DATA SECURITY

Netskope Revolutionizes Data Protection with Patented Lightweight, Cloud-Powered Endpoint Data Loss Prevention

Netskope | May 24, 2022

Netskope
Netskope, the leader in Security Service Edge (SSE) and zero trust,announced a key expansion of data protection capabilities to endpoint devices and private apps. The introduction of a patented endpoint data loss prevention (DLP) solution will enable Netskope Intelligent SSE customers to protect data everywhere it moves across the hybrid enterprise.

Zero trust principles are critical to SSE, which describes the security stack needed to enable a modern Secure Access Service Edge (SASE) architecture. Data protection is of utmost importance throughout a SASE architecture—specifically, the need for security to move with data wherever it is accessed, and apply zero trust to determine the right level of access. Additionally, legacy and endpoint DLP offerings have failed enterprises by being siloed, complicated, and intrusive, hindering user productivity.

Netskope has been consistently recognized by top industry analysts for its advanced data protection capabilities. With today's continued expansion of the Netskope Intelligent SSE platform, Netskope customers will be able to protect data across SaaS, IaaS, private applications, web, e-mail, and endpoint devices from a single converged data protection solution, leveraging machine learning, user and entity behavior analytics (UEBA), and insider threat mitigation capabilities to improve security efficacy, efficiency, and agility.

Notable features of Endpoint DLP include:
  • Context-aware, zero trust data protection on local peripherals and devices, such as USB drives and printers
  • Unified data classification, policy enforcement, and incident management for DLP across SaaS, IaaS, private apps, web, e-mail, and endpoint devices
  • A patented lightweight endpoint agent with cloud-based inspection and contextual data protection policies that enhance the user experience
  • Machine learning and Advanced Analytics to help simplify data classification and policy definition, lowering operational overhead
  • UEBA, which makes it possible to identify and stop complex data loss scenarios such as insider risk, where users are unintentionally or even maliciously abusing their access to data

"No SASE or zero trust journey will be successful without data protection capabilities that can address all critical use cases in a way that is easy to deploy and doesn't slow down users, The introduction of Endpoint DLP extends Netskope's award-winning data protection capabilities that much further, to critical use cases with endpoint devices. While some competitors may offer unified policy and management or provide data protection for certain vectors, Netskope is the only vendor that can provide truly converged data protection across the full IT environment. We are very excited to deliver Endpoint DLP to customers as another Netskope game-changer."

John Martin, Chief Product Officer, Netskope

"With Netskope's new eDLP, we can now offer single-pass data protection —across all vectors, from the cloud to the endpoint —with unified policies, within a single management console," said Mick Coady, Global Vice President CyberSecurity Solutions, World Wide Technology. "As a Platinum Partner in Netskope's Evolve partner program, we're seeing the huge growth opportunity that Netskope's Intelligent SSE approach represents. This new addition will accelerate that growth."

A work-from-anywhere, or "hybrid," environment makes it increasingly difficult to maintain security models based on implicit trust in any entity that wants to connect. Zero trust principles enable organizations to govern access to data based on behavior by users, devices, networks, and applications— increasing confidence in policy enforcement everywhere. By evaluating several contextual elements—user identity, device identity and security posture, time of day, geolocation, business role, sensitivity level of the data, and more—the resource itself can determine an appropriate level of confidence, or trust, only for that specific interaction and only for that specific resource. Using Netskope Intelligent SSE with zero trust principles applied throughout the environment, businesses become more agile, reduce risk, and streamline solution deployment and maintenance.

"DLP has been extremely complicated and cumbersome, and that's before you factor in cloud, web, email, private apps, and endpoints," said Frank Dickson, IDC Group Vice President, Security & Trust. "Netskope looks to address complexity with integration, providing a unified cloud delivered solution. Compared to old school network and endpoint-based DLP solutions, having DLP in this integrated solution makes it dramatically easier to protect data wherever it may be and in a manner that is frictionless for end users. It is a win-win."

About Netskope
Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. The Netskope Intelligent Security Service Edge (SSE) platform is fast, easy to use, and secures people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Spotlight

As the potential for cyber attacks against the energy sector grows, a revolutionary early-warning system designed to protect the industrial control systems of the oil and gas industry has emerged to complement highly recommended defense-in-depth strategies. Few people outside the oil and gas industry and its regulatory frameworks appreciate the vast nationwide infrastructure that brings fuel to their corner gas stations and, for many, to their homes. But for criminals, terrorists, and so-called hacktivists, this mostly invisible infrastructure is rich with targets for cyber attacks.

Spotlight

As the potential for cyber attacks against the energy sector grows, a revolutionary early-warning system designed to protect the industrial control systems of the oil and gas industry has emerged to complement highly recommended defense-in-depth strategies. Few people outside the oil and gas industry and its regulatory frameworks appreciate the vast nationwide infrastructure that brings fuel to their corner gas stations and, for many, to their homes. But for criminals, terrorists, and so-called hacktivists, this mostly invisible infrastructure is rich with targets for cyber attacks.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

OpenText partners with MAD Security to improve response time to cyberthreats and shrink the attack surface

OpenText | October 20, 2022

Today, OpenText™ , a global leader in information management with an extensive security solution portfolio, announced a partnership between OpenText Network Detection & Response (NDR) technology and MAD Security. This joint solution from OpenText and MAD Security will empower customers to cut false positive security alerts significantly and protect sensitive government data against advanced cyber threats. MAD Security, a managed security service provider (MSSP) that helps contractors and other small and medium sized enterprises detect potential breaches and prevent attackers from disrupting operations or exfiltrating data, knows firsthand that government contractors are a prime target for cyber-attacks, from phishing and social engineering to malware and ransomware. To strengthen its cybersecurity capabilities, MAD Security decided to augment its offering with NDR capabilities. The aim was to continuously monitor and analyze raw enterprise network traffic, creating a baseline of network behavior that would help analysts hunt down emerging threats faster. "In the past, MAD Security has relied on an anomaly-based intrusion detection system to find indicators of compromise (IOCs). While this approach was effective for analyzing north-south traffic across small networks, it was a challenge to pinpoint IOCs across larger networks with significant volumes of east-west traffic. "If we could reduce the time our analysts spent drilling down into the data, we could accelerate our response and improve cost efficiency—ultimately providing a more competitive service. Working with OpenText, we can now detect and correlate events, investigate the data and notify the client in an average of just 6.5 minutes—less than half of SLA." Jeremy Conway, CEO at MAD Security MAD Security selected OpenText NDR because of the level of visibility it provides. The company can now look beyond individual subsets of endpoint and log data to build up a clear picture of what happened and when during an attack—even if the network traffic is encrypted. MAD Security uses OpenText NDR to make sure remediation efforts are successful, for example, by monitoring for new IOCs during its cleanup effort to detect whether the attacker is changing tactics or switching to an alternate toolset. An end-to-end network security platform, OpenText NDR simplifies network threat detection by combining smart packet capture (Smart PCAP) and rich network metadata generation, delivering a clear view of even the most complex networks. With OpenText NDR, MAD Security can gain insights faster than ever through deep packet inspection, behavioral anomaly detection, IOC matching, and AI-powered analytics. "We are thrilled to be able to count MAD Security among our many incredible customers and are proud to see not just our solutions working for the organization but also be part of its growth and success," said Muhi Majzoub, Executive Vice President and Chief Product Officer at OpenText. "By supporting MAD Security with OpenText NDR, we were able to help the company achieve its growth target while keeping its analyst team lean." About OpenText OpenText, The Information Company™, enables organizations to gain insight through market leading information management solutions, powered by OpenText Cloud Editions.

Read More

DATA SECURITY, ENTERPRISE IDENTITY

Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface

Illumio | September 29, 2022

Illumio, Inc., the Zero Trust Segmentation company, today announced Illumio Endpoint®, a reimagined way to prevent breaches from spreading to clouds and data centers from laptops. Hybrid work has expanded the attack surface, introducing new threats and making organizations more vulnerable, so it’s become increasingly important for employees to have secure access to applications and data wherever they are located. Unlike other Zero Trust Segmentation solutions, Illumio Endpoint lets your policy follow your teams’ laptops wherever they work, whether at home, in the office, or at a coffee shop. With Illumio Endpoint, the first device that gets infected will also be the last. Organizations are more interconnected and vulnerable in hybrid workplaces, and the attack surface is growing increasingly complex. Additionally, attacks on hybrid work environments are more expensive, costing an average of about $600K more than the global average. Even with endpoint detection and response tools in place, endpoints still get breached – according to ESG, 76 percent of organizations experienced a ransomware attack in the past two years alone. Illumio Endpoint includes: Extended visibility and segmentation policy controls for macOS and Windows devices, allowing organizations to see risk and stop attacks from spreading from laptops, workstations, and VDIs. A single, unified console to see and manage visibility and segmentation policy across endpoints, clouds, and data centers, making Zero Trust Segmentation easier, faster, and more efficient for security teams. Work from anywhere support with segmentation policy that follows the device, so organizations have the confidence that their networks are secure, and their employees can remain productive while working from anywhere. The ability to control application access so users can only reach the necessary applications from their device, not the entire data center and cloud, minimizing the organization's risk from vulnerable or compromised endpoints. "Before Illumio, we had only a slim idea of what kind of communications were running across our network. But with Illumio, we clearly see exactly what's connecting to individual endpoints. David Ault, VP of Information Security at Telhio Credit Union “The hybrid workforce is here to stay, which exposes organizations to a more complex attack surface and more risk, particularly on the endpoint,” said Mario Espinoza, Chief Product Officer at Illumio. “It’s important to have tools that can detect and respond to an identified breach, but unidentified attacks can spread throughout the organization to access critical data and assets when Zero Trust Segmentation is not in place to proactively contain the breach. With Illumio Endpoint, security leaders will gain the comprehensive protection needed to build resilience to attacks throughout their hybrid IT and as employees work from anywhere.” “Ransomware and other cyberattacks often involve end user devices somewhere in the attack chain, moving laterally on to other higher-value assets,” said Dave Gruber, Principal Analyst, ESG. “Because attackers continue to find ways in and move laterally fast, prevention, detection and response mechanisms can fall short stopping these fast-moving attacks. Containment strategies such as Zero Trust Segmentation across endpoint devices can proactively stop ransomware and other fast-moving attacks from spreading to critical infrastructure and assets, reducing risk.” About Illumio Illumio, the Zero Trust Segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SentinelOne LABScon Security Research Conference Unifies Private and Public Sector Through Groundbreaking Cybersecurity Discoveries

SentinelOne | September 22, 2022

SentinelOne, an autonomous cybersecurity platform company, today launched the inaugural LABScon, a conference dedicated to advancing cybersecurity research for the benefit of collective digital defense. The event features novel findings from sought-after voices in cybersecurity and groundbreaking research by leading research teams. “The goal of LABScon is to provide a venue for advanced security collaboration and community building,” said Migo Kedem, VP Growth and Head of SentinelLabs, SentinelOne. “We are pleased to unite the cybersecurity community - researchers, vendors, and practitioners - to strengthen collective understanding of the security landscape. Only through shared knowledge and collaboration will cybersecurity evolve.” The conference lineup features prominent speakers and world-class researchers presenting on today's most important cyber security topics. Conference highlights include: Mark Russinovich, Microsoft Azure CTO, presents the story of his seminal malware analysis toolkit, which transformed malware analysis and forensic investigation Dmitri Alperovitch, Executive Chairman of the Silverado Policy Accelerator and CrowdStrike Co-Founder and former CTO, discusses cyberwarfare and effective policies Morgan Adamski, Director of NSA's Cyber Collaboration Center, keynotes “Operational Collaboration: The Realities of Success” Chris Krebs, the first director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and Partner of the Krebs Stamos Group, shares in-the-trenches perspectives on cybersecurity and government M.J. Emanuel, CISA Incident Response Analyst, delves into recent cyberattacks targeting satellite communications and critical infrastructure Mauro Vignati, International Red Cross, discusses the line between combatants and digital collaborators in war Thomas Rid, Professor of Strategic Studies and founding director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins SAIS, debuts cybersecurity discoveries Kim Zetter, world-renowned cybersecurity author, facilitates fireside chats and shares perspectives on cyberwar Kris McConkey, PwC’s Global Cyber Threat Intelligence Practice Lead, releases research detailing new activity emanating from Chinese advanced persistent threat (APT) groups Mandiant, Sophos, Volexity, BlackLotus, PwC, and Binarly drops new APT research and vulnerabilities SentinelLabs releases “Metador,” our most ambitious APT research to date LABScon is hosted by SentinelLabs, a world-class team of security researchers that identifies critical vulnerabilities, new attack vectors, malware strains, and threat actors. The event is sponsored by Stairwell, Luta Security, Cisco Talos, GreyNoise, HP Wolf Security, Aesir, Binarly, Team Cymru, and ReversingLabs. To stay updated with groundbreaking threat research and cybersecurity discoveries, visit https://www.sentinelone.com/labs/ About SentinelOne SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Read More