ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | April 21, 2023
Bitsight, a leader in managing and monitoring cyber risk, today unveiled its expansion into a broader category of integrated cyber risk management. As the category creator and global leader in the cybersecurity ratings industry, Bitsight's enhanced strategy will deliver new capabilities to empower security professionals and business leaders to more effectively and holistically manage cyber risk. The announcement includes large-scale distribution of risk data and insights through Moody's/BVD's Orbis, a new Third-Party Vulnerability Detection & Response solution, and more predictive cyber risk ratings that help mitigate cyber risk and make CISOs and risk professionals' jobs easier.
Bitsight's integrated solutions address the needs of CISOs and risk leaders, whose roles have become more challenging in recent years with digital transformation, supply chain risk, and expanded attack surfaces. "As the cyber threat landscape worsens and the global regulatory landscape demands more nimble and thorough risk management, Bitsight has evolved to stay ahead of our customers' needs. Business leaders, risk leaders and boards are turning to us as an integrated solution to manage risk and build trust across their ecosystem," said Bitsight CEO Steve Harvey.
Furthermore, comprehensive cyber risk management is also essential to good corporate governance, reaffirmed by the recently released White House national cyber strategy, pending SEC regulations on cybersecurity disclosure, and cybersecurity requirements emerging throughout Europe and Asia. Harvey noted, "Our strategic shift to become an integrated cyber risk management leader means we're able to provide customers and governments with the industry's most impactful data, services and tools to confidently navigate the uncertain cyber landscape."
Accelerated Partnership with Moody's Corporation
Newly-added integrations with Moody's will deliver expanded insights for enterprises and assist with holistic cyber risk management. In October 2021, Moody's Corporation invested $250 million in Bitsight, and the two companies announced a landmark partnership agreement. Through this partnership, Bitsight became the primary cyber risk analytics provider across Moody's suite of integrated risk assessment offerings.
Bitsight data is now accessible by nearly 2,000 global credit analysts within Moody's Investors Service. These analysts are leveraging Bitsight to better understand the relative cyber risk of issuers, engage issuers on cybersecurity risk, and publish research on the intersection of cyber risk and credit risk. Additionally, Bitsight ratings data is now also integrated within Moody's Analytics' BVD Orbis platform, enabling non-technical risk managers to easily consider cyber risk factors in counterparty risk analysis.
"The rise of cyberattacks and ransomware has created an imperative for business leaders and boards to assess and quantify their cyber risk," said Moody's Analytics President Stephen Tulenko. "Bitsight is our trusted partner in helping leaders to better understand, measure, and navigate the cyber risk landscape with confidence."
Through these integrations, Bitsight and Moody's insights may be used together in powerful combinations for applications such as Know-Your-Customer, supply chain management, insurance underwriting, and credit risk assessment.
New Third-Party Vulnerability Detection & Response Application
To further its cyber risk management capabilities, Bitsight has enhanced its Third-Party Vulnerability Detection tool to include a Response workflow. Zero-day attacks and other vulnerabilities are increasingly common, and most companies are struggling to properly manage third-party exposure to critical vulnerabilities quickly, effectively, and at scale. With Vulnerability Detection & Response, cybersecurity teams can now access the most important vulnerability data and effectively prioritize vendor outreach with built-in questionnaires while tracking vendor response progress in real time. This release is another innovative application showcasing Bitsight's continued commitment to helping customers better monitor, manage, and mitigate vulnerabilities across their third-party ecosystems.
More Predictive Cyber Risk Ratings – Bitsight's Ratings Algorithm Update
Bitsight has launched a new ratings algorithm, with several key enhancements, most notably modifying the weights of several risk vectors based on independent research and insight into how those risk vectors correlate to real life cyber events. As a part of delivering an integrated cyber risk management solution, Bitsight remains committed to investing in and producing actionable cybersecurity ratings that have the strongest correlation in the industry to the likelihood of a cyber incident. "Cybersecurity ratings remain a critical tool in cybersecurity and risk leaders' arsenals, while the pressures and demands to address cyber risk have significantly expanded," said Harvey.
As attacks on organizations intensify and business leaders demand greater strategic support to address risk, Bitsight's mission to build trust in the digital economy has extended well beyond cyber risk ratings. "Risk leaders globally spend every day working against a relentless and growing problem of cyber risk uncertainty," said Harvey. "And as waves of digital transformation continue to disrupt cybersecurity stability, we are committed to supporting our current and future customers with a broad and unified cyber risk management solution that helps them navigate with greater confidence."
Learn more about our partnership with Moody's Corporation here
Learn more about Third-Party Vulnerability Detection & Response her
Learn more about the Rating Algorithm Update here
Bitsight is a global cyber risk management leader transforming how organizations manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss. Built on over a decade of market-leading innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.
DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS
Interos Inc | March 10, 2023
On March 9, 2023, Interos, one of the leading operational resilience companies creating the world's strongest, safest, and most secure supply chains, announced the introduction of its upgraded cyber risk factor, a part of its i-ScoreTM measurement of operational resilience.
The Interos i-Score is the first of its kind resilience score that assesses the health of extended supply chains against multiple risk factors, such as restriction, financial, geopolitical, operations/catastrophe, ESG, and cyber.
The i-Score update includes an innovative cyber behavior model to detect potentially harmful cyber activity irrespective of public disclosure, commercial cyber ratings, threat assessment (Mitre ATT&CK®), vulnerability information (CVEs), regulatory compliance, cyber events, and operating country issues into a single score.
This advancement directs cyber risk and procurement managers to their multi-tiered vendors most exposed to ransomware, breaches, data leakage, and other cyber-attacks carried out by malicious attackers who target suppliers concealed in the extended global supply chain. Interos's 2022 Resilience study of 1,500 cybersecurity and procurement leaders found that cyber incidents cause supply chain disruptions that cost businesses $37M each year.
Andrea Little Limbago, SVP, Research & Analysis, Interos, said, "This is another crucial step forward in helping organizations achieve operational resilience." She further mentioned, "We've added new, proprietary models that integrate and assess data on cloud-based risk exposure, evaluate anomalous cyber behavior, measure regulatory compliance risks and more. It's designed to deliver better and faster information to CPOs partnering with CISOs — who are increasingly being held accountable for collective cyber resilience — to respond to more frequent and severe supply chain cyberattacks, with enhanced monitoring of vendors and third-party service providers."
(Source – Cision PR Newswire)
About Interos Inc
Founded in 2005, Interos is one of the leading operational resilience companies. The company's first-of-its-kind scoring and relationship discovery technologies automate evaluation, detection, and response to risks. As the only operational resilience platform in the world, it protects customers from unethical labor, regulatory violations, cyberattacks, disasters, bankruptcy, and other supplier vulnerabilities. Interos is based in Washington, DC, and has clients all over the world, including NASA, the U.S. Department of Defense, and a number of Global Fortune 500 companies.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | April 25, 2023
Cybercriminals around the world are using generative artificial intelligence (AI) to execute malicious attacks that can take down companies and governments. SentinelOne (NYSE: S), a global leader in autonomous security and pioneer in deep learning models and neural networks, plans to use the same technologies to defeat them. The company today unveiled a revolutionary threat-hunting platform that integrates multiple layers of AI technology to deliver unparalleled security capabilities and real-time, autonomous response to attacks across the entire enterprise. The news was announced during RSA Conference 2023, the premier cybersecurity event being held at the Moscone Center in San Francisco.
“Today marks a paradigm shift in cybersecurity,” said Tomer Weingarten, CEO, SentinelOne. “AI is among the most disruptive technologies of our time, and with our new capabilities, we can unleash its power to help companies control all aspects of enterprise security - from visibility to response - with unmatched speed and efficiency.”
A first-of-its-kind offering, the SentinelOne threat-hunting platform seamlessly fuses real-time, embedded neural networks and a large language model (LLM)-based natural language interface, supercharging users with AI to monitor and operate all security data and boost their productivity and scale their operations. Through the platform, security teams can ask complex threat and adversary-hunting questions and run operational commands to manage their entire enterprise environment using natural language, and within seconds receive deep insights and full, transparent, correlated results to prompt actions across the cybersecurity ecosystem.
An Intelligent, Action-Oriented Approach
Built on the industry’s most performant security data lake, the SentinelOne threat-hunting platform aggregates and correlates information from device and log telemetry across endpoint, cloud, network and user data, and not only delivers insights, but recommends response actions that can be immediately executed - from mitigation and investigation to endpoint, cloud and user management.
“Our cybersecurity AI platform represents a major leap forward in cybersecurity,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “By allowing users to automate response and take action without the need for coding skills and process and analyze petabytes of data in near-real time, it promises to radically simplify security operations and empower defenders in unprecedented and unforeseen ways.”
The Future of Cybersecurity
The SentinelOne platform will also allow users to lay a solid foundation for the future and secure tomorrow, today.
“Bad actors are increasingly employing AI-based, automated tools to infiltrate all facets of networks with unprecedented speed,” Weingarten said. “With our unmatched experience and capabilities, organizations can quickly scale their cybersecurity operations to stay ahead of these evolving threats and create a strong structural foundation for cybersecurity defenses for years to come.”
A Force for Good
And they can do it in a responsible, ethical way. “At SentinelOne, our mission is to be a force for good, and our unwavering commitment to ensuring that our cutting-edge technologies are used safely, ethically and responsibly is evident in every aspect of our platform,” Weingarten said. “There is a huge shortage of cybersecurity talent, and in advancing the capabilities of skilled security practitioners, our new capabilities will allow organizations to quickly scale to secure the cloud and avoid the storm of automated and fast-flux attacks that adversaries using generative AI can create. In addition, we allow customers to retain complete control of their data, reinforcing our dedication to keeping sensitive information in the hands of its rightful owners.”
The new capabilities will be delivered as part of SentinelOne’s threat-hunting experience and are available in limited preview today. For more information, please visit www.sentinelone.com.
SentinelOne is a leader in autonomous cybersecurity and a Forbes AI 50 company. SentinelOne Singularity™ is a cybersecurity AI platform that detects, prevents, and responds to cyber attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with speed, accuracy and simplicity. The SentinelOne Singularity™ Platform is powered by DataSet™, an AI-enabled data lake technology. Over 10,000 customers, including hundreds of the Global 2000, prominent governments, healthcare providers, and educational institutions, trust SentinelOne to secure the future today. To learn more, visit www.sentinelone.com.
Any unreleased products, services or solutions referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase SentinelOne products, services and solutions should make their purchase decisions based upon offerings that are currently available.
“Safe harbor” statement under the Private Securities Litigation Reform Act of 1995: This press release contains forward-looking statements. The achievement or success of the matters covered by such forward-looking statements involve risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, our results could differ materially from the results expressed or implied by the forward-looking statements.
The risks and uncertainties referred to above include - but are not limited to – risks associated with our limited operating history; intense competition; fluctuations in our operating results; network or security incidents against us; our ability to successfully integrate acquisitions and strategic investments; defects, errors or vulnerabilities in our platform; risks associated with managing our rapid growth; general market, political, economic, and business conditions; our ability to attract and retain new and existing customers, or renew and expand our relationships with them; the ability of our platform to effectively interoperate within our customers’ IT infrastructure; disruptions or other business interruptions that affect the availability of our platform; the failure to timely develop and achieve market acceptance of new products and services as well as existing products, services and support offerings; and rapidly evolving technological developments in the market for security products, services and support offerings.
Additional risks and uncertainties that could affect SentinelOne’s financial results are included in under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” set forth in our filings and reports with the Securities and Exchange Commission (“SEC”), including our most recently filed Annual Report on form 10-K, subsequent Quarterly Reports on Form 10-Q and other filings and reports we may file from time to time with the SEC, copies of which are available on our website at investors.sentinelone.com and on the SEC’s website at www.sec.gov.
SentinelOne, Inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.