DATA SECURITY

The latest release of Cyber Observer provides new visibility into the risk posture of cybersecurity

businesswire | January 19, 2021

Digital Observer, the chief Continuous Controls Monitoring (CCM) arrangement, today declared a significant upgrade to its foundation that empowers CISOs and other security and danger the board heads to acquire new, constant, bound together perceivability into the viability of online protection instruments that are executed all through their endeavor. By ceaselessly recovering and examining Critical Security Controls (CSCs) from applications on-premises and in-cloud, Cyber Observer's CCM stage improves consistence, lessens mean opportunity to location and reaction, and advances hazard act the executives.

Network protection groups are overpowered with multifaceted nature of overseeing many unique security apparatuses that have been executed across their mixture ventures. In spite of best endeavors to actualize security controls to limit dangers and dangers, venture heads are finding that misconfigured or failing apparatuses are time after time a vulnerable side and probably the most fragile connection in their security guards. Digital Observer's CCM stage disposes of this issue and now empowers ventures to keep a finger on the beat of how their security instruments are performing.

Digital Observer associates and pulls information from a venture's on-premises and in-cloud apparatuses to make a complete perspective on the security instruments executed. Notwithstanding persistently examining in excess of 5,000 CSCs and giving controls status with regards to the executives, consistence prerequisites and different structures, Cyber Observer delivered a bunch of new highlights, including:

Ongoing dashboards. Effectively show the status of each apparatus, status of the distinctive security regions, organize weaknesses, total danger act scoring, and alarm on deviation from ordinary conduct.

Nonstop revealing. New announcing module robotizes gives an account of an association's network safety instruments status and digital stance sees.

Open API upgrades. Empower endeavors to effortlessly share information gathered by Cyber Observer with outsider devices that give security data and occasion the executives (SIEM), mechanization (SOAR), and man-made consciousness.

“Managing risks requires more than implementing security tools and checking the box,” said Shimon Becker, Cyber Observer Co-founder and VP Product. “It requires continuous monitoring, management, and oversight to ensure that people, processes, and technology are in fact protecting your data and your enterprise.”

“The new release offers quick and easy remote implementation,” said Moti Ram, Cyber Observer Co-founder and VP R&D. “We support hybrid on-premises and in-cloud connectivity and deployment.”

Cyber Observer is backed by Merlin Ventures, which strategically invests in and scales innovative cybersecurity companies. “Things like misconfigured or unpatched security tools are such easy targets for adversaries to exploit,” stated Seth Spergel, Vice President of Emerging Technology at Merlin Ventures. “Implementing a simple solution like Cyber Observer's Continuous Controls Monitoring platform should really be a part of any organization’s cyber hygiene protocol and a standard practice for all enterprises.”

About Cyber Observer

Cyber Observer is the premier Continuous Controls Monitoring (CCM) solution that reduces business losses and audit costs by continuously monitoring and auditing critical security controls and applications. The Cyber Observer platform integrates dozens of the most popular security tools into a single interface, enabling security and risk management executives to monitor tool performance in alignment with cybersecurity, business, and regulatory frameworks. This equips security and risk management executives with unprecedented visibility, control, and strategic oversight that empowers security and risk executives to proactively identify and close critical security gaps while demonstrating the effectiveness and maturity of their security programs and investments.

About Merlin Ventures

Merlin Ventures is a strategic investment firm that rapidly scales visionary companies and introduces disruptive solutions designed to help enterprises address today’s most critical cybersecurity challenges. Merlin Ventures’ unique business model combines robust infrastructure and capital, onboarding and market readiness acceleration, cybersecurity engineering leadership, and deep-rooted customer and market relationships to enable its portfolio of cybersecurity companies to accelerate growth and flourish.

Spotlight

DDoS mitigation is paramount for businesses to protect against the growing threat of DDoS attacks. Learn about the ever increasing threat of DDoS attacks, the potential impact on businesses, and mitigation techniques to safeguard against them.

Spotlight

DDoS mitigation is paramount for businesses to protect against the growing threat of DDoS attacks. Learn about the ever increasing threat of DDoS attacks, the potential impact on businesses, and mitigation techniques to safeguard against them.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Noname Security Expands API Security Platform To Help Organisations Increase Cyber Resilience

Prnewswire | March 30, 2023

Noname Security, the leading provider of complete API security solutions, today announced major enhancements to its market-leading API security platform to help organisations protect their API ecosystem, secure their applications, and increase cyber resilience. With the fastest, most flexible, and most comprehensive solution on the market, Noname Security continues to define API security. Noname Enables Secure Growth with API Security Innovation Today, APIs drive business, delivering value to customers, clients, patients, users, shareholders, and more. However, securing APIs – and all of the critical assets they connect – has become more difficult than ever as APIs attacks have increased exponentially. IBM Security X-Force reported that two-thirds of its analysed incidents were due to unsecure APIs. "APIs are the connective tissue for the digital world, but the explosion in API use has created new and rapidly growing threats to organisations across the globe. We created the Noname API Security Platform to uniquely address the modern API ecosystem, with discovery, insight, protection, and testing capabilities," said Shay Levi, Co-Founder and CTO at Noname Security. "Doing so means not only securing APIs and their use, but also improving the speed at which our customers can expand their business." The Noname API Security Platform Continues to Define API Security Noname's latest major release delivers new capabilities across the entire platform – covering discovery, posture management, runtime protection, pre-production testing, and deployment – to help customers: Discover More & Strengthen Security Posture Noname Security's Discovery and Posture Management solutions locate and provide insight to every API in an organisation's ecosystem, uncovering vulnerabilities (including the most recent OWASP API Top Ten), protecting sensitive data, and proactively monitoring for changes, including in OpenAPI and other specifications. New capabilities enable customers to: Gain complete visibility and detailed insights to protect APIs with customisable discovery, flexible tagging, and datatype assignments – including PII, PCI, PHI, and custom categories – for grouping APIs by application, business unit, and more. Understand APIs in rich context with visualisations of business logic, physical network infrastructure, and API traffic to understand specific interactions and behaviour patterns. Secure containerised applications with enhanced discovery and detection for Kubernetes (k8s). Prioritise resources and eliminate blind spots with extensive infrastructure inventories for AWS and Azure, enabling organisations to find unprotected APIs, map the connections between APIs and infrastructure resources, pinpoint resources that could increase the attack surface, and resolve potential issues with full context. Stop Attacks with Runtime Protection Noname Security Runtime Protection detects and blocks API attacks with real-time traffic analysis, out-of-band monitoring, inline remediation options, and workflow integrations to increase SOC effectiveness. New capabilities enable customers to: Identify business-logic-based attacks immediately with updates to the industry's most advanced anomaly detection engine using artificial intelligence & machine learning (AI/ML), including unsupervised online learning. Reduce Mean-Time-To-Resolution (MTTR) with more context on issue records, including detailed remediation guidance and tools for deeper investigation. Fully align with security operations center (SOC) processes with automation, custom workflows, and integrations with existing systems such as ITSM, SIEM, SOAR, and more. Deliver Secure APIs Faster with Active Testing Noname Security Active Testing is a purpose-built API security testing solution that helps organisations easily add security into the CI/CD pipeline without sacrificing speed. The newest version of Active Testing enables customers to: Shift left with integrations into the entire software development lifecycle (SDLC). Teams get dynamic API visibility across multiple states and environments throughout the CI/CD process. Leave no API untested with a unique ability to find and test every API based on an understanding of the application's business logic. Empower developers with best-in-class usability such as simple setup & automation, in-line test results, and contextual guidance for request failure mitigation. Continuously Adapt to Changing Environments Noname Security offers the most flexible and comprehensive set of deployment and integration options available. New capabilities enable customers to: Rapidly realise value with simplified step-by-step onboarding and in-app guidance. Meet any deployment requirement with both agentless and agent-based options, including eBPF, and both out-of-band and inline protection options. Easily manage complex deployments with automatic updates across cloud-hosted, self-hosted, hybrid, and distributed deployments. Maintain data residency and reduce overhead with remote engines to aggregate traffic into a centralised console, allowing you to keep data within your control and reducing traffic. Meet strict public-sector compliance requirements with a new hardened virtual appliance. See the entire attack surface with additional integrations and improvements to Akamai, AWS ECS, Cloudflare, Oracle Cloud Infrastructure, Citrix, and other connectors. Staying Ahead of Attackers Built by the largest team of API security researchers and developers in the industry, the Noname API Security Platform helps organisations proactively find vulnerabilities, stop attacks, reduce the risk of costly incidents, and ensure business continuity. "Improving security posture and shifting from reactive to proactive does more than reduce risk. It allows the entire enterprise to change its position in the market from follower to leader," said Oz Golan, CEO and Co-Founder of Noname Security. About Noname Security Noname Security is the only company taking a complete, proactive approach to API Security. Noname works with 20% of the Fortune 500 and covers the entire API security scope — Discovery, Posture Management, Runtime Protection, and API Security Testing. Noname Security is privately held, remote-first with headquarters in Silicon Valley, California, and offices in Tel Aviv and Amsterdam.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

CyberMaxx Launches Next Generation Managed Detection and Response (MDR) Solution MaxxMDR

Prnewswire | May 19, 2023

CyberMaxx, Inc., a tech-enabled cybersecurity services company, today introduced MaxxMDR, its revamped managed detection and response (MDR) solution. MaxxMDR provides enhanced protection through an advanced detection library proprietary to CyberMaxx developed through the company's comprehensive DFIR, offensive security, and threat hunting research. Traditional MDR tools and processes only provide a base-level of protection. By supplementing a SIEM or EDR tool's default detections library with advanced insights gained from its offensive and DFIR work, MaxxMDR strengthens an organization's defenses and enables them to catch more advanced threats. This provides customers with a strong partnership for a comprehensive offensive and defensive approach to securing their environments. MaxxMDR empowers organizations to monitor and manage cyber risk through: 24 x 7 x 365 SOC: around-the-clock monitoring and response by CyberMaxx Security Operations Center of experts Custom Detection Library: derived from years of experience and working closely with our DFIR and Offensive security teams across a diverse set of customers Purpose-built: purpose-built platforms designed with SOAR in mind Endpoint security (EDR): partnership with industry-leading endpoint security providers like SentinelOne and Crowdstrike Proprietary Advanced Analytics Platform: cloud-native analytics platform for better integration with SAAS and IAAS Full Visibility: full stack visibility of your assets both on-premise and in the cloud Faster & Better Quality: improved mean time to recovery (MTTR) and reduced false positives through automation and orchestration Additionally, MaxxMDR is offered through a flexible deployment model available in both managed and co-managed environments. The managed solution is delivered on a proprietary analytics engine for organizations looking for a fully outsourced solution. The co-managed solution is delivered on a third-party SIEM either licensed by CyberMaxx or the customer and allows the customer more control and access. "The speed and pace of evolving threats today requires a new approach to defensive security," said Michael Quattrochi, CyberMaxx's SVP of Defensive Security. "Traditional MDR solutions too often aren't able to detect modern threats because they are based on legacy insights. By empowering MaxxMDR with real-time insights into active threats from our offensive and DFIR work we are enabling customers to better keep pace with their adversaries and strengthen their defensive posture." MaxxMDR bundles CyberMaxx helps customers strengthen their security posture by offering both offensive and defensive security solutions together. The MDR bundles strengthen MDR detection with insights from offensive solutions and provides a uniform customer experience at a competitive investment level. MaxxMDR: provides monitoring + Alert Escalation and containment through EDR API. MaxxMDR Advanced: builds on monitoring, alerting, and containment by including an annual Security Configuration Assessment (M365/Azure, Active Directory, AWS & GCP), semi-annual Hunt & Detect in EDR, annual IR or BCDR Tabletop, Password Hash Strength Testing, Deception Tokens Deployment and Monitoring, and Discounted Advanced DFIR Rates. MaxxMDR Premium: builds on MaxxMDR Advanced and includes monthly Hunt & Detect in EDR, Endpoint Purple Team, annual External Penetration Test, annual VIP Public Data Reconnaissance, additional discounts on advanced DFIR Rates. You can learn more about the MaxxMDR solution at www.cybermaxx.com/mdr and learn about MaxxMDR bundles here: www.cybermaxx.com/mdrbundles About CyberMaxx CyberMaxx, Inc., founded in 2002, is a tech-enabled cybersecurity service provider headquartered in Nashville, TN. Through a comprehensive set of services CyberMaxx empowers customers to Assess, Monitor, and Manage cyber risk and stay ahead of emerging threats. CyberMaxx expanded its capabilities through the 2022 acquisition of CipherTechs, an international cybersecurity company providing a complete cybersecurity portfolio across MDR Services, Offensive Security, Governance, Risk & Compliance, DFIR, and 3rd party security product sourcing. CyberMaxx's managed detection and response solution (MAXX MDR) is designed to be scalable for clients of all sizes, providing protection and improving the organization's security posture, ultimately giving customers peace of mind that their systems and data are secure.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Banyan Security Introduces World’s First Device-Centric Security Service Edge (SSE) Solution

Globenewswire | April 05, 2023

Banyan Security, a leading provider of zero trust access solutions for the modern workforce, is proud to announce the launch of its innovative Device-Centric Security Service Edge (SSE) solution. Banyan’s offering delivers a comprehensive range of integrated security measures to safeguard the modern workforce – including Zero Trust Network Access (ZTNA), Virtual Private Network as a Service (VPNaaS), Cloud Access Security Broker (CASB), and Secure Web Gateway (SWG) – all in a unified product that is simple to implement and boosts employee productivity. Unlike traditional security products focused on the network perimeter, Banyan’s device-centric SSE brings the user and device to the forefront of protection, enabling intelligent, risk-based connectivity and threat detection. Working in concert with the Banyan Cloud permits consistent policy enforcement without needing to route all enterprise traffic through vendor data centers or expensive on-premise appliances, which significantly improves the user experience. Moreover, Banyan’s device-centric approach treats clientless scenarios as first-class citizens, enabling seamless access combined with granular policy controls. “The launch of our device-centric Security Service Edge solution marks a major milestone for our company, delivering on the idea of enabling workers to securely do their job from anywhere” said Jayanth Gummaraju, CEO and Co-founder of Banyan Security. “We saw a clear need for a new solution that does not suffer from the baggage of existing network-centric approaches. What we’ve built brings together device and network security in a unique way to secure all types of access – private or internet. This approach reduces the attack surface and provides a frictionless user experience, thus increasing employee productivity. We’re excited to see customers and industry partners embracing our approach, and are confident that our solution will exceed expectations, revolutionizing the way organizations think about workforce security." Banyan Security’s strategic partners understand that a new approach is needed to effectively realize the promise of a zero trust framework. “We are thrilled to partner with Banyan Security to deliver more value to our joint customers. The partnership provides a risk-based approach to security and simplifies the deployment of Zero Trust initiatives,” said Akhil Kapoor, Vice President of Business Development at SentinelOne. “Together, we can offer unparalleled protection and peace of mind to organizations as they navigate an ever-evolving threat landscape.” The implications of a device-centric SSE product are revolutionary, providing organizations with considerable benefits including: Improved User Experience – Localized, intelligent decision making minimizes latency and results in a better user experience. Rather than forcing organizations to ship all traffic to the cloud for inspection, each device makes the optimum access and security decisions. Coupling faster decision making with an always-on approach minimizes potential gaps for advanced threats to exploit. Better Enterprise Security – The Banyan SSE solution includes multiple layers of security, providing least privileged access for users regardless of location. Additional security is provided by incorporating real-time, continuous authorization using advanced risk modeling based on user, device, resource, and threat profiles. Together these features provide superior threat protection and automated threat remediation. Lower Total Cost of Ownership – a device-centric Security Service Edge is significantly easier to deploy and manage for most organizations. Rather than having to configure complex network environments to support the analysis and routing of user traffic, this happens locally on end-user devices based on intuitive selections made in the Banyan admin console. Advanced discover and publish capabilities further simplify deployments and results in much lower total cost of ownership for an organization versus legacy solutions. Deployment Flexibility – The Banyan Security SSE solution architecture provides additional benefits for organizations that are concerned with data privacy and security. Unlike other SSE solutions, the Banyan Security Platform can be configured to route encrypted traffic through either the Banyan cloud infrastructure or directly through a service installed and maintained in the organization’s infrastructure. This capability allows the freedom to address the needs of any regulatory or security-conscious environment. Banyan’s customers, aware that existing solutions were not addressing the rapidly changing requirements of a distributed workforce, have rallied behind the Banyan Security Platform. “With Banyan Security’s device-centric SSE, we confidently replaced our legacy VPN and accelerated our zero trust architecture initiatives. Their robust solution empowers us to secure our cloud-first environment, seamlessly monitor security posture through efficient device checks, and ultimately enhance our primary customers’ security – our users,” said Cesar Esteban, Staff Security Engineer at Snapdocs. “Investing in Banyan Security has transformed our approach to cybersecurity and unlocked new potential for serving our users better.” About Banyan Security Banyan Security provides secure, zero trust “work from anywhere” access to applications and resources for employees and third parties while protecting them from being phished, straying onto malicious web sites, or being exposed to ransomware. A Flexible Edge architecture enables rapid, incremental deployment on-premises or in the cloud without compromising privacy or data sovereignty. A unique device-centric approach intelligently routes traffic for optimal performance and security delivering a great end user experience. Banyan Security protects workers across multiple industries, including finance, healthcare, manufacturing, and technology.

Read More