ENTERPRISE SECURITY

MRK Technologies Adds New Autonomous Penetration Tests

MRK Technologies | April 18, 2022

MRK Technologies
MRK Technologies, a cybersecurity risk management company, has announced a collaboration with Horizon3.ai to assist its clients tackle the ever-evolving ransomware threat with a new Autonomous Penetration Tests as a Service (APTaaS). Penetration testing can be automated and executed as often as needed to guarantee all systems are safe utilizing Horizon3.ai's NodeZero platform.

John Tookman, Chief Revenue Officer and Senior Vice President of MRK Technologies said that "We pride ourselves on continuously bringing the best technology to our customers. We're excited to add Horizon3.ai's NodeZero platform to our managed security services, which allows us to help ensure our customers' systems are secure."

He further added that, "In the last couple of years, we've doubled down on our efforts to build out our Security Operations Center in order to provide best-in-class service offerings to our customers. Adding APTaaS is just the next step in continuing to achieve our mission of helping our customers achieve a stronger security posture amidst the ever-evolving threat landscape."

Annual penetration testing is often seen as a compliance necessity rather than a value addition. Many pentests merely provide a snapshot of a network that is only relevant for a limited time. This new continuous APTaaS is a real SaaS product that assists cybersecurity teams in constantly identifying and fixing vulnerabilities in their systems before attackers can use them.

"Threat actors know how to chain together network misconfigurations, vulnerabilities, harvested credentials, and dangerous product defaults to create attack vectors you never imagined would be exploitable. Our partnership with MRK Technologies allows us to provide APTaaS to customers, helping them to harden their security postures with pentests that can run as often as they wish."

Snehal Antani, CEO and co-founder of Horizon3.ai

This new product complements MRK Technologies' Security Operations Center's existing managed securities portfolio, which includes Managed Detection & Response (MDR/EDR), Managed Security Information & Event Management (SIEM), Managed Deception Technology, and Managed Network Detection.

Spotlight

The IT world is on the precipice of enormous change. While full adoption of this change will not happen overnight, it has already begun to happen in the datacenter and for a user near you. Because of the substantial investments made by organizations in building out their datacenters, and thanks to the significant risk associated with moving too quickly to the new computing paradigm, most organizations are adopting a dual strategy of continuing to invest in their traditional datacenters while examining, testing, and in some cases, deploying pilot installations in a cloud-based infrastructure in preparation for leveraging tomorrow's compute solutions.

Spotlight

The IT world is on the precipice of enormous change. While full adoption of this change will not happen overnight, it has already begun to happen in the datacenter and for a user near you. Because of the substantial investments made by organizations in building out their datacenters, and thanks to the significant risk associated with moving too quickly to the new computing paradigm, most organizations are adopting a dual strategy of continuing to invest in their traditional datacenters while examining, testing, and in some cases, deploying pilot installations in a cloud-based infrastructure in preparation for leveraging tomorrow's compute solutions.

Related News

PLATFORM SECURITY

Deloitte Launches Zero Trust Access, a New Managed Security Service

Deloitte | July 12, 2022

To help organizations adopt zero trust more quickly and efficiently, Deloitte is launching a new managed service – Zero Trust Access— that offers a cloud-native approach to securing communications between users, on any device, and enterprise applications, wherever they may reside. The Zero Trust concept commits to removing implicit trust within an information technology (IT) ecosystem and replacing it with a risk-based approach to accessing organizational resources across identities, workloads, data, networks and devices. This trend is gaining momentum, given legacy approaches to security architecture are no longer suitable to secure the ubiquitous nature of the modern enterprise. Part of the newly expanded Zero Trust by Deloitte, Zero Trust Access facilitates zero trust adoption and the evolving needs of organizations in protecting their applications, infrastructure, and data. Following the integration of recently acquired talent and technology into existing Deloitte services, the Zero Trust Access managed service connects users to applications through a frictionless cloud-native solution that is inherently scalable, resilient, agile, and secure. Further, the managed service is available standalone, integrated with other Deloitte offerings, or as part of a broader solution leveraging technologies from Deloitte's alliances ecosystem. "As perimeter-based approaches are no longer suitable to secure the modern enterprise, many organizations are working to enhance protection for their IT ecosystems via zero trust. "Zero Trust Access was built as a turnkey managed service helping ourselves and our clients accelerate adoption of this transformative security framework. Our goal was to create a cost-effective solution that can be delivered standalone or complementary to a broader ecosystem and ultimately help decrease the burden on IT and security teams who likely need to manage multiple heterogenous solutions to achieve similar outcomes." Andrew Rafla, Deloitte Risk & Financial Advisory's zero trust offering leader and principal, Deloitte & Touche LLP With innovative data protection leveraging device-level secure microcontainer technology, Zero Trust Access helps protect infrastructure while also enabling organizations to protect sensitive enterprise data and enforce least privilege through dynamic access control to enterprise assets. The managed service can replace remote access solutions inclusive of virtual private network (VPN), virtual desktop infrastructure (VDI), and desktop as a service (DaaS), all of which typically require significant capital expenditure for infrastructure, high operating costs, and technology management overhead. Zero Trust Access includes features such as ephemeral connectivity built upon secure peer-to-peer (P2P) communication, conditional access and continuous authorization, as well as robust data protection for data at-rest, in-use, and in-transit are consistently applied to each session, regardless of the type or location of the applications being accessed (e.g., legacy hosted applications, software as a service (SaaS), thick-client, web-based applications). Implementation of Zero Trust Access can help organizations leverage outcome-based solutions that improve business agility, enhance user productivity, and reduce cost and complexity of security operations. "Beginning zero trust adoption isn't simple, fast or easy for most organizations," Deborah Golden, Deloitte Risk & Financial Advisory Cyber and Strategic Risk leader and principal, Deloitte & Touche LLP. "We're launching Zero Trust Access as the first in many adoption-enabling services and solutions to come, so that our clients are better able to modernize their security programs, enable agile operations and confidently advance with emerging technologies and transformative risk management principles that can build more resilient security practices." About Deloitte Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world's most admired brands, including nearly 90% of the Fortune 500® and more than 7,000 private companies. Our people come together for the greater good and work across the industry sectors that drive and shape today's marketplace — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthier society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them.

Read More

SOFTWARE SECURITY

Fusion Connect Introduces Extensive Security Portfolio to Help Enterprises Take Control of Their IT Environment

Fusion Connect | July 22, 2022

Fusion Connect, a leading provider of managed security and collaboration services, has launched a comprehensive security offering with a new endpoint management and security service that allows businesses to identify, control, and secure devices and applications at a time when security threats continue to disrupt companies globally. The new portfolio enables organizations to better understand the complete picture of their security risks and take action to mitigate them. Fusion Connect provides a complete solution that secures against threats while also hunting for unknown vulnerabilities that can upend a business from managing network components with advanced edge security for unified threat management (UTM) and remote access VPN to device level management. Additionally, the new portfolio helps organizations to improve reaction time to threats by connecting and securing any element in the organization's environment. The centralized platform enables enterprises to take swift action by providing a wide range of capabilities to improve IT efficiency and security hygiene. Fusion Connect's enhanced security measures come at a time when a massive talent shortage persists globally. According to (ISC)², the size of the cybersecurity workforce is 65% below what it needs to be. "Heavier workloads, unfilled positions, and security employee burnout are making things especially chaotic in cybersecurity. "With cyberattacks becoming more common, more sophisticated, and more costly, businesses need to quickly fill gaps and stop just simply firefighting. Using artificial intelligence and strategic managed services partners are ways to ensure organizations are protected and can mitigate threats before the attack occurs. And that's what our latest offering addresses." Ken Morford, Vice President of Security at Fusion Connect Fusion Connect plans to continue expanding its comprehensive security portfolio to empower CISOs to gain the control, visibility, and speed needed to thwart cyber threats and keep their networks and organizations secure. About Fusion Connect Fusion Connect manages, orchestrates, and secures the critical technology infrastructure that enables the connected enterprise. We tailor our highly available and secure cloud communication, collaboration, security, and network management platforms to meet the unique needs of our mid-market and enterprise customers. Our AI-based management systems, along with our highly skilled technicians, dynamically ensure world-class application performance under any conditions.

Read More

SOFTWARE SECURITY

One Identity Announces Innovations to Security Platform

One Identity | June 06, 2022

Following the purchase of One Login last year, One Identity, a pioneer in unified identity security, today announced additional advancements to its Unified Identity Security Platform. In addition to One Identity's best-in-class offerings in Identity Governance and Administration (IGA), Identity and Access Management (IAM), Privileged Access Management (PAM), and Active Directory Management and Security (ADMS), the incorporation of OneLogin to the platform allows organizations to transition from a factionalized to a holistic approach to identity security. The inclusion of Safeguard Alchemy, a seamless on-boarding for PAM through One Identity's Starling platform, as well as device-level MFA, which offers the capability of secure MFA login access to devices, to the Unified Identity Security Platform. These new capabilities complement the platform's comprehensive analytics, as does a new passwordless auto-login function in One Identity's Safeguard product. Organizations can enable Zero Trust enforcement of access rights by ensuring the proper access permissions are provided throughout the company using a new entitlement right-sizing function. “The acquisition of OneLogin last year was a critical step for us to be able to deliver a complete and unified security strategy to our customers. Traditional identity and access management tools manage environments in a disjointed manner, leading to identity sprawl — a fragmented and inefficient approach to identity security. One Identity is transforming the way its customers are able to manage and protect access to their most valuable assets — people, identities and data — with a now complete powerful suite of identity security solutions that help simplify access management, reduce IT costs, improve security, and enhance user experience.” Bhagwat Swaroop, President and General Manager at One Identity Customers can now safeguard Windows workstations with industry-standard multi-factor authentication (MFA), leverage system-level checks to improve cybersecurity, and close security gaps in a distributed workforce and infrastructure by utilizing a combination of two powerful MFA solutions from OneLogin and One Identity. This desktop level multi-factor authentication is one of the core characteristics that distinguishes One Identity from other identity and access management suppliers, allowing enterprises to expedite cloud migration and easily scale, protect, and manage identities. The integration of OneLogin and One Identity Manager also provides customers with a centralized and mature IAM and IGA on-boarding and full identity lifecycle solution, including SSO and MFA that addresses enterprise provisioning, user self-service, approval workflows, user access attestation, user access termination, time-based access, and compliance reporting. As security breaches become more common and cybersecurity requirements get more stringent, One Identity assists clients in their transition to a Zero Trust security approach. With the integration of OneLogin into One Identity's Single Identity Security Platform, the firm provides enterprises with an united picture of users, accounts, machine identities, and accounts, transforming businesses from fragmented to unified. This platform uses identity intelligence and analytics to provide cybersecurity professionals with a clear picture of their risk profile and the ability to take remedial steps as required.

Read More