DATA SECURITY

Use NetSPI's New Ransomware Attack SimulationTo Improve Ransomware Attack Resiliency

NetSPI | June 18, 2021

The leader in attack surface management and enterprise penetration testing, NetSPI,  has announced its new service for ransomware attack simulation., In collaboration with its ransomware security experts, the new service enables organizations to emulate ransomware families of real-world to find and fix dangerous susceptibilities in their defenses for cybersecurity.

Major cybersecurity gaps were exposed globally in the recent ransomware attacks. The Biden administration in the U.S. urges all business leaders to take enough precautions to get away from ransomware. Deputy national security advisor for emerging and cyber technology, Anne Neuberger, recommends various companies in a recent memo to use third-party pentester to test the security of the systems and the ability to defend a sophisticated cyber-attack effectively.

NetSPI closely collaborates during a ransomware attack simulation engagement with companies to simulate sophisticated ransomware techniques, tactics, and procedures (TTPs) utilizing its tailor-made technology for breach and attack simulation. Following each engagement, organizations get access to NetSPI's technology to run custom plays independently and unceasingly assess how well their cybersecurity platform will hold up to a ransomware attack.

About NetSPI

NetSPI, the leader in attack surface management and enterprise security testing, has a partnership with the most significant global cloud providers, nine of the top 10 U.S. banks, many of the Fortune® 500, and three of the world's five largest healthcare companies. NetSPI experts perform deep dive manual penetration testing of network, application, and cloud occurrence surfaces, historically testing over 1 million resources to find 4 million specific vulnerabilities. NetSPI is headquartered in Minneapolis, MN, and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Spotlight

As organizations consider their future of work and the technologies that will make them successful, understanding the value of their investments will be crucial. Download this whitepaper, IDC created in conjunction with VMware, to learn how organizations have realized a return on investment (ROI) by supporting their employees an

Spotlight

As organizations consider their future of work and the technologies that will make them successful, understanding the value of their investments will be crucial. Download this whitepaper, IDC created in conjunction with VMware, to learn how organizations have realized a return on investment (ROI) by supporting their employees an

Related News

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Uptycs Integrates with Amazon Security Lake to Enable the Correlation of its CNAPP and XDR Security Telemetry with a Vast Ecosystem of Security Tools

Prnewswire | June 01, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced an integration with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes security data from across AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers. The integration with Uptycs helps organizations speed up threat detection and incident response by correlating Uptycs telemetry and events with data from a vast number of other security tools. With the proliferation of technologies and environments, security teams need to spend time setting up one-to-one integrations between their tools to correlate threat activity. This is expensive and delays response to security threats. In contrast, a shift up approach to cybersecurity does not need complex integrations and intermediary systems to connect the dots. The premise involves getting the data in a standardized format right out of the gate, and streaming it up into a data lake so security teams can do cross-correlations that speed up threat detection and response. The OCSF project offers a consistent approach towards cybersecurity telemetry by providing a standard schema for common security events, defining versioning criteria to facilitate schema evolution, and including a self-governance process for security log producers and consumers. This enables organizations to easily bring together data from multiple security tools. "We are excited to bring the security telemetry from Uptycs into Amazon Security Lake," says Ganesh Pai, CEO and co-founder of Uptycs. "A key tenet of the shift up approach to cybersecurity is to stream normalized security telemetry into a data lake, moving security analytics processing power to the cloud. Uptycs and AWS customers can now enjoy enhanced protection and faster reaction time as they benefit from standardized OCSF-based telemetry across their on-prem and cloud workloads." Using the OCSF format, Uptycs and Amazon Security Lake allow organizations to have a consistent telemetry, enabling them to easily correlate data from a variety of security, SIEM, and SOAR tools. Uptycs, an AWS Security Competency Partner, will send a wealth of OCSF-formatted data from on-premises and cloud assets to Amazon Security Lake, including behavioral threat detections from endpoints and cloud workloads, anomaly detections, policy violations, risky policies, misconfigurations, and vulnerabilities. Uptycs prospects and customers can get started with the Amazon Security Lake integration by contacting Uptycs. About Uptycs Your developer's laptop is just a hop away from cloud infrastructure. Attackers don't think in silos, so why would you have siloed solutions protecting public cloud, private cloud, containers, laptops, and servers? Uptycs reduces risk by prioritizing your responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across your modern attack surface—all from a single platform, UI, and data model. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Orca Security is First CNAPP to Integrate with Microsoft Azure OpenAI GPT-4

Businesswire | May 05, 2023

Orca Security, the pioneer of agentless cloud security, today announced its full integration with Microsoft Azure OpenAI GPT-4. The integration builds on the ChatGPT implementation in the Orca Cloud Security platform announced in January and makes it the first cloud-native application protection platform (CNAPP) to support GPT-4 through the Azure OpenAI Service. In addition to the integration, Orca announced several new features for its ChatGPT integration. The Microsoft Azure OpenAI Service provides REST API access to OpenAI's ChatGPT technology. With this new Microsoft integration, Orca Security customers can benefit not only from the greatly improved functionality in GPT-4, but also from the security and enterprise support that Microsoft provides. This includes the benefits of privacy of customer data submitted to the service, compliance with key regulations such as HIPAA and SOC2, an uptime SLA of 99.9%, and regional availability for lower latency and increased reliability. Since introducing GPT-3 support in the Orca Platform in January, customers have used it to dramatically reduce their mean-time-to-remediation (MTTR). Security practitioners can instantly generate high-quality remediation instructions for each alert straight from the Orca Platform. These instructions can simply be copied and pasted into platforms such as Terraform, Pulumi, AWS CloudFormation, AWS Cloud Development Kit, Azure Resource Manager, Google Cloud Deployment Manager, and Open Policy Agent. If more information is needed, users can ask ChatGPT follow-up questions directly from the Orca Platform. With the transition to GPT-4, customers will benefit from the model’s improved accuracy as well as its ability to generate code snippets. “The customer response to our integration with GPT has been incredibly positive,” said Gil Geron, CEO at Orca Security. “It’s been amazing to see customers embrace it in so many ways to gain dramatic efficiency improvements. With our integration with GPT-4 through the Azure OpenAI Service, we continue to improve accuracy and ensure privacy to protect our customers’ data while maximizing its benefit.” In addition to transitioning from GPT-3 to Azure OpenAI GPT-4, Orca made several other enhancements to its integration, including prompt improvements to ensure further optimization of remediation responses; a new Open Policy Agent (OPA) remediation method; and the ability to include remediation steps in Jira tickets when assigning cloud security issues. The Azure OpenAI GPT-4 integration is available immediately. To learn more, please read the blog post published today. About Orca Security Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world’s most comprehensive coverage and visibility of all risks across the cloud. With continuous first-to-market innovations and expertise, the Orca Platform ensures security teams quickly identify and remediate risks to keep their businesses secure. Connect your first account in minutes: https://orca.security or take the free cloud risk assessment.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

CyberMaxx Launches Next Generation Managed Detection and Response (MDR) Solution MaxxMDR

Prnewswire | May 19, 2023

CyberMaxx, Inc., a tech-enabled cybersecurity services company, today introduced MaxxMDR, its revamped managed detection and response (MDR) solution. MaxxMDR provides enhanced protection through an advanced detection library proprietary to CyberMaxx developed through the company's comprehensive DFIR, offensive security, and threat hunting research. Traditional MDR tools and processes only provide a base-level of protection. By supplementing a SIEM or EDR tool's default detections library with advanced insights gained from its offensive and DFIR work, MaxxMDR strengthens an organization's defenses and enables them to catch more advanced threats. This provides customers with a strong partnership for a comprehensive offensive and defensive approach to securing their environments. MaxxMDR empowers organizations to monitor and manage cyber risk through: 24 x 7 x 365 SOC: around-the-clock monitoring and response by CyberMaxx Security Operations Center of experts Custom Detection Library: derived from years of experience and working closely with our DFIR and Offensive security teams across a diverse set of customers Purpose-built: purpose-built platforms designed with SOAR in mind Endpoint security (EDR): partnership with industry-leading endpoint security providers like SentinelOne and Crowdstrike Proprietary Advanced Analytics Platform: cloud-native analytics platform for better integration with SAAS and IAAS Full Visibility: full stack visibility of your assets both on-premise and in the cloud Faster & Better Quality: improved mean time to recovery (MTTR) and reduced false positives through automation and orchestration Additionally, MaxxMDR is offered through a flexible deployment model available in both managed and co-managed environments. The managed solution is delivered on a proprietary analytics engine for organizations looking for a fully outsourced solution. The co-managed solution is delivered on a third-party SIEM either licensed by CyberMaxx or the customer and allows the customer more control and access. "The speed and pace of evolving threats today requires a new approach to defensive security," said Michael Quattrochi, CyberMaxx's SVP of Defensive Security. "Traditional MDR solutions too often aren't able to detect modern threats because they are based on legacy insights. By empowering MaxxMDR with real-time insights into active threats from our offensive and DFIR work we are enabling customers to better keep pace with their adversaries and strengthen their defensive posture." MaxxMDR bundles CyberMaxx helps customers strengthen their security posture by offering both offensive and defensive security solutions together. The MDR bundles strengthen MDR detection with insights from offensive solutions and provides a uniform customer experience at a competitive investment level. MaxxMDR: provides monitoring + Alert Escalation and containment through EDR API. MaxxMDR Advanced: builds on monitoring, alerting, and containment by including an annual Security Configuration Assessment (M365/Azure, Active Directory, AWS & GCP), semi-annual Hunt & Detect in EDR, annual IR or BCDR Tabletop, Password Hash Strength Testing, Deception Tokens Deployment and Monitoring, and Discounted Advanced DFIR Rates. MaxxMDR Premium: builds on MaxxMDR Advanced and includes monthly Hunt & Detect in EDR, Endpoint Purple Team, annual External Penetration Test, annual VIP Public Data Reconnaissance, additional discounts on advanced DFIR Rates. You can learn more about the MaxxMDR solution at www.cybermaxx.com/mdr and learn about MaxxMDR bundles here: www.cybermaxx.com/mdrbundles About CyberMaxx CyberMaxx, Inc., founded in 2002, is a tech-enabled cybersecurity service provider headquartered in Nashville, TN. Through a comprehensive set of services CyberMaxx empowers customers to Assess, Monitor, and Manage cyber risk and stay ahead of emerging threats. CyberMaxx expanded its capabilities through the 2022 acquisition of CipherTechs, an international cybersecurity company providing a complete cybersecurity portfolio across MDR Services, Offensive Security, Governance, Risk & Compliance, DFIR, and 3rd party security product sourcing. CyberMaxx's managed detection and response solution (MAXX MDR) is designed to be scalable for clients of all sizes, providing protection and improving the organization's security posture, ultimately giving customers peace of mind that their systems and data are secure.

Read More