DATA SECURITY

Vectra AI Reveals Cybersecurity Blind Spots in PaaS and IaaS Environments with Security Survey

Vectra AI | August 06, 2021

Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.

As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found:

64% of DevOps respondents are deploying new workload services weekly or even more frequently
78% of organizations are running AWS across multiple regions (40% in at least three)
71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.)
The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include:

30% of organizations surveyed have no formal sign-off before pushing to production
40% of respondents say they do not have a DevSecOps workflow
71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers.

Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure.  

"Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness."

Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS.

To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report or read our companion blog.

About Vectra

Vectra is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office 365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem.

Spotlight

Prevoty's Co_founder Kunal Anand talks about "Using Runtime Visibility to Align Application Security with DevOps" at FinDevR in NYC a couple of weeks ago. The presentation won the Crowd Award for best presentation.  Description: Programming languages are becoming more powerful and capable, and applications more porous than before. Evolving constraints, patterns and definition lists make validating data inputs and preventing injections while maintaining performance unwieldy and difficult. Nobody wants vulnerabilities, but with the rise of Agile DevOps, security is usually playing catch-up.

Spotlight

Prevoty's Co_founder Kunal Anand talks about "Using Runtime Visibility to Align Application Security with DevOps" at FinDevR in NYC a couple of weeks ago. The presentation won the Crowd Award for best presentation.  Description: Programming languages are becoming more powerful and capable, and applications more porous than before. Evolving constraints, patterns and definition lists make validating data inputs and preventing injections while maintaining performance unwieldy and difficult. Nobody wants vulnerabilities, but with the rise of Agile DevOps, security is usually playing catch-up.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Traceable AI Announces API Security Testing

Traceable AI | September 02, 2022

Traceable AI, the industry's leading API security and observability company, today announced the general availability of its API Security Testing (xAST) solution in its API Security Platform. This comprehensive and seamless testing ability enables any API in pre-production to be tested for vulnerabilities, accuracy, reliability, and overall security — ensuring organizations are aligned with the highest API security standards before releasing APIs into production.This announcement reinforces Traceable's commitment to helping organizations ensure the highest level of API security throughout the entire software development lifecycle (SDLC). Traceable's API Security Testing offering is built to make the testing of APIs fast, easy, and a seamless experience for both development and security teams. It supports organizations' shift left initiatives, including providing remediation insights from runtime back to development, so developers can further harden their APIs. It is API focused providing complete vulnerability analysis that leverages functional testing, as well as API DNA and user attribution for improved detection and coverage. It offers extensive coverage for the OWASP API top 10, top CVEs (such as Java, Go, Node JS, AuthN, AuthZ, and many more), business logic vulnerabilities, and sensitive data exposure. Uniform API testing is based on dynamic payloads for standard tests, and dynamic Traceable payloads for business logic vulnerabilities such as BOLA – all with virtually zero false positives. Its DevSecOps focus enables companies to identify API security gaps between prod and pre-prod, perform fast scans for actionable results in CI/CD pipelines, scan at a granularity from every pull request with API spec changes, and utilize integrations with application security tools, including SCA, SAST, DAST and IAST. "Because of our comprehensive approach to API security, the testing component was the logical evolution. It is key to enable development teams to identify security weaknesses and vulnerabilities in the build itself, in addition to the capability of providing runtime insights back to development teams, so they can further harden their APIs. "It's an important step to enable teams to seamlessly fit API security testing into their development cycles. It is based on a simple logic: prevent breaches by eliminating the flaws at the very beginning." CTO of Traceable AI, Sanjay Nagaraj Traceable's API security testing is built to both reduce the risk of vulnerable APIs early in the SDLC, and enable development teams to move fast. Additional benefits include: Eliminating the Risk of Vulnerable APIs: Find and fix API vulnerabilities early in the SDLC. Cost Reduction: Reduce costs associated with finding vulnerabilities in APIs in production. Rapid Scans that Maintain the Speed of Innovation: With Traceable, development teams can perform fast scans with virtually no change in dev-release cadences – eliminating friction for both dev and security teams. Comprehensive Reporting: Traceable produces a "scan summary" report of vulnerabilities found while testing the APIs. This includes the OWASP API top 10 vulnerabilities, language and library vulnerabilities like Log4shell, misconfigurations, data exposure, and broken authentication/authorization. The information, including CVSS/CWE scores for overall risk assessment and recommendations for remediation is provided to development and security teams, so they can correct the security issues in APIs before those APIs are pushed to production. Operational Effectiveness: Traceable's API security testing is easy to deploy and reduces complexity, with numerous CI/CD and appsec tooling integrations that allow for operational effectiveness. It also enables targeted API security testing which takes actual payloads from real time traffic into account for a concise set of actionable findings. Extensive and Effortless Integrations: Traceable allows for numerous integrations with CI/CD pipelines, notifications, ticketing and application security testing solutions. "Whether an API is in the development cycle or is in production, being accessed by thousands of users, Traceable's API Security Platform protects companies' most vulnerable attack vector from threats at every juncture" added Nagaraj. About Traceable AI Traceable is the industry's leading API security platform that identifies APIs, evaluates API risk posture, stops API attacks, and provides deep analytics for threat hunting and forensic research. With visual depictions of API paths at the core of its technology, its platform applies the power of distributed tracing and machine learning models for API security across the entire development lifecycle. Visual depictions provide insight into user and API behaviors to understand anomalies and block API attacks, enabling organizations to be more secure and resilient.

Read More

SOFTWARE SECURITY

Atera Launches New Integration with Malwarebytes

Atera | July 08, 2022

Atera, a remote-first IT management company, today announced a new integration with Malwarebytes, a provider of real-time cyber protection. Atera is the first remote management company to offer an integration that automates licensing and provisioning of the Malwarebytes OneView platform. This partnership plays an integral role for Atera to provide streamlined and maximized security operations for its community of more than 10,000 customers across 105 countries. "With workplaces continuing to evolve and employees working from anywhere in the world, the risk of ransomware attacks continues to climb. At Atera, we are committed to providing a platform with unmatched security and transparency for our customers," said Gil Pekelman, CEO of Atera. "An integration with Malwarebytes has been one of the most requested by our users, and we're thrilled to roll this out for our customers so they can easily install and manage their endpoint security solutions." This latest integration by Atera will include the option for users to deploy Malwarebytes' products directly through Atera, providing additional ease of use within the Atera platform. Customers will gain access to Malwarebytes' OneView platform, enabling license management, detailed, value-driven reporting that can be shared with their end users, and customer site administration. The integration will include Incident Response, Endpoint Protection, and Endpoint Protection and Response — the latter two being available for both Mac and Windows workstations and Mac/Windows/Linux servers. "As a leading provider of software and solutions to combat malware, we are continuously looking for opportunities to streamline and simplify cybersecurity, making it available for everyone. "Integrations with RMM providers are one way to help achieve this simplicity. Through our latest partnership with Atera, we are furthering the ability of global organizations with limited resources to successfully combat malware and manage endpoints at scale." Brian Thomas, Vice President of Worldwide MSP and Channel Programs for Malwarebytes About Atera Atera is the developer of a Remote Monitoring and Management (RMM) and Professional Services Automation (PSA) platform, built with a dispersed workforce in mind. With more than 10,000 customers in over 105 countries, Atera's intuitive all-in-one platform offers IT professionals and businesses improved operational efficiency, seamless integrations, and end-to-end management at industry-disruptive pricing. Atera's platform empowers IT teams of all sizes to maximize efficiency while transforming to a streamlined remote work environment by analyzing over 60,000 data points per second, 24/7. To learn more, visit atera.com. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, that mission has expanded to provide cyber protection for everyone. Malwarebytes provides consumers and organizations with device protection, privacy, and prevention through effective, intuitive, and inclusive solutions in the home, on-the-go, at work, or on campus. A world-class team of threat researchers and security experts enable Malwarebytes to protect millions of customers and combat existing and never-before-seen threats using artificial intelligence and machine learning to catch new threats rapidly.

Read More

DATA SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

Phosphorus Announces New Partnership with Dewpoint to Expand Its xIoT Security Solutions and Platform in US Market

Phosphorus | September 26, 2022

Phosphorus, the leading provider of advanced and full-scope security for the extended Internet of Things (xIoT), today announced a partnership with Dewpoint. The IT and security solutions provider will act as a value-added reseller (VAR) for Phosphorus in the US market. The new partnership will see the two companies jointly delivering a new generation of xIoT security solutions in the US to meet growing enterprise demand for xIoT attack surface management and remediation capabilities. “xIoT security is a critical need for today’s enterprises, and these risks are left unaddressed by traditional IT security solutions. We look forward to working with Dewpoint to help expand our US sales channels and bring the world’s most advanced xIoT security platform to more organizations.” Kal Gajera, Director of North America Channels at Phosphorus Phosphorus’s Extended Enterprise xIoT Security Platform is the world’s first and only automated security platform capable of delivering xIoT Attack Surface Management, xIoT Hardening, and Remediation, and xIoT Detection and Response across the full range of IoT, OT, and Network-connected devices—spanning both new and legacy devices. This enables large organizations to scale xIoT technologies (which can amount to millions of devices per organization) without having to add any additional employees to find, fix, and monitor them. ABOUT PHOSPHORUS Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our Extended Enterprise xIoT Security Platform delivers Attack Surface Management, Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, and Network device vulnerabilities—including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates. ABOUT DEWPOINT Dewpoint has been bringing business and technology together since 1996. We make sure technology is solving all your business problems, providing transparency of spend for executives, and enhancing collaboration and flexibility. As the IT industry and businesses continue to change, Dewpoint provides the thought leadership and industry expertise to offer a new level of services in project management, digital innovation, infrastructure, security, cloud, and a range of tailored professional and managed service solutions for all our clients.

Read More