ThreatConnect partners Microsoft Graph Security API to Strengthen Security Automation

ThreatConnect | August 19, 2020

ThreatConnect, Inc.®, provider of the industry’s only intelligence-driven security operations solutions, announced today that it has joined the Microsoft Intelligent Security Association and will integrate Microsoft solutions with the ThreatConnect Threat Intelligence (TIP) and Security Orchestration Automation and Response (SOAR) Platform using the Microsoft Graph Security API. This integration allows ThreatConnect clients to connect with nearly any piece of Microsoft technology, including Azure Sentinel, O365, and Microsoft Defender ATP, using the Microsoft Graph Security API. The integration allows clients to retrieve alerts, perform data enrichment, gain relevant threat intelligence, and carry out incident response actions.

The Microsoft Graph Security API is a single interface that connects to Microsoft security products. Through this integration, made possible by ThreatConnect’s robust App Services capability, clients are able to subscribe to and listen for Microsoft Graph Notifications, parse these notifications for subsequent operations, and manage Graph Mail and security alerts via ThreatConnect Playbooks. Some examples of actions supported:

Spotlight

"Mobility is gaining traction in the enterprise, but true understanding and comfort with mobile security is not yet present. To shed light on this issue, Entrust commissioned Forrester Consulting to conduct a market study on the mobility landscape within today's enterprise. The results indicate there's a clear dichotomy between perception and reality of mobile device security.

This white paper explores how trusted and secure mobile devices can increase efficiency and productivity for internal and customer-facing business processes."

Spotlight

"Mobility is gaining traction in the enterprise, but true understanding and comfort with mobile security is not yet present. To shed light on this issue, Entrust commissioned Forrester Consulting to conduct a market study on the mobility landscape within today's enterprise. The results indicate there's a clear dichotomy between perception and reality of mobile device security.

This white paper explores how trusted and secure mobile devices can increase efficiency and productivity for internal and customer-facing business processes."

Related News

PLATFORM SECURITY,SOFTWARE SECURITY,END POINT PROTECTION

Wallarm Announces the Early Release of Its Enhanced API Security Technology

Wallarm | January 23, 2023

Wallarm, a leading end-to-end API security provider, has recently announced the early release of the Wallarm API leak management solution, an improved API security technology designed to assist organizations in identifying and remediating attacks exploiting leaked API keys and secrets while also providing ongoing protection against hacks in the event of a leak. Given the recent increase in hacks involving leaked API keys and other API secrets, Wallarm developed the API leak management solution in order to give a comprehensive solution for this issue by automatically detecting leaked API keys and secrets, implementing controls to prevent their use, and protecting against any follow-on attacks. As a result, it prohibits unwanted access to sensitive data within enterprises while also protecting their internal operations and customers from unauthorized use of that data. With the average cost of an API leak incident being $1.2 million per year, protecting API keys is a security and financial need. However, as locating and revoking API keys is both time-consuming and resource-intensive, Wallarm's proactive API leak management solution focuses on automated detection, remediation, and control using a three-pronged approach: Detect - Wallarm automatically searches public sources for leaked API secrets, which hackers can discover and exploit in under a minute. Remediate - Regardless of protocol, Wallarm immediately blocks requests that use compromised API secrets across the entire API portfolio. Control - Wallarm also continuously monitors and prevents the use of leaked API secrets. The Wallarm API leak management solution is the first of its kind in the API security space and is coupled with other Wallarm capabilities such as API threat prevention, API discovery and cloud-native WAAP. Wallarm’s API security platform provides customers with full-spectrum visibility, detection, and security for their entire web application and API portfolio, regardless of protocol or environment. This minimizes tool sprawl and costs while also increasing risk management and fostering innovation. About Wallarm Wallarm, founded in 2016, provides End-to-End API Security solutions to safeguard web applications, APIs, microservices, and serverless workloads in cloud-native environments. With its commitment to developing the cybersecurity industry, it has designed a new security platform to defend tech firms and Global 2000 enterprises throughout their journey from their legacy apps to APIs in cloud-native infrastructures. Hundreds of Security and DevOps teams use Wallarm to discover all of their web apps and API endpoints, traffic flows, and sensitive data consumption for total visibility, secure their whole API portfolio against emerging risks, and respond to incidents automatically for better risk management.

Read More

PLATFORM SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

Skyhigh Security Announces Achieving Amazon Web Services Security

Skyhigh Security | December 28, 2022

Skyhigh security, a leading data security solutions provider, recently announced receiving Amazon Web Services (AWS) Security Competency accreditation in the infrastructure security industry. This distinction recognizes Skyhigh Security's extensive technical expertise in AWS and proven success in its ability to assist customers in achieving their cloud security objectives. Achieving AWS Security Competency distinguishes Skyhigh Security as a member of the AWS Partner Network (APN) that offers specialized software to assist organizations in adopting, developing, and deploying complex security projects on AWS. To achieve the distinction, APN Partners must have in-depth knowledge of AWS and provide solutions on AWS effortlessly. AWS delivers scalable, versatile, and cost-effective solutions to startups and large-sized organizations. To enable the seamless integration and implementation of these solutions, AWS launched the AWS Competency Program to assist customers in identifying consulting and technology APN Partners with extensive industry knowledge and expertise. AWS users can buy the entire Security Service Edge (SSE) portfolio of Skyhigh Security through the AWS Marketplace, which enhances the efficiency of the procurement process and provides flexible licensing options. The company's SSE portfolio is cloud-native, designed from the bottom up with Zero Trust principles, and includes a unified data loss prevention and policy engine. Skyhigh SSE contains, Skyhigh Cloud Access Security Broker, Skyhigh Secure Web Gateway, and Skyhigh Private Access, among other products, offering one of the most extensive portfolios in the market. About Skyhigh Security Based in California, U.S., Skyhigh Security, a provider of a complete, market-leading data security platform built on a modern cloud stack, focuses on helping customers protect the world's data. It protects businesses with data-aware and user-friendly cloud-native security solutions. Its industry-leading Security Service Edge (SSE) portfolio extends beyond data access and focuses on data use, enabling enterprises to communicate from any device and location without compromising security.

Read More

INFOSEC PROJECT MANAGEMENT,PLATFORM SECURITY,SOFTWARE SECURITY

NowSecure Unveils Its Latest Offering, Mobile Pen Testing-as-a-Service (PTaaS)

NowSecure | January 03, 2023

NowSecure, the leader in standards-based mobile app security and privacy software, announced the introduction of its latest solution, NowSecure Mobile Pen Testing as a Service (PTaaS), which will bridge the gap between manual and automated mobile security assessments for continuous security. NowSecure PTaaS is designed to provide mobile developers and security teams with a more cost-effective and efficient pen testing solution. The solution combines periodic expert manual assessments with continuous automated testing to optimize comprehensive coverage at a higher frequency. With this combination, the all-inclusive portal and service can instantly discover concerns early in the developer pipeline, provide consulting help to repair security issues promptly, and accelerate the release of high-quality software into production. As organizations struggle with tightening budgets in conjunction with an increased threat of mobile cyber assaults, there is an industry demand for a cost-effective, higher-coverage, higher-frequency, mobile AppSec testing solution. "According to Coalfire and NowSecure's 4th Annual Penetration Risk Report, 99% of mobile applications pose security or privacy threats." By integrating NowSecure's latest offering, Mobile PTaaS, CISOs and security leaders can optimize their budget for penetration testing while prioritizing continuous, comprehensive security testing. The NowSecure Mobile PTaaS cloud-based platform, built on tens of thousands of pen tests and over 12 years of mobile application security experience, provides a comprehensive set of automatic, continuous, and manual assessments, including: Expert pen testing periodically depending on the specific demand and timeline On-demand and continuous security testing is built into the CD/CI and dev toolchains Automatic ticket generation with incorporated remedial resources Consultation with an experienced pen tester on remediation Optional industry standard(s) certifications and validations All-in-one SAST, IAST, DAST, APISec, and SBOM Simple-to-use dedicated SaaS platform About NowSecure A Chicago-based mobile security company, NowSecure safeguards the worldwide mobile app economy as the leading authority in standards-based mobile application privacy and security automation. The company is trusted by the most demanding enterprises for its comprehensive security testing solution package for DevSecOps, mobile app supply-chain monitoring, Pen Testing as a Service (PTaaS), professional mobile pen testing, and training courseware. NowSecure actively contributes to and supports the open-source mobile security community, industry standards, and certifications such as ADA MASA, OWASP MASVS, NIAP, ioXt, and others. The firm is SOC 2-certified and has been recognized by Gartner, IDC, TAG Cyber, and Deloitte Fast 500.

Read More