated experts to mitigate risks and significantly improve security posture. Deepwatch is trusted by the world's biggest corporations, from the Fortune 100 to mid-sized businesses, to defend their businesses.

Read More

More featured news