Software Security
PR Newswire | October 23, 2023
BlackBerry Limited (NYSE: BB; TSX: BB) today announced its new Generative AI powered assistant for Security Operations Center (SOC) teams. The enterprise-grade solution acts as a SOC Analyst providing Generative AI based cyberthreat analysis and support to enhance CISO operations. It leverages private large language models (LLMs) for greater accuracy and data privacy.
The solution, which will be available to BlackBerry's Cylance AI customers, predicts customer needs to proactively provide information rather than requiring users to manually ask questions and compresses research hours into seconds. Fully integrated in the Cylance Console, it produces a natural workflow instead of an inefficient chatbot experience. Cylance launched as the industry's first AI cybersecurity solution and the industry's first predictive cybersecurity solution. Predictive cybersecurity is a must for emerging cyber risks and seen as the future of cybersecurity.
BlackBerry pioneered the AI cybersecurity market and our commitment to innovation means we are once again at the forefront of the industry as we unveil our Generative AI powered cybersecurity assistant, said Nathan Jenniges, SVP & GM Spark, Cybersecurity Business Unit, BlackBerry. This new solution will enable our customers to modernize their SOC operations helping them to stay a step ahead of the adversary. It will be invaluable to CISOs in overcoming the challenges they face, including an evolving threat landscape and resource constraints.
BlackBerry has delivered transformative innovation for almost forty years and continues to set a standard in the technology industry. In the field of AI this is evidenced by the company today having more than five times the AI/ML patents than competitors and AI being integrated across the company's product portfolio. Furthermore, BlackBerry earlier this month was one of the first signatories of Canada's voluntary Code of Conduct on the responsible development and management of advanced Generative AI systems.
"Generative AI has the potential to deliver tremendous economic value, making it an area of focus for BlackBerry. Our patent portfolio already includes Generative AI," said Charles Eagan, Chief Technology Officer, BlackBerry. "Throughout our innovations we take our commitment to delivering enterprise-grade solutions seriously – innovations that deliver value rather than react to hype – as demonstrated by today's announcement and our being one of the first signatories of Canada's voluntary Generative AI Code of Conduct."
BlackBerry's Generative AI powered cybersecurity assistant will initially be made available to a select group of customers.
For more information register for BlackBerry Summit, taking place on October 17, where leaders from government, enterprise and BlackBerry will reveal the future of IoT, IT and Cybersecurity and showcase the latest BlackBerry innovations.
Read More
Network Threat Detection
iTWire | October 30, 2023
Fortinet, the global cybersecurity leader driving the convergence of networking and security, has announced the expansion of its Universal SASE offering to empower today’s hybrid workforce with FortiOS everywhere.
Ken Xie, founder, chairman of the board, and chief executive officer, said, The Fortinet operating system, FortiOS, is the industry’s only enterprise-grade converged operating system able to support all secure access service edge (SASE) functions, including firewall, software-defined wide area network (SD-WAN), secure web gateway, encryption/decryption, cloud access security broker (CASB), data loss prevention (DLP), and zero trust network access (ZTNA), whether deployed in an appliance or cloud-delivered from Fortinet.
“This approach enables over 30 converged networking and security functions to be managed through a single console. Fourteen of these functions are accelerated when deployed on our new FortiASIC Security Processor 5-based FortiGate 120G SASE appliance.”
Expanding Fortinet Universal SASE
Single-vendor SASE provides flexible access to critical resources and applications for users and devices. However, most enterprises rely on different vendors for each SASE function, which introduces significant challenges of controlling different operating system functionality and management consoles. Fortinet Universal SASE takes traditional single-vendor SASE one step further, providing consistent policies and controls on-prem and in the cloud while delivering seamless integration across all functions and deployments to better support today’s hybrid workforce while reducing information technology (IT) overhead.
FortiOS runs the full SASE stack, including a bi-directional firewall, SD-WAN, secure web gateway, encryption/decryption, CASB, DLP, and ZTNA. It also has the flexibility to run on an appliance in accelerated mode as well as in the FortiSASE cloud, providing consistent networking, security, and policy management for every edge. This is further enhanced by FortiGuard artificial intelligence (AI)-powered security services, such as intrusion prevention system (IPS), domain name system (DNS) filtering, URL filtering, anti-malware, sandboxing, and more.
This news expands Fortinet’s investment in Universal SASE by expanding the reach of its SASE stack in three key areas of the portfolio:
Worldwide coverage of FortiSASE cloud locations
FortiSASE, built on a global, scalable cloud network, delivers the same SASE stack as FortiGate appliances through its regional FortiSASE cloud locations. To deliver the best user experience and higher service availability, Fortinet now delivers over 100 FortiSASE cloud locations globally.
Bringing accelerated SASE to the campus and branch
To bring the full SASE stack to campus and branch locations, Fortinet is announcing the new FortiGate 120G SASE appliance. Because it is powered by Fortinet’s patented security processor 5 (SP5) custom application-specific integrated circuit (ASIC), it can accelerate many elements of the SASE stack, such as delivering three gigabits per second (Gbps) of secure sockets layer (SSL) inspection—an average of six times faster than the industry average—for visibility into encrypted traffic at scale. The following Secure Compute Rating table provides a comparison between equivalent solutions:
Flexible consumption extended to Universal SASE
FortiFlex, Fortinet’s flexible consumption program, has now been extended to Fortinet Universal SASE solutions. The entire SASE stack from Fortinet can be consumed as part of FortiFlex, whether customers want to use on-prem or FortiSASE cloud-based services. FortiFlex offers usage-based licensing across cloud, hybrid cloud, and on-premises deployments to give IT teams the flexibility to continually right-size their deployments, reduce excessive procurement cycles for new security solutions, simplify the deployment and provisioning of new services, and maximise budget and return on investment by enabling IT teams to scale down or pause services as needed.
Read More
Software Security
Okta | October 09, 2023
Okta, Inc. announces Identity Threat Protection with Okta AI, a new product for Okta Workforce Identity Cloud.
It enables security teams and admins to constantly evaluate user risk during active sessions and respond automatically to Identity threats across the entire ecosystem.
Identity Threat Protection enables organizations to mitigate risk with enhanced threat detection and response capabilities.
Okta, Inc., the leading independent Identity partner, has introduced Identity Threat Protection with Okta AI, a revolutionary product within the Okta Workforce Identity Cloud. This innovative solution provides identity-based threat detection and mitigation in real-time. Identity Threat Protection goes beyond initial authentication by employing Okta AI and security infrastructure insights. It assures continuous user risk assessment during active sessions and enables automatic responses to Identity threats across the entire ecosystem.
Organizations are increasingly adopting diverse cybersecurity tools to counter evolving threats. However, this leads to a flood of detailed security data, making it daunting for administrators to set up efficient policies and identify crucial threats. This fragmentation makes it challenging to track the risk of any specific user session over time and requires navigating various consoles.
Okta stands out with its unified Identity deployment, offering a unique ability to evaluate risks across security domains and active user sessions. This innovative strategy solves a crucial business challenge as, according to Gartner, "By 2025, organizations that adopt a continuous adaptive trust strategy will reduce [account takeover] along with other identity risks by 30%..."
President and CDO of Workforce Identity Cloud at Okta, Sagnik Nandy, said,
Organizations need the ability to not only bring together risk insights at the point of login, but also to re-evaluate at any point in a user’s session. Identity Threat Protection extends Okta’s adaptive risk analysis and delivers automatic remediation and response, assisting businesses stop potential threats in real-time.
[Source – Business Wire]
Multi-factor authentication (MFA) is a vital tool in combating identity-based attacks. However, its effectiveness typically extends only to the login stage. Using shared signals throughout a user's active session, Identity Threat Protection equips organizations with enhanced threat detection and response capabilities, thereby mitigating risk. Initial launch capabilities include:
Continuous Risk Evaluation
Shared Signals Pipeline
Adaptive Actions
CIO at Palo Alto Networks, Meerah Rajavel, said,
Our world-class threat intelligence innovations assist secure enterprises against evolving attack methods. Partnering with Okta’s Identity Threat Protection is a great opportunity to further empower enterprises with security signal sharing, assisting them to better detect changes in user risk across their tech stack.
[Source – Business Wire]
Read More