ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
LogRhythm | January 06, 2023
On January 05, 2023, LogRhythm, the company that empowers security teams to tackle an ever-changing threat landscape with confidence, introduced a variety of expanded capabilities and integrations for its security operations solutions. The enhancements improve LogRhythm's capacity to serve as a much-needed force multiplier for security teams that are required to defend against cyberattacks with confidence, effectiveness, and efficiency.
This update follows the release of LogRhythm Axon, an innovative, cloud-native security operations platform launched in October. In addition, the organization is launching new visualizations and advanced analytics that provide seamless visibility into potential security threats.
Axon and its latest updates are designed to simplify the experience of security analysts by making it easier for teams to identify, examine, and report on potential threats, easing the burden of managing risks and the operating infrastructure. In addition, these improvements span the entire suite of LogRhythm's offerings to collectively facilitate threat detection and resolution by SOC teams, improving analyst productivity and effectiveness.
The key features of the updates include the following:
New out-of-the-box and custom analytics rules that have rules for MITRE ATT&CK detections.
Using the Observation Workflow, customers can quickly investigate log observations raised by analytics.
Reduce time spent searching for data through new markdown and histogram widgets.
New detection models allow for the detection of elusive threats for Windows systems.
Integration with Microsoft EDR improves blind spot detection and endpoint visibility.
Enhanced analyst experience through expanded UI improvements.
The new configuration page enables to import of data from VirusTotal smoothly.
The improved collection administrative workflow reduces the time required to configure, deploy, and manage log sources that involve Open Collector.
Expanded and updated LogRhythm's library of supported log sources.
Improved audit logging makes it easier to detect suspicious activity and track significant changes made by users.
LogRhythm, Inc. is an American security intelligence firm founded in 2003 that specializes in SIEM, log management, network and endpoint monitoring, forensics, and security analytics. With a comprehensive array of high-performance security, compliance, and operations solutions, LogRhythm is built to address a rapidly evolving world of cybersecurity threats. In addition, LogRhythm combines a versatile and comprehensive security operations platform, advisory services, and technology partnerships to help SOC teams defend sensitive data.
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Mendix | January 24, 2023
Mendix, a Siemens business and world leader in modern enterprise app development, and Software Improvement Group (SIG), a unique technology and advisory firm for software quality, security, and improvement, have announced the launch of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to address risks and vulnerabilities immediately.
Sigrid®, SIG's software assurance guidance platform, powers Mendix QSM. It delivers a complete perspective on the effect of security findings on business goals by combining more than 20 top-tier security scanning technologies. With Mendix QSM, the users can scan their Mendix apps, including third-party libraries, for security flaws and incorrectly configured security models, rank for compliance with major industry standards such as OWASP, ISO 5055, and PCI, and receive risk mitigation recommendations and clear guidance.
Mendix QSM is based on application model static analysis. SIG experts have mapped Mendix models to the ISO 25010 maintainability model using Mendix model metadata. This enables its applications to be compared against a database of thousands of projects, including open-source initiatives. Mendix QSM also presents a five-star rating of the quality of the software.
Mendix is an industry-leading low-code application development platform for enterprises. With Mendix, you can transform a spreadsheet into an app, establish a portfolio of enterprise-wide apps, and upgrade a core system, among other things. In addition, the platform provides continuous collaboration between software developers and users, speeds up the application development lifecycle, and enables iterative deployment at scale. As a result, businesses can rapidly develop modern, adaptable applications with a tool that maintains the highest levels of security, quality, and governance. The platform has been used by over 4,000 of the world's leading enterprises. Mendix is a division of Siemens.
About Software Improvement Group (SIG)
Software Improvement Group (SIG) assists companies in gaining confidence in the technology they trust. Its mission is to get the software right for a healthier digital world by combining intelligent technology with human expertise. It drills into the build quality of enterprise software and architecture by monitoring, measuring, and benchmarking it against the world's largest software analysis database. As a result, organizations can use software assurance to uncover the variables driving the total cost of ownership of the software and make fact-based decisions to lower costs, reduce risk, improve time to market, and accelerate digital transformation.
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Apiiro | January 04, 2023
Apiiro, the market leader in Cloud-Native Application Security, announced that its award-winning security platform is now accessible on AWS Marketplace.
Apiiro's solution intends to assist developers and security engineers in resolving significant risks across the software supply chain before launching apps to the cloud. Instead of a single vulnerability or misconfiguration, multiple isolated and unconnected findings are scattered throughout the source code, configurations, open-source packages, and cloud infrastructure that, when combined with appropriate context, form a Risk Story that attackers can exploit.
Its Risk Graph technology integrates these endless elements with actionable information to provide developers and security teams with an entirely new way to fix problems.
Apiiro has introduced a whole new approach to application security by offering complete visibility into code bases, analyzing risks from design to code to the cloud, and proactively addressing actual vulnerabilities that attackers can exploit before they even get released to the cloud.
By connecting to their source control managers via API, Fortune 500 businesses can cut operational costs and risks at scale while ensuring seamless deployment.
Now that it is accessible in the AWS marketplace, customers may deploy Apiiro's Cloud Application Security Platform through their AWS Marketplace accounts, enabling them to quickly secure everything they develop and deliver to the cloud by proactively resolving risks with actionable context.
Apiiro is a Cloud Application Security Platform that provides comprehensive insight and actionable context to security and development teams to proactively fix risks before releasing them to the cloud. It also assists them in addressing threats throughout the software supply chain. Since its inception, the Apiiro Cloud-Native Application Security Platform has been deployed by developers and security experts in the world's biggest organizations to handle critical threats across more than 1 million code repositories, CI/CD pipelines, and cloud infrastructures.