SOFTWARE SECURITY
HBR Consulting | August 16, 2022
HBR Managed Services (HBR), a comprehensive strategy, operations and technology consulting firm focused on the legal industry, today announced its partnership with Tanium, the industry's only provider of converged endpoint management (XEM) for complex security and technology environments.
Recognizing that law firms are attractive targets for cyber criminals, HBR is leveraging the Tanium platform to provide IT operations management, IT asset discovery, and security threat response to manage system updates at scale, thereby helping the firm's IT managed services and network operating center (NOC) clients reduce risk and operating costs.
"The Tanium platform allows us to automate patching of OS and applications on servers and workstations, whether those endpoints are attached to a firm's network or not," said Bill Elser, vice president of engineering services at HBR. "That's critical in today's hybrid environment, allowing us to quickly prevent or remediate security or other operational issues by deploying registry changes and executing scripts."
"The legal field faces unique challenges not only to protect the integrity and reputation of individual firms, but to safeguard the various constituencies they serve. "Tanium is keenly aware of the heightened risks the industry faces and we are proud to align with a leader like HBR as they work to secure the interests of their clients. We look forward to expanding this long-term partnership as they continue to grow."
Todd Palmer, SVP of partner sales of Tanium
"We're pleased to add Tanium to our roster of best-in-class vendor partners," added Chris Petrini-Poli, HBR's executive chairman. "HBR is committed to continually innovating services and partnering with best-in-class tool providers. Throughout the past year, we've been investing in relationships that will help us continue to provide exceptional, cost-effective service to our clients. We're proud to be on the leading edge of using top-of-the-line technology that ensures a continuously updated and monitored, safe and secure IT environment, while allowing HBR's team to operate as efficiently as possible."
About HBR Consulting
HBR Consulting (HBR) provides law firms and corporate law departments with strategic guidance, operational improvement, and technology solutions that drive innovation while managing cost and mitigating risk. HBR's proven combination of experience, relationships, and insights—spanning the legal ecosystem—delivers sustainable financial and competitive advantages for its clients. Visit www.hbrconsulting.com and follow HBR on LinkedIn and Twitter.
About Tanium
Tanium, the industry's only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune's list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That's the power of certainty.
Read More
PLATFORM SECURITY
Axonius | July 25, 2022
Axonius, a cybersecurity asset management provider, today announced integrations with Amazon Macie, Amazon GuardDuty, and AWS SecurityHub while extending its Amazon Inspector functionality. These new integrations will help customers to better understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure.
By connecting to both AWS first-party and ISV-third party security solutions, Axonius provides comprehensive visibility and management of assets across AWS cloud, multi-cloud, and on-premises.
The latest integrations provide the following capabilities:
Identify Exposed Amazon S3 Buckets: Axonius fetches findings from Amazon Macie to help customers identify exposed Amazon S3 buckets to maintain data integrity and compliance.
Detecting Malicious Activity & Compromised Security Controls: By integrating with Amazon GuardDuty, Axonius helps customers detect malicious activity to protect AWS accounts, workloads, and data and help them understand which assets have compensating security controls.
Helping Meet Security Best Practices: With insights from AWS SecurityHub, customers can compare against correlated data to verify whether assets that don't meet best practice standards have a compensating security control.
Comprehensive View of Cloud Security Posture: Axonius delivers a complete inventory of assets from more than 450 correlated data sources giving customers a comprehensive view of their cloud security, including vulnerability data from Amazon Inspector.
"As companies continue to shift workloads to the cloud, they're also increasingly leveraging cloud provider-native security service offerings. "Yet customers are still exhausted by the highly-manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius and AWS, customers finally have a unified view of their assets while dramatically strengthening their security posture."
Mark Daggett, Vice President of Worldwide Channels and Alliances at Axonius
About Axonius
Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps, and automatically validates and enforces policies. Deployed in minutes, the Axonius cyber asset attack surface management (CAASM) solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions, and informing business-level strategy. Cited as one of the fastest growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of devices for customers around the world.
Read More
SOFTWARE SECURITY
Aqua Security | July 26, 2022
Aqua Security, the leading pure-play cloud native security provider, today announced the launch of out-of-the-box runtime protection with minimal configuration to stop attacks in real time on running workloads. Protection is composed of new curated and optimized default security controls, as well as advanced threat intel from observations of real attacks on cloud native environments. Both the controls and threat intel are the result of knowledge gained through years of securing customers’ live production environments. Customers can now apply this knowledge to achieve trusted and advanced runtime protection in minutes without requiring in-depth knowledge of their applications and environments.
Using eBPF technology and threat intel from cyber research team Aqua Nautilus to identify advanced threats, Aqua surfaces the most critical issues in real time while also implementing a set of controls to protect running workloads immediately, without disrupting the business.
“Aqua is transforming the runtime security paradigm. “Traditional runtime security requires security teams to have a great deal of cloud native knowledge, and as a result has been slow to adopt. Aqua is removing this barrier to adoption by making cloud workload threat protection immediately effective and easy for security professionals.”
Amir Jerbi, CTO and co-founder, Aqua Security
Stopping Attacks in Real Time with Runtime Security
Recent data from Nautilus shows that one in three live attacks could be missed when relying exclusively on snapshot scanning of running workload images. Nautilus also found tens of thousands of instances of in-memory attacks and fileless attacks in a one-month period—attacks that would not be seen or stopped without kernel-level visibility.
Aqua’s detection of anomalous behavior goes beyond point-in-time snapshots and catches malicious behavior of known and unknown threats in real time—this includes both known CVEs and zero-day exploits that have yet to be discovered. The new default runtime controls are based on ongoing recommendations from Aqua Nautilus, who detect and analyze 80,000 attacks a month using Aqua’s open source eBPF-based threat detection engine, Aqua Tracee. The result is real-time visibility at the kernel level that alerts customers the moment an attacker breaches a running workload, reducing attackers’ dwell time from months to milliseconds.
Aqua’s Runtime Protection solution is part of Aqua’s fully integrated Cloud Native Application Protection Platform (CNAPP), the Aqua Platform. Customers of the Aqua Platform also have access to the entire, full set of customizable, advanced runtime capabilities if and when they decide to define and implement more stringent policies.
Key benefits of Aqua Runtime Protection include:
Discover attacks immediately with continuously updated kernel-level behavioral detection. Updates are based on cloud native threat research from Aqua Nautilus along with years of experience securing customer workloads in production.
Respond faster and reduce attacker dwell time by stopping attacks with pattern-based anti-malware in production and the option to block or delete malware on access.
Simplify incident investigation and rapidly determine the impact and attack path of a security incident with a detailed incident timeline including rich contextual information.
“Unlike overly complex runtime solutions, legacy solutions not designed for cloud-native applications, or solutions that can’t detect in real time, our goal with this release is to provide runtime security that is simple to deploy, giving you effective real-time security out-of-the-box,” said Jerbi. “What this boils down to is that, unlike alternative solutions, Aqua’s Platform will both detect sophisticated attacks and stop them in real time.”
Aqua’s out-of-the-box Runtime Protection is now available and will make an industry debut at AWS re:Inforce on July 26-27 in Boston at Booth 104. To learn more, visit Aqua’s YouTube.
About Aqua Security
Aqua Security stops cloud native attacks and is the only company with a $1 Million Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry’s most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston and Ramat Gan, Israel, with Fortune 1000 customers in over 40 countries.
Read More