SECURITY AUDIT AND COMPLIANCE

NetWitness Launches Comprehensive XDR Offerings for Next Generation Security

NetWitness | June 08, 2022

NetWitness
NetWitness, a globally trusted provider of cybersecurity technologies and incident response, today announced NetWitness XDR, a family of products and capabilities delivering comprehensive detection and response on premise, in the cloud or as a hybrid of the two. This new offering and product architecture delivers the full range of deployment options enterprises seek today to meet their unique cybersecurity needs and use cases.

NetWitness XDR delivers a robust set of capabilities enabling extended detection and response (XDR) and helping customers stay ahead of the most sophisticated cyber threats. These include:

  1. Unified collection, data, and visibility across multiple security layers
  2. Automatic enrichment of data using any technical or business source
  3. A wide toolset of detection technologies including, but not limited to, advanced behavioral analysis
  4. External and internal threat intelligence to identify known security risks and threat actors
  5. Truly insightful context, visualization, and investigation tools
  6. Threat hunting tools and methodologies to identify previously unknown threats
  7. Highly repeatable and measurable incident investigation and response processes
  8. A strong array of both automated and human response options

“NetWitness has enjoyed the trust of some of the world’s most security sensitive organizations because of its unique ability to monitor the entire attack surface across the network, endpoint, cloud, IoT, logs and more,” said CEO of RSA and NetWitness, Rohit Ghai. “We have been delivering XDR capability to the market for several years and today we are delighted to announce new innovations in the platform and reintroduce it to the market as NetWitness XDR.”

Under this new model, NetWitness XDR will be comprised of three main product lines that showcase its uniquely powerful support for all XDR use cases. NetWitness Platform XDR 12 is the newest major release of NetWitness Platform. This technology stack, typically deployed as customer-managed software or hosted by MSSPs, has been enhanced to focus on detection capabilities that identify threats faster and decrease their impact. The company’s new cloud-native SaaS version will be known as NetWitness Vision XDR and is currently in design preview. The third product line, NetWitness XDR Cloud Services, is a set of optional SaaS applications that take advantage of the cloud’s inherent elastic nature to deliver flexible and cost-effective components which can be used to augment either Platform XDR or Vision XDR.

“Our network-forward approach allows us to stand out in this emerging space and highlights NetWitness XDR’s ability to detect across customers’ growing number of systems and devices. “We are embracing the belief that the best XDR must be consumable on prem, in the cloud, and hybrid.”

Director of Product Management and Research, Kevin Bowers

Developed initially in 1996, NetWitness began as a government-sponsored research project to inspect network packets for cyberthreats and tools to detect and respond to them. Since then, the technology has continuously evolved and been innovated to tackle today’s most complex attacks. NetWitness now features fully integrated components for network, log, endpoint and IoT detection and response that drive its threat intelligence and security orchestration platform, NetWitness Orchestrator. With its long history and global footprint, NetWitness XDR integrates directly with the world’s most critical and widely deployed tools, as well as many specialized and industry-specific solutions.

NetWitness XDR will host demonstrations at its booth at RSA Conference this year for Platform XDR and Vision XDR.

ABOUT NetWitness
NetWitness, an RSA® Group Business, provides comprehensive and highly scalable threat detection and response capabilities for organizations around the world. The NetWitness Platform delivers complete visibility combined with applied threat intelligence and user behavior analytics to detect, prioritize, investigate threats, and automate response. This empowers security analysts to be more efficient and stay ahead of business-impacting threats.

Spotlight

"Cyber-espionage may sound like some strangely exotic activity from the movies. However, the harsh reality is that almost any business can become a target – or can be damaged in the crossfire when cybercriminals launch an attack against another organisation. It’s largely immaterial whether your business is being directly targeted or just happens to suffer collateral damage as a result of getting caught up in another organisation’s ‘battle’. Either way, the results can be devastating."

Spotlight

"Cyber-espionage may sound like some strangely exotic activity from the movies. However, the harsh reality is that almost any business can become a target – or can be damaged in the crossfire when cybercriminals launch an attack against another organisation. It’s largely immaterial whether your business is being directly targeted or just happens to suffer collateral damage as a result of getting caught up in another organisation’s ‘battle’. Either way, the results can be devastating."

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Filecloud Introduces the Industry First Zero Trust File Sharing℠

FileCloud | January 11, 2023

On January 10, 2023, FileCloud announced the addition of Zero Trust File Sharing, bringing another layer of hyper-security to the market's most robust content collaboration platform. The latest, Zero Trust File Sharing, enables users to collaborate securely with employees along with other personnel, including external partners, vendors and clients. This functionality extends beyond modulating share permissions or setting Data Loss Prevention (DLP) policies. Zero Trust File Sharing will become increasingly crucial for enterprises and organizations that handle sensitive or protected data, such as Personally Identifiable Information (PII) and Confidential Unclassified Information (CUI). The emergence of cloud service technologies, remote access applications, and disappearing network edges have revealed multiple vulnerabilities in perimeter-based IT security models. The Zero Trust framework, built on a system of least privilege, provides a more resilient and adaptable approach that imposes identity authentication, regardless of where or how the request for access gets derived. The U.S. Department of Defense has recently come up with a Zero Trust Strategy and Roadmap to eventually cover all U.S. government departments, which is likely to be adopted by the private sector. As a result, critical infrastructure sectors are ideal candidates for integrating Zero Trust File Sharing to protect their information systems from increasingly sophisticated cyberattacks launched by nation-states. FileCloud's Zero Trust support enables enterprises to have an added layer of security on top of FileCloud's built-in access controls. The data within the environment is secured using a Zip file structure and password protection. The user can also set a Zero Trust password and create a sharing link to a file or folder. The data remains inaccessible without this password, even with a shared direct link or in case of a data breach. Furthermore, the data remains protected by password-based encryption even if the Zero Trust protected folder is accessed via unauthorized means, including social engineering techniques. Users who access the data with the Zero Trust password will also be restricted in their ability to edit or manipulate the data contained within the Zero Trust folder based on the share permissions. About FileCloud Headquartered in Austin, Texas, FileCloud is a leading hyper-secure content collaboration platform (CCP) providing data governance, industry-leading compliance, data leak protection, data retention and digital rights management capabilities to millions of users worldwide. Its complete CCP stack includes workflow automation and granular control of content sharing across most enterprise platforms. The platform offers powerful file sharing, mobile access and synchronization capabilities on public, private, and hybrid clouds to customers, including top Global 1000 enterprises, government organizations, educational institutions and managed service providers.

Read More

INFOSEC PROJECT MANAGEMENT,PLATFORM SECURITY,SOFTWARE SECURITY

NowSecure Unveils Its Latest Offering, Mobile Pen Testing-as-a-Service (PTaaS)

NowSecure | January 03, 2023

NowSecure, the leader in standards-based mobile app security and privacy software, announced the introduction of its latest solution, NowSecure Mobile Pen Testing as a Service (PTaaS), which will bridge the gap between manual and automated mobile security assessments for continuous security. NowSecure PTaaS is designed to provide mobile developers and security teams with a more cost-effective and efficient pen testing solution. The solution combines periodic expert manual assessments with continuous automated testing to optimize comprehensive coverage at a higher frequency. With this combination, the all-inclusive portal and service can instantly discover concerns early in the developer pipeline, provide consulting help to repair security issues promptly, and accelerate the release of high-quality software into production. As organizations struggle with tightening budgets in conjunction with an increased threat of mobile cyber assaults, there is an industry demand for a cost-effective, higher-coverage, higher-frequency, mobile AppSec testing solution. "According to Coalfire and NowSecure's 4th Annual Penetration Risk Report, 99% of mobile applications pose security or privacy threats." By integrating NowSecure's latest offering, Mobile PTaaS, CISOs and security leaders can optimize their budget for penetration testing while prioritizing continuous, comprehensive security testing. The NowSecure Mobile PTaaS cloud-based platform, built on tens of thousands of pen tests and over 12 years of mobile application security experience, provides a comprehensive set of automatic, continuous, and manual assessments, including: Expert pen testing periodically depending on the specific demand and timeline On-demand and continuous security testing is built into the CD/CI and dev toolchains Automatic ticket generation with incorporated remedial resources Consultation with an experienced pen tester on remediation Optional industry standard(s) certifications and validations All-in-one SAST, IAST, DAST, APISec, and SBOM Simple-to-use dedicated SaaS platform About NowSecure A Chicago-based mobile security company, NowSecure safeguards the worldwide mobile app economy as the leading authority in standards-based mobile application privacy and security automation. The company is trusted by the most demanding enterprises for its comprehensive security testing solution package for DevSecOps, mobile app supply-chain monitoring, Pen Testing as a Service (PTaaS), professional mobile pen testing, and training courseware. NowSecure actively contributes to and supports the open-source mobile security community, industry standards, and certifications such as ADA MASA, OWASP MASVS, NIAP, ioXt, and others. The firm is SOC 2-certified and has been recognized by Gartner, IDC, TAG Cyber, and Deloitte Fast 500.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Zapata Computing Earns Two New Patents for Post-Quantum Cybersecurity Threat Intelligence

Zapata Computing | December 06, 2022

Zapata Computing, the leading enterprise quantum software company, today announced that the company has earned two new patents for post-quantum cybersecurity techniques. The new patents are for its Variational Quantum Factoring (VQF) and Quantum-Assisted Defense Against Adversarial AI (QDAI) algorithms. With the addition of these patents, Zapata now owns one of the world’s largest quantum computing software patent portfolios. The company’s growing portfolio includes a diverse range of proprietary quantum algorithms, machine learning, optimization and hardware methods. VQF and QDAI In the Age of Post-Quantum Cybersecurity Threat Intelligence As the narrative regarding post-quantum cybersecurity continues to gain momentum across the security, intelligence and technology landscapes, VQF and QDAI underpin Zapata’s post-quantum cybersecurity threat intelligence solutions for its customers. VQF is a heuristic algorithm for cryptanalysis that can run on near-term quantum devices, quantum-inspired data structures, and other special purpose classical hardware. The hybrid quantum-classical algorithm was developed by Zapata’s technical experts and is a technique that demonstrates that an adversary can already start attempting to compromise existing encryption schemes using heuristic algorithms. A heuristic algorithm is designed to solve a problem faster than traditional methods by sacrificing accuracy or completeness for speed. This means that VQF is effective at identifying specific instances of the encryption vulnerability – helping enterprises shore up defenses in advance of an attack. “VQF introduces a new category of decryption possibilities that could arrive a lot sooner than the market expects. “We don’t need to wait for a fully fault-tolerant computer that can run Shor’s algorithm to see the threat. It’s not a sudden ‘one-day’ jump. VQF demonstrates that an adversary can try to compromise existing encryption schemes using heuristic algorithms that don’t have a mathematically provable guarantee they will compromise all instances. Using Shor’s algorithm, factoring a 2048-bit RSA number requires a quantum computer with millions of physical qubits running for hours. We estimate that VQF can factor a 2048-bit RSA number with approximately several thousand NISQ qubits in around the same amount of time.” Yudong Cao, CTO and co-founder of Zapata Computing QDAI is the first hybrid quantum-classical algorithm for defense against adversarial attacks. Machine learning (ML) classification models are prone to adversarial attacks. These attacks add a very small -- but carefully chosen -- variance to data that confuses the classifier, rendering results to be incorrect. Quantum computers provide a new method of attack against ML models that possess a uniquely quantum noise meant to confuse the model. QDAI trains ML models to be immune to these types of adversarial AI attacks. “Quantum computers have a high potential to exploit potential vulnerabilities of neural networks,” added Cao. “As threats accumulate and adversarial AI models get stronger, we must leverage the power of quantum and classical resources to successfully defend against these attacks. That’s exactly the reason we developed QDAI. As quantum computers grow, we may be able to switch to a fully quantum classifier, but in the meantime, there is potential for significant gains with the quantum-classical hybrid approach like QDAI.” “Zapata is consistently pushing the innovation envelope, developing new proprietary methods and technology that can benefit our customers and the ecosystem,” said Christopher Savoie, CEO of Zapata Computing. “These patents represent a growing focus and concern regarding the threat that quantum computers present to national security and global enterprises. We developed VQF and QDAI as proactive threat intelligence techniques in order to develop countermeasures so our enterprise and government customers can assess their systems and make them more robust against an attack. We anticipate that more vulnerabilities will emerge as quantum and AI technology mature, and we’ll continue to research and identify new threats down the road to try to stay a step ahead.” About Zapata Computing Zapata Computing, Inc. is a leading enterprise quantum software company. The Company’s Orquestra® platform supports the research, development, and deployment of quantum-ready applications® for enterprises’ most computationally complex problems. Zapata has pioneered new methods in ML, optimization, and simulation to maximize value from near-term quantum devices, and works closely with ecosystem hardware providers such as Amazon, D-Wave, Google, NVIDIA, Quantinuum, IBM, IonQ and Rigetti. Zapata was founded in 2017 and is headquartered in Boston, Massachusetts.

Read More