PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY
Prnewswire | June 01, 2023
Uptycs, provider of the first unified CNAPP and XDR platform, today announced an integration with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes security data from across AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers. The integration with Uptycs helps organizations speed up threat detection and incident response by correlating Uptycs telemetry and events with data from a vast number of other security tools.
With the proliferation of technologies and environments, security teams need to spend time setting up one-to-one integrations between their tools to correlate threat activity. This is expensive and delays response to security threats. In contrast, a shift up approach to cybersecurity does not need complex integrations and intermediary systems to connect the dots. The premise involves getting the data in a standardized format right out of the gate, and streaming it up into a data lake so security teams can do cross-correlations that speed up threat detection and response.
The OCSF project offers a consistent approach towards cybersecurity telemetry by providing a standard schema for common security events, defining versioning criteria to facilitate schema evolution, and including a self-governance process for security log producers and consumers. This enables organizations to easily bring together data from multiple security tools.
"We are excited to bring the security telemetry from Uptycs into Amazon Security Lake," says Ganesh Pai, CEO and co-founder of Uptycs. "A key tenet of the shift up approach to cybersecurity is to stream normalized security telemetry into a data lake, moving security analytics processing power to the cloud. Uptycs and AWS customers can now enjoy enhanced protection and faster reaction time as they benefit from standardized OCSF-based telemetry across their on-prem and cloud workloads."
Using the OCSF format, Uptycs and Amazon Security Lake allow organizations to have a consistent telemetry, enabling them to easily correlate data from a variety of security, SIEM, and SOAR tools. Uptycs, an AWS Security Competency Partner, will send a wealth of OCSF-formatted data from on-premises and cloud assets to Amazon Security Lake, including behavioral threat detections from endpoints and cloud workloads, anomaly detections, policy violations, risky policies, misconfigurations, and vulnerabilities.
Uptycs prospects and customers can get started with the Amazon Security Lake integration by contacting Uptycs.
Your developer's laptop is just a hop away from cloud infrastructure. Attackers don't think in silos, so why would you have siloed solutions protecting public cloud, private cloud, containers, laptops, and servers?
Uptycs reduces risk by prioritizing your responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across your modern attack surface—all from a single platform, UI, and data model. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture.
PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY
Businesswire | May 05, 2023
Orca Security, the pioneer of agentless cloud security, today announced its full integration with Microsoft Azure OpenAI GPT-4. The integration builds on the ChatGPT implementation in the Orca Cloud Security platform announced in January and makes it the first cloud-native application protection platform (CNAPP) to support GPT-4 through the Azure OpenAI Service. In addition to the integration, Orca announced several new features for its ChatGPT integration.
The Microsoft Azure OpenAI Service provides REST API access to OpenAI's ChatGPT technology. With this new Microsoft integration, Orca Security customers can benefit not only from the greatly improved functionality in GPT-4, but also from the security and enterprise support that Microsoft provides. This includes the benefits of privacy of customer data submitted to the service, compliance with key regulations such as HIPAA and SOC2, an uptime SLA of 99.9%, and regional availability for lower latency and increased reliability.
Since introducing GPT-3 support in the Orca Platform in January, customers have used it to dramatically reduce their mean-time-to-remediation (MTTR). Security practitioners can instantly generate high-quality remediation instructions for each alert straight from the Orca Platform. These instructions can simply be copied and pasted into platforms such as Terraform, Pulumi, AWS CloudFormation, AWS Cloud Development Kit, Azure Resource Manager, Google Cloud Deployment Manager, and Open Policy Agent. If more information is needed, users can ask ChatGPT follow-up questions directly from the Orca Platform. With the transition to GPT-4, customers will benefit from the model’s improved accuracy as well as its ability to generate code snippets.
“The customer response to our integration with GPT has been incredibly positive,” said Gil Geron, CEO at Orca Security. “It’s been amazing to see customers embrace it in so many ways to gain dramatic efficiency improvements. With our integration with GPT-4 through the Azure OpenAI Service, we continue to improve accuracy and ensure privacy to protect our customers’ data while maximizing its benefit.”
In addition to transitioning from GPT-3 to Azure OpenAI GPT-4, Orca made several other enhancements to its integration, including prompt improvements to ensure further optimization of remediation responses; a new Open Policy Agent (OPA) remediation method; and the ability to include remediation steps in Jira tickets when assigning cloud security issues.
The Azure OpenAI GPT-4 integration is available immediately. To learn more, please read the blog post published today.
About Orca Security
Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world’s most comprehensive coverage and visibility of all risks across the cloud. With continuous first-to-market innovations and expertise, the Orca Platform ensures security teams quickly identify and remediate risks to keep their businesses secure. Connect your first account in minutes: https://orca.security or take the free cloud risk assessment.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | May 19, 2023
CyberMaxx, Inc., a tech-enabled cybersecurity services company, today introduced MaxxMDR, its revamped managed detection and response (MDR) solution. MaxxMDR provides enhanced protection through an advanced detection library proprietary to CyberMaxx developed through the company's comprehensive DFIR, offensive security, and threat hunting research.
Traditional MDR tools and processes only provide a base-level of protection. By supplementing a SIEM or EDR tool's default detections library with advanced insights gained from its offensive and DFIR work, MaxxMDR strengthens an organization's defenses and enables them to catch more advanced threats. This provides customers with a strong partnership for a comprehensive offensive and defensive approach to securing their environments.
MaxxMDR empowers organizations to monitor and manage cyber risk through:
24 x 7 x 365 SOC: around-the-clock monitoring and response by CyberMaxx Security Operations Center of experts
Custom Detection Library: derived from years of experience and working closely with our DFIR and Offensive security teams across a diverse set of customers
Purpose-built: purpose-built platforms designed with SOAR in mind
Endpoint security (EDR): partnership with industry-leading endpoint security providers like SentinelOne and Crowdstrike
Proprietary Advanced Analytics Platform: cloud-native analytics platform for better integration with SAAS and IAAS
Full Visibility: full stack visibility of your assets both on-premise and in the cloud
Faster & Better Quality: improved mean time to recovery (MTTR) and reduced false positives through automation and orchestration
Additionally, MaxxMDR is offered through a flexible deployment model available in both managed and co-managed environments. The managed solution is delivered on a proprietary analytics engine for organizations looking for a fully outsourced solution. The co-managed solution is delivered on a third-party SIEM either licensed by CyberMaxx or the customer and allows the customer more control and access.
"The speed and pace of evolving threats today requires a new approach to defensive security," said Michael Quattrochi, CyberMaxx's SVP of Defensive Security. "Traditional MDR solutions too often aren't able to detect modern threats because they are based on legacy insights. By empowering MaxxMDR with real-time insights into active threats from our offensive and DFIR work we are enabling customers to better keep pace with their adversaries and strengthen their defensive posture."
CyberMaxx helps customers strengthen their security posture by offering both offensive and defensive security solutions together. The MDR bundles strengthen MDR detection with insights from offensive solutions and provides a uniform customer experience at a competitive investment level.
MaxxMDR: provides monitoring + Alert Escalation and containment through EDR API.
MaxxMDR Advanced: builds on monitoring, alerting, and containment by including an annual Security Configuration Assessment (M365/Azure, Active Directory, AWS & GCP), semi-annual Hunt & Detect in EDR, annual IR or BCDR Tabletop, Password Hash Strength Testing, Deception Tokens Deployment and Monitoring, and Discounted Advanced DFIR Rates.
MaxxMDR Premium: builds on MaxxMDR Advanced and includes monthly Hunt & Detect in EDR, Endpoint Purple Team, annual External Penetration Test, annual VIP Public Data Reconnaissance, additional discounts on advanced DFIR Rates.
You can learn more about the MaxxMDR solution at www.cybermaxx.com/mdr and learn about MaxxMDR bundles here: www.cybermaxx.com/mdrbundles
CyberMaxx, Inc., founded in 2002, is a tech-enabled cybersecurity service provider headquartered in Nashville, TN. Through a comprehensive set of services CyberMaxx empowers customers to Assess, Monitor, and Manage cyber risk and stay ahead of emerging threats. CyberMaxx expanded its capabilities through the 2022 acquisition of CipherTechs, an international cybersecurity company providing a complete cybersecurity portfolio across MDR Services, Offensive Security, Governance, Risk & Compliance, DFIR, and 3rd party security product sourcing.
CyberMaxx's managed detection and response solution (MAXX MDR) is designed to be scalable for clients of all sizes, providing protection and improving the organization's security posture, ultimately giving customers peace of mind that their systems and data are secure.