DATA SECURITY

The latest release of Cyber Observer provides new visibility into the risk posture of cybersecurity

businesswire | January 19, 2021

Digital Observer, the chief Continuous Controls Monitoring (CCM) arrangement, today declared a significant upgrade to its foundation that empowers CISOs and other security and danger the board heads to acquire new, constant, bound together perceivability into the viability of online protection instruments that are executed all through their endeavor. By ceaselessly recovering and examining Critical Security Controls (CSCs) from applications on-premises and in-cloud, Cyber Observer's CCM stage improves consistence, lessens mean opportunity to location and reaction, and advances hazard act the executives.

Network protection groups are overpowered with multifaceted nature of overseeing many unique security apparatuses that have been executed across their mixture ventures. In spite of best endeavors to actualize security controls to limit dangers and dangers, venture heads are finding that misconfigured or failing apparatuses are time after time a vulnerable side and probably the most fragile connection in their security guards. Digital Observer's CCM stage disposes of this issue and now empowers ventures to keep a finger on the beat of how their security instruments are performing.

Digital Observer associates and pulls information from a venture's on-premises and in-cloud apparatuses to make a complete perspective on the security instruments executed. Notwithstanding persistently examining in excess of 5,000 CSCs and giving controls status with regards to the executives, consistence prerequisites and different structures, Cyber Observer delivered a bunch of new highlights, including:

Ongoing dashboards. Effectively show the status of each apparatus, status of the distinctive security regions, organize weaknesses, total danger act scoring, and alarm on deviation from ordinary conduct.

Nonstop revealing. New announcing module robotizes gives an account of an association's network safety instruments status and digital stance sees.

Open API upgrades. Empower endeavors to effortlessly share information gathered by Cyber Observer with outsider devices that give security data and occasion the executives (SIEM), mechanization (SOAR), and man-made consciousness.

“Managing risks requires more than implementing security tools and checking the box,” said Shimon Becker, Cyber Observer Co-founder and VP Product. “It requires continuous monitoring, management, and oversight to ensure that people, processes, and technology are in fact protecting your data and your enterprise.”

“The new release offers quick and easy remote implementation,” said Moti Ram, Cyber Observer Co-founder and VP R&D. “We support hybrid on-premises and in-cloud connectivity and deployment.”

Cyber Observer is backed by Merlin Ventures, which strategically invests in and scales innovative cybersecurity companies. “Things like misconfigured or unpatched security tools are such easy targets for adversaries to exploit,” stated Seth Spergel, Vice President of Emerging Technology at Merlin Ventures. “Implementing a simple solution like Cyber Observer's Continuous Controls Monitoring platform should really be a part of any organization’s cyber hygiene protocol and a standard practice for all enterprises.”

About Cyber Observer

Cyber Observer is the premier Continuous Controls Monitoring (CCM) solution that reduces business losses and audit costs by continuously monitoring and auditing critical security controls and applications. The Cyber Observer platform integrates dozens of the most popular security tools into a single interface, enabling security and risk management executives to monitor tool performance in alignment with cybersecurity, business, and regulatory frameworks. This equips security and risk management executives with unprecedented visibility, control, and strategic oversight that empowers security and risk executives to proactively identify and close critical security gaps while demonstrating the effectiveness and maturity of their security programs and investments.

About Merlin Ventures

Merlin Ventures is a strategic investment firm that rapidly scales visionary companies and introduces disruptive solutions designed to help enterprises address today’s most critical cybersecurity challenges. Merlin Ventures’ unique business model combines robust infrastructure and capital, onboarding and market readiness acceleration, cybersecurity engineering leadership, and deep-rooted customer and market relationships to enable its portfolio of cybersecurity companies to accelerate growth and flourish.

Spotlight

The SANS Institute recently found that nearly a third of all organizations still have no capability to prevent or deter an insider incident or attack. Further, only nine percent of surveyed companies ranked their insider threat prevention methods as very effective. Yet as recent headlines show, the insider threat is very real and cannot be ignored. To protect against insider threats, organizations must first understand—and identify— what the threat is. Our newly released eBook uncovers common misconceptions about insider threats, illustrates how these threats have manifested in real-world situations and provides new insight to help organizations reduce risk across four main categories.

Spotlight

The SANS Institute recently found that nearly a third of all organizations still have no capability to prevent or deter an insider incident or attack. Further, only nine percent of surveyed companies ranked their insider threat prevention methods as very effective. Yet as recent headlines show, the insider threat is very real and cannot be ignored. To protect against insider threats, organizations must first understand—and identify— what the threat is. Our newly released eBook uncovers common misconceptions about insider threats, illustrates how these threats have manifested in real-world situations and provides new insight to help organizations reduce risk across four main categories.

Related News

DATA SECURITY

Balbix Allows CISOs to Quantify their Cybersecurity Posture Risk in Dollars

Balbix | August 04, 2021

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the launch of its Automated Cyber Risk Quantification (CRQ) solution. Balbix's new offering allows organizations to produce a single, comprehensive view of their cyber risk in dollars (or other currencies) so they can prioritize and fix security vulnerabilities faster and reduce breach risk by 95% or more. For example, to protect itself against ransomware attacks, an organization could use Balbix to identify the assets that would be most costly if held to ransom and quickly act to reduce these risks. Automated cyber risk quantification Calculating breach risk in monetary terms provides a common language that organizations - from security engineers and IT admins to the CISO, CFO and CIO - can use to prioritize projects and spending, and track the effectiveness of their overall cybersecurity program. However, most organizations have struggled with measuring cyber risk due to their reliance on complicated manual processes and dozens of isolated IT, security and business tools. The Balbix Automated CRQ solution uses machine learning and automation to quantify both the likelihood and the impact of a potential breach, and remove complex and error-prone tasks. As a result, organizations can: Build a unified cybersecurity asset management program Prioritize enterprise vulnerabilities Quantify cyber risk in monetary terms Customize security analytics and board-level reporting "Balbix is an industry-leading platform that consolidates cyber risks into a single reportable model," said Rhonda Gass, Chief Information Officer at Stanley Black & Decker. "This technology is enabling us to scorecard our risk remediation performance and gain continuous visibility into open security issues." "The Infosec industry has struggled for a long time to quantify the security posture of their organizations in clear cyber risk terms denominated in Dollars (or Euros, Pounds, Yen, etc.),'' said Jon Oltsik, Senior Principal Analyst and Fellow at ESG. "As a result, the right decisions don't get made, leaving the enterprise vulnerable to attack and compromise. Balbix's innovative offering has the promise of changing this equation." Seamless data collection Balbix also released new streaming and snapshot connectors. Streaming connectors are agentless and connect via API to the data source and pull in data on a specified schedule and thus are easy to deploy and manage. Snapshot connectors are used to ingest data using .csv or other formats. Organizations can use these connectors to ingest data from dozens of data sources including vulnerability assessment tools, CMDB, EDR, firewalls, SIEM, MDM systems, AppSec systems, OT/IoT management systems, Active Directory, DNS/DHCP and cloud infrastructure APIs. Moreover, the connectors are highly scalable. For example, Balbix typically ingests several 100s of terabytes per day from customers with environments containing 250,000 assets. "We are very pleased to introduce our new cyber risk quantification offering," said Gaurav Banga, Founder and CEO of Balbix. "Cybersecurity tools generate mountains of data. Traditionally, infosec teams have had to sift through massive vulnerability scans, attack simulation reports and app vulnerability results to prioritize issues that should be addressed first. Then they had to explain their actions to non-cyber stakeholders in business risk terms. This has been an impossible job. The new Balbix Automated CRQ solution makes easy work of this task by automating much of the workflow." About Balbix Balbix provides the world's leading platform for cybersecurity posture automation. Using Balbix, organizations can discover, prioritize and mitigate unseen risks and vulnerabilities at high velocity. With seamless data collection and petabyte-scale analysis capabilities, Balbix is deployed and operational within hours, and helps to decrease breach risk immediately. Balbix counts many global 1000 companies among its rapidly growing customer base and was named a "Cool Vendor" by Gartner in 2018.

Read More

DATA SECURITY

AaDya Security Partners with EclecticIQ to Deliver Next Generation Endpoint Protection to Small and Midsize Businesses

AaDya Security | November 20, 2021

Detroit-based AaDya Security announced today that the company has partnered with EclecticIQ, a leading global provider of cyber threat intelligence, hunting and response technology and services, to offer its innovative endpoint detection and response (EDR) technology to customers of AaDya's all-in-one cybersecurity platform. Built specifically for small and midsize business customers, AaDya's platform is the first to offer six pillars of protection in a unified platform. The solution is powered by Judy, a unique AI and machine learning agent that works on the back-end to ensure each of the pillars (single sign-on, password management, endpoint detection and response, threat detection and automated remediation, anti-phishing, and compliance mapping) work in tandem to provide a seamless experience for both the end-user and platform administrators. AaDya this year also launched a successful channel partner program to offer its solution to managed IT and security service providers and value-added resellers who recognize the benefits of the unified platform for themselves and their clients. "Judy was built by our engineers to deliver a full suite of enterprise-grade security tools in one simple, accessible, and affordable platform,We are thrilled about our partnership with EclecticIQ, which aligns perfectly with our mission to provide small and midsize business customers access to the same security as their larger counterparts at a fraction of the cost. Their EDR solution hits all the marks in that it is light enough for our customers to implement and manage without having to compromise on security. Combined with the fact we were able to work with the EclecticIQ team to fully integrate the solution with Judy's capabilities made our decision to partner with them an easy one." Raffaele Mautone, CEO and founder of AaDya "AaDya built their solution with the understanding that security should not be a barrier to productivity," said Julie Cullivan, a veteran cybersecurity executive and AaDya board member. "The fact that many current security solutions are complicated and cumbersome to deploy has caused many SMB organizations to go unprotected. EclecticIQ's EDR technology was the perfect fit at the perfect time, allowing AaDya to expedite getting their endpoint solution pillar to market at a critical time for many small businesses as they face more cyber-risk and are being forced to meet the latest compliance requirements. I look forward to watching the partnership between these two innovative cybersecurity companies make a significant impact." With many recent high-profile attacks and a renewed focus on security at all levels of the Nation's value chain, across all verticals and businesses of all sizes, timing has never been more critical to provide accessible and reliable protection against ubiquitous attacks like ransomware and phishing to a market segment that has traditionally been an afterthought for the big players in cybersecurity. EclecticIQ, founded in 2014, is a leading cybersecurity company which is pioneering the intelligence-led analyst-centric platform that helps MSSPs, enterprises and governments to manage threat intelligence, hunting, detection and response. EclecticIQ Endpoint Response is a full-featured, flexible and embeddable endpoint detection and response (EDR) solution designed for integration into existing security stacks. It ensures kernel-driven reliability to capture events in real-time on Windows, macOS, and Linux endpoints using the unique endpoint telemetry plugin supported by open source osquery-based agent. It is easily integrated into existing toolsets and workflows via a straightforward REST API which leverages configuration, notifications, scheduled queries, and ad hoc queries for faster time to detection and response. And it installs in minutes, so this low-cost, low-footprint multifaceted solution enables faster mitigation of endpoint attacks. "When we understood the potential of AaDya's Judy platform, it became obvious that EclecticIQ's highly embeddable EDR would make it both more powerful and more extensible for further market-specific innovation," said Sridhar Jayanthi, senior vice president, endpoint security, EclecticIQ. "The fact that AaDya could significantly accelerate their endpoint goals with EclecticIQ's proven technology makes this an ideal partnership." About AaDya Security Headquartered in Detroit, Michigan, AaDya Security provides smart, simple, effective and affordable cybersecurity software solutions for small and midsize businesses. Our all-in-one cybersecurity platform, powered by Judy, an interactive AI virtual assistant, provides enterprise-grade, 24/7 protection and support for companies who lack the time, expertise and capital to successfully implement these solutions on their own. About EclecticIQ EclecticIQ is a global provider of threat intelligence, hunting and response technology and services. Stay ahead of rapidly evolving threats and outmaneuver your adversaries by embedding Intelligence at the core™ of your cyberdefenses. We operate worldwide with offices and teams across Europe and UK, North America, India and via value-add partners.

Read More

SOFTWARE SECURITY

Dragos announces a $110 million Record-Setting Industrial Cybersecurity Investment with Series C Funding

businesswire | December 08, 2020

Keysight Technologies a main innovation organization that helps endeavors, specialist co-ops and governments quicken advancement to associate and make sure about the world, reported that Altiostar has chosen the organization's 5G test answers for quicken improvement and sending of an open virtualized radio access organization (open vRAN) foundation basic in the conveyance of a wide-scope of 5G use cases. Altiostar chose Keysight's exhaustive set-up of 5G test arrangements, including 5G multi-band vector handsets, channel emulators, client gear (UE) emulators and O-RU (O-RAN radio unit) emulators to confirm interoperability between vRAN parts and conformance to details distributed by the O-RAN Alliance. A multi-merchant open RAN biological system, comprising of providers of radio and baseband equipment, just as disaggregated virtualized and cloud-local RAN and 5G center (5GC) programming parts, use Altiostar's open vRAN programming to convey creative arrangements that help robotized and savvy versatile organizations. “This is a decisive moment in the ICS/OT cybersecurity market, with many powerful drivers coalescing to generate an unprecedented level of market interest and customer demand,” said Robert M. Lee, Chief Executive Officer and Co-Founder of Dragos, Inc. “Our Series C funding is an investment by industry, for industry, and will enable us to fully meet this moment for our customers by advancing the innovative technology at the center of our Dragos Platform, expanding our global footprint, and continuing to recruit the world’s most elite team of ICS/OT cybersecurity experts.” “Koch Industries has more than 500 global manufacturing facilities, and the need for protection from cybersecurity threats grows each day,” said Byron Knight, Managing Director of Koch Disruptive Technologies. “As we continue to transform and modernize operations, Dragos will be a key partner in helping protect these assets to ensure we can continue providing products and services our customers prefer.” "Combating cyber threats against critical assets that power our operations is at the center of our risk management approach across the entirety of Koch Industries," said Jarrod Benson, Chief Information Security Officer of Koch Industries. "Industrial cyberattacks can impact worker safety, plant productivity, and business continuity. Safeguarding our data is important and protecting our operations is essential." “We understand the importance of technologies like the Dragos Platform that protect operational technologies and provide insights to help customers stay at the forefront of cyber innovation,” said Lisa Lambert, Chief Technology and Innovation Officer at National Grid and President of National Grid Partners. “We first invested in Dragos in 2018, and since then, their innovation in industrial cybersecurity has become even more important. We’re pleased to reinvest and to co-lead the round at this important stage of the company’s growth.”

Read More