DATA SECURITY

Palo Alto Networks and PwC Join Forces to Boost Cybersecurity Defenses

prnewswire | October 29, 2020

Palo Alto Networks, the global cybersecurity leader, and PwC today announced an expanded partnership to deliver managed detection and response (MDR) services to joint customers. The offering combines MDR services delivered by PwC — Managed Cyber Defence — and Cortex XDR™ by Palo Alto Networks. Together, customers can take advantage of a state-of-the-art managed threat hunting, protection, detection and response service from anywhere, globally.
The Managed Cyber Defence service fuses the power of PwC's global threat intelligence, thousands of hours of incident response expertise, and advisory services with Cortex XDR, the industry's first fully integrated detection and response platform, to provide a unique level of protection with unrivaled visibility and detection capabilities. As a result, security teams can significantly reduce attack dwell time, down to minutes, and manual day-to-day security operations workloads by up to 90%, elevating organizations to a mature security posture.
According to Christina Richmond, vice president of Worldwide Security Services research at IDC, "The evolving threat landscape has forced organizations to mature their security capabilities, creating opportunities for PwC to elevate their offerings and provide a blending of managed security/MDR and professional security capabilities."  
Built to cater to organizations of any size, in any industry, PwC's Managed Cyber Defense reduces response times from what typically takes days to minutes, minimizing the likelihood of an emerging threat manifesting as a breach. Detection of emerging attacker behaviors and pivoted attack scenarios put organizations on a path to proactive defense against "the unknown," while extending protection across on-premises, cloud, virtualized and IoT environments.
Cortex XDR is the industry's first extended detection and response platform that runs on integrated endpoint, network, cloud and third-party data to reduce noise and focus on real threats. By combining Cortex XDR with MDR services, customers can relieve the day-to-day burden of security operations and achieve 24/7 coverage, from alert management and investigation to incident response.
Colin Slater, cyber security partner at PwC UK, had this to say:
"Our unique market insight and trusted relationships with our clients makes us best placed to advise on their cyber challenges. Using this in-depth knowledge, we have meticulously created a service offering to address our clients' pain points. We are excited to work with Palo Alto Networks as the market demands new ways to do detection and response. COVID-19 has spurred a move to remote work at a scale that has left many businesses more vulnerable than ever to cyberattacks because they are less able to respond and recover remotely. PwC's cybersecurity team has responded to several major incursions from nation-state threat groups and mitigated cyber breaches caused by vulnerabilities introduced through transitions to remote work at scale. Preventing these attacks is a core element of the PwC and Palo Alto Networks approach."
Shailesh Rao, senior vice president for Cortex at Palo Alto Networks, offered:
"We are thrilled to expand our partnership with PwC through the delivery of best-in-class managed detection and response (MDR) services powered by Cortex XDR to our joint customers. More and more enterprise customers have validated PwC's service over the last year in detecting and responding to cyberattacks. The combination of advisory services, analytics, and modern, AI-driven detection and response capabilities and metrics, with visibility across an enterprise's entire infrastructure, is made possible by our unmatched joint Cortex XDR and MDR service offering."
About PwC
At PwC, our purpose is to build trust in society and solve important problems. We're a network of firms in 157 countries with over 276,000 people who are committed to delivering quality in assurance, advisory and tax services.
About Palo Alto Networks
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.
Palo Alto Networks, Cortex, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.

Spotlight

In 2014 Ovum looked at the evolution of the distributed denial-of-service (DDoS) attack landscape, highlighting that massive volumetric attacks were on the rise, while lower-bandwidth, more sophisticated attacks were targeting the application layer. It also described how DDoS had evolved from a standalone threat to become increasingly part of blended attacks against intellectual property or financial assets, with the DDoS providing a smokescreen to cover the theft. This white paper updates the process, looking at attack data for the last year, as well as discussing and seeking to dispel some of the myths around how DDoS mitigation is developing. Finally, it makes recommendations regarding the kind of infrastructure that companies facing the entire spectrum of DDoS attacks should adopt.

Spotlight

In 2014 Ovum looked at the evolution of the distributed denial-of-service (DDoS) attack landscape, highlighting that massive volumetric attacks were on the rise, while lower-bandwidth, more sophisticated attacks were targeting the application layer. It also described how DDoS had evolved from a standalone threat to become increasingly part of blended attacks against intellectual property or financial assets, with the DDoS providing a smokescreen to cover the theft. This white paper updates the process, looking at attack data for the last year, as well as discussing and seeking to dispel some of the myths around how DDoS mitigation is developing. Finally, it makes recommendations regarding the kind of infrastructure that companies facing the entire spectrum of DDoS attacks should adopt.

Related News

END POINT PROTECTION

SentinelOne and Mimecast have teamed up to provide better end-to-end threat protection for corporate devices and email

SentinelOne | February 07, 2022

SentinelOne, an independent cybersecurity platform firm, announced a new integrated solution with Mimecast to increase end-to-end threat prevention, speed incident response, and reduce security team delays. SentinelOne and Mimecast allow security teams to take advantage of cooperative defenses and quickly respond to attacks across email and endpoints using XDR automation for a holistic approach to incident response. Security operations teams are stretched to the limit investigating and remediating each incident as tactics change, threat actors' sophistication grows, and new vulnerabilities are discovered regularly. Email continues to be one of the most widely used attack channels. According to Mimecast's State of Email Security report for 2021, risks have increased by 64% during the pandemic, and 70% of businesses expect to be impacted by an email-borne attack. As a result, organizations are looking for integrated defenses to safeguard email and improve incident response capabilities while reducing complexity, minimizing risk, and relieving pressure on an already overworked security team. “Email inboxes are often a prime vector for attacking the enterprise. Mimecast detects new threats through our multi-layered inspection capabilities, helping security operations teams who are still spending too much time on the manual collection, normalization, and prioritization of data,” said Julian Martin, VP Ecosystem & Alliances, Mimecast. “Our integration with SentinelOne solves for this challenge, improving and accelerating the incident response capabilities we offer our customers. As the cyber threat landscape continues to expand, detecting and responding to these threats in real-time is crucial for an organization’s security infrastructure,It’s important to leverage trusted security platforms like those offered by SentinelOne and Mimecast to help identify and mitigate the risk of cyberattacks.” Ahmed Shah, Senior Vice President of Strategic Alliances, Optiv The integrated solution from SentinelOne and Mimecast strengthens and accelerates incident response capabilities across all security layers, including email, endpoints, and the cloud. For example, when a threat is detected in SentinelOne, the integration takes automatic measures like suspending a particular user's email, blocking that user's email, or quarantining the email account. “The speed and sophistication with which adversaries are attacking organizations has become staggering, and too often SOC teams are burdened with investigating security issues as opposed to solving them,” said Yonni Shelmerdine, VP Product Management, SentinelOne. “The integrated solution enables our customers to accelerate incident response and contain threats faster by automatically quarantining affected users in Mimecast. This ultimately reduces complexity, minimizes risk, and decreases the demands on SOC teams.” With XDR automation, Mimecast and SentinelOne's combined solution provides never-before-seen holistic protection across client email and endpoints, dramatically increasing end-to-end threat detection and incident response.

Read More

SOFTWARE SECURITY

Vulcan Cyber Launches Remedy Cloud, providing thousands of vulnerability fixes with free access

prnewswire | November 04, 2020

Vulcan Cyber, the weakness remediation organization, today declared Vulcan Remedy Cloud, a free assistance based on the world's biggest information base of curated solutions for a huge number of security weaknesses. By sharing the Remedy Cloud library of fixes with the worldwide weakness the board network, Vulcan Cyber gives an amazing asset that smoothes out crafted by remediation by helping security and IT groups all the more viably organize remediation crusades. In related news, Vulcan Cyber today reported Vulcan remediation examination, which adds ground-breaking business insight abilities to its remediation arrangement stage. "Vulnerability management should be a means to an end, but due to process breakdowns there's never an end -- just a growing backlog of vulnerabilities that require remediation," says Yaniv Bar-Dayan, Vulcan Cyber co-founder and CEO. "We've identified a critical breakdown in the process when security teams hand off vulnerability remediation tasks to IT operations teams. Vulcan Remedy Cloud streamlines this workflow by providing both teams with remediation playbooks. This one function is extraordinarily effective at creating cross-team alignment and cooperation. We're proud to offer Remedy Cloud as a free service to our community to help enterprise organizations get fix done." Cure Cloud is an independent, free form of the Vulcan remediation knowledge abilities previously offered through the Vulcan remediation coordination stage. This remediation knowledge is the missing connection for any "found-to-fixed" remediation work process. Vulcan cures incorporate the correct patches, the best design contents, and even workarounds and repaying controls to support security and IT tasks groups rapidly tackle the most troublesome weaknesses. Vulcan remediation knowledge adds endeavor scale remediation arrangements intended to encourage more synergistic and productive remediation by coordinating cures with weakness filter, prioritization, fix and design the executives instruments. Security groups frequently distinguish and organize weaknesses yet the genuine work of remediation is finished by IT tasks, DevOps, and site dependability designing groups. Cure Cloud enables these groups to distinguish and adjust on the most ideally equipped solutions for the work, sparing time and exertion. This Vulcan Cyber freemium offering is important for a more extensive activity to help weakness the board programs become more compelling at driving remediation results. With Remedy Cloud, Vulcan Cyber opens a significant asset to whole infosec and IT people group to advance a "complete fix" outlook. Vulcan Cyber is assisting with quickening the business' move from uninvolved weakness the board to dynamic weakness remediation and robotized digital cleanliness. About Vulcan Cyber Vulcan Cyber has developed the industry's first vulnerability remediation orchestration platform, built to help cybersecurity and IT operations teams to collaborate and "get fix done." The Vulcan platform orchestrates the remediation lifecycle from found to fix by prioritizing vulnerabilities, curating and delivering the best remedies, and automating processes and fixes through the last mile of remediation. Vulcan transforms vulnerability management from find to fix by making it possible to remediate vulnerabilities at scale. The unique capability of the Vulcan Cyber platform has garnered Vulcan Cyber recognition as a 2019 Gartner Cool Vendor and as a 2020 RSA Conference Innovation Sandbox finalist.

Read More

DATA SECURITY

DataSet, a Revolutionary Live Enterprise Data Platform, Launched by SentinelOne

SentinelOne | February 17, 2022

SentinelOne, a self-contained cybersecurity platform, today announced the debut of DataSet, the company's data analytics solution. DataSet goes beyond cybersecurity use cases with the purchase of Scalyr, providing an unlimited enterprise data platform for live data queries, analytics, insights, and preservation. The Singularity XDR platform from SentinelOne was created to automatically defend against security attacks by treating cybersecurity as a data problem. AI models use data sets to identify whether behaviors are benign or malicious in real-time. Individual data points are automatically linked to create machine-made contextualized stories for visibility and reaction across the company. Threat hunters can outperform their opponents using EDR and XDR hunting queries, which provide curated data sets. SentinelOne's autonomous cybersecurity is built on a foundation of data expertise. Processing petabytes of data, increasing at an exponential scale, and doing it in real-time has been a part of our path to providing market-leading autonomous cybersecurity. “For cybersecurity to be effective, it must make split-second autonomous decisions because every millisecond matters. The way SentinelOne solves cybersecurity with data-inspired us to apply our expertise beyond cybersecurity to a wide range of enterprise use cases,” “Our enterprise customers have the same data needs as SentinelOne - the ability to understand and action live data sets at speed. We’re announcing DataSet because we believe every business benefits from the power of understanding and acting on its data. Instantaneous, easy to use, and efficient understanding of a data set is the key to making better business decisions.” Tomer Weingarten, CEO, SentinelOne DataSet is a flexible cloud-native enterprise data platform for all forms of data, both current and historical, at petabyte size. DataSet can process massive amounts of live data in real-time, delivering log management, data analytics, and alerting with unparalleled speed, performance, and efficiency - built on a security and privacy-first foundation - by eliminating data schema requirements from the ingestion process and index limitations from querying. Data-Defined Era “Distributed cloud infrastructure and containerized applications contribute to a vast amount of fast-moving data. The amount of data created in the next three years will be more than the data created over the past 30 years,” said Stephen Elliot, Group VP, Research IT, Cloud Operations, and DevOps at IDC. “The ability to cost-effectively analyze data at scale will become a necessity for every organization.” DataSet Market Adoption “With DataSet, our engineering, infrastructure, and security teams have one single source of truth to make data-driven decisions. We no longer have to stitch context across teams and use cases,” said Joshua Danielson, Chief Information Security Officer at Copart. “DataSet enables us to act based on data, reduce time to detect and resolve anomalies, and maintain security posture.” “Before DataSet, there was no central management of logs due to the diverse technologies at TomTom. Having to search multiple tools was holding us back, certainly during incidents,” said Carl Meert, Product Manager SRE and Observability at TomTom. “DataSet unifies all of our data from all sources. As a result, we are now much faster at detecting and responding to incidents.” Experience DataSet SentinelOne has named Rahul Ravulur to lead DataSet as part of the launch. He has over 25 years of experience designing and operating large-scale enterprise solutions, most recently as the product lead at Splunk. Ravulur will oversee the DataSet business to gain traction with the world's premier data-driven companies. “SentinelOne is taking a bold step to externalize its data expertise - to help all businesses unlock the power of their data,” said Ravulur. “With the launch of DataSet, we help organizations overcome the slow, costly legacy platforms that can’t handle the scalability requirements of tomorrow. DataSet is built for the future of data insights and action.”

Read More