Vectra expands intelligent cyberattack detection and response capabilities with CrowdStrike

prnewswire | October 15, 2020

Vectra AI, a leader in network detection and response (NDR), today announced expanded response capabilities for its flagship product, Cognito Detect™ using its Lockdown feature, made possible by integrating with CrowdStrike® Falcon Insight, CrowdStrike's industry-leading endpoint and detection and response solution.This deep product integration enables Vectra® to deliver well-coordinated, instantaneous responses to thwart cyberattacks directly at the device level. By blocking and isolating attackers, not resources, Lockdown gives customers the ability to significantly reduce cyberthreat actor dwell-time without disrupting business operations.

Spotlight

Are you using Teams to share sinsitive date?

Spotlight

Are you using Teams to share sinsitive date?

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Balbix Announces Cybersecurity Posture Automation for Microsoft Azure

Balbix | December 19, 2022

Balbix, the leader in cybersecurity posture automation, announced its support for Microsoft Azure today. With these new capabilities, Balbix now supports the three top cloud service providers – Microsoft Azure, Amazon Web Services and Google Cloud Platform – as well as traditional environments. Balbix also announced enhanced platform support for the Microsoft ecosystem, including Azure services, Windows, Microsoft Store apps and Azure Active Directory single sign-on. McKinsey estimates that by 2025, organizations aspire to have 60 percent of their IT environments in the cloud. Yet, according to the Cybersecurity Insiders State of Security Posture Report, 62 percent of organizations lack confidence in their security posture. These findings highlight the growing need for effective cloud security solutions. Balbix's support for Azure cloud services includes Azure Virtual Machines, Azure Service Bus Messaging, Azure Key Vault, Azure Blob Storage, Azure Cosmos DB, Azure Kubernetes Service (AKS), Azure SQL Database, Azure AKS Deployments, and Azure Functions. A new API-based Balbix Connector for Microsoft Azure and optional sensors for virtual machines capture data from Azure for analysis by the Balbix brain. Cybersecurity teams can now: Get comprehensive, real-time visibility of Azure assets, categorized into compute, storage, network, containers, database, security, and identity. Capture system details for virtual machines, including network, storage, open ports, users, software bill of materials (SBOM) and security controls. Combine Azure cloud data with data from other tools to map over 400 cybersecurity, IT and business attributes to assets. Obtain visibility into misconfigurations – the most commonly exploited attack vector in cloud-hosted environments. Leverage (optional) Balbix host sensors to gain visibility into additional types of vulnerabilities, such as unpatched software vulnerabilities, weak credentials, and trust issues. Unified Visibility for Multi-Cloud Environments Balbix's new support for Azure means that organizations now have access to an integrated Cyber Asset Attack Surface Management (CAASM) solution that works across the top three cloud providers, traditional data center and office environments, and mobile employee devices. Cybersecurity practitioners get a single tool to automatically combine data from disparate solutions into a unified view of their assets. Balbix provides more than just visibility. Unlike other solutions, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) capabilities. This tight integration enables maximally automated identification, prioritization and mitigation of security issues. Gaps in security controls are identified and rectified quickly. CISOs and their teams can calculate cyber risk for the entire enterprise, across cloud and non-cloud assets, in dollars, and make cybersecurity decisions, informed by real-time data and insights. "Multi-cloud deployments have added additional complexity for cybersecurity practitioners. These challenges include fragmented visibility across cloud and non-cloud environments and an inability to prioritize vulnerabilities enterprise-wide," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "With support for Microsoft Azure, Balbix now helps users address these challenges across the top three cloud providers." Broad Support for the Microsoft Ecosystem Balbix's support for Microsoft Azure also adds to its broader support for the Microsoft ecosystem. These capabilities include security posture automation for assets running Windows and other Microsoft software, and third-party software products running on those assets. For Windows OS, Balbix provides a consolidated view of patch status and compliance across all assets with recommended fixes based on patch precedence. "I'm very excited to announce our support for Microsoft Azure cloud services. Organizations can manage their cyber risk for Microsoft Azure, multi-cloud and hybrid environments using a single integrated and maximally automated paradigm. "With this software release, we've also enhanced our support for Windows to help Microsoft customers better protect their infrastructure." Gaurav Banga, Founder and CEO of Balbix In addition, Balbix now allows security teams to manage the security posture of applications downloaded from the Microsoft Store. Balbix is also announcing a new integration with Microsoft Azure Active Directory single sign-on. About Balbix Balbix enables businesses to reduce cyber risk by quickly identifying and mitigating their riskiest cybersecurity issues. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate their cloud and on-premise asset inventory, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data, not opinions.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Beyond Identity Launches Joint Integration With Zscaler to Accelerate Enterprise Zero Trust Security Strategies

Beyond Identity | December 09, 2022

Beyond Identity, the leading provider of phishing-resistant multi-factor authentication (MFA), has expanded its integration offerings to include cloud security leader Zscaler. The joint solution strengthens a zero trust architecture and reduces the attack surface by continuously validating the user and device and enabling secure access to applications. As threat actors’ attacks increase in scope, using freely available tools that simplify the task, legacy MFA solutions that rely on penetrable passwords and codes no longer guarantee protection throughout an active session. As such, Gartner recommends companies adjust their zero trust initiatives as “credentials and signals must be continuously reevaluated post login.” To provide enterprises with continuous identity and device inspection and verification, Beyond Identity’s integration with the Zscaler Zero Trust Exchange™ platform enables the real-time exchange of risk signals that are incorporated prior to initial user authentication and monitored continuously thereafter, increasing the security of the entire user session. Further, ongoing risk signal exchange between the solutions allows for near real-time notification and enforcement should a device fall out of compliance during an active session, and for session termination and remediation to ensure both user and device are ready for re-authentication. “Beyond Identity is committed to delivering the industry’s most secure and robust phishing-resistant authentication solution while removing the user friction that has stalled enterprise rollout of existing MFA solutions,” said Kurt Johnson, Chief Strategy Officer and Head of Corporate Development at Beyond Identity. “To achieve this objective, Beyond Identity is building an ecosystem of like-minded leaders, like Zscaler, where real-time information exchange can raise the level of application and system security and form the foundation of an enterprise’s journey to zero trust security.” ”As cyberattacks become more sophisticated and users work from everywhere, removing the silos of security solutions is key for implementing zero trust. “With Beyond Identity integrating into the Zscaler Zero Trust Exchange platform, customers have another strong option to enforce device-driven conditional access continuously, and adapt to their risk policies and application sensitivity.” Amit Raikar, VP of Tech Alliances and Business Development at Zscaler This integration empowers Beyond Identity and Zscaler customers to easily modernize their MFA strategies, minimize the risk of password-based and MFA-bypass breaches and extend the footprint of existing cybersecurity investments. By eliminating the need for a password from this process, usability and user satisfaction are ultimately improved while removing entire authentication attack vectors. “Lowering the risk of password-based breaches and secure application access are key business drivers for security leadership teams.stated Mick Coady, WWT, Global VP of Cyber Security Solutions at World Wide Technology. “The Zscaler, Beyond Identity integration enables organizations to achieve both.” About Beyond Identity Beyond Identity is revolutionizing secure digital access for workforces, contractors, customers and developers. Our Universal Passkey Architecture provides the industry’s most secure and frictionless multifactor authentication that prevents credential-based breaches, ensures device trust, and delivers secure and frictionless digital access, eliminating passwords entirely. Industry leaders like Snowflake, Unqork and Roblox rely on Beyond Identity to solve their access security challenges for their customers, employees, contractors and developers and to advance their journey toward Zero Trust Security.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Wiz Launches Free Cloud Framework to Drive Community-Backed Security

Wiz | December 15, 2022

Wiz, the leading cloud security platform that rapidly enables customers to find and remove critical cloud risks, today announced its newest project, The PEACH framework, a tenant isolation framework for cloud applications. This framework will enable industry-wide collaboration and provide cloud customers and cloud application developers with the necessary guidance to build cloud services securely and prevent critical risks in the implementation process. "Over the past year and a half, Wiz researchers and other members of the cloud security community discovered several cross-tenant vulnerabilities in various multi-tenant cloud applications. "Although these issues have been reported extensively and were dealt with appropriately by the relevant vendors, we've seen little public discussion on how to mitigate such vulnerabilities across the entire industry. This is where we see an opportunity to strengthen the collaboration between members of the security community." Wiz CEO Assaf Rappaport Beyond offering a guideline for organizations, PEACH is a starting point for empowering security teams to work together to establish standard transparency and common language when it comes to mitigating cloud threats. Serving as a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, PEACH manages the attack surface exposed by user interfaces and provides a clear standard for transparency on tenant isolation assurance. Wiz developed the following parameters based on lessons learned to address the rising cross-tenant vulnerabilities, lack of a standard for transparency, and missing common langue among vendors: Privilege hardening – ensure tenants and hosts have minimal permissions in the service environment. Encryption hardening – confirm the data belonging to each tenant is encrypted with a unique key, regardless of where the information is stored. Authentication hardening – validate that communication between each tenant and the control plane use authentication with a validated key unique to each tenant. Connectivity hardening – establish that all inter-host connectivity is blocked by default unless explicitly approved by the tenants involved. Hygiene – verify that unnecessary secrets, software and logs scattered throughout the environment are purged to avoid leaving clues or enabling quick wins for malicious actors. The second part of the security review process consists of remediation steps to manage the risk of cross-tenant vulnerabilities and improve isolation as necessary. These include reducing interface complexity, enhancing tenant separation, and increasing interface duplication -- all while accounting for operational context such as budget constraints, compliance requirements, and expected use-case characteristics of the service. This framework was reviewed and collaborated on with cloud security industry experts from AWS, Google, IBM, Netflix and Cisco. Instead of commercializing PEACH though, Wiz will be offering the framework for free. About Wiz Wiz secures everything organizations build and run in the cloud. Founded in 2020, Wiz is the fastest-growing software company in the world, scaling from $1M to $100M ARR in 18 months. Wiz enables hundreds of organizations worldwide, including 30 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman & Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks and Aglaé.

Read More