SECURITY AUDIT AND COMPLIANCE

NetWitness Launches Comprehensive XDR Offerings for Next Generation Security

NetWitness | June 08, 2022

NetWitness
NetWitness, a globally trusted provider of cybersecurity technologies and incident response, today announced NetWitness XDR, a family of products and capabilities delivering comprehensive detection and response on premise, in the cloud or as a hybrid of the two. This new offering and product architecture delivers the full range of deployment options enterprises seek today to meet their unique cybersecurity needs and use cases.

NetWitness XDR delivers a robust set of capabilities enabling extended detection and response (XDR) and helping customers stay ahead of the most sophisticated cyber threats. These include:

  1. Unified collection, data, and visibility across multiple security layers
  2. Automatic enrichment of data using any technical or business source
  3. A wide toolset of detection technologies including, but not limited to, advanced behavioral analysis
  4. External and internal threat intelligence to identify known security risks and threat actors
  5. Truly insightful context, visualization, and investigation tools
  6. Threat hunting tools and methodologies to identify previously unknown threats
  7. Highly repeatable and measurable incident investigation and response processes
  8. A strong array of both automated and human response options

“NetWitness has enjoyed the trust of some of the world’s most security sensitive organizations because of its unique ability to monitor the entire attack surface across the network, endpoint, cloud, IoT, logs and more,” said CEO of RSA and NetWitness, Rohit Ghai. “We have been delivering XDR capability to the market for several years and today we are delighted to announce new innovations in the platform and reintroduce it to the market as NetWitness XDR.”

Under this new model, NetWitness XDR will be comprised of three main product lines that showcase its uniquely powerful support for all XDR use cases. NetWitness Platform XDR 12 is the newest major release of NetWitness Platform. This technology stack, typically deployed as customer-managed software or hosted by MSSPs, has been enhanced to focus on detection capabilities that identify threats faster and decrease their impact. The company’s new cloud-native SaaS version will be known as NetWitness Vision XDR and is currently in design preview. The third product line, NetWitness XDR Cloud Services, is a set of optional SaaS applications that take advantage of the cloud’s inherent elastic nature to deliver flexible and cost-effective components which can be used to augment either Platform XDR or Vision XDR.

“Our network-forward approach allows us to stand out in this emerging space and highlights NetWitness XDR’s ability to detect across customers’ growing number of systems and devices. “We are embracing the belief that the best XDR must be consumable on prem, in the cloud, and hybrid.”

Director of Product Management and Research, Kevin Bowers

Developed initially in 1996, NetWitness began as a government-sponsored research project to inspect network packets for cyberthreats and tools to detect and respond to them. Since then, the technology has continuously evolved and been innovated to tackle today’s most complex attacks. NetWitness now features fully integrated components for network, log, endpoint and IoT detection and response that drive its threat intelligence and security orchestration platform, NetWitness Orchestrator. With its long history and global footprint, NetWitness XDR integrates directly with the world’s most critical and widely deployed tools, as well as many specialized and industry-specific solutions.

NetWitness XDR will host demonstrations at its booth at RSA Conference this year for Platform XDR and Vision XDR.

ABOUT NetWitness
NetWitness, an RSA® Group Business, provides comprehensive and highly scalable threat detection and response capabilities for organizations around the world. The NetWitness Platform delivers complete visibility combined with applied threat intelligence and user behavior analytics to detect, prioritize, investigate threats, and automate response. This empowers security analysts to be more efficient and stay ahead of business-impacting threats.

Spotlight

Cyber threat actors are expanding the uses of computer network exploitation to fulfil an array of objectives, from the economic to the political. Private organizations have increasingly become collateral damage in political conflicts. With no diplomatic solution in sight, the ability to detect and respond to attacks has never been more important.

Spotlight

Cyber threat actors are expanding the uses of computer network exploitation to fulfil an array of objectives, from the economic to the political. Private organizations have increasingly become collateral damage in political conflicts. With no diplomatic solution in sight, the ability to detect and respond to attacks has never been more important.

Related News

PLATFORM SECURITY

SilverSky and NRTC Announce Cybersecurity Partnership

SilverSky | June 03, 2022

SilverSky, a cybersecurity innovation that provides advanced managed detection and response (MDR) services, and NRTC, a member-driven and technology-focused organization located in Herndon, Virginia, announced today an agreement to provide cybersecurity services to NRTC members. NRTC, which already offers a wide range of managed services to its energy and telecom members will now add SilverSky's award-winning MDR services to its portfolio, allowing the cooperative to offer its members the most up-to-date managed cybersecurity services. Managed endpoint protection, multi-factor authentication, and security awareness training are among the services provided, as are vulnerability assessments, penetration testing, and email security. "Accompanying our ongoing emphasis on serving frequently underserved healthcare organizations and educational institutions, this partnership with NRTC helps expand that effort with a distinct focus on the needs of our nation's rural communities. SilverSky's MDR services are powerful, yet easy to deploy and affordable – offering an appealing mix for NRTC's members. We look forward to working with the NRTC Managed Services team to provide these valuable services." Jason McGinnis, President and COO at SilverSky Jon Bartleson, President of NRTC's Managed Services division said that "Our members provide essential electric and telecommunications services to rural America and thus are obvious targets for hackers. It is vital we arm them with comprehensive cybersecurity tools and resources. Cybersecurity is a top priority for our members and staffing for these types of roles is a major challenge. We chose to partner with SilverSky to make sure we could offer comprehensive, affordable managed cybersecurity to our members." On June 7 at 2 p.m. Eastern, SilverSky and NRTC will offer a webinar for NRTC members. On the NRTC website, members can subscribe for Managed Cybersecurity Made Simple, Affordable, and Accessible for Telcos and Electric Cooperatives.

Read More

PLATFORM SECURITY

CyberProof Collaborates with Microsoft on Security Portfolio

CyberProof | June 22, 2022

CyberProof, a UST company, announced a partnership with Microsoft and can provide Managed Extended Detection and Response (MXDR) capabilities for Microsoft Security Services for Enterprise, a new managed service for large enterprise customers that is part of Microsoft's new security services portfolio. Microsoft Security Services for business is a comprehensive, expert-led service that manages onboarding, everyday interaction, practice modernization, and incident response by combining proactive threat hunting and MXDR with devoted Microsoft security experts. The service extends threat detection and response across Microsoft 365 Defender and Microsoft Sentinel security solutions by leveraging the human expertise and service delivery experience of MXDR providers like CyberProof and internal Microsoft teams. Customers can mitigate the cybersecurity risks associated with digital transition by leveraging CyberProof's experience with the most difficult, enterprise-scale changes. The CyberProof Defense Center platform runs on Microsoft Azure natively and connects with the Microsoft Security Stack. This allows CyberProof to assist organizations in addressing critical difficulties as they grow their security operations, ranging from log gathering and analysis to proactive search for malicious threat behavior. CyberProof's nation-state qualified cybersecurity professionals offer Managed XDR services and experience to companies wishing to transition from old on-premises security solutions to cloud-native protection. CyberProof partners with Microsoft as a Microsoft Gold Partner, with R&D teams in Tel Aviv working closely together to provide customers with end-to-end security services such as advanced threat intelligence and hunting, use case engineering, and vulnerability management. Microsoft's entry into this industry validates the importance of sophisticated MXDR services, which are quickly rising. Gartner predicts that by 2025, half of enterprises will be employing MDR services for threat monitoring, detection, and response tasks that provide threat containment and mitigation capabilities. "Our Managed XDR service offering indicates a shift in security operations supported by cloud-native technology. Forward-thinking CISOs are quickly discovering the many benefits of a cloud-native security architecture and we are helping them solve the most complex challenges as co-innovation partners with Microsoft." He continued, "We are proud to work together with Microsoft as a part of Microsoft's partner community and are excited about the process Microsoft is undergoing," said Tony Velleca, Chief Executive Officer, CyberProof. "CyberProof shares Microsoft's belief in the crucial importance of collaborating within the cybersecurity community to improve customers' threat detection and response capabilities. As members of Microsoft's partner community, we are now offering Managed XDR for Microsoft 365 Defender and Microsoft Sentinel in our portfolio." He added, "CyberProof was among the first to deploy Microsoft Sentinel in a highly regulated, global enterprise, and today, our close partnership with Microsoft is expanding to address the increasing demand for Managed XDR services." Yuval Wollman, President, CyberProof "CyberProof is committed to collaboration within the cybersecurity community. We value CyberProof's capabilities in cyber defense and appreciate the team working with us to improve the ability of our customers to predict, detect, and respond to security threats faster." said Kelly Bissell, Corporate Vice President of Security Service Line, Microsoft.

Read More

DATA SECURITY

Netskope Acquires Infiot, Will Deliver Fully Integrated, Single-Vendor SASE Platform

Netskope | August 03, 2022

Netskope, the leader in Security Service Edge (SSE) and Zero Trust, today announced it has acquired Infiot, a pioneer in enabling secure, reliable access with zero trust security, network and application optimization, and AI-driven operations. As Netskope Borderless WAN, the addition of Infiot's revolutionary technology will enable Netskope customers to apply uniform security and quality of experience (QoE) policies to the widest range of hybrid work needs, from employees at home or on-the-go, to branch offices, ad-hoc point-of-sale systems, and multi-cloud environments. For customers, all of these capabilities are delivered in a single architecture, using one policy framework, and one console, which dramatically simplifies operations, preserves network performance, and ensures SASE success. The Benefits of SASE Businesses and governments are rapidly adopting SASE to safeguard data wherever it moves, support digital transformation efforts, and realize better efficiency and return-on-investment from their technology. Netskope is a widely acknowledged leader in SSE, which describes the security services needed for a successful SASE architecture. Relevant to SASE growth, Gartner® notes: "By 2024, 80% of SD-WAN deployments will incorporate SSE requirements, up from less than 25% in 2022"[1] "By 2025, 80% of enterprises will adopt a strategy to unify web, cloud services, and private application access from a single vendor's SSE platform"[2] Despite SASE's popularity, however, confusing vendor messaging often accompanies piecemeal product sets that are spuriously marketed as "SASE." Most of these products are not natively integrated, nor able to simplify technology environments, and lack critical network and infrastructure transformation capabilities—all of which risk higher levels of security incidents, network downtime, and poor ROI. Netskope Borderless WAN combines with Netskope Intelligent SSE in a fully converged SASE platform, uniquely addressing these challenges. Borderless WAN Unlocks Full SASE Potential Founded in 2018 by veterans of the SD-WAN market, Infiot was one of only four vendors recognized in the 2021 Gartner "Cool Vendors™ in Cloud Networking"[3] report, was twice named to The Futuriom Top 40[4], and has been successfully deployed by customers in healthcare, retail, education, energy, manufacturing, telecommunications, and other industries. Infiot technology leverages a cloud-based, zero-touch deployment and provisioning model with multiple physical and virtual appliance form factors. The solution includes built-in routing, a transport-agnostic approach that supports both wired and wireless networking, app-aware QoE enforcement combined with policy-based traffic steering, and other integrated network security functions critical for deployment at the edge. For customers, all of this capability is delivered in a single architecture, using one policy framework, and one console, which dramatically simplifies operations for thinly-stretched networking and infrastructure teams. As the foundation of the new Netskope Borderless WAN solution, Infiot technology will allow customers to embrace modern, cloud-first networking by leveraging Netskope SASE Gateways, creating secure, optimized connections between any enterprise location, including site-to-site, or the cloud. Netskope SASE Gateways also enable end-to-end optimization for improved app performance, provide increased network resilience through real-time link monitoring and dynamic path selection, and offer identity and per-app access policies to apply zero trust principles to the network. Netskope Borderless WAN critical use cases include: Easy access to industry-leading Netskope Intelligent SSE services powered by world-class Netskope NewEdge infrastructure All-in-one intelligent access, routing, wireless WAN, network security, app assurance, and edge compute as an effective way to modernize, simplify and implement SASE architecture The ability to offload MPLS and eliminate costs by sending more traffic direct-to-net, eliminate backhauling and leverage fixed/mobile connectivity options (such as 4G/5G) Better guaranteed WAN connectivity to ensure end-to-end performance, from the "last mile" to the cloud or legacy data center Simplified operational overhead associated with running custom third-party applications "Today, leaders across IT, security, and networking and the world's best-known analyst firms agree that the explosion of data and devices, along with the numerous ways that people connect, communicate, and collaborate, make the transformation of both networking and security a critical imperative for businesses and governments. It is in this transformation where Netskope is uniquely positioned to help customers with a fully converged SASE platform. "We're very excited to introduce Borderless WAN, and to welcome Infiot to our growing team." Sanjay Beri, Netskope CEO "Today, many-to-many secure optimized connectivity is required to address any user, device, and location, in combination with a zero trust approach that integrates seamlessly with Security Service Edge," said Parag Thakore, Infiot CEO. "Netskope Intelligent SSE is the industry's leading SSE, and the combination of Infiot and Netskope will deliver on the promise of SASE like no other technology vendor can." "As we continue to transform our patient care experience, we are excited to partner with Netskope,'' said Rick Lacy, Senior Enterprise Network Engineer, CHRISTUS Health. "Netskope Borderless WAN provides adaptive, identity-aware precision access for our medical workers to deliver care from the comfort of their homes, without compromising experience, all at a significantly lower cost to our business. In the future we see many applications for Netskope, including our medical IoT deployments." "Netskope Borderless WAN is a new mindset. It's a new way of thinking about how our users access our domain and critical applications," said Robert Boopsingh, CIO, The Beacon Insurance Company. "For us, it will replace VPN for our employees and branch offices across our seven countries. We have implemented a zero trust model while delivering superior network access with this modern, secure, cloud-first implementation." "This is a great move," said Frank Dickson, Group Vice President, Security & Trust, IDC. "What Netskope will now be able to offer, thanks to its compelling security platform and Infiot's technology, is fully secure hybrid-work in-a-box, solving for both networking challenges and security challenges at the same time. It's a self-provisioning network, with security that's automatic. That's not just an abstract framework or a good idea, it's a specific set of benefits and use cases for businesses." In addition to offering Borderless WAN capabilities, Netskope integrates with key SD-WAN partners, ensuring customers benefit from Netskope Intelligent SSE in mixed environments while maintaining flexibility and choice in vendor partners. Financial terms of the acquisition are undisclosed. Parag Thakore and the Infiot product team now comprise Netskope's Borderless WAN group, and Infiot's sales team has joined Netskope's sales organization. Read the Netskope blog for more on today's acquisition news. Visit Netskope.com for more on Borderless WAN and the Netskope SASE platform. Gartner Disclaimer Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER and COOL VENDORS are a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More