Data Security, Platform Security

SCYTHE New Version 4.0 Enhances Collaboration Across Multiple Security Team Roles

SCYTHE
SCYTHE, a leader in adversarial emulation, announced the release of version 4.0 of the company’s flagship cybersecurity platform, offering new features and functionality that will extend capabilities for greater collaboration between blue, red, and purple teams. SCYTHE runs real-world adversary emulations that help security teams reduce detection and response rates, validate controls, and optimize resources by enabling teams to prioritize vulnerabilities, and focus on the highest risk issues to the business. Its scalable platform automates adversary emulations and expands your team’s threat intelligence skills so that you can multiply your cybersecurity team’s velocity and reduce cybersecurity risk.

SCYTHE has the largest, public library of threats in the breach attack simulation industry and has more capabilities than all other competitors combined as shown by Tidal Cyber’s Community Edition of their SaaS threat-informed defense platform.

With a redesigned UI, SCYTHE 4.0 makes threats easier to manage by bringing campaign details to the surface, allows for greater communication between team members, and makes it simpler to take action via Jira integrations—all available as an on-prem or SaaS offering. Through automation, communication, and integrations, SCYTHE 4.0 is designed to help security teams collaborate, as a purple team, on adversary emulation.

“The new SCYTHE 4.0 platform sets a new standard for adversary emulation automation for offensive, defensive, and hybrid purple teams to help customers strengthen defenses, share actionable data between teams to better resolve real-world cybersecurity concerns quickly, and improve collaboration,” said Stephanie Simpson, VP, Product. “Version 4.0 is based on feedback from our customers and prospects about what they need to optimize their teams’ breach and attack simulation (BAS) capabilities.”

In addition to this, SCYTHE’s Cyber Threat Intelligence (CTI) Team just released offerings that are complementary to the SCYTHE platform capabilities and services that can serve as an extension of your security team. This includes emergency action emulation plans, custom plans, cloud-focused plans, and emulation plans covering more diverse tactics, techniques and procedures.

What’s New With 4.0?

SCYTHE version 4.0 was designed to enhance collaboration within security teams and improve the user experience. These updates include:

  • Collaboration features — SCYTHE enables greater collaboration between blue, red, and purple teams to create and leverage existing adversary emulation plans. The updated, user-friendly dashboard clearly displays outcomes and severity of campaign results. Users can have different access levels to create and personalize realistic attacks or re-run existing attacks. In-platform messaging now allows for better and faster communication between users.
  • Workflow automation — Users can take a more collaborative team approach and seamlessly share actionable insights through a Jira integration.
  • SaaS and on-prem — Previously an exclusively on-prem solution, SCYTHE 4.0 now has a SaaS offering available to provide flexibility to customers in any type of environment.

SCYTHE 4.0 will be available for customers in Q4.

About SCYTHE
SCYTHE is like hiring the hacker you always wanted, but could never afford. SCYTHE transforms your organization’s capabilities and defines a new technology category: Attack, Detect, and Respond to integrate cybersecurity risk management across people, process, and technology. The SCYTHE 4.0 platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns. Customers can easily and quickly validate the risk posture and exposure of their business and employees and the performance of enterprise security teams and existing security solutions.

Spotlight

Spotlight

Related News

Software Security

Palo Alto Joins Telstra as the First Sole Cyber Security Vendor

Palo Alto | September 22, 2023

Palo Alto Networks has announced a strategic partnership with the largest telecommunications company in Australia, Telstra. This signifies Palo Alto Networks' commitment to delivering an expanded portfolio of cybersecurity solutions and services to meet the needs of Telstra's extensive business clientele. The partnership strengthens the existing 10-year relationship between Palo Alto Networks and Telstra. Palo Alto Networks, a global cybersecurity company, has announced teaming up with Telstra, Australia's largest telecommunications company, to offer an enhanced range of cybersecurity solutions and services to Telstra's business clients both in Australia and around the world. This collaboration marks a significant milestone, as Palo Alto Networks becomes the first dedicated cybersecurity company to be recognized as a technology alliance partner for Telstra's enterprise customer segment. Telstra serves customers in over 200 countries and territories. Telstra's technology alliance partners collaborate to create and provide comprehensive services encompassing connectivity, voice, and professional services. These services are designed to assist businesses of all sizes in addressing their challenges and capitalizing on opportunities. Regional Vice President for Australia and New Zealand of Palo Alto Networks, Steve Manley, stated, This new alliance with Telstra reinforces Palo Alto Networks’ position in the Australian market as the leading cyber security vendor to leading telecommunications carrier in Australia. It also reinforces our increased commitment to offering industry-leading joint solutions with one of the country’s most trusted managed service providers. Together, Palo Alto Networks and Telstra will collaborate to offer businesses with best-of-breed cyber security solutions to help keep them safe in a rapidly changing market landscape. [Source – Web Wire] This new partnership further solidifies the long-standing 10-year relationship between Palo Alto Networks and Telstra. It also builds upon previous agreements that expanded Telstra's SecureEdge portfolio with offerings like SecureEdge Cloud for business clients and Sovereign SecureEdge for the Australian government and agencies, both powered by Palo Alto Networks' advanced cloud-based security services. David Burns, Enterprise Group Executive at Telstra, said, Cyber security has become one of the top concerns among businesses worldwide, including here in Australia, and especially in the wake of a no. of high-profile cyber breaches. We’re now seeing the industrialization of cybercrime and the scale of threat continues to evolve and grow. As a result, we all need to be constantly changing, adapting, and looking at new technologies that can assist protect us and our customers’ data. As a leading provider of network, managed, and professional services, this new alliance between Telstra and Palo Alto Networks further boosts our capabilities to help customers protect their organizations and data from evolving cyber threats. [Source – Web Wire]

Read More

Software Security

Palo Alto Networks Intends to Acquire Talon Cyber Security

Palo Alto Networks | November 08, 2023

Palo Alto Networks plans to acquire Talon Cyber Security to enhance its Secure Access Service Edge (SASE) solution. Talon's Enterprise Browser technology, when integrated with Prisma SASE, will provide secure access to business applications. The acquisition reflects the importance of adapting SASE solutions to ensure consistent security for unmanaged devices. Palo Alto Networks, a global cybersecurity leader, has announced its intent to acquire Talon Cyber Security, an enterprise browser technology pioneer, to enhance its Secure Access Service Edge (SASE) solution and provide comprehensive protection for managed and unmanaged devices. In today's digital landscape, unmanaged devices often connect to enterprise applications without adequate security measures, making them susceptible entry points for attackers seeking to access sensitive information. Lee Klarich, Chief Product Officer of Palo Alto Networks, emphasized the importance of securing all work activity through an Enterprise Browser without compromising device privacy to protect users and applications effectively. He continued that the integration of Talon's technology with Prisma SASE aims to provide consistent security for all users and devices. Anand Oswal, SVP and GM at Palo Alto Networks highlighted the significance of securing unmanaged devices with the same robust security as managed devices, especially in today's dynamic threat landscape. HE further stated that the combination of Prisma SASE and Talon's Enterprise Browser is poised to revolutionize security measures in modern digital environments. Talon Cyber Security's Enterprise Browser technology offers an innovative solution that, when integrated with Prisma SASE, will enable users to securely access business applications from any device, including non-corporate devices, while ensuring a seamless user experience. This strategic move by Palo Alto Networks addresses the evolving security challenges in a connected world. Talon's Co-Founder and CEO, Ofer Ben-Noon, acknowledged the shifting work models and user preferences and the need for powerful last-mile security solutions. Talon's Enterprise Browser is designed to offer familiar user experiences with enterprise-grade protection. Ben emphasized that partnership with Palo Alto Networks is seen as a catalyst to accelerate its mission of delivering superior outcomes for customers. Talon, founded by Ofer Ben-Noon and Ohad Bobrov, secured the RSA Conference's Innovation Sandbox contest in 2022. The co-founders will continue to lead their teams within the Prisma SASE team at Palo Alto Networks upon the completion of the acquisition. Anand Oswal, Senior Vice President and General Manager at Palo Alto Networks, highlighted the advantages and security risks associated with Bring Your Own Device (BYOD) policies. He noted that Talon's Enterprise Browser provided security teams enhanced visibility and control over work-related Software as a Service (SaaS) and web activity across all devices, including personal and unmanaged endpoints. Anand emphasized the need for Secure Access Service Edge (SASE) solutions to adapt in order to secure unmanaged devices with the same consistent security measures applied to managed devices. This would enable users to access business applications securely from any device and location.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More