Home > News > featured news > Picus Security brings automated security validation to businesses of all sizes

PLATFORM SECURITY

Picus Security brings automated security validation to businesses of all sizes

Picus Security | November 10, 2022 | Read time : 04:00 min

Picus Security brings automated security validation to businesses
Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced the availability of its next-generation security validation technology. The new Picus Complete Security Validation Platform levels up the company's attack simulation capabilities to remove barriers of entry for security teams. It enables any size organization to automatically validate the performance of security controls, discover high-risk attack paths to critical assets and optimize SOC effectiveness.

"Picus helped create the attack simulation market, and now we're taking it to the next level, By pushing the boundaries of automated security validation and making it simpler to perform, our new platform enables organizations even without large in-house security teams to identify and address security gaps continuously."

- H. Alper Memis, Picus Security CEO and Co-Founder

The all-new-and-improved Picus platform extends Picus's capabilities beyond security control validation to provide a more holistic view of security risks inside and outside corporate networks. It consists of three individually licensable products:
  • Security Control Validation - simulates ransomware and other real-world cyber threats to help measure and optimize the effectiveness of security controls to prevent and detect attacks.
  • Attack Path Validation - assesses an organization's security posture from an 'assume breach' perspective by performing lateral movement and other evasive actions to identify high-risk attack paths to critical systems and users.
  • Detection Rule Validation - analyzes the health and performance of SIEM detection rules to ensure that SOC teams are reliably alerted to threats and can eliminate false positives.

A global cybersecurity workforce gap of 3.4 million professionals∗ means automated security validation is now essential to reduce manual workloads and help security teams respond to threats sooner. Recently, the US's Cybersecurity and Infrastructure Security Agency (CISA) and UK's National Cyber Security Centre (NCSC) published a joint advisory recommending organizations test their defenses continually and at scale against the latest techniques used by attackers.

Insights from point-in-time testing are quickly outdated and do not give security teams a complete view of their security posture, With the Picus platform, security teams benefit from actionable insights to optimize security effectiveness whenever new threats arise, not once a quarter. With our new capabilities, these insights are now deeper and cover even more aspects of organizations' controls and critical infrastructure, said Volkan Erturk, Picus Security CTO and Co-Founder.

About Picus Security
Picus Security is the pioneer of Breach and Attack Simulation (BAS). The Picus Complete Security Validation Platform is trusted by leading organizations worldwide to continuously validate security effectiveness and deliver actionable insights to strengthen resilience 24/7. Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners. Picus has been named a 'Cool Vendor' by Gartner and is cited by Frost & Sullivan as one of the most innovative players in the BAS market.

Spotlight

Measuring the ROI of Cyber Security

Moving forward, leaders will need to see measurable data to justify cyber security purchases. Frank Dickson, Group Vice President of IDC’s Security and Trust practice, discusses why measuring ROI of your cyber security investments is crucial.

More featured news

Spotlight

Measuring the ROI of Cyber Security

Moving forward, leaders will need to see measurable data to justify cyber security purchases. Frank Dickson, Group Vice President of IDC’s Security and Trust practice, discusses why measuring ROI of your cyber security investments is crucial.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Mendix and Software Improvement Group Introduced a New Cybersecurity Solution

Mendix | January 24, 2023

Mendix, a Siemens business and world leader in modern enterprise app development, and Software Improvement Group (SIG), a unique technology and advisory firm for software quality, security, and improvement, have announced the launch of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to address risks and vulnerabilities immediately. Sigrid®, SIG's software assurance guidance platform, powers Mendix QSM. It delivers a complete perspective on the effect of security findings on business goals by combining more than 20 top-tier security scanning technologies. With Mendix QSM, the users can scan their Mendix apps, including third-party libraries, for security flaws and incorrectly configured security models, rank for compliance with major industry standards such as OWASP, ISO 5055, and PCI, and receive risk mitigation recommendations and clear guidance. Mendix QSM is based on application model static analysis. SIG experts have mapped Mendix models to the ISO 25010 maintainability model using Mendix model metadata. This enables its applications to be compared against a database of thousands of projects, including open-source initiatives. Mendix QSM also presents a five-star rating of the quality of the software. About Mendix Mendix is an industry-leading low-code application development platform for enterprises. With Mendix, you can transform a spreadsheet into an app, establish a portfolio of enterprise-wide apps, and upgrade a core system, among other things. In addition, the platform provides continuous collaboration between software developers and users, speeds up the application development lifecycle, and enables iterative deployment at scale. As a result, businesses can rapidly develop modern, adaptable applications with a tool that maintains the highest levels of security, quality, and governance. The platform has been used by over 4,000 of the world's leading enterprises. Mendix is a division of Siemens. About Software Improvement Group (SIG) Software Improvement Group (SIG) assists companies in gaining confidence in the technology they trust. Its mission is to get the software right for a healthier digital world by combining intelligent technology with human expertise. It drills into the build quality of enterprise software and architecture by monitoring, measuring, and benchmarking it against the world's largest software analysis database. As a result, organizations can use software assurance to uncover the variables driving the total cost of ownership of the software and make fact-based decisions to lower costs, reduce risk, improve time to market, and accelerate digital transformation.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Cloudflare Announces New Suite of Email Security and Data Protection Solutions

Cloudflare | January 12, 2023

On 11 Jan 2023, Cloudflare, Inc., a leading cybersecurity solutions provider focused on building a better internet, announced multiple new Zero Trust email security tools, compatible with any email provider. The solution prevents sensitive data exfiltration via email, guard employees against multichannel phishing attacks, and help businesses simplify and accelerate deployments. Cloudflare offers organizations simple and reliable phishing and malware protection that is deeply incorporated with its Zero Trust platform, helping organizations secure all their data and applications. “You can’t have a complete Zero Trust solution without securing email, given that a huge proportion of all cyberattacks begin with phishing,” stated the Co-Founder and CEO of Cloudflare, Matthew Prince. “In 2022, Cloudflare Area 1 identified and kept almost 2.3 billion unwanted messages out of customer inboxes. Today we’re filling a void in the marketplace that has been underinvested in for the last ten years, with the first set of deeply integrated solutions that bring together Cloudflare Area 1 email security and our Zero Trust platform,” he added. (Source: Businesswire) Email is one of the most pervasive and exploited tools used by businesses daily. According to the FBI’s most recent Internet Crime Report, email account compromise and business email compromise led to U.S. companies losing nearly US$ 2.4 billion. In addition, email is one of the most complex tools for businesses to secure, involving a massive drain on IT team resources, multiple vendors, and complex deployments. Cloudflare’s Zero Trust SASE platform will allow customers to deploy email security and data protection tools that are comprehensively linked with their current security stack and compatible with any email service provider. Cloudflare One offers a comprehensive Zero Trust SASE platform that is built into Cloudflare’s global network, which spans over 275 cities in over 100 countries. This deeply embedded approach makes it easy to set up in just a few clicks without switching email providers. With Cloudflare Area 1’s new solutions, companies can automatically isolate questionable email attachments and links, identify and prevent data leaks, and rapidly onboard new Microsoft 365 domains. About Cloudflare Headquartered in San Francisco, California, Cloudflare safeguards and speed up any Internet-based application without installing software, adding hardware, or modifying a single line of code. As a result, the company’s clients experience significant improvement in performance and a reduction in spam and other attacks. Founded in 2009, the organization ranks amongst the 50 most innovative companies worldwide by Fast Company, is acknowledged by the World Economic Forum as a Technology Pioneer, and has been named the Most Innovative Network & Internet Technology Company for two consecutive years by the Wall Street Journal.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Mendix and Software Improvement Group Introduced a New Cybersecurity Solution

Mendix | January 24, 2023

Mendix, a Siemens business and world leader in modern enterprise app development, and Software Improvement Group (SIG), a unique technology and advisory firm for software quality, security, and improvement, have announced the launch of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to address risks and vulnerabilities immediately. Sigrid®, SIG's software assurance guidance platform, powers Mendix QSM. It delivers a complete perspective on the effect of security findings on business goals by combining more than 20 top-tier security scanning technologies. With Mendix QSM, the users can scan their Mendix apps, including third-party libraries, for security flaws and incorrectly configured security models, rank for compliance with major industry standards such as OWASP, ISO 5055, and PCI, and receive risk mitigation recommendations and clear guidance. Mendix QSM is based on application model static analysis. SIG experts have mapped Mendix models to the ISO 25010 maintainability model using Mendix model metadata. This enables its applications to be compared against a database of thousands of projects, including open-source initiatives. Mendix QSM also presents a five-star rating of the quality of the software. About Mendix Mendix is an industry-leading low-code application development platform for enterprises. With Mendix, you can transform a spreadsheet into an app, establish a portfolio of enterprise-wide apps, and upgrade a core system, among other things. In addition, the platform provides continuous collaboration between software developers and users, speeds up the application development lifecycle, and enables iterative deployment at scale. As a result, businesses can rapidly develop modern, adaptable applications with a tool that maintains the highest levels of security, quality, and governance. The platform has been used by over 4,000 of the world's leading enterprises. Mendix is a division of Siemens. About Software Improvement Group (SIG) Software Improvement Group (SIG) assists companies in gaining confidence in the technology they trust. Its mission is to get the software right for a healthier digital world by combining intelligent technology with human expertise. It drills into the build quality of enterprise software and architecture by monitoring, measuring, and benchmarking it against the world's largest software analysis database. As a result, organizations can use software assurance to uncover the variables driving the total cost of ownership of the software and make fact-based decisions to lower costs, reduce risk, improve time to market, and accelerate digital transformation.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Cloudflare Announces New Suite of Email Security and Data Protection Solutions

Cloudflare | January 12, 2023

On 11 Jan 2023, Cloudflare, Inc., a leading cybersecurity solutions provider focused on building a better internet, announced multiple new Zero Trust email security tools, compatible with any email provider. The solution prevents sensitive data exfiltration via email, guard employees against multichannel phishing attacks, and help businesses simplify and accelerate deployments. Cloudflare offers organizations simple and reliable phishing and malware protection that is deeply incorporated with its Zero Trust platform, helping organizations secure all their data and applications. “You can’t have a complete Zero Trust solution without securing email, given that a huge proportion of all cyberattacks begin with phishing,” stated the Co-Founder and CEO of Cloudflare, Matthew Prince. “In 2022, Cloudflare Area 1 identified and kept almost 2.3 billion unwanted messages out of customer inboxes. Today we’re filling a void in the marketplace that has been underinvested in for the last ten years, with the first set of deeply integrated solutions that bring together Cloudflare Area 1 email security and our Zero Trust platform,” he added. (Source: Businesswire) Email is one of the most pervasive and exploited tools used by businesses daily. According to the FBI’s most recent Internet Crime Report, email account compromise and business email compromise led to U.S. companies losing nearly US$ 2.4 billion. In addition, email is one of the most complex tools for businesses to secure, involving a massive drain on IT team resources, multiple vendors, and complex deployments. Cloudflare’s Zero Trust SASE platform will allow customers to deploy email security and data protection tools that are comprehensively linked with their current security stack and compatible with any email service provider. Cloudflare One offers a comprehensive Zero Trust SASE platform that is built into Cloudflare’s global network, which spans over 275 cities in over 100 countries. This deeply embedded approach makes it easy to set up in just a few clicks without switching email providers. With Cloudflare Area 1’s new solutions, companies can automatically isolate questionable email attachments and links, identify and prevent data leaks, and rapidly onboard new Microsoft 365 domains. About Cloudflare Headquartered in San Francisco, California, Cloudflare safeguards and speed up any Internet-based application without installing software, adding hardware, or modifying a single line of code. As a result, the company’s clients experience significant improvement in performance and a reduction in spam and other attacks. Founded in 2009, the organization ranks amongst the 50 most innovative companies worldwide by Fast Company, is acknowledged by the World Economic Forum as a Technology Pioneer, and has been named the Most Innovative Network & Internet Technology Company for two consecutive years by the Wall Street Journal.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY

Vipre Security Group’s New Endpoint Detection & Response Technology for SMEs

VIPRE Security Group | January 19, 2023

VIPRE Security Group, an award-winning data, cybersecurity, privacy, and user protection company, recently announced the launch of its latest cybersecurity product, VIPRE Endpoint Detection & Response (EDR). VIPRE EDR is built to assist small and medium-sized businesses including their IT partners navigate the intricacies of EDR management with a single, simple-to-use console. VIPRE EDR provides a sophisticated high-performance, cloud-based solution while overcoming the problems users typically expect from an EDR solution. . This advanced technology detect better and uncovers more unusual behavior than a standalone antivirus file, process, and networking analysis solutions, while offering investigation and remediation tools to accelerate response times. The VIPRE EDR solution is based on the fundamental pillars of Detection, Investigation, Containment, and Remediation, transforming threats into intelligence and suggesting next steps for security professionals, as simply detecting a threat is insufficient. Advantages of VIPRE's Endpoint Detection and Response (EDR) System: Exploit prevention – It helps to prevent network threats with built-in DNS , intrusion protection and in-browser exploit prevention EPP/Next-generation Antivirus - VIPRE EDR, constantly scans processes, files, and network activity for known and undiscovered threats Correlated Behavior Engine - Examine endpoint behavior in greater depth to identify emergent or suspicious behavior connected across all engines Endpoint Isolation – Quickly isolates an afflicted device to prevent threat spreading Threat Incident Visualization – View and respond to all threat activity from a central location. Understand all aspects of endpoint activity related to the threat, including every user, process, file, and network activity Remote Shell - VIPRE EDR's click-button reporting enables admins instant remote access to the endpoint for a deeper look Suspicious file/link sandboxing - Detonates files and links in a private cloud sandbox for comprehensive examination and forensic investigation Integrated Vulnerability Management - App scanning and vulnerability management to close potential security gaps Built on the foundation of VIPRE's top-ranked Endpoint Security Cloud (EPP) platform, protection begins with extensive monitoring and automated blocking of malicious behavior across all endpoint processes, files, and network activity. This protection includes web, DNS and network monitoring, as well as AI-driven hostile process behavior detection. About VIPRE Security Group A part of Ziff Davis, Inc., VIPRE Security Group is a global organization specializing in cybersecurity, privacy, and data protection. It protects millions of people and businesses globally, including some very well-known brands. . For nearly 30 years, VIPRE Security Group's primary mission has been to provide easy solutions to protect against existing and potential internet threats in an ever-expanding, digitally connected world.

Read More

More featured news