DATA SECURITY

NETSCOUT Omnis Cyber Intelligence Integrates with AWS Security Hub

NETSCOUT | November 11, 2021

NETSCOUT SYSTEMS, INC. a leading provider of cybersecurity, service assurance, and business analytics solutions, today announced that Amazon Web Services, Inc. (AWS) customers will now have added visibility and security when migrating workloads to AWS using NETSCOUT's Omnis® Cyber Intelligence (OCI) integration with AWS Security Hub.

NETSCOUT OCI is the industry's fastest and most scalable network security software solution, built on the foundation of the industry's most prominent network monitoring and packet recording and analysis technology. It uniquely detects and investigates suspicious activities in real-time and retrospectively, identifies threats early in the attack life cycle to prevent infections from spreading, stops future attacks, and identifies compromised assets.

As a cloud security posture management service, AWS Security Hub performs automated, continuous security best practice checks against AWS resources, aggregates alerts, and enables automated remediation.

The integration between NETSCOUT OCI and AWS Security Hub enhances the corporate security posture by extending the breadth and depth of cyberthreat visibility and intelligence. The integration is seamless since NETSCOUT OCI automatically formats violations in the Amazon Security Findings Format (ASFF) with built-in intelligence to suppress duplicate alerts and group them as needed. NETSCOUT OCI, through its integration with AWS Security Hub, helps detect, investigate, and respond to potentially malicious activity exposing risks that exist in hybrid cloud interdependencies.

"As organizations migrate workloads to the cloud, their infrastructure becomes increasingly complex, making end-through-end visibility a necessity to uncover increased attack surfaces and combat threat exposure,As an AWS Validated Technology and Public Sector Partner with Network and Migration competencies, we've been in lock-step development with AWS. We're excited that customers can realize the benefits of NETSCOUT OCI, which is now fully integrated onto AWS Security Hub."

Russ Currie, vice president, enterprise strategy, NETSCOUT

About NETSCOUT
NETSCOUT SYSTEMS, INC. helps assure digital business services against security, availability, and performance disruptions. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility and insights customers need to accelerate and secure their digital transformation. Omnis Cyber Intelligence delivers the fastest and most scalable network security solution available on the market. NETSCOUT nGenius service assurance solutions provide real-time, contextual analysis of service, network, and application performance. And Arbor® Smart DDoS Protection by NETSCOUT products help protect against attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers or in the cloud, and how NETSCOUT's security and performance solutions can help you move forward with confidence.

Spotlight

This series of three cybersecurity whitepapers is intended for engineers and designers of industrial control processes and the systems that control those processes. Throughout the papers, we emphasize the point that data is not exhaust left-over from a sensor-heavy process, but it is the driver of future value by enabling visibility, understanding, and ever-more-precise control of the processes. However, the activities to increase value by using ever more distributed information and system connectivity potentially expose systems to risk of cyber exploitation. Paper #1 demonstrates that greater value is derived from security when clear articulation of engineering and business requirements drive security, rather than the other way around. It provides a construct to capture basic connectivity between systems as a foundation for contextualizing threats and security solutions.

Spotlight

This series of three cybersecurity whitepapers is intended for engineers and designers of industrial control processes and the systems that control those processes. Throughout the papers, we emphasize the point that data is not exhaust left-over from a sensor-heavy process, but it is the driver of future value by enabling visibility, understanding, and ever-more-precise control of the processes. However, the activities to increase value by using ever more distributed information and system connectivity potentially expose systems to risk of cyber exploitation. Paper #1 demonstrates that greater value is derived from security when clear articulation of engineering and business requirements drive security, rather than the other way around. It provides a construct to capture basic connectivity between systems as a foundation for contextualizing threats and security solutions.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

ReasonLabs' RAV Endpoint Protection Achieves Gold OPSWAT Access Control Certification for Endpoint Security Applications

ReasonLabs | September 05, 2022

ReasonLabs, a leading cybersecurity company providing enterprise-grade protection to users all around the world, has today announced that its RAV Endpoint Protection solution has received Gold Certification from Access Technologies (OPSWAT), a leader in critical infrastructure protection. OPSWAT's Access Control Certification Program provides reliable and consistent metrics for validating the effectiveness of anti-malware products and establishing device trust. The program's Gold certification badge is awarded to applications that achieve access control compatibility. "Achieving Gold Certification in OPSWAT's Access Control Center Program further validates RAV Endpoint Protection as an industry-leading next-generation consumer solution. "The certification has created an easy way for customers to validate our solution's capabilities. End users can be assured that RAV Endpoint Protection secures endpoints with a high degree of confidence." Kobi Kalif, CEO of ReasonLabs ReasonLabs is the first Next-Generation Antivirus (NGAV) software with Endpoint Detection and Response (EDR) capabilities built specifically for home users. Whereas traditional antiviruses use a one-to-one detection technology to fight breaches and malware, ReasonLabs's intuitive engine utilizes a variety of technologies and techniques to predict and prevent virus attacks. By leveraging machine learning algorithms and AI, RAV Endpoint Protection sorts through millions of files to easily identify potentially hazardous ones and ensures proactive detection and resolution of the most complex malware. "From OPSWAT's inception, we have pioneered the concept of zero trust," said Benny Czarny, founder and CEO of OPSWAT. "The OPSWAT Access Control Certification Program extends this idea to IT System Administrators by relieving them from the daunting task of researching, testing and identifying the right endpoint anti-malware and encryption solutions by having us test it for them. We've done the work and verified applications that meet our exacting zero trust standards." Since RAV Endpoint Protection utilizes state-of-the-art EDR technology powered by artificial intelligence, ReasonLabs is able to provide the strongest defense for customers' personal assets. By utilizing an EDR approach, RAV is able to detect threats virtually anywhere, in contrast to systems built with a legacy one-to-one detection method. When coupled with its other security products including RAV VPN, RAV Safer Web, RAV Online Security, and FamilyKeeper, users can feel confident knowing every single endpoint is secured. "We developed the OPSWAT Access Control Certification Program to recognize the very best security solutions in the market, and ReasonLabs' RAV Endpoint Protection solution has met these demanding requirements," said Hamid Karimi, VP Technology Alliances and OEM at OPSWAT. "Gold certification is a badge of trust that certifies that a vendor's solutions do what they say they do and are effective against the latest emerging threats. IT professionals who are looking for the most effective antivirus solutions rely on Gold Certified vendors, and now they should consider ReasonLabs' RAV Endpoint Protection." About ReasonLabs ReasonLabs is a cybersecurity pioneer equipping tens of millions of families and individuals worldwide with the same level of cyber protection enjoyed by Fortune 500 companies. Its AI-powered, next-generation antivirus engine scans billions of files around the world to predict and prevent cyberattacks in real-time, 24/7. Its flagship product, RAV Endpoint Protection, together with its other products combine to form a multilayered solution that safeguards home users against next-generation threats. Co-Founded in 2016 by seasoned cybersecurity expert Andrew Newman—an architect of Microsoft's native cybersecurity program, Microsoft Defender—ReasonLabs is based in New York and Tel Aviv.

Read More

DATA SECURITY

SentinelOne and Cribl Partner to Deliver Data Flexibility Across Cybersecurity and Observability

Cribl | August 04, 2022

Cribl, the leader in enabling open observability, today announced a new partnership with SentinelOne, an autonomous cybersecurity platform company. The partnership enables SentinelOne customers to leverage Cribl's observability product suite to streamline cybersecurity triage, optimize data collection, and provide security teams control of their data. By integrating Cribl's observability product suite with Singularity XDR, SentinelOne customers can now unlock the value of all observability data. Key benefits include the ability to: 1) Operationalize endpoint and extended detection and response (EDR & XDR) of data sources in joint customer environments, 2) Streamline for triage and investigative functions in the Security Operations Center (SOC), and 3) Progress cybersecurity programs with enhanced threat intelligence, threat hunting, and adversary simulation. "Today's cybersecurity risk levels are increasingly associated with the ability to understand data across enterprise assets. "Our partnership with Cribl helps optimize data collection at scale, enabling security teams to minimize risk and save time." Chuck Fontana, SVP Business Development at SentinelOne "We're excited to partner with the SentinelOne team," said Zac Kilpatrick, VP of Channel and Alliances at Cribl. "To keep up with persistent threats and the ever-changing security landscape, SOC activity must move from reactivity to proactivity. SentinelOne's autonomous and proactive approach to cybersecurity is differentiated in the market and aligns with Cribl's objective of optimizing analytics platform cost and performance." Integration with SentinelOne's Cloud Funnel Cribl's product suite now integrates with SentinelOne's Cloud Funnel, a data subscription enabling XDR data to be stored locally in an enterprise's data lake. This solution works with any data type, such as file, process, DNS, flow, behavioral, registry, commands, scripts, and more. Cloud Funnel's flexibility provides SentinelOne customers the ability to choose which data type they need, optimize it to find the right signal, and route it for maximum efficiency - all at machine speed. Integration with DataSet Cribl Stream now supports SentinelOne's DataSet as a destination to seamlessly route data from legacy log analytics solutions. DevOps and IT teams choose DataSet to analyze data in real-time, effortlessly scale to petabytes, and cost-effectively retain data for longer periods of time for compliance and audit purposes. The new integration enables Cribl customers to pipeline their data to DataSet without changing their data instrumentation, collection, and ingestion. SentinelOne and Cribl will also continue bringing new offerings to market, including integrating Cribl Stream into SentinelOne's Singularity XDR platform. About Cribl Cribl makes open observability a reality for today's tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It's enterprise software that doesn't suck, enables tech professionals to do what they need to do, and gives them the ability to say "Yes." With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA.

Read More

SOFTWARE SECURITY

Legal Industry Leader HBR Managed Services Partners with Tanium to Enhance Security and IT Services Capabilities

HBR Consulting | August 16, 2022

HBR Managed Services (HBR), a comprehensive strategy, operations and technology consulting firm focused on the legal industry, today announced its partnership with Tanium, the industry's only provider of converged endpoint management (XEM) for complex security and technology environments. Recognizing that law firms are attractive targets for cyber criminals, HBR is leveraging the Tanium platform to provide IT operations management, IT asset discovery, and security threat response to manage system updates at scale, thereby helping the firm's IT managed services and network operating center (NOC) clients reduce risk and operating costs. "The Tanium platform allows us to automate patching of OS and applications on servers and workstations, whether those endpoints are attached to a firm's network or not," said Bill Elser, vice president of engineering services at HBR. "That's critical in today's hybrid environment, allowing us to quickly prevent or remediate security or other operational issues by deploying registry changes and executing scripts." "The legal field faces unique challenges not only to protect the integrity and reputation of individual firms, but to safeguard the various constituencies they serve. "Tanium is keenly aware of the heightened risks the industry faces and we are proud to align with a leader like HBR as they work to secure the interests of their clients. We look forward to expanding this long-term partnership as they continue to grow." Todd Palmer, SVP of partner sales of Tanium "We're pleased to add Tanium to our roster of best-in-class vendor partners," added Chris Petrini-Poli, HBR's executive chairman. "HBR is committed to continually innovating services and partnering with best-in-class tool providers. Throughout the past year, we've been investing in relationships that will help us continue to provide exceptional, cost-effective service to our clients. We're proud to be on the leading edge of using top-of-the-line technology that ensures a continuously updated and monitored, safe and secure IT environment, while allowing HBR's team to operate as efficiently as possible." About HBR Consulting HBR Consulting (HBR) provides law firms and corporate law departments with strategic guidance, operational improvement, and technology solutions that drive innovation while managing cost and mitigating risk. HBR's proven combination of experience, relationships, and insights—spanning the legal ecosystem—delivers sustainable financial and competitive advantages for its clients. Visit www.hbrconsulting.com and follow HBR on LinkedIn and Twitter. About Tanium Tanium, the industry's only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune's list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That's the power of certainty.

Read More