DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
SANS Security Awareness | February 21, 2023
On February 20, 2023, SANS Security Awareness, a subsidiary of the SANS Institute, announced the release of "Security Essentials for IT Administrators," a new short-form technical training program. This series offers a comprehensive overview of cybersecurity fundamentals, aimed primarily at those with a foundational grasp of network administration and/or IT systems to keep them updated and informed in the ever-changing cybersecurity space. As more IT professionals, like network/system administrators and engineers, take on security responsibilities, it is important for an organization's overall security to have relevant training for this group.
This series is intended to raise IT professionals' knowledge of the distinct threat landscape they face by drawing on the objectives of such popular SANS training courses as SEC301, SEC388, SEC401, and SEC504. The product line is available to enterprises seeking to improve their security preparedness and awareness by purchasing directly from SANS Security Awareness or via Microsoft's 'Defender for Office 365' bundle.
John Byrne, General Manager of SANS Security Awareness, said, "The launch of the Security Essentials for IT Administrators course marks an exciting chapter in our mission to deliver high-quality security training to professionals in the industry, especially to these users who carry unique risk because of their privileged access and advanced skill set."
(Source – Cision PR Newswire)
He added, "We are thrilled Microsoft identified SANS to provide this comprehensive technical content series to provide the necessary knowledge and skills to help protect against the most pressing security threats facing organizations across the globe. These modules offer a powerful solution to organizations seeking to bolster their security posture and streamline workforce management for technical teams."
(Source – Cision PR Newswire)
AboutSANS Security Awareness
Established in 1989, the SANS Institute is a cooperative research and education organization. It is the most trusted and, by far, the biggest supplier of cybersecurity certification and training for professionals in business and government institutions around the world. Reputed SANS instructors teach over 60 courses at cybersecurity events in person, online, and on demand.
SANS Security Awareness, a division of SANS, gives organizations a complete and thorough security awareness solution that makes it easy and effective for them to manage their "human" cybersecurity risk. SANS also provides the InfoSec community with a wide range of free resources, such as consensus projects, webcasts, podcasts, research reports, and newsletters. It also runs the Internet Storm Center, which is the Internet's early warning system.
Read More
SECURITY AUDIT AND COMPLIANCE, SOFTWARE SECURITY
Acalvio Technologies | February 10, 2023
On February 9, 2023, Acalvio Technologies, the market leader in cyber deception technology, announced the release of its Identity Threat Detection and Response solution, which provides visibility and control of the identity attack surface area and a cutting-edge active defense against identity threats. By adding Active Defense, Acalvio's ITDR solution transforms the environment not only to detect and repel cyber assaults but also to collect threat information to get a deeper understanding of the adversary and better train future defenders.
"Modern identity threats can subvert traditional identity and access management (IAM) preventive controls, such as multi-factor authentication (MFA). This makes Identity Threat Detection and Response (ITDR) a top cybersecurity priority for 2022 and beyond."
According to October 2022 research from Gartner
Acalvio's patent-protected, unique, and comprehensive ITDR solution is the foundation for building and maintaining a robust zero-trust security model. It enhances identity protection in three important ways
Active Defense against malicious activity: ShadowPlex Advanced Threat Defense from Acalvio generates a rich and broad collection of honey accounts that are automatically blended into Active Directory and distribute honey tokens throughout the company network for malicious actors to locate and exploit. It also identifies tools for stealing credentials by presenting options to use deception.
Identity Attack Surface Management: ShadowPlex Identity Protection outlines the attack surface in identity repositories such as Microsoft Active Directory and Azure Active Directory, as well as the credential caches on different endpoints. This enables a comprehensive study of identity misconfigurations and possible attack vectors via vulnerable relationships, cached credentials, and linkages for lateral movement.
Extensive integrations with the security ecosystem: The ITDR solution from Acalvio integrates with an enterprise's existing SIEM, EDR, SOAR, NAC, and other security solutions to understand the environment's assets, automatically deploy deception across the enterprise, detect the use of decoy credentials, and enable a variety of automated real-time responses.
About Acalvio Technologies
Acalvio, the market leader in cyber deception technology, assists businesses in proactively defending against sophisticated security attacks. Built on 25 granted patents for autonomous deception and sophisticated AI, the Acalvio Active Defense Platform offers comprehensive solutions for ITDR, advanced threat detection, zero trust, OT security, active directory protection, and ransomware protection. The Silicon Valley-based firm's solutions serve Fortune 500 companies and government organizations and are deployable on-premises, in the cloud, or via renowned managed service providers.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
GoSecure | February 16, 2023
On February 15, 2023, GoSecure, a leading Managed Extended Detection and Response (MXDR) and proficient advisory services provider, announced the release of Titan Identity, a solution combining technology with managed services to offer an affordable and immediately deployable solution that can help organizations to measurably enhance response times to credential theft.
GoSecure Titan Identity is a detection service specifically designed to significantly minimize the time required to detect and respond to assaults aimed at enterprise identity systems such as Microsoft Active Directory. By employing real-time analysis of Active Directory and other event log data, the Titan Identity's alert technology with low false positives allows Incident Response teams to effectively utilize existing workflow systems and react promptly to commonplace but hazardous attacks that occur after the initial foothold, thereby ensuring the safeguarding of crucial business assets.
The Key benefits of this service include the following:
Significantly reduced response and detection times by enabling the Incident Response team to have continuous and ongoing visibility into identity attacks across enterprise hosts, virtual machines, servers, containers, desktops, and laptops.
Improved return on previous (SOAR)/ (SIEM) investments by leveraging the SIEM infrastructure, facilitating new SOAR playbooks with automated actions, and permitting the use of out-of-SIEM logs that surpass indexing and storage budget.
Increased productivity for analysts by significantly minimizing the occurrence of false positives, eliminating the need for an additional user interface, and providing alerts with enriched messages.
Enabled verifiable accuracy through automated and continuous testing and quantification of performance.
Reduced deployment and change costs by avoiding network probes and sensors.
Improved internal team's capabilities by granting access to a team of data scientists for expanding identity attack detection capabilities.
Titan Identity is different from other anomaly or signature-based detection systems and is made up of over 30 distinct detectors and finely tuned machine learning models that are continuously evaluated to significantly minimize false positives, delivering high confidence alerts in mere seconds. The design facilitates the replacement of manual workflows with automation, capable of functioning with remarkable assurance. This flexible and adaptable service is complemented by the access of data science experts who ensure the accuracy and measurability of results via ongoing data flow monitoring, detector development, and detector performance tuning services.
About GoSecure
Founded in 2002, GoSecure is a leading cybersecurity solutions provider and offers cutting-edge managed security solutions and expert advisory services. Its GoSecure Titan® managed security solutions provide comprehensive, multi-vector protection to effectively counteract the latest cyber threats and offer a full suite of services that can extend the capabilities of clients' in-house teams. For more than a decade, it has been assisting clients in better understanding their security gaps, mitigating organizational risk, and improving their security posture through its advisory services, delivered by one of the industry's most reliable and skilled teams.
Read More