SOFTWARE SECURITY

SentinelOne Integrates with Torq, Streamlining SOC Workflows with Automated Incident Response

SentinelOne | June 29, 2022

SentinelOne
SentinelOne , an autonomous cybersecurity platform company, today announced a new integration with Torq, a no-code security automation platform. The combination of SentinelOne and Torq allows security teams to accelerate response time, reduce alert fatigue, and improve overall security posture.

“SentinelOne’s powerful intelligence and protection helps security teams protect their employees and customers – no matter how complex the environment. “With Torq, security teams can extend the power of SentinelOne to systems across the organization to automate workflows, respond faster, maintain/boost compliance to benefit from a proactive security posture.”

Eldad Livni, Chief Innovation Officer, Torq

The SentinelOne integration with Torq combines SentinelOne’s powerful detection and protection with Torq’s no-code automation, enabling customers to limit alert fatigue, respond to threats at machine speed, and proactively identify and remediate risks. Torq makes it easy for security teams to create automated workflows, with a drag and drop workflow builder and hundreds of templates aligned with industry best practices and frameworks from MITRE and NIST. With robust data from SentinelOne, the Torq solution has access to more high-fidelity threat data for improved enrichment, accelerated response times, and alert fatigue reduction.

Torq workflows can listen for SentinelOne alerts, and ingest these to trigger action in any security or operations tool. The solution deploys out-of-the-box in minutes with no coding, installation, or ‘connectors’ needed. Key benefits of the integration include:

  • Real-time threat enrichment - automatically enrich alerts from any system with data directly from SentinelOne Singularity.
  • Automated remediation - remediate threats with fully autonomous or partially autonomous remediation workflows to accelerate mean time to respond.
  • Optimize SOC workflows - clearly and quickly orchestrate threat hunting, information sharing, and ticket creation for vulnerability management.
  • Bot-driven collaboration - Create no-code interactive chat bots that allow users to perform critical actions, run deep visibility queries, or control SentinelOne endpoints from within Slack or other chat tools.

“The SentinelOne-Torq integration provides joint customers with a powerful combination of best-in-breed automated security solutions,” said Ruby Sharma, Head of Technical Partnerships, SentinelOne. “Not only are customers utilizing industry leading endpoint protection and XDR, they also have access to innovative security automation tools that can accelerate workflow automation. We are pleased to make this integration available via the Singularity Marketplace, and we look forward to expanding our offerings to address even more use cases.”

About SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Spotlight

While internships are a great way to get a "foot in the door" at a company, these interns' social media habits could be helping hackers get a foot in the door as well through inadvertent insider attacks.

Spotlight

While internships are a great way to get a "foot in the door" at a company, these interns' social media habits could be helping hackers get a foot in the door as well through inadvertent insider attacks.

Related News

PLATFORM SECURITY

Uptycs Unveils Advanced Container and Kubernetes Capabilities

Uptycs | May 27, 2022

Uptycs, the first cloud-native security analytics platform that enables both cloud and endpoint security from a single platform, today unveiled expanded container and Kubernetes security posture management (KSPM) features for its cloud workload protection platform (CWPP). These features enable real-time identification of containerized workloads, proactive scanning of container images in the CI/CD pipeline, constant compliance monitoring, and Kubernetes security policy audit and enforcement. According to Gartner, by 2026, over 90% of the world's enterprises will be operating containerized apps in production, up from less than 40% currently. Businesses, on the other hand, struggle to manage and maintain these transitory assets. Misconfigurations in the control plane and insecure policies at the single container layer are used by attackers to escalate permissions, conduct container escapes, and compromise nodes for executing code. "Organizations are rapidly scaling their Kubernetes environments and seeing tremendous gains in optimization, availability, and developer productivity, but too often Security teams are left playing catch up. With telemetry from Kubernetes systems supported by our analytics platform, Security teams know immediately what resources they have and the security posture of those resources—across public and private clouds, scaling to tens of thousands of pods. Combined with our industry-leading container security capabilities, this gives Security teams confidence that they have the proper controls in place to minimize risk while enabling innovation." Ganesh Pai, CEO and Co-founder of Uptycs Uptycs offers both fully managed (AWS EKS, Azure AKS, Google GKE) and self-managed Kubernetes environments, such as VMware Tanzu and Google Anthos. Uptycs contains a range of container runtimes (Docker, containerd, CRI-O). The latest KSPM capabilities offered by the Uptycs platform are now readily accessible and will be shown at the 2022 RSA Conference (booth #435) from June 6-9. Learn more about the Uptycs container and Kubernetes security service by visiting the Uptycs blog.

Read More

SOFTWARE SECURITY

Sternum Offers NXP Marketplace Real-time IoT Security and Observability Solution

Sternum | June 21, 2022

Sternum, a pioneer in autonomous IoT security and observability, has joined NXP Semiconductors' software partner community, one of the world's top makers of embedded controllers and largest marketplaces. As a result, IoT manufacturers that rely on NXP for their controller supply will be able to effortlessly integrate Sternum's proprietary security and visibility capabilities into their products as a result of this agreement. With a CPU overhead of less than 3% during the DD process, Sternum's Embedded Integrity Verification was able to disarm the threats evaluated by NXP researchers. The sternum is a great addition to NXP products since it successfully handles increased remote runtime assaults against linked devices. According to P&S Intelligence, the embedded security business will be worth more than $10 billion by the end of the decade. The graph depicts a growing need to secure more ubiquitous linked gadgets and cyber-physical systems, which are expanding in both consumer and corporate sectors, against exploitation. IoT devices, which are frequently weak in both security and visibility, are transforming whole industries—and have surfaced as a critical security breach in enterprises' security perimeters. Without proactive security measures, businesses are forced to rely on costly and time-consuming vulnerability patching, prompting them to look for other options. "NXP's microcontrollers power devices that will work as the mission-critical backbone of entire industries and cities. We are thrilled to be collaborating with NXP to secure the future of digital transformation and ensure zero-trust from device to cloud. Our products offer companies a unique degree of protection against the most dangerous attack types, and significantly reduce the cost of security-related maintenance, and we are excited to see them used to promote innovation on a global scale." Natali Tshuva, CEO and Co-Founder of Sternum Sternum's universal IoT platform ushers in a new era in which whole fleets of connected devices may be fully secure and viewable at the edge in a simple, seamless, and self-contained manner. The patented technology is designed to detect the general fingerprints of different attack exploitations, including command injection and buffer overflow attacks, and neutralize them in real-time, preserving the device's runtime integrity against zero-day and one-day attacks. This method provides total protection against a wide range of CWEs (Common Weakness Enumeration) and promotes a proactive IoT security paradigm that eliminates the need to play catch-up with hackers through expensive reactive patching.

Read More

PLATFORM SECURITY

Axonius Adds Key Integrations with AWS

Axonius | July 25, 2022

Axonius, a cybersecurity asset management provider, today announced integrations with Amazon Macie, Amazon GuardDuty, and AWS SecurityHub while extending its Amazon Inspector functionality. These new integrations will help customers to better understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure. By connecting to both AWS first-party and ISV-third party security solutions, Axonius provides comprehensive visibility and management of assets across AWS cloud, multi-cloud, and on-premises. The latest integrations provide the following capabilities: Identify Exposed Amazon S3 Buckets: Axonius fetches findings from Amazon Macie to help customers identify exposed Amazon S3 buckets to maintain data integrity and compliance. Detecting Malicious Activity & Compromised Security Controls: By integrating with Amazon GuardDuty, Axonius helps customers detect malicious activity to protect AWS accounts, workloads, and data and help them understand which assets have compensating security controls. Helping Meet Security Best Practices: With insights from AWS SecurityHub, customers can compare against correlated data to verify whether assets that don't meet best practice standards have a compensating security control. Comprehensive View of Cloud Security Posture: Axonius delivers a complete inventory of assets from more than 450 correlated data sources giving customers a comprehensive view of their cloud security, including vulnerability data from Amazon Inspector. "As companies continue to shift workloads to the cloud, they're also increasingly leveraging cloud provider-native security service offerings. "Yet customers are still exhausted by the highly-manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius and AWS, customers finally have a unified view of their assets while dramatically strengthening their security posture." Mark Daggett, Vice President of Worldwide Channels and Alliances at Axonius About Axonius Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps, and automatically validates and enforces policies. Deployed in minutes, the Axonius cyber asset attack surface management (CAASM) solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions, and informing business-level strategy. Cited as one of the fastest growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of devices for customers around the world.

Read More