DATA SECURITY

Nozomi Networks Raises the Bar on Delivering Prioritized Actionable Intelligence for OT/IoT Networks to Accelerate Responses to Security Threats

Nozomi Networks | October 27, 2021

Nozomi Networks Inc., the leader in OT and IoT security, today announced new updates in Vantage™, the first cloud-based OT/IoT network security solution that equips security professionals and industrial operators with actionable, AI-driven insights to manage risk and speed precise remediation. The new enhancements help eliminate “alert fatigue” by narrowing down the hundreds of notifications security teams have to parse to determine the severity of vulnerabilities.

“With attacks on OT and IoT infrastructure occurring daily, we know that organizations are overwhelmed with prioritizing risk reduction efforts, responding to alerts, and accelerating the detection of malware,The latest release of Vantage is designed to not only detect threats in critical infrastructure but also help prioritize and guide remediation steps quickly and efficiently. Only Vantage can provide these capabilities at the scale of the largest OT and IoT networks in the world.”

Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks

According to Ponemon Research, 52% of organizations say they are at a disadvantage in responding to vulnerabilities because they use a manual process and 72% say difficulty in prioritizing vulnerabilities contributes to patch delays. ESG Research finds 34% of cyber security professionals reported their biggest vulnerability management challenge is prioritizing which vulnerabilities to remediate.

“Nozomi Networks has a proven reputation for continuous innovation and these latest updates only add to it,” said Frost & Sullivan Industry Analyst Danielle VanZandt. “With the explosive growth of IoT devices in industrial environments, now more than ever, security professionals need faster paths to actionable intelligence and tools that support the best possible response. Nozomi Networks has stepped up with a solution that fills the gap.”

In this latest upgrade, Nozomi Networks continues to expand vulnerability management automation and intelligence with new prioritization metrics for vulnerability assessments. New Vantage features include:

Prioritized Vulnerability Management

With the new vulnerability dashboard, operators can quickly visualize all the OT and IoT vulnerabilities in the network, prioritize which vulnerabilities pose the greatest risk, and assess the level of effort to address the issues network-wide. Vantage provides:

  • Actionable insights on remediation steps, patches, and upgrades.
  • Built-in analytics scores that highlight which corrections will have the biggest impact on risk reduction, as well as identify which may be more labor-intensive.

In addition to the Vantage vulnerability management process, Vantage leverages an AI-driven threat detection engine that analyzes endpoint and network configurations, traffic flows, and network packet contents to provide the deepest and most sophisticated insights for OT networks in the industry.

Customized Playbooks for Precise Response

In addition to customizing alerts for specific threats and vulnerabilities, now security professionals have the option to supplement these notifications with custom playbooks designed to guide response plans for each alert. These playbooks:

  • Precisely guide remediation steps for specific threats, simplifying and accelerating operational response.
  • Can be customized to specify workflows for each alert and to address individual customer environments and workflows.
  • Can be shared between organizations.

Streamlined Operations

With Vantage, security professionals can quickly manage multiple hundreds or thousands of sites with limited resources.

  • The SaaS-based solution is easy to deploy and runs in the cloud, providing near zero-cost setup and ongoing maintenance.
  • Automated analysis and playbooks simplify remediation steps and costs to enable smaller teams to have more visibility across more devices and more sites.
  • Vantage also makes it feasible to share security data with partners, vendors, and other applications from the centralized cloud repository without opening the network up to external users.

About Vantage
Vantage was designed to meet the rapidly evolving requirements of IoT-enabled infrastructures. The cloud-based OT and IoT network visibility and security solution delivers unmatched security and visibility with the unlimited scalability of SaaS. Vantage makes it possible to grow without limitations to consolidating data aggregation, analysis, and operations. With Vantage you can protect any number of OT, IoT, IT, edge, and cloud assets, located anywhere, with a single platform.

About Nozomi Networks
Nozomi Networks accelerates digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments.

Spotlight

Eine Zero Trust-Strategie beinhaltet die Umstrukturierung von Sicherheitsmaßnahmen und -tools zum Aufbau einer zukunftsfähigen Sicherheitsarchitektur, die den Zugriff auf Daten und Ressourcen nach dem Prinzip der minimalen Rechtevergabe sicherstellt. Die Genehmigung von Verbindungen basiert dabei auf einer zuverlässigen Identitä

Spotlight

Eine Zero Trust-Strategie beinhaltet die Umstrukturierung von Sicherheitsmaßnahmen und -tools zum Aufbau einer zukunftsfähigen Sicherheitsarchitektur, die den Zugriff auf Daten und Ressourcen nach dem Prinzip der minimalen Rechtevergabe sicherstellt. Die Genehmigung von Verbindungen basiert dabei auf einer zuverlässigen Identitä

Related News

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Living Security Announces Partnership Agreement with GuidePoint Security

Living Security | January 02, 2023

Living Security, the pioneer in human risk management, announced entering into a strategic partnership with GuidePoint Security, a renowned value-added reseller (VAR) that enables enterprises to make more informed cybersecurity decisions and reduce their risk exposure. The partnership will combine GuidePoint Security's ecosystem with Living Security's industry-leading human risk management products and security awareness training. "According to the Computer Emergency Response, cyberattacks have been ranked as the fifth most significant danger for the year 2020 and have become the standard in both the public and private sectors." Each day, the number of cybersecurity events continues to rise, and the vast majority of these problems can be traced back to human action. Using a data-driven methodology, Living Security enables security directors to identify the most vulnerable elements of their workforce in order to decrease human risk exposure, control the contribution to overall risk over time, and alter organizational behavior. About Living Security Living Security's objective is to transform human risk in order to generate a dramatic increase in human behavior, organizational security culture, and information security program efficacy. With the company's Human Risk Management platform, Living Security connects each employee with creative and pertinent context and content while simultaneously enabling management to recognize, report on, and proactively mitigate the risk posed by human behavior. Living Security is trusted by security-conscious firms such as MasterCard, MassMutual, Verizon, Biogen, Hewlett Packard, AmerisourceBergen, and Target. About GuidePoint Security GuidePoint Security offers dependable cybersecurity insights, solutions, and services that enable businesses to make risk-averse decisions. The company's specialists serve as trusted advisors by evaluating the cybersecurity posture and ecosystem in order to identify risks, maximize resources, and deploy the most appropriate solutions. GuidePoint's unparalleled knowledge has enabled a third of Fortune 500 organizations and over half of U.S. cabinet-level agencies to enhance their security posture and decrease risk.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Legit Security Discovers New Class of Development Pipeline Vulnerabilities; Open-Source Rust Programming Language Found Vulnerable

Legit Security | December 12, 2022

Legit Security, a cyber security company with an enterprise platform that protects an organization's software supply chain from attack and ensures secure application delivery, today announced that it discovered a new class of software supply chain vulnerabilities that leverage artifact poisoning to attack underlying software development pipelines. The vulnerability was found in GitHub Actions, a platform for orchestrating and automating software development pipelines, and the vulnerability was identified in the highly popular programming language Rust. Many other GitHub Action projects remain potentially vulnerable and a technical disclosure blog including information to protect organizations from attack is available on Legit Security’s website. The discovered pipeline vulnerability could allow any GitHub user to replace legitimate development artifacts with malicious ones, enabling attackers to modify source code, steal secrets and create CodeCov-like wide-reaching software supply chain attacks. Rust, an extremely popular programming language used by millions of developers, acknowledged and fixed the vulnerability after initial disclosure by the Legit Security Research Team. GitHub Actions is part of the extremely popular GitHub source code management system at the heart of many organization’s software supply chains and used by software developers globally. The vulnerability affects the GitHub Actions artifacts storage mechanism, which is used to store and transfer build artifacts between software development build jobs. Due to a limitation in the cross-workflow artifact communication mechanism, vulnerable workflows cannot distinguish between legitimate project artifacts and artifacts that were created by the project’s forks or copies, allowing any user to create a fork, and then craft a malicious artifact that will be treated as a legitimate one. “This is a different class of vulnerability that can lead to attacks and modification of the development pipeline itself, not just modification of the code. “A simple analogy could be made to a car assembly line. This is an attack on the assembly line itself that could include stealing sensitive parts, turning off certain steps, or substituting any valid part for a malicious one. It’s a powerful attack vector that gives cyber criminals a lot of options to inflict damage. In this case, the vulnerable targets are software supply chains that use GitHub Action.” Liav Caspi, co-founder and CTO, Legit Security The Legit Security Research Team also disclosed the security issue to the GitHub security team. GitHub responded by simply updating their API to include information that could help prevent this vulnerability. It should be noted that GitHub didn’t address the root cause of the issue, thus leaving many other GitHub Action projects vulnerable to the aforementioned software supply chain attacks. Legit Security’s technical disclosure blog includes important information on how to protect organizations from this type of attack. More information about general GitHub security best practices can also be found here. Legit Security Legit Security protects an organization's software supply chain from attack and ensures secure application delivery, governance and risk management from code to cloud. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments, and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Mimecast Partners With Okta to Safeguard Enterprises from Insider Threat Attacks

Mimecast | November 09, 2022

Mimecast Limited, an advanced email and collaboration security company, today announced a new strategic integration with Okta, Inc., one of the leading independent identity providers, designed for enterprise customers to proactively mitigate the increasing risk and complexity of insider threat attacks. Building on Mimecast’s extensive library of API integrations, the integration partnership will further enable organizations to Work Protected™ amidst the proliferation of social engineering attacks targeting their hybrid workforce, customers, and supply chain. The integration of these solutions can empower strained IT teams with an expanded arsenal of AI-enabled tools and technologies that strengthen protection at the intersection of business communications, people, and data. The increased prevalence and damaging ramifications of insider threat attacks are well-documented. IBM’s 2022 Cost of a Data Breach Report found that stolen or compromised credentials were the most common cause of data breaches over the previous year, serving as the primary attack vector in nearly 20% of breaches. They also had the longest lifecycle of all breaches, taking approximately 243 days to identify and another 84 days to contain, and resulted in an average of $4.50 million in losses. However, according to the same study, organizations with fully deployed security AI and automation experienced breach lifecycles that were 74 days shorter, on average, and cost a median of $3.05 million less. By integrating Mimecast’s purpose-built, cloud-native email and collaboration security with Okta’s world-renowned identity access management offerings, organizations can deploy AI-enabled automation to help mitigate the impact of compromised account activity – streamlining human workflows through real-time threat intelligence sharing and automated response actions across two best-of-breed solution architectures. Optimized for rapid deployment flexibility and simplicity of use, the integration is engineered to allow administrators to seamlessly assume granular control within minutes regardless of their level of IT expertise. “Our integration partnership with Okta comes at a pivotal time as insider threats have emerged as a critical vulnerability for the modern hybrid enterprise. “This integration is a microcosm of the Mimecast mission to extend our services beyond email and collaboration security alone. Joining forces with a fellow industry pioneer like Okta enables us to execute a vital ‘team sport’ approach to cybersecurity, building on the existing security investments, capabilities, and tools of our customers to ensure their organizations remain safe.” Jules Martin, Mimecast vice president of ecosystems & alliance “With the ever-evolving nature of the cyber threat landscape, it’s imperative that we amplify our identity access management services to address new and emerging attack vectors,” said John Grundy, Okta senior strategic alliance manager. “This integration partnership with Mimecast enables us to do exactly that, creating a holistic automation framework that empowers enterprises to enhance the efficiency of their insider threat detection and response posture.” Mimecast, a Gold Sponsor of Oktane22, will be presenting a live demo of the integration at the annual conference on November 8-10, 2022. Mimecast: Work Protected™ Since 2003, Mimecast has stopped bad things from happening to good organizations by enabling them to Work Protected. We empower more than 40,000 customers to help mitigate risk and manage complexities across a threat landscape driven by malicious cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today. Mimecast solutions are designed to transform email and collaboration security into the eyes and ears of organizations worldwide.

Read More