NETWORK THREAT DETECTION

SilverSky Announces Acquisition of Cygilant, Gains UK Presence and Renowned Data Research Talent

SilverSky | January 11, 2022

SilverSky1
SilverSky, a cybersecurity innovator offering powerful managed detection and response (MDR) services, today announced it completed the acquisition of Burlington, Massachusetts-based Cygilant.

As a leading cybersecurity-as-a-service provider, Cygilant operates a security operation center (SOC) in Belfast, Northern Ireland and also boasts some of the world's most notable Ph.D.-level talent focused on cybersecurity, advanced networks and data science. The addition of Cygilant's UK-based delivery center complements the current SilverSky footprint in Asia and North America while expanding SilverSky's access to European markets.

In October 2021, SilverSky announced that ITOCHU International, Inc., the North American flagship company of Tokyo-based ITOCHU Corporation, made a strategic investment of $31.5 million in SilverSky. Additionally, in August 2021, SilverSky announced the completed acquisition of New Jersey-based Advanced Computer Solutions Group, LLC (ACSG) which added a notable customer base within the U.S. education sector and marked the company's first acquisition in a series of planned growth opportunities.

"Alongside our recent growth-related announcements, this acquisition of Cygilant, a cybersecurity-as-a-service and threat-intelligence powerhouse, helps to further galvanize our efforts to globally expand the SilverSky presence as well as retain and nurture some of the industry's best cybersecurity and data science talent," said Richard Dobrow, CEO at SilverSky. "Cygilant shares our commitment to rich-service offerings that are unmatched in the industry. We're pleased to welcome the Cygilant team and their customers."

"We are excited to join SilverSky,This represents a significant next-chapter of the Cygilant journey, as our innovative SOC capabilities and deep bench of cybersecurity expertise are combined with one of the industry's most comprehensive MDR offerings. The outcome for our customers will be access to the collective set of broader managed services that will continue to enrich their cyber protections and strengthen their security posture."

Rob Scott, CEO and President at Cygilant who will be joining SilverSky as its Chief Strategy Officer

About SilverSky
Organizations of all sizes face the same cybersecurity threats, compliance mandates, and business risk as Fortune 500 companies. SilverSky levels the playing field and enables companies, regardless of their size, to access enterprise-grade cybersecurity to meet regulatory requirements, proactively respond to threats, and rapidly reduce risk. SilverSky offers one of the most comprehensive managed detection and response (MDR) solutions in the industry. Delivered as a managed services model, SilverSky MDR makes powerful cybersecurity simple, affordable, and accessible to organizations of all sizes and across industries. Customer environments are monitored 24x7x365 by highly skilled security operations analysts in SilverSky SOCs, which were developed based on military-grade security and are powered by the latest integrated technology. SilverSky has more than 20 years of operational cybersecurity success defending thousands of customers in some of the most demanding industry sectors.

Spotlight

Attacks Increase in Number, Complexity, Sophistication All businesses large, small or in-between, must live and learn to thrive in a world with an ever-increasing threat of cyber risks. Those risks are rising for many reasons, from the growing attack surface to the increasing complexity and sophistication of such attacks.

Spotlight

Attacks Increase in Number, Complexity, Sophistication All businesses large, small or in-between, must live and learn to thrive in a world with an ever-increasing threat of cyber risks. Those risks are rising for many reasons, from the growing attack surface to the increasing complexity and sophistication of such attacks.

Related News

SOFTWARE SECURITY

LogRhythm Accelerates Threat Detection Capabilities with Innovations to Product Suite

LogRhythm | July 06, 2022

LogRhythm, the company helping busy and lean security operation teams save the day, today announced the launch of version 7.9 of the LogRhythm SIEM Platform and updates to LogRhythm NDR and LogRhythm UEBA. “LogRhythm arms security teams with intelligent analytics and automated responses to reduce cybersecurity exposure, eliminate blind spots and quickly shut down attacks,” said Kish Dill, chief product and customer officer at LogRhythm. "The company is changing the way we work by becoming customer-centric throughout our whole organization. We are listening to our customers and promise to deliver quarterly innovations that address the challenges our customers face every day. We recognize that security teams don’t have time to spare on long processes and inefficient workflows. With these latest updates, security teams will have the tools they need to make operations more effective and efficient to defend their organization against today’s top threats.” LogRhythm 7.9, LogRhythm NDR and LogRhythm UEBA (formerly CloudAI) provide new features designed to help security teams overcome everyday obstacles by accelerating threat response, improving workflows and simplifying processes, including: Faster time to value through improved analyst workflows Enhanced automation with Admin API: LogRhythm 7.9 improves the Admin API by adding system monitoring management (LogRhythm SysMon) endpoints to the API library. This enables SIEM administrators to connect through the Admin API and manage the SysMon agent, allowing for automated process batching. Embedded Expertise: LogRhythm accelerates customer time to value through its out of the box LogRhythm SmartResponse™. LogRhythm 7.9 includes added and enhanced SmartResponses to its already extensive library of over 120 integrations. Enable packet capture in UI: LogRhythm NDR users can download PCAP files for specific incidents and cases to pull in more detail, helping investigations and improving threat hunting. Easier and faster event log filtering: LogRhythm 7.9 includes a new way to filter logs at the agent. Users can now select the types of Windows event logs the agent queries, accelerating the time to process logs and removing the burden on the collection pipeline. Expanded threat detection capabilities Enhanced LogRhythm NDR detection models: Users can detect a wider array of ransomware attacks with LogRhythm NDR’s improved analytics capabilities. Advanced analytics models: LogRhythm UEBA offers advanced UEBA analytics as a cloud-native, easy to deploy add-on for LogRhythm 7.9 users. Models were improved and new models added to ensure today's complex attacks can be detected and anomalies requiring priority attention can be identified, further reducing alert fatigue and accelerating response times. Policy violation alerts: LogRhythm NDR offers alerts about expired certificates, weak ciphers used in connections, and authentication activity happening in clear text, offering additional context to what could represent a risk. Extended flexibility Controlled overages with powerful license metering reporting: LogRhythm added a new reporting feature to make licensing overages more visible and easier to understand by displaying any overages in the past 30 days. This feature will help teams better manage license usage and costs. Expanded endpoint integrations: LogRhythm now includes Cisco Secure Endpoint (formerly AMP for Endpoints) in its family of EDR integrations. About LogRhythm LogRhythm helps busy and lean security operations teams save the day — day after day. There’s a lot riding on the shoulders of security professionals — the reputation and success of their company, the safety of citizens and organizations across the globe, the security of critical resources — the weight of protecting the world.

Read More

DATA SECURITY

SentinelOne and Cribl Partner to Deliver Data Flexibility Across Cybersecurity and Observability

Cribl | August 04, 2022

Cribl, the leader in enabling open observability, today announced a new partnership with SentinelOne, an autonomous cybersecurity platform company. The partnership enables SentinelOne customers to leverage Cribl's observability product suite to streamline cybersecurity triage, optimize data collection, and provide security teams control of their data. By integrating Cribl's observability product suite with Singularity XDR, SentinelOne customers can now unlock the value of all observability data. Key benefits include the ability to: 1) Operationalize endpoint and extended detection and response (EDR & XDR) of data sources in joint customer environments, 2) Streamline for triage and investigative functions in the Security Operations Center (SOC), and 3) Progress cybersecurity programs with enhanced threat intelligence, threat hunting, and adversary simulation. "Today's cybersecurity risk levels are increasingly associated with the ability to understand data across enterprise assets. "Our partnership with Cribl helps optimize data collection at scale, enabling security teams to minimize risk and save time." Chuck Fontana, SVP Business Development at SentinelOne "We're excited to partner with the SentinelOne team," said Zac Kilpatrick, VP of Channel and Alliances at Cribl. "To keep up with persistent threats and the ever-changing security landscape, SOC activity must move from reactivity to proactivity. SentinelOne's autonomous and proactive approach to cybersecurity is differentiated in the market and aligns with Cribl's objective of optimizing analytics platform cost and performance." Integration with SentinelOne's Cloud Funnel Cribl's product suite now integrates with SentinelOne's Cloud Funnel, a data subscription enabling XDR data to be stored locally in an enterprise's data lake. This solution works with any data type, such as file, process, DNS, flow, behavioral, registry, commands, scripts, and more. Cloud Funnel's flexibility provides SentinelOne customers the ability to choose which data type they need, optimize it to find the right signal, and route it for maximum efficiency - all at machine speed. Integration with DataSet Cribl Stream now supports SentinelOne's DataSet as a destination to seamlessly route data from legacy log analytics solutions. DevOps and IT teams choose DataSet to analyze data in real-time, effortlessly scale to petabytes, and cost-effectively retain data for longer periods of time for compliance and audit purposes. The new integration enables Cribl customers to pipeline their data to DataSet without changing their data instrumentation, collection, and ingestion. SentinelOne and Cribl will also continue bringing new offerings to market, including integrating Cribl Stream into SentinelOne's Singularity XDR platform. About Cribl Cribl makes open observability a reality for today's tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It's enterprise software that doesn't suck, enables tech professionals to do what they need to do, and gives them the ability to say "Yes." With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA.

Read More

INFOSEC PROJECT MANAGEMENT

CyberCube Partners With Kroll to Launch Response Service

CyberCube | May 31, 2022

CyberCube, a supplier of cyber risk analytics, has developed CAERS, a new cyber incident response service for customers of the company's SaaS products. CyberCube will collaborate with Kroll, the premier supplier of data, technology, and insights linked to risk, governance, and growth, to offer CyberCube's customers information and assistance on important cyber aggregation events via the Cyber Aggregation Event Response Service (CAERS). Kroll will deliver frontline risk information derived from thousands of incident response cases handled each year. Following a large cyber disaster, the CAERS team will provide the most recent information to CyberCube's customers, while CyberCube's SaaS tools, including Broker Manager, Account Manager, and Portfolio Manager, will aid in the reaction to any developing cyber calamity. “With cyber events becoming increasingly common, the speed and accuracy with which organisations respond to them is critical. That’s why we’ve launched this response service, specifically tailored to CyberCube’s growing client base. The pressure on our clients during a major cyberattack can be extreme. With CAERS, our team—comprising data scientists, actuaries, engineers, economists and cyber security experts—will become an extension of our clients’ teams, providing the updates they need and sharing both our expertise and data.” Darren Thomson, CyberCube’s Head of Cyber Intelligence Services Benedetto Demonte, Chief Operating Officer for Kroll’s Cyber Risk practice, said: “We’re pleased to be contributing to CAERS because effective incident response depends on the most current and relevant threat intelligence available. In our most recent Threat Landscape Report, we saw a 356% growth in the number of attacks quarter-on-quarter where the infection vector was a zero-day or freshly announced software exploit. Ransomware groups have also been found to be leveraging newly announced vulnerabilities just days after release. It is only with access to frontline intelligence that firms can prioritize resources, mitigate the risk of a cyberattack and react appropriately if the worst happens.”

Read More