Home > News > featured news > Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS

SOFTWARE SECURITY

Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS

Palo Alto Networks | June 24, 2022

Palo Alto Networks
Over the last two years, organizations have expanded their use of cloud environments by more than 25%. Many are now struggling to manage the technical complexity of cloud migration, including the ability to secure their applications across the entire application development lifecycle. Palo Alto Networks (NASDAQ: PANW), a leader in The Forrester Wave™: Cloud Workload Security, Q1 2022, today announced the addition of Out-of-Band Web Application and API Security (Out-of-Band WAAS) to Prisma® Cloud to help organizations secure web applications with maximum flexibility.

Until now, a primary industry approach to securing web applications has been to deploy inline web application firewalls (WAFs). Some organizations are reluctant to introduce WAFs or API security solutions inline, however, due to performance and scalability concerns. With today's announcement, Prisma Cloud can provide organizations with deep web and API security both inline and out of band, allowing them to choose how to protect their applications in the cloud.

"Companies no longer have to decide between application security and performance. By adding Out-of-Band WAAS to Prisma Cloud, we are empowering customers with flexible security options that fit their evolving application needs," said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. "As more organizations move workloads to the cloud, the capabilities that make up Prisma Cloud help provide the most complete protection, reducing complexity and increasing visibility across infrastructure, workloads, identities and applications."

"As organizations increasingly build and deploy their applications in the cloud, protecting their business-critical applications without impacting performance has been a challenge. "Adding the option of Out-of-Band WAAS helps both developer and security teams secure their applications with the same level of security as traditional in-line WAFs and API security without impacting performance."

Melinda Marks, senior analyst, ESG

In addition to Out-of-Band WAAS, Prisma Cloud is getting new threat detection, alert prioritization and permissions management capabilities to help provide organizations with deeper, unified visibility across their entire cloud application portfolio:

  • Multicloud Graph View for Cloud Infrastructure Entitlement Management (CIEM): Discover over-privileged accounts and understand access risk across multicloud environments. Prisma Cloud now provides a graph view of the net effective permissions across AWS, Microsoft Azure and Google Cloud.
  • Multicloud Agentless Cloud Workload Protection: Extend visibility into cloud workloads and application risks across Azure and Google Cloud, in addition to AWS, to complement existing agent-based protection.
  • DNS-Based Threat Detection: Surface malicious activity and anomalous behavior in cloud environments. Prisma Cloud Threat Detection now leverages machine learning (ML) and advanced threat intelligence to identify bad actors hiding in DNS traffic.
  • MITRE ATT&CK® Alert Prioritization: Enable security teams to prioritize risks and incidents based on the industry's most widely adopted framework.

About Palo Alto Networks
Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Spotlight

PKI Problems: 7 Reasons Why Teams Struggle with PKI and Certificate Management

Whether public key infrastructure (PKI) is your passion or it’s something you wouldn’t touch with a 39-and-a-half-foot pole, it’s without a doubt become critical to the security of your organization. A rare few companies have an in-house expert or even an entire team dedicated to PKI, but for most, it’s more of a “hot potato” th

More featured news

Spotlight

PKI Problems: 7 Reasons Why Teams Struggle with PKI and Certificate Management

Whether public key infrastructure (PKI) is your passion or it’s something you wouldn’t touch with a 39-and-a-half-foot pole, it’s without a doubt become critical to the security of your organization. A rare few companies have an in-house expert or even an entire team dedicated to PKI, but for most, it’s more of a “hot potato” th

Related News

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Lacework Unifies Entitlements Management and Threat Detection for Simplified Cloud Security

Prnewswire | June 07, 2023

Lacework, the data-driven security platform, today announced new CIEM functionality that empowers teams to gain observability of all cloud identities, know precisely who can perform what actions, and easily identify which identities pose the greatest risk. Furthermore, Lacework's actionable approach to CIEM provides customers with recommendations on how to reduce their identity risk. By combining these new capabilities with cloud security posture management, attack path analysis, and threat detection into a single platform, Lacework gives customers a clear understanding of their cloud identity landscape, visibility into cloud identity and access management (IAM) misconfigurations and exposed secrets, and continuous discovery of identity threats. The benefits of public cloud come with complex challenges in managing identity risk. With over 35,000 granular permissions across hyperscale cloud providers, organizations struggle to limit unnecessary access. Most cloud users and instances are granted far more permissions than they actually need, leaving organizations highly exposed to cloud breach, account takeover, and data exfiltration. And the fact that machine identities in the cloud typically outnumber humans by an order of magnitude intensifies the issue. "Enforcing least privilege and having visibility of identities and entitlements is a top cloud security challenge for IDC clients. With this innovation from Lacework, security teams can automatically see which identities are overly-permissive, and zero in on the ones that pose the greatest risk," said Philip Bues, Research Manager for Cloud Security, at IDC. "Beyond prioritizing risks, this will also allow teams to confidently suggest policy changes and reduce their overall attack surface risk." Preventing Cloud Identity Risk with New Entitlement Management Technology Lacework dynamically discovers cloud user, resource, group and role identities and their net-effective permissions and then automatically correlates granted versus used permissions to determine identities with excessive privileges. The platform calculates a risk score for each identity, determines the riskiest identities based on attack path analysis, and auto-generates high-confidence recommendations for right-sizing permissions based on historical observations. This means Lacework not only informs customers of risky identities and entitlements, but also shows those identities that are hardly used or even need entitlements to begin with. "CIEM is a vital facet of a comprehensive cloud security strategy," said Paolo del Mundo, Director of Application Security, The Motley Fool. "It's encouraging to see Lacework incorporating this into their well-rounded CNAPP solution, potentially providing a robust response to the challenge of managing cloud access permissions effectively." Combined with Lacework's ability to prioritize risks from an attack path context, as well as detect user and entity behavior anomalies, customers are able to: Continuously comply with IAM security and regulatory compliance requirements. Identify cloud user, application and service identities, know exactly what actions each can take, and prioritize the identities that pose the greatest risk. Limit the blast radius of compromised cloud accounts, achieve least privilege, and establish trust with engineering teams. Continuously discover risky behavior, including lateral movement and privilege escalation, without needing to write rules or stitching together disparate alerts. Rapidly detect insider threats associated with malicious or accidental abuse of permissions. "Our customers need to know what entities are actually doing in their cloud and whether it's malicious or inappropriate, and it can't get in the way of their ability to move fast," said Adam Leftik, Vice President, Product, Lacework. "Now Lacework customers can address both sides of the identity security issue with a single platform that prevents identity risk exposure and detects identity threats at scale, with the context to quickly investigate, prioritize, and respond to identity alerts. It's the latest step in our mission to give enterprises the confidence to rapidly innovate in the cloud and drive their business forward." About Lacework Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization's AWS, Azure, Google Cloud, and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at www.lacework.com.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Secureworks Unifies Industrial Cybersecurity with the First Integrated MDR Solution for OT and IT

Prnewswire | June 02, 2023

Secureworks® (NASDAQ: SCWX), a global leader in cybersecurity, today announced two new offerings to unify the way industrial organizations prevent, detect, and respond to threats across the OT and IT landscapes. Taegis XDR for OT – Secureworks award-winning XDR platform that combines intelligence from OT with security telemetry across the IT landscape into a single unified threat prevention, detection and response platform. The platform is for Managed Security Service Providers (MSSPs) who want to deliver Managed Detection and Response (MDR) solutions, and for organizations that manage their own SOCs. Taegis ManagedXDR for OT – Secureworks MDR offering that empowers industrial organizations, such as manufacturers, to secure both OT and IT environments with a team of security experts detecting, investigating, and responding to threats 24x7. The convergence of OT and IT in the industrial sector brings technological and economic benefits, but also increases risk. The more OT systems are digitally connected, the larger the overall attack surface becomes, making OT an increasingly attractive target for threat actors. This, combined with a global cybersecurity talent shortage numbering in the millions, has led to unprecedented levels of cyberattacks impacting the industrial sector. According to Gartner®1, manufacturing companies are now among the most targeted for cyberattacks, comprising 23% of all attacks. Secureworks Counter Threat Unit™ data shows that approximately 22% of Secureworks' emergency incident response engagements between April 2022 and April 2023 were in the manufacturing industry alone. Manufacturing made up 20% of all ransomware-based incident response engagements that Secureworks remediated in the same period. Gartner also predicts that by 2025, 70% of asset-intensive organizations will have converged their security functions across both enterprise and operational environments.2 Yet, in industrial environments overall, OT is often managed differently from IT with no centralized visibility across both. "As OT and IT systems infrastructure becomes more interdependent and connected, the risks from threats traversing these environments are rapidly escalating," said Dave Gruber, Principal Analyst with Enterprise Security Group. "Security operations teams need visibility into the combined OT/IT environment to detect, investigate, and respond to these complex threats. Secureworks' move to offer a specialized OT security solution by leveraging its own, proven Taegis XDR platform highlights the importance of this increasing threat." "Industrial organizations will continue to be challenged by an expanding attack surface and evolving threat landscape. Their risks include unplanned shutdowns, financial losses, and harm to human populations that rely on critical services," said Kyle Falkenhagen, Chief Product Officer, Secureworks. "And the potential costs are staggering. For example, manufacturers lose an average of $148 per second3 of unplanned downtime – almost $9,000 per minute. As a managed solution that unifies threat prevention, detection and response of OT and IT into a single platform, Secureworks helps organizations with OT environments reduce cyber risks and enhance their security postures as they complete their digital transformations," Falkenhagen concluded. Taegis ManagedXDR for OT Industrial organizations can reduce risk by bringing Taegis XDR's threat monitoring, detection, investigation and response capabilities across both OT and IT environments, eliminating the visibility challenges often associated with OT and IT systems. Taegis XDR is already used by five of the top 20 manufacturers in the world. Now, with the first integrated MDR solution for OT and IT, organizations can unify their security monitoring and visibility strategies under a single platform, while gaining the benefits of a fully managed security solution using Taegis ManagedXDR. The solution includes: 24x7 threat monitoring with unlimited access to security experts in 90 seconds or less, collaborative design of OT and IT response processes, customizable rules and playbooks, quarterly expert security reviews, monthly threat hunting, onboarding support, and access to proactive services (including incident response planning and adversarial testing). Taegis XDR platform, a SaaS security platform that processes more than 640 billion events daily across more than 2,000 customers to enable superior detection and response. The Taegis platform integrates feeds from third-party tools that are normalized and analyzed, along with Secureworks own proprietary data and global threat intelligence curated by the Counter Threat Unit. Secureworks Taegis endpoint agent and the Secureworks Taegis iSensor IDS/IPS device for monitoring IT and OT traffic. Integrations with leading OT solutions. Hundreds of out-of-the-box integrations across different technology solutions including Google, Mimecast, AWS, Microsoft, and Netskope among others. Access to a full suite of proactive security testing services to raise cyber resiliency across OT and IT environments. Secureworks brings the power of Taegis XDR to OT environments by delivering: Superior threat detection and unmatched response across OT and IT environments through the Taegis XDR platform. Taegis XDR uses advanced analytics and machine learning to discover stealthy threats while automatically prioritizing the most serious threats. The platform includes more than 700,000 curated threat indicators and 20,000 curated countermeasures. Designed as an open platform, Taegis continuously interprets telemetry from proprietary and third-party sources while providing the best support for environments with endpoint solutions from different providers. Vast insights into threats targeting industrial environments. The Secureworks Counter Threat Unit research team analyzes and uncovers new threats targeting industrial environments, from manufacturers to critical infrastructure services, using over 20 years of defending organizations all over the world. Threat insights are developed from elite threat researchers tracking over 175 active threat groups, findings from over 3,000 incident response and testing engagements each year, and a diversity of attack data from Taegis. About Secureworks Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers' ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Contrast Security Positioned as a Visionary in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

Prnewswire | May 30, 2023

Contrast Security (Contrast), the code security platform built for developers and trusted by security, today announced it has been recognized as a Visionary by Gartner in the new "Magic Quadrant for Application Security Testing" for 2023. We believe the recognition further validates that the Contrast Secure Code Platform is a strong fit for organizations looking to improve their application security posture. "The application security testing market continues to be saturated with solutions that lack context and overwhelm DevSecOps teams with false positives," said Steven Phillips, Vice President of Product Marketing at Contrast Security. "We've listened to feedback from our customers and have put a focus on delivering a comprehensive platform that helps overcome these challenges. It's encouraging to see our position within the Magic Quadrant due to our Ability to Execute and the Completeness of our Vision. We provide customers with the tools they need to deploy real-time security tools accurately." The Contrast Secure Code Platform provides customers the ability to "Shift Smart" allowing DevSecOps teams to apply security testing throughout the development process across the entire software development lifecycle. As the only unified code security platform on the market, Contrast leverages the power of instrumentation to embed security within the application's runtime. This solves the challenges of legacy application security tools present in modern software environments. Furthermore, this inside-outside approach allows organizations to very cleanly combine results from the various tools, coordinate actions between them and write and execute complex security and testing policies with very little overhead visible to developers. Those are the features that more complex offerings often fail to achieve. A full, complimentary copy of the Gartner "Magic Quadrant for Application Security Testing" for 2023 can be downloaded here. About Gartner Magic Quadrant Gartner evaluates companies based on completeness of vision and ability to execute criteria. Evaluation criteria for completeness of vision include market understanding, market strategy, sales strategy, offering (product) strategy, business model, vertical/industry strategy, innovation, and geographic strategy. Criteria for a vendor's ability to execute include product or service, overall viability, sales execution/pricing, market responsiveness/record, marketing execution, customer experience, and operations. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. About Contrast Security (Contrast) A world-leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete Software Development Life Cycle (SDLC) with Contrast to protect against today's targeted Application Security (AppSec) attacks. Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today's pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of Common Vulnerabilities and Exposure (CVEs). This allows security teams to avoid spending time focusing on false positives so as to remediate true vulnerabilities faster. Contrast's platform solutions for code assessment, testing, protection, serverless, supply chain, application programming interfaces (APIs) and languages help enterprises achieve true DevSecOps transformation and compliance. Contrast protects against major cybersecurity attacks for its customer base, which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, Sompo Japan and The American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM, GuidePoint Security, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers. The growing demand for the world's only platform for code security has landed the company on some of the most prestigious lists, including the Inc. 5000 List of America's Fastest-Growing Companies and the Deloitte Technology Fast 500 List of fastest-growing companies.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Lacework Unifies Entitlements Management and Threat Detection for Simplified Cloud Security

Prnewswire | June 07, 2023

Lacework, the data-driven security platform, today announced new CIEM functionality that empowers teams to gain observability of all cloud identities, know precisely who can perform what actions, and easily identify which identities pose the greatest risk. Furthermore, Lacework's actionable approach to CIEM provides customers with recommendations on how to reduce their identity risk. By combining these new capabilities with cloud security posture management, attack path analysis, and threat detection into a single platform, Lacework gives customers a clear understanding of their cloud identity landscape, visibility into cloud identity and access management (IAM) misconfigurations and exposed secrets, and continuous discovery of identity threats. The benefits of public cloud come with complex challenges in managing identity risk. With over 35,000 granular permissions across hyperscale cloud providers, organizations struggle to limit unnecessary access. Most cloud users and instances are granted far more permissions than they actually need, leaving organizations highly exposed to cloud breach, account takeover, and data exfiltration. And the fact that machine identities in the cloud typically outnumber humans by an order of magnitude intensifies the issue. "Enforcing least privilege and having visibility of identities and entitlements is a top cloud security challenge for IDC clients. With this innovation from Lacework, security teams can automatically see which identities are overly-permissive, and zero in on the ones that pose the greatest risk," said Philip Bues, Research Manager for Cloud Security, at IDC. "Beyond prioritizing risks, this will also allow teams to confidently suggest policy changes and reduce their overall attack surface risk." Preventing Cloud Identity Risk with New Entitlement Management Technology Lacework dynamically discovers cloud user, resource, group and role identities and their net-effective permissions and then automatically correlates granted versus used permissions to determine identities with excessive privileges. The platform calculates a risk score for each identity, determines the riskiest identities based on attack path analysis, and auto-generates high-confidence recommendations for right-sizing permissions based on historical observations. This means Lacework not only informs customers of risky identities and entitlements, but also shows those identities that are hardly used or even need entitlements to begin with. "CIEM is a vital facet of a comprehensive cloud security strategy," said Paolo del Mundo, Director of Application Security, The Motley Fool. "It's encouraging to see Lacework incorporating this into their well-rounded CNAPP solution, potentially providing a robust response to the challenge of managing cloud access permissions effectively." Combined with Lacework's ability to prioritize risks from an attack path context, as well as detect user and entity behavior anomalies, customers are able to: Continuously comply with IAM security and regulatory compliance requirements. Identify cloud user, application and service identities, know exactly what actions each can take, and prioritize the identities that pose the greatest risk. Limit the blast radius of compromised cloud accounts, achieve least privilege, and establish trust with engineering teams. Continuously discover risky behavior, including lateral movement and privilege escalation, without needing to write rules or stitching together disparate alerts. Rapidly detect insider threats associated with malicious or accidental abuse of permissions. "Our customers need to know what entities are actually doing in their cloud and whether it's malicious or inappropriate, and it can't get in the way of their ability to move fast," said Adam Leftik, Vice President, Product, Lacework. "Now Lacework customers can address both sides of the identity security issue with a single platform that prevents identity risk exposure and detects identity threats at scale, with the context to quickly investigate, prioritize, and respond to identity alerts. It's the latest step in our mission to give enterprises the confidence to rapidly innovate in the cloud and drive their business forward." About Lacework Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization's AWS, Azure, Google Cloud, and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at www.lacework.com.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Secureworks Unifies Industrial Cybersecurity with the First Integrated MDR Solution for OT and IT

Prnewswire | June 02, 2023

Secureworks® (NASDAQ: SCWX), a global leader in cybersecurity, today announced two new offerings to unify the way industrial organizations prevent, detect, and respond to threats across the OT and IT landscapes. Taegis XDR for OT – Secureworks award-winning XDR platform that combines intelligence from OT with security telemetry across the IT landscape into a single unified threat prevention, detection and response platform. The platform is for Managed Security Service Providers (MSSPs) who want to deliver Managed Detection and Response (MDR) solutions, and for organizations that manage their own SOCs. Taegis ManagedXDR for OT – Secureworks MDR offering that empowers industrial organizations, such as manufacturers, to secure both OT and IT environments with a team of security experts detecting, investigating, and responding to threats 24x7. The convergence of OT and IT in the industrial sector brings technological and economic benefits, but also increases risk. The more OT systems are digitally connected, the larger the overall attack surface becomes, making OT an increasingly attractive target for threat actors. This, combined with a global cybersecurity talent shortage numbering in the millions, has led to unprecedented levels of cyberattacks impacting the industrial sector. According to Gartner®1, manufacturing companies are now among the most targeted for cyberattacks, comprising 23% of all attacks. Secureworks Counter Threat Unit™ data shows that approximately 22% of Secureworks' emergency incident response engagements between April 2022 and April 2023 were in the manufacturing industry alone. Manufacturing made up 20% of all ransomware-based incident response engagements that Secureworks remediated in the same period. Gartner also predicts that by 2025, 70% of asset-intensive organizations will have converged their security functions across both enterprise and operational environments.2 Yet, in industrial environments overall, OT is often managed differently from IT with no centralized visibility across both. "As OT and IT systems infrastructure becomes more interdependent and connected, the risks from threats traversing these environments are rapidly escalating," said Dave Gruber, Principal Analyst with Enterprise Security Group. "Security operations teams need visibility into the combined OT/IT environment to detect, investigate, and respond to these complex threats. Secureworks' move to offer a specialized OT security solution by leveraging its own, proven Taegis XDR platform highlights the importance of this increasing threat." "Industrial organizations will continue to be challenged by an expanding attack surface and evolving threat landscape. Their risks include unplanned shutdowns, financial losses, and harm to human populations that rely on critical services," said Kyle Falkenhagen, Chief Product Officer, Secureworks. "And the potential costs are staggering. For example, manufacturers lose an average of $148 per second3 of unplanned downtime – almost $9,000 per minute. As a managed solution that unifies threat prevention, detection and response of OT and IT into a single platform, Secureworks helps organizations with OT environments reduce cyber risks and enhance their security postures as they complete their digital transformations," Falkenhagen concluded. Taegis ManagedXDR for OT Industrial organizations can reduce risk by bringing Taegis XDR's threat monitoring, detection, investigation and response capabilities across both OT and IT environments, eliminating the visibility challenges often associated with OT and IT systems. Taegis XDR is already used by five of the top 20 manufacturers in the world. Now, with the first integrated MDR solution for OT and IT, organizations can unify their security monitoring and visibility strategies under a single platform, while gaining the benefits of a fully managed security solution using Taegis ManagedXDR. The solution includes: 24x7 threat monitoring with unlimited access to security experts in 90 seconds or less, collaborative design of OT and IT response processes, customizable rules and playbooks, quarterly expert security reviews, monthly threat hunting, onboarding support, and access to proactive services (including incident response planning and adversarial testing). Taegis XDR platform, a SaaS security platform that processes more than 640 billion events daily across more than 2,000 customers to enable superior detection and response. The Taegis platform integrates feeds from third-party tools that are normalized and analyzed, along with Secureworks own proprietary data and global threat intelligence curated by the Counter Threat Unit. Secureworks Taegis endpoint agent and the Secureworks Taegis iSensor IDS/IPS device for monitoring IT and OT traffic. Integrations with leading OT solutions. Hundreds of out-of-the-box integrations across different technology solutions including Google, Mimecast, AWS, Microsoft, and Netskope among others. Access to a full suite of proactive security testing services to raise cyber resiliency across OT and IT environments. Secureworks brings the power of Taegis XDR to OT environments by delivering: Superior threat detection and unmatched response across OT and IT environments through the Taegis XDR platform. Taegis XDR uses advanced analytics and machine learning to discover stealthy threats while automatically prioritizing the most serious threats. The platform includes more than 700,000 curated threat indicators and 20,000 curated countermeasures. Designed as an open platform, Taegis continuously interprets telemetry from proprietary and third-party sources while providing the best support for environments with endpoint solutions from different providers. Vast insights into threats targeting industrial environments. The Secureworks Counter Threat Unit research team analyzes and uncovers new threats targeting industrial environments, from manufacturers to critical infrastructure services, using over 20 years of defending organizations all over the world. Threat insights are developed from elite threat researchers tracking over 175 active threat groups, findings from over 3,000 incident response and testing engagements each year, and a diversity of attack data from Taegis. About Secureworks Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers' ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Contrast Security Positioned as a Visionary in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

Prnewswire | May 30, 2023

Contrast Security (Contrast), the code security platform built for developers and trusted by security, today announced it has been recognized as a Visionary by Gartner in the new "Magic Quadrant for Application Security Testing" for 2023. We believe the recognition further validates that the Contrast Secure Code Platform is a strong fit for organizations looking to improve their application security posture. "The application security testing market continues to be saturated with solutions that lack context and overwhelm DevSecOps teams with false positives," said Steven Phillips, Vice President of Product Marketing at Contrast Security. "We've listened to feedback from our customers and have put a focus on delivering a comprehensive platform that helps overcome these challenges. It's encouraging to see our position within the Magic Quadrant due to our Ability to Execute and the Completeness of our Vision. We provide customers with the tools they need to deploy real-time security tools accurately." The Contrast Secure Code Platform provides customers the ability to "Shift Smart" allowing DevSecOps teams to apply security testing throughout the development process across the entire software development lifecycle. As the only unified code security platform on the market, Contrast leverages the power of instrumentation to embed security within the application's runtime. This solves the challenges of legacy application security tools present in modern software environments. Furthermore, this inside-outside approach allows organizations to very cleanly combine results from the various tools, coordinate actions between them and write and execute complex security and testing policies with very little overhead visible to developers. Those are the features that more complex offerings often fail to achieve. A full, complimentary copy of the Gartner "Magic Quadrant for Application Security Testing" for 2023 can be downloaded here. About Gartner Magic Quadrant Gartner evaluates companies based on completeness of vision and ability to execute criteria. Evaluation criteria for completeness of vision include market understanding, market strategy, sales strategy, offering (product) strategy, business model, vertical/industry strategy, innovation, and geographic strategy. Criteria for a vendor's ability to execute include product or service, overall viability, sales execution/pricing, market responsiveness/record, marketing execution, customer experience, and operations. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. About Contrast Security (Contrast) A world-leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete Software Development Life Cycle (SDLC) with Contrast to protect against today's targeted Application Security (AppSec) attacks. Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today's pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of Common Vulnerabilities and Exposure (CVEs). This allows security teams to avoid spending time focusing on false positives so as to remediate true vulnerabilities faster. Contrast's platform solutions for code assessment, testing, protection, serverless, supply chain, application programming interfaces (APIs) and languages help enterprises achieve true DevSecOps transformation and compliance. Contrast protects against major cybersecurity attacks for its customer base, which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, Sompo Japan and The American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM, GuidePoint Security, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers. The growing demand for the world's only platform for code security has landed the company on some of the most prestigious lists, including the Inc. 5000 List of America's Fastest-Growing Companies and the Deloitte Technology Fast 500 List of fastest-growing companies.

Read More

More featured news