Home > News > featured news > SANS Institute Introduces New Cybersecurity Training for IT Administrators

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SANS Institute Introduces New Cybersecurity Training for IT Administrators

SANS Security Awareness | February 21, 2023 | Read time : 04:00 min

SANS Institute Introduces New Cybersecurity Training for IT Administrators

On February 20, 2023, SANS Security Awareness, a subsidiary of the SANS Institute, announced the release of "Security Essentials for IT Administrators," a new short-form technical training program. This series offers a comprehensive overview of cybersecurity fundamentals, aimed primarily at those with a foundational grasp of network administration and/or IT systems to keep them updated and informed in the ever-changing cybersecurity space. As more IT professionals, like network/system administrators and engineers, take on security responsibilities, it is important for an organization's overall security to have relevant training for this group.

This series is intended to raise IT professionals' knowledge of the distinct threat landscape they face by drawing on the objectives of such popular SANS training courses as SEC301, SEC388, SEC401, and SEC504. The product line is available to enterprises seeking to improve their security preparedness and awareness by purchasing directly from SANS Security Awareness or via Microsoft's 'Defender for Office 365' bundle.

John Byrne, General Manager of SANS Security Awareness, said, "The launch of the Security Essentials for IT Administrators course marks an exciting chapter in our mission to deliver high-quality security training to professionals in the industry, especially to these users who carry unique risk because of their privileged access and advanced skill set."

(Source – Cision PR Newswire)

He added, "We are thrilled Microsoft identified SANS to provide this comprehensive technical content series to provide the necessary knowledge and skills to help protect against the most pressing security threats facing organizations across the globe. These modules offer a powerful solution to organizations seeking to bolster their security posture and streamline workforce management for technical teams."

(Source – Cision PR Newswire)

About SANS Security Awareness

Established in 1989, the SANS Institute is a cooperative research and education organization. It is the most trusted and, by far, the biggest supplier of cybersecurity certification and training for professionals in business and government institutions around the world. Reputed SANS instructors teach over 60 courses at cybersecurity events in person, online, and on demand.

SANS Security Awareness, a division of SANS, gives organizations a complete and thorough security awareness solution that makes it easy and effective for them to manage their "human" cybersecurity risk. SANS also provides the InfoSec community with a wide range of free resources, such as consensus projects, webcasts, podcasts, research reports, and newsletters. It also runs the Internet Storm Center, which is the Internet's early warning system.

Spotlight

Exam Action Plan

Answer the Demand for Certified Professionals Prepping for an (ISC)² credential, like the CISSP, is a big commitment. Maybe you’ve started, but life got in the way of your goal… We get it. That’s why we created the (ISC)² Exam Action Plan to help keep you on track for success. Because we need talented, skilled people like you w

More featured news

Spotlight

Exam Action Plan

Answer the Demand for Certified Professionals Prepping for an (ISC)² credential, like the CISSP, is a big commitment. Maybe you’ve started, but life got in the way of your goal… We get it. That’s why we created the (ISC)² Exam Action Plan to help keep you on track for success. Because we need talented, skilled people like you w

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Malwarebytes is the Most Effective Endpoint Protection According to Independent Third-Party Research Lab

Prnewswire | April 06, 2023

Malwarebytes, a global leader in real-time cyber protection, today announced that MRG Effitas, a world leader in independent IT research, gave Malwarebytes Endpoint Protection (EP) the highest possible score (100%) for the sixth consecutive quarter in its antivirus efficacy assessment. As of the latest Q4 2022 test results, Malwarebytes is the only vendor to win every MRG Effitas certification and award, outperforming other solutions in its ability to spot and stop zero-day threats, ransomware, banking malware, fileless attacks and exploits. The results underscore the company's ability to stay ahead of today's evolving threats through continuous product innovation. "The threat landscape isn't static, and Malwarebytes believes cybersecurity protection shouldn't be either," said Joe Hartmann, Senior Director of Threat Labs at Malwarebytes. "The results of this third-party test underscore the criticality of staying on top of today's threat techniques and building products that take advantage of proactive protection technologies, such as machine learning, that can spot and stop known, in the wild attacks, and zero-day threats. Delivering 100% efficacy with zero false positives is icing on the cake for most IT admins." MRG Effitas is an independent research and testing lab that evaluates endpoint protection solutions. In its latest report, MRG Effitas recognized Malwarebytes EP for its advanced security capabilities, particularly in detecting and preventing complex malware attacks. The signature and behavior-based detection techniques and proprietary anti-exploit technology of Malwarebytes EP allowed it to detect and block more malware than any other competitor in the Q4 tests. MRG Effitas Q4 2022 360° Assessment awarded Malwarebytes certificates in: Level 1 – Malwarebytes EP automatically blocked 100% of in-the-wild malware samples and prevented a simulated Botnet attack. Exploit – MRG Effitas used exploits in vulnerable applications attempting to deliver a malicious payload on a device with Malwarebytes EP. Malwarebytes autoblocked 100% of exploit/fileless attacks, protecting the system from infection. Online Banking – MRG Effitas simulated the Magecart credit card-skimming attack with Malwarebytes EP autoblocking 100% of the seven financial malware samples. Ransomware – MRG Effitas tested security products for 92 ransomware samples and three benign programs designed to mimic ransomware behavior. Malwarebytes blocked 100% of ransomware threats without any false positives, allowing the three benign programs to run. Android 360-degree – MRG Effitas conducted a separate assessment for Android devices, with Malwarebytes earning a perfect 100% score. "Malwarebytes' outstanding performance in detecting a wide range of threats across multiple attack vectors is a testament to its effectiveness," said MRG Effitas CEO Chris Pickard. "Collaboration with third-party testers like us helps drive innovation in protection. Malwarebytes' results underscore the effectiveness and importance of leveraging machine-learning driven processes to combat novel forms of malware and prevent false positives." About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes' award-winning endpoint protection, privacy and threat prevention solutions and its world-class team of threat researchers protect millions of individuals and thousands of businesses across the globe. The effectiveness and ease-of-use of Malwarebytes solutions are consistently recognized by independent third parties including MITRE Engenuity, MRG Effitas, AVLAB, AV-TEST (consumer and business), Gartner Peer Insights, G2 Crowd and CNET. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cyera Introduces Data Detection and Response and Unified Data Explorer for SaaS, IaaS and PaaS Revolutionizing Security Operations

Prnewswire | April 25, 2023

Cyera, the data security company, today unveiled revolutionary new operational capabilities in its AI-powered data security platform. The company's industry-first Unified Data Explorer provides an intuitive and easy way for security teams to understand where they manage data across their cloud landscape, and pinpoint sensitive data exposures to reduce their attack surface. To address real-time data exfiltration and sensitive exposures Cyera is announcing unified Data Detection and Response (DDR) to extend their Data Security Posture Management (DSPM) capability. Security practitioners can quickly and easily take action to remediate security exposures, and stop sensitive data exfiltration in real time. "Cyera impressed us with the ease with which we were able to understand exactly what data we are managing, where that data is stored, and how it is accessed," said Anthony Cunha, CISO at Mercury Financial. "Their platform allowed us to minimize the sensitive data we manage, improve our security posture, and assure compliance." Cyera's Unified Data Explorer allows security practitioners to deep dive into their company's data. This builds upon the deep context Cyera develops on data, and includes critical insights into security exposures, how specific data classes are distributed across cloud environments and regions, who can access the data, and the security controls that are in place. For example, the Unified Data Explorer highlights where a specific combination of data becomes identifiable. This occurs when data that is typically non-sensitive becomes highly sensitive due to its proximity to personal identifiers protected by privacy or compliance statutes. The Unified Data Explorer also enables security teams to understand who has access to a particular type of sensitive data to govern access and avoid misuse. For example, highlighting which users have access to PCI, HIPAA, or NYDFS protected data across cloud providers and environments, and remediating overly permissive access or a lack of encryption or tokenization that could lead to a breach. The solution also enables security teams to ensure that a company's employees are not abusing generative AI capabilities like ChatGPT. By dynamically developing this level of detail, Cyera pinpoints and remediates data security exposures, including misconfigurations, distribution, access issues and more. With multi cloud DDR, Cyera now identifies data exfiltration and exposures as they occur. This adds operational security capabilities to power incident response across SaaS, IaaS, and PaaS environments. Multi cloud DDR detects and remediates data exposure, configuration changes, non-sanctioned data access, and data exfiltration events as they happen across cloud platforms. For example, if a sensitive data store is made public, Cyera detects the configuration change and remediates the exposure. If a threat actor attempts to migrate data outside of the customer's cloud account or SaaS application, Cyera detects the exfiltration and immediately raises an alert. This includes the full context of the data, its sensitivity, the user, and the relevant privacy or regulatory framework violation so incident responders can take swift, decisive action to limit the impact of the breach. "In order to secure data, organizations must have a dynamic, detailed understanding of what it represents no matter where it is managed," said Yotam Segev, Cyera's CEO and co-founder. "Cyera is working with hundreds of security teams to build a unified data security platform to secure data across a multi cloud landscape. I am confident that our ability to support proactive, real-time, and incident response data security needs will be game changing for customers." To learn more about Cyera and to schedule a demo, visit https://www.cyera.io/demo or send a request to info@cyera.io. About Cyera Cyera is the data security company that gives businesses context and control over their most valuable asset: data. Cyera instantly provides companies visibility over all of their sensitive data, context over the risk it represents and their security exposure, and automated remediation to reduce the attack surface and ensure operational resilience. Backed by leading investors including Sequoia, Accel, and Cyberstarts, Cyera is redefining the way companies do cloud data security. To learn more, visit www.cyera.io.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Legit Security Announces New Partnership with Snyk

Globenewswire | April 13, 2023

Legit Security, a cyber security company with an enterprise platform that protects software delivery from code to cloud, including the software supply chain, today announced a partnership with Snyk, the leader in developer security. Together, Legit Security and Snyk help bridge the gap between security and development teams by scaling-up security from code to cloud through the combination of secure code and secure application delivery. The partnership enables organizations to greatly improve productivity by contextualizing cybersecurity risks, consolidating vulnerability management in a unified view, and prioritizing remediation to the most critical risks and applications so their businesses can stay safe while releasing trusted software fast. Today’s digital business models depend on rapid innovation, but security teams struggle to keep pace with the development of modern applications, DevOps and changing CI/CD pipelines. Legit Security helps application security teams align with iterative, fast paced DevOps models by protecting applications from code-to-cloud with automated SDLC discovery and a unified application security control plane that provides visibility, security, and governance over rapidly changing environments. By providing real-time security posture management and deep security issue context, security and development teams can rapidly prioritize security issues and accelerate their productivity, effectiveness, and collaboration. “In most organizations today, software development pipelines are unchartered highways to cloud deployment,” said Roni Fuchs, CEO and co-founder, Legit Security. “To build applications securely at scale, you need to have visibility and security control over your development environments including traceability from cloud apps back to their CI/CD software pipelines and originating source code. We are thrilled to partner with Snyk to combine our code to cloud security capabilities with their developer-first approach to secure code and open source dependencies.” “We’re excited to further our relationship with Legit Security,” said Jill Wilkins, Senior Director Global Alliances, Snyk. “As the demand for developer security grows, we are always looking to expand our partner ecosystem and help businesses all over the world capitalize on that opportunity. Our partnership with Legit Security will help us continue our mission to empower developers all over the world with developer first security, and offer our mutual customers the ability to seamlessly integrate Snyk into existing workflows, tools, and processes to help accelerate development and security team adoption of DevSecOps.” For more information, please visit Legit Security at www.legitsecurity.com. About Legit Security Legit Security protects an organization's software supply chain from attack and ensures secure application delivery, governance and risk management from code to cloud. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Malwarebytes is the Most Effective Endpoint Protection According to Independent Third-Party Research Lab

Prnewswire | April 06, 2023

Malwarebytes, a global leader in real-time cyber protection, today announced that MRG Effitas, a world leader in independent IT research, gave Malwarebytes Endpoint Protection (EP) the highest possible score (100%) for the sixth consecutive quarter in its antivirus efficacy assessment. As of the latest Q4 2022 test results, Malwarebytes is the only vendor to win every MRG Effitas certification and award, outperforming other solutions in its ability to spot and stop zero-day threats, ransomware, banking malware, fileless attacks and exploits. The results underscore the company's ability to stay ahead of today's evolving threats through continuous product innovation. "The threat landscape isn't static, and Malwarebytes believes cybersecurity protection shouldn't be either," said Joe Hartmann, Senior Director of Threat Labs at Malwarebytes. "The results of this third-party test underscore the criticality of staying on top of today's threat techniques and building products that take advantage of proactive protection technologies, such as machine learning, that can spot and stop known, in the wild attacks, and zero-day threats. Delivering 100% efficacy with zero false positives is icing on the cake for most IT admins." MRG Effitas is an independent research and testing lab that evaluates endpoint protection solutions. In its latest report, MRG Effitas recognized Malwarebytes EP for its advanced security capabilities, particularly in detecting and preventing complex malware attacks. The signature and behavior-based detection techniques and proprietary anti-exploit technology of Malwarebytes EP allowed it to detect and block more malware than any other competitor in the Q4 tests. MRG Effitas Q4 2022 360° Assessment awarded Malwarebytes certificates in: Level 1 – Malwarebytes EP automatically blocked 100% of in-the-wild malware samples and prevented a simulated Botnet attack. Exploit – MRG Effitas used exploits in vulnerable applications attempting to deliver a malicious payload on a device with Malwarebytes EP. Malwarebytes autoblocked 100% of exploit/fileless attacks, protecting the system from infection. Online Banking – MRG Effitas simulated the Magecart credit card-skimming attack with Malwarebytes EP autoblocking 100% of the seven financial malware samples. Ransomware – MRG Effitas tested security products for 92 ransomware samples and three benign programs designed to mimic ransomware behavior. Malwarebytes blocked 100% of ransomware threats without any false positives, allowing the three benign programs to run. Android 360-degree – MRG Effitas conducted a separate assessment for Android devices, with Malwarebytes earning a perfect 100% score. "Malwarebytes' outstanding performance in detecting a wide range of threats across multiple attack vectors is a testament to its effectiveness," said MRG Effitas CEO Chris Pickard. "Collaboration with third-party testers like us helps drive innovation in protection. Malwarebytes' results underscore the effectiveness and importance of leveraging machine-learning driven processes to combat novel forms of malware and prevent false positives." About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes' award-winning endpoint protection, privacy and threat prevention solutions and its world-class team of threat researchers protect millions of individuals and thousands of businesses across the globe. The effectiveness and ease-of-use of Malwarebytes solutions are consistently recognized by independent third parties including MITRE Engenuity, MRG Effitas, AVLAB, AV-TEST (consumer and business), Gartner Peer Insights, G2 Crowd and CNET. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cyera Introduces Data Detection and Response and Unified Data Explorer for SaaS, IaaS and PaaS Revolutionizing Security Operations

Prnewswire | April 25, 2023

Cyera, the data security company, today unveiled revolutionary new operational capabilities in its AI-powered data security platform. The company's industry-first Unified Data Explorer provides an intuitive and easy way for security teams to understand where they manage data across their cloud landscape, and pinpoint sensitive data exposures to reduce their attack surface. To address real-time data exfiltration and sensitive exposures Cyera is announcing unified Data Detection and Response (DDR) to extend their Data Security Posture Management (DSPM) capability. Security practitioners can quickly and easily take action to remediate security exposures, and stop sensitive data exfiltration in real time. "Cyera impressed us with the ease with which we were able to understand exactly what data we are managing, where that data is stored, and how it is accessed," said Anthony Cunha, CISO at Mercury Financial. "Their platform allowed us to minimize the sensitive data we manage, improve our security posture, and assure compliance." Cyera's Unified Data Explorer allows security practitioners to deep dive into their company's data. This builds upon the deep context Cyera develops on data, and includes critical insights into security exposures, how specific data classes are distributed across cloud environments and regions, who can access the data, and the security controls that are in place. For example, the Unified Data Explorer highlights where a specific combination of data becomes identifiable. This occurs when data that is typically non-sensitive becomes highly sensitive due to its proximity to personal identifiers protected by privacy or compliance statutes. The Unified Data Explorer also enables security teams to understand who has access to a particular type of sensitive data to govern access and avoid misuse. For example, highlighting which users have access to PCI, HIPAA, or NYDFS protected data across cloud providers and environments, and remediating overly permissive access or a lack of encryption or tokenization that could lead to a breach. The solution also enables security teams to ensure that a company's employees are not abusing generative AI capabilities like ChatGPT. By dynamically developing this level of detail, Cyera pinpoints and remediates data security exposures, including misconfigurations, distribution, access issues and more. With multi cloud DDR, Cyera now identifies data exfiltration and exposures as they occur. This adds operational security capabilities to power incident response across SaaS, IaaS, and PaaS environments. Multi cloud DDR detects and remediates data exposure, configuration changes, non-sanctioned data access, and data exfiltration events as they happen across cloud platforms. For example, if a sensitive data store is made public, Cyera detects the configuration change and remediates the exposure. If a threat actor attempts to migrate data outside of the customer's cloud account or SaaS application, Cyera detects the exfiltration and immediately raises an alert. This includes the full context of the data, its sensitivity, the user, and the relevant privacy or regulatory framework violation so incident responders can take swift, decisive action to limit the impact of the breach. "In order to secure data, organizations must have a dynamic, detailed understanding of what it represents no matter where it is managed," said Yotam Segev, Cyera's CEO and co-founder. "Cyera is working with hundreds of security teams to build a unified data security platform to secure data across a multi cloud landscape. I am confident that our ability to support proactive, real-time, and incident response data security needs will be game changing for customers." To learn more about Cyera and to schedule a demo, visit https://www.cyera.io/demo or send a request to info@cyera.io. About Cyera Cyera is the data security company that gives businesses context and control over their most valuable asset: data. Cyera instantly provides companies visibility over all of their sensitive data, context over the risk it represents and their security exposure, and automated remediation to reduce the attack surface and ensure operational resilience. Backed by leading investors including Sequoia, Accel, and Cyberstarts, Cyera is redefining the way companies do cloud data security. To learn more, visit www.cyera.io.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Legit Security Announces New Partnership with Snyk

Globenewswire | April 13, 2023

Legit Security, a cyber security company with an enterprise platform that protects software delivery from code to cloud, including the software supply chain, today announced a partnership with Snyk, the leader in developer security. Together, Legit Security and Snyk help bridge the gap between security and development teams by scaling-up security from code to cloud through the combination of secure code and secure application delivery. The partnership enables organizations to greatly improve productivity by contextualizing cybersecurity risks, consolidating vulnerability management in a unified view, and prioritizing remediation to the most critical risks and applications so their businesses can stay safe while releasing trusted software fast. Today’s digital business models depend on rapid innovation, but security teams struggle to keep pace with the development of modern applications, DevOps and changing CI/CD pipelines. Legit Security helps application security teams align with iterative, fast paced DevOps models by protecting applications from code-to-cloud with automated SDLC discovery and a unified application security control plane that provides visibility, security, and governance over rapidly changing environments. By providing real-time security posture management and deep security issue context, security and development teams can rapidly prioritize security issues and accelerate their productivity, effectiveness, and collaboration. “In most organizations today, software development pipelines are unchartered highways to cloud deployment,” said Roni Fuchs, CEO and co-founder, Legit Security. “To build applications securely at scale, you need to have visibility and security control over your development environments including traceability from cloud apps back to their CI/CD software pipelines and originating source code. We are thrilled to partner with Snyk to combine our code to cloud security capabilities with their developer-first approach to secure code and open source dependencies.” “We’re excited to further our relationship with Legit Security,” said Jill Wilkins, Senior Director Global Alliances, Snyk. “As the demand for developer security grows, we are always looking to expand our partner ecosystem and help businesses all over the world capitalize on that opportunity. Our partnership with Legit Security will help us continue our mission to empower developers all over the world with developer first security, and offer our mutual customers the ability to seamlessly integrate Snyk into existing workflows, tools, and processes to help accelerate development and security team adoption of DevSecOps.” For more information, please visit Legit Security at www.legitsecurity.com. About Legit Security Legit Security protects an organization's software supply chain from attack and ensures secure application delivery, governance and risk management from code to cloud. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

More featured news