PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY
Businesswire | May 31, 2023
SOC Prime, provider of the world’s largest and most advanced platform for collective cyber defense, today announced its integration with Amazon Security Lake, the AWS security service that enables organizations to automatically centralize security data from the cloud, on-premises, and custom data sources into a purpose-driven data lake stored in their account. SOC Prime drives a transformational change in cybersecurity relying on zero-trust & multi-cloud approach to empower smart data orchestration, dynamic attack surface visibility, and cost-efficient threat hunting. Backed by its advanced cybersecurity solutions, Uncoder AI, Attack Detective, and The Prime Hunt, SOC Prime enables organizations to boost their cyber defense capabilities at scale, unleashing the power of Amazon Security Lake.
Leveraging SOC Prime’s Uncoder AI, an Augmented Intelligence framework, security teams can save development time and migration costs with re-usable threat hunting queries automatically convertible to Amazon Athena and OpenSearch in the standard Open Cybersecurity Schema Framework (OSCF) format.
SOC Prime’s Attack Detective tool intelligently and automatically queries security logs in the customer's Amazon Security Lake account via Amazon Athena and Amazon OpenSearch to identify data sources and then scan them in real time with a curated set of threat hunting queries. By leveraging Attack Detective, security engineers can channel their efforts directly into incident investigation rather than analyzing overwhelming volumes of alerts and accelerate threat research by validating over 10,000 adversary behaviors against the stored log sources in a matter of hours. Attack Detective follows core Zero-Trust Architecture (ZTA) principles segregating the data plane and control plane to ensure that no SIEM or EDR access credentials are shared or inherited within the Company profile. The tool provides complete threat visibility based on the organization-specific logs by linking and correlating with SIEM and EDR on-premises data in its native location without the need to migrate it to the cloud, which contributes to significant cost savings and ensures compliance with zero-trust basic tenets.
Adding to investment optimization capabilities, The Prime Hunt open-source browser extension enables security professionals to extract valuable data from large datasets at a lower cost. Users can seamlessly run threat hunting queries on security logs within the Amazon Security Lake account via a web browser in both Athena and OpenSearch and automatically identify accounts and assets affected by the suspected activity.
About SOC Prime
Headquartered in Boston, SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 27 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations, including 42% of Fortune 100 and 21% of Forbes Global 2000. Flexible subscriptions ensure that both organizations and individual operators can benefit from SOC Prime’s curated detection content and enhanced cyber defense capabilities. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. For more information, visit https://socprime.com or follow us on LinkedIn & Twitter.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | May 17, 2023
SimSpace, the industry leader in military-grade cyber ranges is today announcing the expansion of their ecosystem. The SimSpace Cyber Force Platform will now help Cymulate customers evaluate and validate their security stack with SimSpace's cyber ranges.
According to Cybersecurity Ventures, the total cost of cybercrime in 2023 is expected to hit $8tr and $10.5tr in 2025. Defending against the nation state tactics, techniques and procedures now targeting businesses will be on the mind of every board member and CISO this year. Adopting continuous security improvements will be the key that unlocks cybersecurity resilience, a major theme in Gartner's 2023 cybersecurity predictions. How organizations manage their cyber risk will dictate their security posture and financial optimization in the coming year.
SimSpace's Cyber Force platform enables listed companies and critical national infrastructure organizations around the world to test their networks in the highest-fidelity simulated environments commercially available. SimSpace's cyber range will enhance Cymulate customers' ability to perform market-leading team assessments, live-fire exercises and vulnerability exposure.
Carolyn Crandall, Chief Security Advocate at Cymulate believes the partnership will reinforce testing and training capabilities for leading businesses: "Our priority is to strengthen the cyber resilience and exposure assessment of our mutual customers, and SimSpace's cyber range will be an integral component in achieving this. Businesses around the world trust Cymulate's breach-and-attack platform to validate their critical processes. With SimSpace's high-fidelity emulation, Cymulate customers can further benefit from the integrated live-fire training and real-world testing capabilities they provide."
William "Hutch" Hutchison, co-founder and CEO of SimSpace Inc sees the partnership as an opportunity for growth: "We are excited to develop our partnership with Cymulate to provide world-class cyber readiness training for our mutual partners."
"As our customers continue to face unprecedented cybersecurity challenges, this partnership will allow them to continuously develop and improve their defensive abilities. SimSpace's Cyber Force Platform was born out of a need for the highest level of threat detection which has developed into a business necessity in 2023. As bad actors elevate the complexity and frequency of attack paths today, SimSpace's cyber range provides government-grade protection for platforms such as Cymulate to achieve unparalleled cyber preparedness."
The Cymulate platform provides threat exposure assessment, Breach and Attack Simulation (BAS), and Continuous Automated Red Teaming (CART) for delivering real-time visibility to vulnerabilities, understanding the efficacy of security controls, and automated testing. The Cymulate platform continuously assesses, optimizes, and rationalizes the state of security controls, while creating baselines for proving security efficacy across the full cyber kill chain and for continuous improvement.
SimSpace is the global leader in military-grade cyber ranges, founded by experts from U.S. Cyber Command and MIT's Lincoln Laboratory to respond to a new era of unprecedented cyber threat. The company's Cyber Force Platform enables the most sophisticated enterprises, governments, and critical national infrastructure organizations to find intelligence-driven answers to the most vexing security, governance, training, and cyber readiness questions. SimSpace provides high-fidelity cyber security simulations, training, and safe live-fire exercises previously only available to the U.S. Cyber Command and the world's most advanced intelligence agencies. Now, Fortune 2000 financial, retail, insurance, and other commercial markets can access nation-state level security capabilities to protect their critical assets, with an average reduction in cyber operational costs of 30% and a 40% reduction in breaches.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | April 20, 2023
Spin.AI, developer of the SpinOne SaaS security platform for mission-critical SaaS apps, today announced the significant expansion of its platform with new solutions to help enterprises proactively respond to the growing challenge of protecting SaaS data. This includes new capabilities around SaaS security posture management (SSPM), SaaS data leak prevention and data loss protection (SDLP), and SaaS ransomware detection and response (SRDR), as well as new integrations with JIRA and ServiceNow, and backup support for Slack.
"The rising adoption of mission-critical SaaS applications, such as collaboration tools and CRMs, has resulted in a massive amount of new SaaS data that must be safeguarded for compliance, regulatory, and business continuity purposes,” said Dmitry Dontov, CEO and founder of Spin.AI. “The most recent enhancements to the SpinOne platform protect SaaS applications, automate manual processes, and minimize business downtime for organizations that rely on SaaS apps and SaaS data. With SpinOne, teams can reduce the time it takes to identify and remediate SaaS application risks from days and months to minutes and seconds."
SpinOne is an all-in-one, SaaS security platform that protects SaaS data for mission-critical SaaS applications, including Google Workplace, Microsoft 365, Salesforce and now Slack, by delivering full visibility and fast incident response. It eliminates fundamental security and management challenges associated with protecting SaaS data by reducing the risk of data leak and loss, saving time for SecOps teams through automation, reducing downtime and recovery costs from ransomware attacks, and improving compliance. The new platform updates include:
SSPM (SaaS Security Posture Management) – Offers automated security operations to help companies quickly detect and respond to misconfigurations while also providing inventory and assessment of unsanctioned third-party apps and extensions. This reduces security and compliance risks while minimizing manual workloads. SpinOne provides full visibility and control over SaaS apps, Cloud apps, Mobile apps, and browser extensions with OAuth access to collaboration tools. Additionally, SpinOne provides access to a database of 300,000+ apps and extensions assessed by its AI-driven algorithms, reducing risk assessment time from months to seconds.
SaaS DLP (SaaS Data Leak Prevention and Loss Protection) – Mitigates unauthorized access to sensitive SaaS data with configurable access management and advanced reporting. Recovers lost data in a matter of minutes or hours (instead of the typical weeks or months) with integrated, automated SaaS backup and rapid incident response.
SaaS Ransomware Detection and Response – Quickly detects and responds to in-progress ransomware attacks, minimizing downtime from an average of one month to up to 2 hours and preventing further encryption. Provides 24/7 ransomware monitoring and automated incident alerting, and can recover SaaS data in minutes, reducing recovery costs by 90%. This patented technology gives organizations the unique capability to limit files impacted and avoid throttling and API limits on recovery.
JIRA and ServiceNow – Integrates with JIRA and ServiceNow to create alerts and incidents automatically, streamlining security operations processes for enterprise teams by eliminating the need for manual alert creation.
SpinOne for Slack – Helps protect an organization’s Slack channels and messages to meet data protection and compliance requirements, ensure business continuity, and decrease recovery costs. You can easily set up automated 3x a day backup of your Slack data on AWS, GCP, Azure or BYOS.
Enterprises use multiple point products to meet their security requirements, making it challenging to manage various dashboards, invoices, and support channels. Consequently, enterprises are consolidating on platforms that address significant issues in a single solution. This all-in-one SaaS security solution is what SpinOne provides. SpinOne can efficiently substitute existing vendors or complement an enterprise’s existing security stack, reducing overhead and complexity.
“SaaS applications, such as Google Workspace and Microsoft 365 for example, have a significant number of controls and configurations,” said Davit Asatryan, Director of Product at Spin.AI. “One of the biggest challenges administrators face is configuring these applications for the best security posture. This new SpinOne update delivers the visibility needed to better understand configuration issues, set better policies, and respond faster, while aligning with existing regulations such as NIST, ISO, and SOC 2.”
SpinOne protects the SaaS applications enterprises use on a daily basis, reducing the risk of downtime due to business disruptions, ensuring business continuity, and improving compliance. For more information including a deeper technical overview of the new SpinOne capabilities, please visit www.spin.ai/platform/spinone or request a demo at www.spin.ai/demo.
Spin.AI is a SaaS security company protecting enterprises against the risk of shadow IT, data leak and loss, ransomware, and non-compliance. SpinOne, the all-in-one SaaS security platform for mission-critical SaaS apps, protects SaaS data for Google Workspace, Microsoft 365, Salesforce, and Slack. SpinOne provides SaaS security posture management, SaaS DLP, and SaaS ransomware protection for more than 1,600 organizations worldwide to reduce downtime and recovery costs, improve compliance, and save time for SecOps teams. For more information, please visit: https://www.spin.ai/