PLATFORM SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS
ThreatLocker | February 07, 2023
ThreatLocker®, an endpoint security technology pioneer, recently announced the launch of ThreatLocker Ops, a community-driven threat detection tool, at Zero Trust World. This new product helps administrators detect attempted intrusions or system vulnerabilities.
Ops is a policy-driven system that determines good or bad behavior based on ThreatLocker agent data. This information may be used to notify IT administrators of attempted attacks or to initiate measures to harden an environment utilizing other platform components. The Ops platform also integrates with ThreatLocker's new community, which allows similar firms to publish policies that are pertinent to their business, allowing for information exchange and a more comprehensive set of alerts.
With tighter security controls, reduced agent fatigue, and minimal overhead on personal computers, Ops reduces dependency on other IT resources.
ThreatLocker further announced the incorporation of the Third Wall plug-in into its zero trust platform. This announcement followed Third Wall's acquisition last November.
The sophisticated configurations manager for Windows consists of 58 lockdown policies and emergency actions to widen the scope of ransomware prevention and assure user compliance with HIPAA, PCI, NIST, and GDPR.
The latest additions to ThreatLocker comply with several government regulations on the use of Zero Trust strategies to counter current threats.
ThreatLocker will offer its new products to existing and new partners. Currently, it secures over a million endpoints worldwide.
About ThreatLocker
Founded in 2017, ThreatLocker is an endpoint security technology pioneer driving the cybersecurity industry toward a more secure way of preventing unexpected application vulnerabilities. Its ThreatLocker Control Suite integrates solutions for RingfencingTM, Application Whitelisting, Storage Control, and Elevation Control to simplify security. ThreatLocker’s powerful suite of security tools are designed to provide everyone from enterprises to government agencies to academic institutions complete control over which apps operate on their networks. The company is headquartered in Maitland, Florida and has been recognized as one of the most efficient cyber security solutions.
Read More
ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Searchlight Security | December 16, 2022
Searchlight Security, the dark web intelligence company, has today launched Ransomware Search and Insights, a new strategic enhancement to its Cerberus platform. Ransomware Search and Insights automatically collates data from active ransomware groups to help organizations and law enforcement agencies to investigate, track, and gather intelligence on live ransomware activity.
This curated view of ransomware groups means that patterns in tactics, incidents, and victimology can be observed in real-time, helping analysts to bolster their threat intelligence, and gain the upper hand on ransomware groups.
"Although ransomware has been one of the most pressing threats for several years, it still remains persistent because security teams and law enforcement agencies have been on the back foot, playing catch-up with the ever changing tactics and profiles of ransomware groups. “With visibility into the dark web presence of active ransomware threat actors, analysts can better understand how they are currently operating, therefore gaining a critical advantage over groups.”
Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security
Enabling Enterprises to Pre-empt Attacks
Ransomware Search and Insights allows organizations to observe the victims of threat actors, posts on leak sites, and track known group members, all in one place - significantly reducing time and resources spent individually researching each threat group. With previously unseen insight into ransomware activity as it is happening, they can also identify which ransomware groups are targeting organizations that match their profile (e.g. industry, geography, business size) and tailor their defenses with a better understanding of which group is most likely to attack them.
Empowering Law Enforcement
Cerberus’ Ransomware Search and Insights provides investigators with the most up-to-date intelligence for their fight back against cybercrime. Ransomware groups pose a significant risk to national security through the persistent threat to critical infrastructure. As ransomware groups use the dark web to conduct their campaigns with impunity, tracking the activity of prolific threat actors on marketplaces and forums can help law enforcement agencies’ efforts to disrupt and take down these groups.
“The Ransomware Search and Insights module was born from our work with national law enforcement agencies who require real-time insights to investigate and take down ransomware groups. We have listened to and collaborated with them to address these needs and bring the next evolution of threat hunting to life,” explained Dr. Gareth Owenson, Co-Founder and CTO of Searchlight Security. “Investigators can now work smarter, not harder, with live intelligence on ransomware operators collated and delivered to them.”
Ransomware Intelligence for MSSPs
Dark web monitoring is emerging as one of the fastest growing offerings amongst Managed Security Service Providers (MSSPs), driven in no small part by increased customer demand to stay one step ahead of attackers and prevent disruptive ransomware incidents. Ransomware Search and Insights provides MSSPs with a valuable tool that integrates into their existing offering, with the ability to deliver easy-to-digest overviews of ransomware activity to customers, or action intelligence internally to protect their client base from emerging threats.
Ransomware Search and Insights is now available on Cerberus.
For more information on the threat intelligence that can be gathered from Ransomware Search and Insights, download our free report: Dark Web Profiles: The Most Prolific Ransomware Groups of 2022.
About Searchlight Security
Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Datadog | November 30, 2022
Datadog, Inc., the monitoring and security platform for cloud applications, today announced a new integration with Amazon Security Lake. The integration, announced during AWS re:Invent, makes it easy for Amazon Security Lake users to send cloud security logs to Datadog in a standard format.
Building data pipelines in order to aggregate and route security logs to various security analytics solutions can be a cumbersome and time-consuming process. For Amazon Security Lake customers, Datadog's integration provides an easy way to send security logs to Datadog with minimal configuration required.
Once security logs are ingested into Datadog, customers can analyze and identify threats through out-of-the-box detection rules or by writing custom security rules. They can also do deeper investigations using Datadog's log management tools.
"Amazon Security Lake makes it easier for teams to manage their cloud security data and analyze it with partner solutions of their choice," said Rod Wallace, General Manager for Amazon Security Lake. "Datadog's integration with Amazon Security Lake will allow customers to collect their security logs to improve their cybersecurity posture and send them to Datadog for analysis leveraging an open source schema."
"Security threat detection and investigation is dependent on an effective logging strategy that ensures critical logs are being properly analyzed. However, managing dozens of log integrations from cloud-hosted accounts and entities can be cumbersome and lead to gaps in visibility. "Amazon Security Lake and Datadog are working together to provide an easy way to set up and manage important log integrations for Datadog Cloud SIEM, giving customers deep visibility into their most critical infrastructure."
Pierre Betouin, SVP of Security Products at Datadog
About Datadog
Datadog is the monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.
Read More