DATA SECURITY, INFOSEC PROJECT MANAGEMENT
Businesswire | April 24, 2023
LogRhythm, the company empowering security teams to navigate the ever-changing threat landscape with confidence, announced its partnership with Zscaler, the leader in cloud security. LogRhythm and Zscaler work together to help organizations around the globe increase network insight and address a variety of cloud access security challenges faced by the modern SOC. LogRhythm SIEM and the Zscaler Zero Trust Exchange™ platform provide unparalleled visibility and security to facilitate a modern Zero Trust architecture.
Zscaler secures all user, workload, and device communications over any network, anywhere. The integration with LogRhythm provides visibility into everything occurring in your network, and the websites and cloud-based resources employees are using. This level of visibility is crucial to protecting organizations. With a Zero Trust approach on many organizations’ minds, it’s imperative to have the right tools to defend against cyber threats. The LogRhythm SmartResponse™ for Zscaler Internet Access (ZIA)™ enables remediation actions from the LogRhythm console. As logs are ingested from Zscaler’s Nanolog Streaming Service (NSS) into the LogRhythm SIEM platform, the LogRhythm SmartResponse™ for Zscaler can also automatically denylist the URL in Zscaler when a banned keyword or URL is detected.
“Securing an organization’s systems and networks begins with high-fidelity and trustworthy log data. LogRhythm’s expertise in turning log data into actionable insights delivered through dashboards and analytics is unrivaled in the industry,” said Andrew Hollister, Chief Information Security Officer at LogRhythm. “The combined benefits of LogRhythm SmartResponse™ and Zscaler Internet Access facilitate modern Zero Trust architecture that is the security backbone of companies across the globe.”
The LogRhythm SmartResponse™ for Zscaler performs several actions including denylisting a URL, getting policy information, and adding a URL category. It simplifies running actions between the SIEM and Zscaler by centralizing day-to-day security tasks to a single console. Other key benefits of this integration include: Simplified ingestion and contextualization of Zscaler log data Accelerated detection of unwanted or denylisted URLs Use of a single console to investigate and block suspicious website access Faster response with enhanced investigative capabilities
“Zscaler’s Zero Trust Exchange reduces the attack surface and enforces cybersecurity policies, and this new integration with LogRhythm can help security teams with richer insights," said Amit Raikar, VP of Technology Partnerships at Zscaler. "By leveraging Zscaler APIs for cloud-to-cloud log streaming, LogRhythm customers can gather threat and policy telemetry across a hybrid workforce accessing multicloud and SaaS applications, giving analysts a complete picture from the depth of information in Zsacler logs for optimal threat hunting and investigations."
This new announcement continues LogRhythm’s impressive momentum from 2022 into this year. In addition to announcing a series of expanded capabilities and integrations for its security operations solutions, which included updates to the company’s cloud-native LogRhythm Axon platform, LogRhythm also announced its integration with SentinelOne. The integration streamlines security operations and improves response workflow, helping overwhelmed security teams cut through the noise and gain precise insights into cybersecurity threats.
About LogRhythm
LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency.
With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks.
Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | May 02, 2023
Logically, one of the nation's leading managed security and IT service providers, today announced a partnership with SaaS Alerts and the launch of the specialized solution providing customers with constant, real-time monitoring of their Software-as-a-Service applications.
SaaS Alerts monitors tools like Microsoft Office, Salesforce, Dropbox, and Google Workspaces to detect potential threats in cloud applications. The automation tool identifies ongoing security threats and provides comprehensive alerting and responses across all applications. The result is a lowered risk of data breaches and customizable reporting that offers customers insights into security threats and patterns.
"As cyber threats continue to mount in today's digital age, the importance of application security cannot be overstated," said Buddy Pitt, Virtual Chief Security Officer at Logically. "SaaS applications carry a substantial risk due to the sensitive data they often contain, and ensuring that the flexibility and scalability they offer is paired with enhanced security, is paramount. SaaS Alerts offers threat detection, intelligent automation, and comprehensive alerting to do just that."
In addition, the data reports that SaaS Alerts provides are calibrated to empower organizations to gain insights into not only security threats but their patterns too. This, in turn, allows business leaders to take proactive measures against future disruptive incidents.
"We're thrilled to partner with Logically to help protect their customers' critical SaaS business applications," said Jim Lippie, CEO of SaaS Alerts. "Given the current threat landscape, it's more important than ever to ensure customers are protected from evolving security threats. We're excited to see how our partnership continues to evolve in the years to come."
To further underscore Logically's commitment to application security in today's digital landscape, Buddy Pitt, along with Logically's Chief Operating Officer Keith Johnson, hosted a webinar titled, "Fortify Your Defenses: Why Application Security is Crucial in Today's Digital Landscape," on April 26, which discussed data and business application security and how SaaS Alerts are a valuable weapon in the ongoing battle against data breaches.
"We're proud to launch SaaS Alerts at this critical moment where rapid risk mitigation matters most. It's yet another tool in our arsenal of products that ensures our customers receive best-in-class safety and security," said Johnson.
About Logically
Logically is a leading national managed security and IT solution provider that helps organizations secure and support their businesses today, solve for tomorrow, and strategize for the future with cyber-first solutions. Our team of experts, including cybersecurity, engineering, networking, and cloud specialists, collaborate with customers to implement solutions that protect their assets, reduce risk, and optimize performance, end to end. Since 1999, we have made long-term relationships, customer service excellence, and purposeful innovation guiding principles to ensure customers have a trusted advisor at their side, helping them focus on their business, not the technology behind it.
Read More
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | April 03, 2023
AttackIQ®, the leading independent vendor of Breach and Attack Simulation (BAS) solutions, today announced the availability of AttackIQ Ready!, a fully managed breach and attack simulation service that leverages years of advanced content and actionable reporting to improve organizations’ security posture and security program performance. The service was designed to simplify the execution of a continuous security validation program, showing results in real-time and orchestrating faster remediation – all through one automated platform – for everyone who wants it.
Absent real data, teams lack clarity about their capabilities and performance and cannot confidently operate against the adversary. AttackIQ has found that security controls only stop the adversary 39% of the time in the real world due to misconfigurations and security control degradation. To solve this problem, AttackIQ Ready! delivers clear reporting and analysis so that security leaders know how well their controls perform against the adversary. AttackIQ Ready! provides weekly reports, monthly executive-focused reports, and insurance-focused reports that can be used to communicate to the executive team, the board, insurance companies, and regulators alike.
“We know that automated testing provides a path to better security and business outcomes. With this announcement, we are making AttackIQ’s advanced testing capabilities available to a much broader section of the market,” said Carl Wright, Chief Commercial Officer, AttackIQ. “Many organizations lack the resources to operationalize the MITRE ATT&CK framework or conduct red team assessments of their cyberdefenses. We are very excited to release AttackIQ Ready! to help teams of all sizes maximize return on investment and improve operational readiness.”
With AttackIQ Ready!, organizations can expect the following:
Easy and Immediate Use: From day one, AttackIQ Ready! provides an easy-to-use and immediate baseline understanding of your security coverage as well as continuous visibility into your security posture. It helps you to identify gaps and issues surrounding your overall cybersecurity hygiene.
Weekly and Monthly Reporting: Weekly and monthly reports about your security controls’ performance, including against specific adversaries curated by the AttackIQ Adversary Research Team (APT29, FIN6, etc.).
Monthly Adversary Curation: Every month, the AttackIQ Adversary Research Team introduces a new set of adversarial campaigns to test your security controls against that specific adversary.
Continuous Automated Testing: The AttackIQ Ready! team conducts weekly tests of your security controls using MITRE ATT&CK-aligned assessments drawn from the full AttackIQ research library.
Actionable Remediation Guidance: Generates tailored, easy-to-use remediation guidance so that you can close gaps and address issues quickly to improve performance.
Detection Engineering: AttackIQ Ready! introduces the option of detection testing for companies that have a security operations center or a SIEM structured to respond to alerts and attacks.
In-App Threat Intelligence and Analysis: Gain immediate in-app analysis about emerging and advanced threats and how to prepare your defenses to withstand attacks.
AttackIQ Ready! will help an even broader range of customers to achieve these results. A security operations center is not required to use AttackIQ Ready!. All that is needed are existing security controls to validate, either through cloud services like AWS or Azure or security providers.
What kind of results might companies expect? One security leader at a premier biosciences company recently used the AttackIQ platform to prove to an insurance company that his security controls were performing as intended and negotiate a peg to his insurance premium, saving his organization hundreds of thousands of dollars in fees. As he said, “When we can prove that our solutions and controls are not just adequate, but they're rock solid, there's much value there. The investments in our firewalls, endpoint controls, and network security controls help build the program's reputation and instill more confidence. Then when we go to the board for requesting a large sum of funding for maybe a new project, there are not as many questions.”
“AttackIQ has helped companies from the Fortune 10 to Global 2000 elevate their security effectiveness, including JetBlue, Bupa and the Department of Defense,” Wright continued. “This service will help companies hone security analyst and security operations team performance, find redundancies in security controls, validate security controls for insurers, decrease the impact of breaches, and much more. You can’t manage what you can't measure, and we look forward to helping organizations measure their defenses against the adversary.”
Pricing and Availability
AttackIQ Ready! is available now. More details are available at: www.attackiq.com/ready. For pricing or to schedule a demo, contact AttackIQ.
About AttackIQ
AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free award-winning AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat-Informed Defense.
Read More