Home > News > featured news > Morphisec Announces New Incident Response Services as Enterprise Attacks Escalate

DATA SECURITY

Morphisec Announces New Incident Response Services as Enterprise Attacks Escalate

Morphisec | August 16, 2021

Morphisec, a leader in cloud-delivered endpoint and server security solutions, today announced the launch of its new incident response services at HIMSS21. The service will help organizations across the healthcare industry, and various other markets, identify, contain, and report on security incidents in progress while validating or verifying the lack of a breach.

Morphisec adds this service at a time when a flood of cyber threats have placed businesses under increasing pressure, making incident response necessary for industries like healthcare and manufacturing that need to be operational 24/7. In fact, Morphisec’s Consumer Healthcare Cybersecurity Threat Index found earlier this year that 1 in 5 Americans had a healthcare provider affected by cyberattacks over the last twelve months.

Morphisec’s new IR services aims to assist these organizations with containing in-progress incidents, reducing damage, providing recommendations for long-term risk reduction, and auditing critical infrastructure to ensure the lowest possible risk exposure to a cyberattack. The company's highly experienced and on-demand IR team will be led under the direct supervision of the CTO’s office.

“In this worsening threat landscape, it’s vital that all businesses have access to the expertise they need to keep their business up and running in the event of a breach -- even if they lack dedicated security professionals,” said Michael Gorelik, Morphisec’s CTO and head of incident response. “Morphisec’s incident response services help every organization under attack to quickly contain the incident, ensure business continuity, and minimize direct and indirect losses. With extensive experience in security incident investigation, companies are in good hands with our talented IR team who will go above and beyond to help them protect their assets from backdoors and persistent malware.”

Morphisec’s incident response services will leverage the company’s zero trust at runtime solution to quickly pinpoint and contain threats, promising immediate results before forensic activities are even finalized. Responders will also educate businesses on the root cause of the incident and, in turn, the required corrective actions to improve their current tools and processes.

Forensic collection and investigation of affected assets, including the building of an activity timeline, supplying indicators of compromise (IOCs), scoping the impact, mapping of exfiltrated IP, and more
Malware analysis: In-depth analysis of a given malware, backdoor, or fileless code, to identify the potential impact
Working around the clock during the investigation, with availability whenever we’re needed
The option to develop customized scripts to minimize follow-up impact
“As cyberattackers continue to target our critical industries such as healthcare, we’re proud to offer this crucial service to organizations who simply cannot afford downtime,” added Gorelik. “Morphisec's impressive suite of cloud-delivered endpoint and server security solutions are already protecting our customers across 8 million endpoints, and the addition of our new incident response service adds a vital layer to triage critical security incidents and reduce the risk of attack for the future.”

About Morphisec

Morphisec is the world leader in providing advanced security solutions for midsize to small enterprises around the globe. The company’s security products simplify and automatically block modern attacks from the endpoint to the cloud. Unlike traditional security solutions relying on human intervention, Morphisec delivers operationally simple, proactive prevention. This approach protects businesses around the globe with limited security resources and training from the most dangerous and sophisticated cyber attacks.

Spotlight

Detect Threats Faster​ | Cisco Secure Endpoint

Cisco Secure Endpoint enables you to detect threats faster. This video discusses the use of advanced detection and protection engines as well as Secure Malware Analytics.

More featured news

Spotlight

Detect Threats Faster​ | Cisco Secure Endpoint

Cisco Secure Endpoint enables you to detect threats faster. This video discusses the use of advanced detection and protection engines as well as Secure Malware Analytics.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

IronNet Enhances Network Detection and Response Solution, IronDefense

IronNet, Inc. | January 05, 2023

IronNet, Inc., a pioneer in transforming cybersecurity through collective defenseSM, has announced that its network detection and response (NDR) solution, IronDefense, now has more features. IronDefense, awarded the best possible grade by SE Labs for Enterprise Advanced Security NDR Detection, enables advanced and early visibility of unidentified cybersecurity threats that have evaded endpoint and firewall detection and infiltrated the network, regardless of whether it is on-premises or in the cloud. With IronNet's most recent NDR enhancements, Security Operations Center (SOC) analysts can use IronDefense to identify VPN misuse, including high abnormal login times, password spraying, and unsuccessful logins, all of which may be suggestive of brute force attacks or unauthorized access attempts. Additional analytics enhancements enable the identification of ongoing patterns of both randomized-timing and fixed-interval beacon activity, as well as the detection of DNS tunnels utilizing innovative encoding techniques employed by cybercriminals. The IronNet product development team has also improved IronDefense's usability. Specifically, new sensors can now be automatically commissioned and upgraded without the intervention of SOC personnel. IronDefense allows customers utilizing SentinelOne endpoint detection and response (EDR) to remotely establish and update network inventory and isolate a device in a SentinelOne-deployed network through the Entity page of the IronDefense user interface. CarbonBlack and Crowdstrike endpoints offer equivalent capabilities. About IronNet, Inc. IronNet, Inc., founded in 2014 by GEN (Ret.) Keith Alexander, is a global leader in cybersecurity that is revolutionizing how enterprises safeguard their networks by providing the first-ever Collective Defense technology operating at scale. IronNet, which employs a number of ex-NSA cybersecurity operators with both offensive and defensive cyber experience, incorporates extensive tradecraft knowledge into its industry-leading technologies to address the world's most difficult cyber problems.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Saviynt Completes the Australian Information Security Registered Assessor Program Assessment

Saviynt | November 08, 2022

Saviynt, a leading provider of intelligent identity and access governance solutions, today announced it has successfully completed the Information Security Registered Assessor Program (IRAP) assessment. As an important validation for security vendors doing business with government agencies in Australia, the IRAP assessment confirms that Saviynt's Enterprise Identity Cloud (EIC) is assessed at the PROTECTED level. Validating the effectiveness of security controls offered by the Enterprise Identity Cloud for storing, processing, and communicating information up to the PROTECTED information classification level. The IRAP program enables Australian government customers to validate that appropriate controls are in place for addressing the requirements of the Australian Government Information Security Manual (ISM) produced by the Australian Cyber Security Centre (ACSC). An independent IRAP assessor examined the Saviynt solution, including people, processes, and technology, against the requirements of the ISM. "The IRAP assessment is the latest milestone in Saviynt’s rapid growth in the Asia Pacific region. "It allows us to provide our government and commercial Enterprise Identity Cloud customers in the APAC region with the confidence that their data is fully protected from unauthorized access when leveraging cloud services.” Dan Mountstephen, Senior VP, Asia Pacific, Saviynt Saviynt’s Enterprise Identity Cloud is the only converged identity platform that provides unmatched levels of visibility and security. By combining identity access management, cloud privileged access management, application access management for cross-application separation of duties, third-party access management, and data access governance in a converged platform, Saviynt helps modern enterprises scale cloud initiatives while also solving the toughest security and compliance challenges. About Saviynt Saviynt's Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and privileged access to secure the entire business ecosystem and provide a frictionless user experience.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

IronNet Enhances Network Detection and Response Solution, IronDefense

IronNet, Inc. | January 05, 2023

IronNet, Inc., a pioneer in transforming cybersecurity through collective defenseSM, has announced that its network detection and response (NDR) solution, IronDefense, now has more features. IronDefense, awarded the best possible grade by SE Labs for Enterprise Advanced Security NDR Detection, enables advanced and early visibility of unidentified cybersecurity threats that have evaded endpoint and firewall detection and infiltrated the network, regardless of whether it is on-premises or in the cloud. With IronNet's most recent NDR enhancements, Security Operations Center (SOC) analysts can use IronDefense to identify VPN misuse, including high abnormal login times, password spraying, and unsuccessful logins, all of which may be suggestive of brute force attacks or unauthorized access attempts. Additional analytics enhancements enable the identification of ongoing patterns of both randomized-timing and fixed-interval beacon activity, as well as the detection of DNS tunnels utilizing innovative encoding techniques employed by cybercriminals. The IronNet product development team has also improved IronDefense's usability. Specifically, new sensors can now be automatically commissioned and upgraded without the intervention of SOC personnel. IronDefense allows customers utilizing SentinelOne endpoint detection and response (EDR) to remotely establish and update network inventory and isolate a device in a SentinelOne-deployed network through the Entity page of the IronDefense user interface. CarbonBlack and Crowdstrike endpoints offer equivalent capabilities. About IronNet, Inc. IronNet, Inc., founded in 2014 by GEN (Ret.) Keith Alexander, is a global leader in cybersecurity that is revolutionizing how enterprises safeguard their networks by providing the first-ever Collective Defense technology operating at scale. IronNet, which employs a number of ex-NSA cybersecurity operators with both offensive and defensive cyber experience, incorporates extensive tradecraft knowledge into its industry-leading technologies to address the world's most difficult cyber problems.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Saviynt Completes the Australian Information Security Registered Assessor Program Assessment

Saviynt | November 08, 2022

Saviynt, a leading provider of intelligent identity and access governance solutions, today announced it has successfully completed the Information Security Registered Assessor Program (IRAP) assessment. As an important validation for security vendors doing business with government agencies in Australia, the IRAP assessment confirms that Saviynt's Enterprise Identity Cloud (EIC) is assessed at the PROTECTED level. Validating the effectiveness of security controls offered by the Enterprise Identity Cloud for storing, processing, and communicating information up to the PROTECTED information classification level. The IRAP program enables Australian government customers to validate that appropriate controls are in place for addressing the requirements of the Australian Government Information Security Manual (ISM) produced by the Australian Cyber Security Centre (ACSC). An independent IRAP assessor examined the Saviynt solution, including people, processes, and technology, against the requirements of the ISM. "The IRAP assessment is the latest milestone in Saviynt’s rapid growth in the Asia Pacific region. "It allows us to provide our government and commercial Enterprise Identity Cloud customers in the APAC region with the confidence that their data is fully protected from unauthorized access when leveraging cloud services.” Dan Mountstephen, Senior VP, Asia Pacific, Saviynt Saviynt’s Enterprise Identity Cloud is the only converged identity platform that provides unmatched levels of visibility and security. By combining identity access management, cloud privileged access management, application access management for cross-application separation of duties, third-party access management, and data access governance in a converged platform, Saviynt helps modern enterprises scale cloud initiatives while also solving the toughest security and compliance challenges. About Saviynt Saviynt's Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and privileged access to secure the entire business ecosystem and provide a frictionless user experience.

Read More

More featured news