Home > News > featured news > SOC Prime Launches Integration with Amazon Security Lake to Supercharge Security Operations

Platform Security, Software Security, Cloud Security

SOC Prime Launches Integration with Amazon Security Lake to Supercharge Security Operations

Businesswire | May 31, 2023 | Read time : 05:00 min

SOC Prime Launches Integration with Amazon Security

SOC Prime, provider of the world’s largest and most advanced platform for collective cyber defense, today announced its integration with Amazon Security Lake, the AWS security service that enables organizations to automatically centralize security data from the cloud, on-premises, and custom data sources into a purpose-driven data lake stored in their account. SOC Prime drives a transformational change in cybersecurity relying on zero-trust & multi-cloud approach to empower smart data orchestration, dynamic attack surface visibility, and cost-efficient threat hunting. Backed by its advanced cybersecurity solutions, Uncoder AI, Attack Detective, and The Prime Hunt, SOC Prime enables organizations to boost their cyber defense capabilities at scale, unleashing the power of Amazon Security Lake.

Leveraging SOC Prime’s Uncoder AI, an Augmented Intelligence framework, security teams can save development time and migration costs with re-usable threat hunting queries automatically convertible to Amazon Athena and OpenSearch in the standard Open Cybersecurity Schema Framework (OSCF) format.

SOC Prime’s Attack Detective tool intelligently and automatically queries security logs in the customer's Amazon Security Lake account via Amazon Athena and Amazon OpenSearch to identify data sources and then scan them in real time with a curated set of threat hunting queries. By leveraging Attack Detective, security engineers can channel their efforts directly into incident investigation rather than analyzing overwhelming volumes of alerts and accelerate threat research by validating over 10,000 adversary behaviors against the stored log sources in a matter of hours. Attack Detective follows core Zero-Trust Architecture (ZTA) principles segregating the data plane and control plane to ensure that no SIEM or EDR access credentials are shared or inherited within the Company profile. The tool provides complete threat visibility based on the organization-specific logs by linking and correlating with SIEM and EDR on-premises data in its native location without the need to migrate it to the cloud, which contributes to significant cost savings and ensures compliance with zero-trust basic tenets.

Adding to investment optimization capabilities, The Prime Hunt open-source browser extension enables security professionals to extract valuable data from large datasets at a lower cost. Users can seamlessly run threat hunting queries on security logs within the Amazon Security Lake account via a web browser in both Athena and OpenSearch and automatically identify accounts and assets affected by the suspected activity.

About SOC Prime

Headquartered in Boston, SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 27 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations, including 42% of Fortune 100 and 21% of Forbes Global 2000. Flexible subscriptions ensure that both organizations and individual operators can benefit from SOC Prime’s curated detection content and enhanced cyber defense capabilities. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. For more information, visit https://socprime.com or follow us on LinkedIn & Twitter.

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,

More featured news

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,

Related News

Enterprise Security, Platform Security, Software Security

Menlo Security™ Redefines Browser Security with Industry-First AI-Powered Phishing and Ransomware Protection

PR Newswire | August 03, 2023

Menlo Security, Inc. ("Menlo Security"), a leader in browser security, today announced HEAT Shield™ and HEAT Visibility™, the industry's first suite of threat prevention capabilities designed to detect and block highly evasive threats targeting users via the web browser. Menlo Security HEAT Shield™ detects and blocks phishing attacks before they can infiltrate the enterprise network. It uses novel, AI-based techniques – including computer vision combined with URL risk scoring and analysis of the web page elements – to accurately determine in real time if the link being accessed is a phishing site designed to steal the user's credentials. In parallel, HEAT Visibility performs continual analysis of web traffic and applies AI/ML-powered classifiers that identify the presence of highly evasive attacks. This delivers timely, actionable alerts that enable security teams to significantly reduce mean time to detect (MTTD) and mean time to respond (MTTR) to any highly evasive threats that could be targeting enterprise users. "Highly evasive threats are growing as threat actors evolve how they deploy phishing and malware attacks," said Michael Urciuoli, Chief Information Officer of JPMorgan Chase Asset and Wealth Management. "Tools like Menlo Security's browser security solution, including their HEAT Shield, can help to combat cyber threat vectors for the world's top financial institutions, governments and leading enterprises." Menlo Security HEAT Shield and HEAT Visibility are built on Menlo Security's cloud-based Isolation Core™ which monitors and analyzes over 400 billion web sessions annually. Commonly deployed security infrastructure such as Secure Web Gateways, firewalls, endpoint security and EDR solutions are blind to actions occurring inside the browser and fall short in combating web-based attacks including highly evasive threats. HEAT Shield leverages the Isolation Core to power dynamic security policies which can be applied to users based on web session events and behavior to prevent attackers from gaining access to the endpoint. Individuals are protected from potential threats without any impact on the end user experience. "We know we need to protect our network from emerging attacks and threats targeting the web browser," said Greg Pastor, Director of Information Security for Remedi SeniorCare. "We are seeing highly evasive threats as a concerning and growing tactic amongst threat actors, and solutions like HEAT Shield can dynamically block these attacks, even if they are zero hour, keeping our endpoints safe." A HEAT Attack™ Dashboard allows customers to receive detailed threat intelligence, which can be integrated into their existing SIEM or SOC platforms, while HEAT alerts sent to SOC teams provide real time threat visibility to enrich their existing threat intelligence sources and enhance and accelerate incident response capabilities. Nick Edwards, Vice President, Product Management at Menlo Security, said, "Adversaries have placed a massive bullseye on the web browser. It has become the new desktop, where we spend the bulk of our working day. Legacy security vendors are fighting yesterday's war by trying to shoehorn network security and endpoint tools to keep users safe and it isn't working. The capabilities we are introducing today mark a significant leap forward towards our mission of creating a secure, seamless browsing experience, ensuring the internet can be used safely by our customers." Menlo Security isolates more than four billion files annually for many of the largest and most security-conscious organizations around the world. Threat actors are refining their techniques daily, developing novel and innovative ways to target their victims through the web browser, often testing their attacks against commonly deployed security tools before launching them in the wild. "Armed with this knowledge and a decade of developing industry-leading browser security products, we are proud to be able to deliver the industry's first suite of threat prevention capabilities designed to detect and block HEAT attacks," continued Edwards. Both HEAT Shield and HEAT Visibility are generally available now across Menlo Security's global network. "Menlo Security's HEAT Shield product allows us to offer reliable, preventative security to our clients who are exposed to highly evasive threats every day," said Jamie Gray, VP, Sales-East at Tevora. "Web browser threats are growing in both frequency and sophistication, so it's critical that companies have the technology to help them, not distract them. Menlo Security's HEAT Shield is going to make a difference to our customers." About Menlo Security Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security's patented Isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JPMorgan Chase. Menlo Security is headquartered in Mountain View, California. For more information, please visit www.menlosecurity.com.

Read More

Enterprise Security, Platform Security, Software Security

Contrast Security Releases Assess Feature for LLMs to Protect Against AI Security Threats

PR Newswire | August 07, 2023

Contrast Security (Contrast), the code security platform built for developers and trusted by security, today announced it will extend its market-leading application security testing (AST) platform to support testing of Large Language Models (LLMs) from OpenAI. In this first release, Contrast rules help teams that are developing software using the OpenAI application programming interface (API) set to identify and mitigate weaknesses that could expose an organization to prompt injection vulnerabilities: i.e., attacks involving injection of a prompt that deceives the application into executing unauthorized code. Prompt injection was identified as the top risk for LLM applications by the just-released OWASP 10 Top for Large Language Model Applications project. Contrast has continued to support OWASP's mission to improve Application Security (AppSec): In fact, Contrast's Chief Product Officer Steve Wilson led the 400-person volunteer team that created the OWASP Top 10 for LLMs. "As project lead for the new OWASP Top 10 for LLMs, I can say our group looked deeply at many attack vectors against LLMs. Prompt Injection repeatedly rose to the top of the list in our expert group voting for the most important vulnerability," said Wilson. "Contrast is the first security solution to respond to this new industry standard list by delivering this capability. Organizations can now identify susceptible data flows to their LLMs, providing security with the visibility needed to identify risks and prevent unintended exposure." According to the OWASP Top 10 for LLMs, a prompt injection vulnerability allows an attacker to craft inputs that can manipulate the operation of a trusted LLM. This results in the LLM acting as a "confused deputy" on behalf of the attacker. Given the high degree of trust usually associated with an LLM's output, the manipulated responses may go unnoticed and may even be trusted by the user, allowing the attack to potentially poison search results, deliver incorrect or malicious responses, produce malicious code, circumvent content filters, or to leak sensitive data. Prompt injections can be introduced via various avenues, including websites, emails, documents or any other data source that an LLM might rely on. Contrast is ideal for identifying all types of injection accurately, including this new form of AI prompt injection. Contrast uses runtime security to monitor actual application behavior and detect vulnerabilities, rather than scanning source code or simulating attacks. This approach is fast, easy and highly accurate, ensuring that developers are instantly notified of issues and provided all the information they need to correct problems. User input sent through OpenAI's official Python API to an LLM in a Python agent-instrumented application triggers the prompt injection rule. About Contrast Security Contrast is a world-leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete Software Development Life Cycle (SDLC) with Contrast to protect against today's targeted AppSec attacks. Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today's pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of Common Vulnerabilities and Exposures (CVEs). This allows security teams to avoid spending time focusing on false positives, leaving them more time to remediate true vulnerabilities faster. Contrast's platform solutions for code assessment, testing, protection, serverless, supply chain, APIs and languages help enterprises achieve true DevSecOps transformation and compliance. Contrast protects against major cybersecurity attacks for its customer base, which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, Sompo Japan and the American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM, GuidePoint Security, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers. The growing demand for the world's only platform for code security has landed the company on some of the most prestigious lists, including the Inc. 5000 List of America's Fastest-Growing Companies and the Deloitte Technology Fast 500 List of fastest-growing companies.

Read More

Enterprise Security, Platform Security, Software Security

Cyware Raises $30 Million to Accelerate Expansion of AI-Powered Global Cyber Fusion and Threat Sharing Networks

Businesswire | July 05, 2023

Cyware, the leading provider of AI-powered Cyber Fusion platforms for enterprises and MSSPs, and automated threat intelligence sharing for information sharing networks, today announced a $30 million Series C financing round led by Ten Eleven Ventures, a leading multi-stage investment firm specializing in cybersecurity. Also participating are previous investors including Advent International, Zscaler, Emerald Development Managers, Prelude (the venture practice at Mercato Partners) and Great Road Holdings. The Series C financing comes as Cyware has experienced strong year-over-year growth propelled by robust market adoption, excellent customer retention, and extraordinarily large market access. Since Series A financing, Cyware has shown growth of 6x and consolidated its position as an industry leader for threat intelligence automation, security orchestration, and collaborative threat response solutions. Earlier this year, Cyware achieved FedRAMP Ready status for its Cyber Fusion platform and was named one of the most innovative and promising cybersecurity companies by JMP Cyber 66, as well as being recognized in the 2022 Deloitte Technology Fast 500 as one of the Fastest Growing Technology Firms in North America. Cyware’s cloud-based platform is leveraged by top Fortune 1000 and MSSP security teams to transform their legacy SOCs into Cyber Fusion Centers. The platform seamlessly integrates the AI-powered threat intelligence platform (TIP) with data orchestration and workflow automation (SOAR), to facilitate and synchronize actions between cloud and on-premises security tools and technologies. This enables security teams to connect the dots on emerging threats by correlating actionable threat intelligence with detection, threat hunting, vulnerability management, and incident response operations. Cyware’s Cyber Fusion platform is modular, and the underlying TIP, SOAR, and Collaborative Threat Response components can be leveraged in combination or individually by security teams providing them greater flexibility in transforming conventional SOCs. The Cyware platform has become the backbone of global Threat Sharing Networks. Almost all major ISACs (Information Sharing and Analysis Centers), ISAOs, and CERTs use Cyware’s platform to automate threat intelligence sharing, analysis, and actioning for more than 30,000 enterprise members and government entities. The platform also enables large conglomerates, industry groups, and private communities to activate and share threat intelligence with their distributed businesses, clients, and suppliers, and benefit from automated collective defense against ransomware, supply chain attacks, and zero-day vulnerabilities. “Security teams today face an overwhelming amount of data, but silos across data, processes, and technologies make it very challenging to see the bigger picture and proactively stop threats," said Anuj Goel, Cyware CEO and Co-founder. “Our mission at Cyware is to break down these silos, integrate threat intelligence into SOC operations, make it easy for teams to automate response, and act immediately to anticipate and stop threats.” “Threat actors thrive because the rest of us don’t collaborate enough,” said Alex Doll, Founder and Managing Member of Ten Eleven Ventures. “Only Cyware allows overstretched security teams to expand their risk visibility beyond their borders with innovative threat intelligence collaboration while dramatically improving response with vendor-agnostic orchestration and low-code automation. As seasoned investors in the cybersecurity field, we recognize that Cyware’s remarkable platform, revenue growth, and vast customer base – including over 20 ISACs – puts them in an enviable market position.” Cyware plans to leverage this new round of funding to fuel further growth and accelerate channel business and strategic alliances while expanding its global footprint. About Cyware Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat intelligence sharing platform for global ISACs and CERTs.

Read More

Enterprise Security, Platform Security, Software Security

Menlo Security™ Redefines Browser Security with Industry-First AI-Powered Phishing and Ransomware Protection

PR Newswire | August 03, 2023

Menlo Security, Inc. ("Menlo Security"), a leader in browser security, today announced HEAT Shield™ and HEAT Visibility™, the industry's first suite of threat prevention capabilities designed to detect and block highly evasive threats targeting users via the web browser. Menlo Security HEAT Shield™ detects and blocks phishing attacks before they can infiltrate the enterprise network. It uses novel, AI-based techniques – including computer vision combined with URL risk scoring and analysis of the web page elements – to accurately determine in real time if the link being accessed is a phishing site designed to steal the user's credentials. In parallel, HEAT Visibility performs continual analysis of web traffic and applies AI/ML-powered classifiers that identify the presence of highly evasive attacks. This delivers timely, actionable alerts that enable security teams to significantly reduce mean time to detect (MTTD) and mean time to respond (MTTR) to any highly evasive threats that could be targeting enterprise users. "Highly evasive threats are growing as threat actors evolve how they deploy phishing and malware attacks," said Michael Urciuoli, Chief Information Officer of JPMorgan Chase Asset and Wealth Management. "Tools like Menlo Security's browser security solution, including their HEAT Shield, can help to combat cyber threat vectors for the world's top financial institutions, governments and leading enterprises." Menlo Security HEAT Shield and HEAT Visibility are built on Menlo Security's cloud-based Isolation Core™ which monitors and analyzes over 400 billion web sessions annually. Commonly deployed security infrastructure such as Secure Web Gateways, firewalls, endpoint security and EDR solutions are blind to actions occurring inside the browser and fall short in combating web-based attacks including highly evasive threats. HEAT Shield leverages the Isolation Core to power dynamic security policies which can be applied to users based on web session events and behavior to prevent attackers from gaining access to the endpoint. Individuals are protected from potential threats without any impact on the end user experience. "We know we need to protect our network from emerging attacks and threats targeting the web browser," said Greg Pastor, Director of Information Security for Remedi SeniorCare. "We are seeing highly evasive threats as a concerning and growing tactic amongst threat actors, and solutions like HEAT Shield can dynamically block these attacks, even if they are zero hour, keeping our endpoints safe." A HEAT Attack™ Dashboard allows customers to receive detailed threat intelligence, which can be integrated into their existing SIEM or SOC platforms, while HEAT alerts sent to SOC teams provide real time threat visibility to enrich their existing threat intelligence sources and enhance and accelerate incident response capabilities. Nick Edwards, Vice President, Product Management at Menlo Security, said, "Adversaries have placed a massive bullseye on the web browser. It has become the new desktop, where we spend the bulk of our working day. Legacy security vendors are fighting yesterday's war by trying to shoehorn network security and endpoint tools to keep users safe and it isn't working. The capabilities we are introducing today mark a significant leap forward towards our mission of creating a secure, seamless browsing experience, ensuring the internet can be used safely by our customers." Menlo Security isolates more than four billion files annually for many of the largest and most security-conscious organizations around the world. Threat actors are refining their techniques daily, developing novel and innovative ways to target their victims through the web browser, often testing their attacks against commonly deployed security tools before launching them in the wild. "Armed with this knowledge and a decade of developing industry-leading browser security products, we are proud to be able to deliver the industry's first suite of threat prevention capabilities designed to detect and block HEAT attacks," continued Edwards. Both HEAT Shield and HEAT Visibility are generally available now across Menlo Security's global network. "Menlo Security's HEAT Shield product allows us to offer reliable, preventative security to our clients who are exposed to highly evasive threats every day," said Jamie Gray, VP, Sales-East at Tevora. "Web browser threats are growing in both frequency and sophistication, so it's critical that companies have the technology to help them, not distract them. Menlo Security's HEAT Shield is going to make a difference to our customers." About Menlo Security Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security's patented Isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JPMorgan Chase. Menlo Security is headquartered in Mountain View, California. For more information, please visit www.menlosecurity.com.

Read More

Enterprise Security, Platform Security, Software Security

Contrast Security Releases Assess Feature for LLMs to Protect Against AI Security Threats

PR Newswire | August 07, 2023

Contrast Security (Contrast), the code security platform built for developers and trusted by security, today announced it will extend its market-leading application security testing (AST) platform to support testing of Large Language Models (LLMs) from OpenAI. In this first release, Contrast rules help teams that are developing software using the OpenAI application programming interface (API) set to identify and mitigate weaknesses that could expose an organization to prompt injection vulnerabilities: i.e., attacks involving injection of a prompt that deceives the application into executing unauthorized code. Prompt injection was identified as the top risk for LLM applications by the just-released OWASP 10 Top for Large Language Model Applications project. Contrast has continued to support OWASP's mission to improve Application Security (AppSec): In fact, Contrast's Chief Product Officer Steve Wilson led the 400-person volunteer team that created the OWASP Top 10 for LLMs. "As project lead for the new OWASP Top 10 for LLMs, I can say our group looked deeply at many attack vectors against LLMs. Prompt Injection repeatedly rose to the top of the list in our expert group voting for the most important vulnerability," said Wilson. "Contrast is the first security solution to respond to this new industry standard list by delivering this capability. Organizations can now identify susceptible data flows to their LLMs, providing security with the visibility needed to identify risks and prevent unintended exposure." According to the OWASP Top 10 for LLMs, a prompt injection vulnerability allows an attacker to craft inputs that can manipulate the operation of a trusted LLM. This results in the LLM acting as a "confused deputy" on behalf of the attacker. Given the high degree of trust usually associated with an LLM's output, the manipulated responses may go unnoticed and may even be trusted by the user, allowing the attack to potentially poison search results, deliver incorrect or malicious responses, produce malicious code, circumvent content filters, or to leak sensitive data. Prompt injections can be introduced via various avenues, including websites, emails, documents or any other data source that an LLM might rely on. Contrast is ideal for identifying all types of injection accurately, including this new form of AI prompt injection. Contrast uses runtime security to monitor actual application behavior and detect vulnerabilities, rather than scanning source code or simulating attacks. This approach is fast, easy and highly accurate, ensuring that developers are instantly notified of issues and provided all the information they need to correct problems. User input sent through OpenAI's official Python API to an LLM in a Python agent-instrumented application triggers the prompt injection rule. About Contrast Security Contrast is a world-leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete Software Development Life Cycle (SDLC) with Contrast to protect against today's targeted AppSec attacks. Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today's pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of Common Vulnerabilities and Exposures (CVEs). This allows security teams to avoid spending time focusing on false positives, leaving them more time to remediate true vulnerabilities faster. Contrast's platform solutions for code assessment, testing, protection, serverless, supply chain, APIs and languages help enterprises achieve true DevSecOps transformation and compliance. Contrast protects against major cybersecurity attacks for its customer base, which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, Sompo Japan and the American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM, GuidePoint Security, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers. The growing demand for the world's only platform for code security has landed the company on some of the most prestigious lists, including the Inc. 5000 List of America's Fastest-Growing Companies and the Deloitte Technology Fast 500 List of fastest-growing companies.

Read More

Enterprise Security, Platform Security, Software Security

Cyware Raises $30 Million to Accelerate Expansion of AI-Powered Global Cyber Fusion and Threat Sharing Networks

Businesswire | July 05, 2023

Cyware, the leading provider of AI-powered Cyber Fusion platforms for enterprises and MSSPs, and automated threat intelligence sharing for information sharing networks, today announced a $30 million Series C financing round led by Ten Eleven Ventures, a leading multi-stage investment firm specializing in cybersecurity. Also participating are previous investors including Advent International, Zscaler, Emerald Development Managers, Prelude (the venture practice at Mercato Partners) and Great Road Holdings. The Series C financing comes as Cyware has experienced strong year-over-year growth propelled by robust market adoption, excellent customer retention, and extraordinarily large market access. Since Series A financing, Cyware has shown growth of 6x and consolidated its position as an industry leader for threat intelligence automation, security orchestration, and collaborative threat response solutions. Earlier this year, Cyware achieved FedRAMP Ready status for its Cyber Fusion platform and was named one of the most innovative and promising cybersecurity companies by JMP Cyber 66, as well as being recognized in the 2022 Deloitte Technology Fast 500 as one of the Fastest Growing Technology Firms in North America. Cyware’s cloud-based platform is leveraged by top Fortune 1000 and MSSP security teams to transform their legacy SOCs into Cyber Fusion Centers. The platform seamlessly integrates the AI-powered threat intelligence platform (TIP) with data orchestration and workflow automation (SOAR), to facilitate and synchronize actions between cloud and on-premises security tools and technologies. This enables security teams to connect the dots on emerging threats by correlating actionable threat intelligence with detection, threat hunting, vulnerability management, and incident response operations. Cyware’s Cyber Fusion platform is modular, and the underlying TIP, SOAR, and Collaborative Threat Response components can be leveraged in combination or individually by security teams providing them greater flexibility in transforming conventional SOCs. The Cyware platform has become the backbone of global Threat Sharing Networks. Almost all major ISACs (Information Sharing and Analysis Centers), ISAOs, and CERTs use Cyware’s platform to automate threat intelligence sharing, analysis, and actioning for more than 30,000 enterprise members and government entities. The platform also enables large conglomerates, industry groups, and private communities to activate and share threat intelligence with their distributed businesses, clients, and suppliers, and benefit from automated collective defense against ransomware, supply chain attacks, and zero-day vulnerabilities. “Security teams today face an overwhelming amount of data, but silos across data, processes, and technologies make it very challenging to see the bigger picture and proactively stop threats," said Anuj Goel, Cyware CEO and Co-founder. “Our mission at Cyware is to break down these silos, integrate threat intelligence into SOC operations, make it easy for teams to automate response, and act immediately to anticipate and stop threats.” “Threat actors thrive because the rest of us don’t collaborate enough,” said Alex Doll, Founder and Managing Member of Ten Eleven Ventures. “Only Cyware allows overstretched security teams to expand their risk visibility beyond their borders with innovative threat intelligence collaboration while dramatically improving response with vendor-agnostic orchestration and low-code automation. As seasoned investors in the cybersecurity field, we recognize that Cyware’s remarkable platform, revenue growth, and vast customer base – including over 20 ISACs – puts them in an enviable market position.” Cyware plans to leverage this new round of funding to fuel further growth and accelerate channel business and strategic alliances while expanding its global footprint. About Cyware Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat intelligence sharing platform for global ISACs and CERTs.

Read More

More featured news