DATA SECURITY

XM Cyber Confirms Cortex XSOAR Integration with Palo Alto Networks

XM Cyber | May 05, 2021

XM Cyber, the multi-award-winning leader in Attack-Centric Exposure Prioritization, revealed today's integration with Palo Alto Network's Cortex XSOAR security orchestration automation and response (SOAR) platform. This new integration adds one-click access to risk-free attack simulation inside the Cortex XSOAR Marketplace, allowing security teams to see the entire path of a possible attack.

Security and network teams are constantly debating whether a specific alert is a high risk, low risk, impacts mission-critical assets or should wait for the next patch. When it comes to securing an organization's critical assets, the joint strength of XM Cyber and Cortex XSOAR provides teams with the contextual data they need to make the right choices possible.

The integration enriches events and incidents in Cortex XSOAR with critical information, including:

• The ability to determine whether business-critical assets are at risk

• The name and a description of the attack technique

• Detailed information on all impacted assets, including those deemed mission-critical

• Identification of choke points, i.e. whether the asset resides in line with multiple attack paths

• Context-sensitive recommendations for remediation ranked in order of importance

• A link to the XM Cyber platform for running attack simulations

This data assists security analysts in properly understanding their network environment and identifying user errors, bad IT hygiene, misconfigurations, and misplaced credentials, which can also go unnoticed. Cortex XSOAR's industry-leading automation and orchestration tools and features, combined with an attack-centric exposure approach to threat simulation, will help companies avoid 99% of real threats to their network while only addressing the 1% that matters.

About XM Cyber

XM Cyber is the world's leading provider of attack path management solutions. The XM Cyber platform allows companies to respond rapidly to cyber threats impacting their business-critical systems by actively identifying new exposures such as exploitable vulnerabilities and credentials, misconfigurations, and user activities. XM Cyber actively simulates and needs to prioritize attack paths that threaten mission-critical systems, including context-sensitive remediation options. XM Cyber assists in eliminating 99% of the risk by allowing IT and Security Operations to concentrate on the remaining 1% of exposures before they are exploited to compromise the organization's "crown jewels" – its sensitive properties. XM Cyber was founded by top executives from the Israeli cyber intelligence community and has offices in North America, Europe, and Israel.


About Palo Alto Networks


Palo Alto Networks, the global cybersecurity leader, is defining the cloud-centric future of technology that is changing the way individuals and companies work. Their goal is to be the go-to cybersecurity partner for protecting digital lives. They contribute to addressing the world's most pressing security issues through constant innovation that focuses on the most recent breakthroughs in artificial intelligence, analytics, automation, and orchestration. They are at the forefront of protecting tens of thousands of organizations through clouds, networks, and mobile devices by providing an open platform and empowering a growing ecosystem of partners.

Spotlight

For the third consecutive year, Keyfactor and The Ponemon Institute have collaborated on the State of Machine Identity Management report —an in-depth look at the role of PKI and machine identities in establishing digital trust and securing modern enterprises. This year’s report provides an analysis of 1,280 survey responses from

Spotlight

For the third consecutive year, Keyfactor and The Ponemon Institute have collaborated on the State of Machine Identity Management report —an in-depth look at the role of PKI and machine identities in establishing digital trust and securing modern enterprises. This year’s report provides an analysis of 1,280 survey responses from

Related News

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

SOC Prime Launches Integration with Amazon Security Lake to Supercharge Security Operations

Businesswire | May 31, 2023

SOC Prime, provider of the world’s largest and most advanced platform for collective cyber defense, today announced its integration with Amazon Security Lake, the AWS security service that enables organizations to automatically centralize security data from the cloud, on-premises, and custom data sources into a purpose-driven data lake stored in their account. SOC Prime drives a transformational change in cybersecurity relying on zero-trust & multi-cloud approach to empower smart data orchestration, dynamic attack surface visibility, and cost-efficient threat hunting. Backed by its advanced cybersecurity solutions, Uncoder AI, Attack Detective, and The Prime Hunt, SOC Prime enables organizations to boost their cyber defense capabilities at scale, unleashing the power of Amazon Security Lake. Leveraging SOC Prime’s Uncoder AI, an Augmented Intelligence framework, security teams can save development time and migration costs with re-usable threat hunting queries automatically convertible to Amazon Athena and OpenSearch in the standard Open Cybersecurity Schema Framework (OSCF) format. SOC Prime’s Attack Detective tool intelligently and automatically queries security logs in the customer's Amazon Security Lake account via Amazon Athena and Amazon OpenSearch to identify data sources and then scan them in real time with a curated set of threat hunting queries. By leveraging Attack Detective, security engineers can channel their efforts directly into incident investigation rather than analyzing overwhelming volumes of alerts and accelerate threat research by validating over 10,000 adversary behaviors against the stored log sources in a matter of hours. Attack Detective follows core Zero-Trust Architecture (ZTA) principles segregating the data plane and control plane to ensure that no SIEM or EDR access credentials are shared or inherited within the Company profile. The tool provides complete threat visibility based on the organization-specific logs by linking and correlating with SIEM and EDR on-premises data in its native location without the need to migrate it to the cloud, which contributes to significant cost savings and ensures compliance with zero-trust basic tenets. Adding to investment optimization capabilities, The Prime Hunt open-source browser extension enables security professionals to extract valuable data from large datasets at a lower cost. Users can seamlessly run threat hunting queries on security logs within the Amazon Security Lake account via a web browser in both Athena and OpenSearch and automatically identify accounts and assets affected by the suspected activity. About SOC Prime Headquartered in Boston, SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 27 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations, including 42% of Fortune 100 and 21% of Forbes Global 2000. Flexible subscriptions ensure that both organizations and individual operators can benefit from SOC Prime’s curated detection content and enhanced cyber defense capabilities. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. For more information, visit https://socprime.com or follow us on LinkedIn & Twitter.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SentinelOne® Unveils Revolutionary AI Platform for Cybersecurity

Businesswire | April 25, 2023

Cybercriminals around the world are using generative artificial intelligence (AI) to execute malicious attacks that can take down companies and governments. SentinelOne (NYSE: S), a global leader in autonomous security and pioneer in deep learning models and neural networks, plans to use the same technologies to defeat them. The company today unveiled a revolutionary threat-hunting platform that integrates multiple layers of AI technology to deliver unparalleled security capabilities and real-time, autonomous response to attacks across the entire enterprise. The news was announced during RSA Conference 2023, the premier cybersecurity event being held at the Moscone Center in San Francisco. “Today marks a paradigm shift in cybersecurity,” said Tomer Weingarten, CEO, SentinelOne. “AI is among the most disruptive technologies of our time, and with our new capabilities, we can unleash its power to help companies control all aspects of enterprise security - from visibility to response - with unmatched speed and efficiency.” A first-of-its-kind offering, the SentinelOne threat-hunting platform seamlessly fuses real-time, embedded neural networks and a large language model (LLM)-based natural language interface, supercharging users with AI to monitor and operate all security data and boost their productivity and scale their operations. Through the platform, security teams can ask complex threat and adversary-hunting questions and run operational commands to manage their entire enterprise environment using natural language, and within seconds receive deep insights and full, transparent, correlated results to prompt actions across the cybersecurity ecosystem. An Intelligent, Action-Oriented Approach Built on the industry’s most performant security data lake, the SentinelOne threat-hunting platform aggregates and correlates information from device and log telemetry across endpoint, cloud, network and user data, and not only delivers insights, but recommends response actions that can be immediately executed - from mitigation and investigation to endpoint, cloud and user management. “Our cybersecurity AI platform represents a major leap forward in cybersecurity,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “By allowing users to automate response and take action without the need for coding skills and process and analyze petabytes of data in near-real time, it promises to radically simplify security operations and empower defenders in unprecedented and unforeseen ways.” The Future of Cybersecurity The SentinelOne platform will also allow users to lay a solid foundation for the future and secure tomorrow, today. “Bad actors are increasingly employing AI-based, automated tools to infiltrate all facets of networks with unprecedented speed,” Weingarten said. “With our unmatched experience and capabilities, organizations can quickly scale their cybersecurity operations to stay ahead of these evolving threats and create a strong structural foundation for cybersecurity defenses for years to come.” A Force for Good And they can do it in a responsible, ethical way. “At SentinelOne, our mission is to be a force for good, and our unwavering commitment to ensuring that our cutting-edge technologies are used safely, ethically and responsibly is evident in every aspect of our platform,” Weingarten said. “There is a huge shortage of cybersecurity talent, and in advancing the capabilities of skilled security practitioners, our new capabilities will allow organizations to quickly scale to secure the cloud and avoid the storm of automated and fast-flux attacks that adversaries using generative AI can create. In addition, we allow customers to retain complete control of their data, reinforcing our dedication to keeping sensitive information in the hands of its rightful owners.” The new capabilities will be delivered as part of SentinelOne’s threat-hunting experience and are available in limited preview today. For more information, please visit www.sentinelone.com. About SentinelOne SentinelOne is a leader in autonomous cybersecurity and a Forbes AI 50 company. SentinelOne Singularity™ is a cybersecurity AI platform that detects, prevents, and responds to cyber attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with speed, accuracy and simplicity. The SentinelOne Singularity™ Platform is powered by DataSet™, an AI-enabled data lake technology. Over 10,000 customers, including hundreds of the Global 2000, prominent governments, healthcare providers, and educational institutions, trust SentinelOne to secure the future today. To learn more, visit www.sentinelone.com. Any unreleased products, services or solutions referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase SentinelOne products, services and solutions should make their purchase decisions based upon offerings that are currently available. “Safe harbor” statement under the Private Securities Litigation Reform Act of 1995: This press release contains forward-looking statements. The achievement or success of the matters covered by such forward-looking statements involve risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, our results could differ materially from the results expressed or implied by the forward-looking statements. The risks and uncertainties referred to above include - but are not limited to – risks associated with our limited operating history; intense competition; fluctuations in our operating results; network or security incidents against us; our ability to successfully integrate acquisitions and strategic investments; defects, errors or vulnerabilities in our platform; risks associated with managing our rapid growth; general market, political, economic, and business conditions; our ability to attract and retain new and existing customers, or renew and expand our relationships with them; the ability of our platform to effectively interoperate within our customers’ IT infrastructure; disruptions or other business interruptions that affect the availability of our platform; the failure to timely develop and achieve market acceptance of new products and services as well as existing products, services and support offerings; and rapidly evolving technological developments in the market for security products, services and support offerings. Additional risks and uncertainties that could affect SentinelOne’s financial results are included in under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” set forth in our filings and reports with the Securities and Exchange Commission (“SEC”), including our most recently filed Annual Report on form 10-K, subsequent Quarterly Reports on Form 10-Q and other filings and reports we may file from time to time with the SEC, copies of which are available on our website at investors.sentinelone.com and on the SEC’s website at www.sec.gov. SentinelOne, Inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

AnChain.AI Integrates with Stellar to Bring Enhanced Security and Compliance to Developers

Prnewswire | May 09, 2023

AnChain.AI, a leading Web3 digital asset security, and risk monitoring firm, today announced its integration with Stellar, the pioneering decentralized open-source blockchain network for cross-border payments and asset issuance. This integration paves the way for Stellar's thriving developer community to leverage AnChain.AI's AI-powered Web3 risk management and security solutions to enhance their security posture as they drive innovation. As digital assets and cross-border payments continue to rise, the need for fraud prevention solutions has become increasingly apparent. AnChain.AI's CISO Investigation platform provides an additional layer of trust to institutions developing on Stellar. By utilizing AnChain.AI's Open Blockchain Ecosystem Intelligence (OpenBEI), Stellar developers can prioritize security and customer safety from the earliest phases of building. "As the Web3 ecosystem continues to expand, it's becoming increasingly clear that security is not a luxury, but a necessity," said Dr. Victor Fang, CEO & Co-founder of AnChain.AI. "We are committed to providing cutting-edge security and risk monitoring solutions that enable Web3 platforms to operate with confidence. We're excited to build a more secure and sustainable Web3 future on Stellar." AnChain.AI utilizes AI digital asset risk assessment and early detection of suspicious activity. AnChain.AI's technology solutions underpin the regulatory efforts of leading government agencies, financial institutions, and enterprises worldwide, including the United States Securities and Exchange Commission (SEC). Through this integration, AnChain.AI continues demonstrating its commitment to a more secure blockchain ecosystem, ensuring that all participants in the Stellar community can confidently engage. "Having AnChain.AI integrate with Stellar is a breath of fresh air for the thriving community of Stellar projects," said Mark Heynen, Vice President of Partnerships at Stellar Development Foundation. "These types of solutions help equip developers and enterprises with the necessary tools to prioritize security and compliance from the get-go. This integration lays a sturdy foundation for Stellar ecosystem innovators to create more secure cross-border payment and asset issuance solutions." This integration represents a significant step towards increasing community awareness of the risks associated with rapidly evolving Web3 technology, particularly as regulatory scrutiny in the digital asset space intensifies. By solidifying a shared commitment to sustainable and secure development, this integration lays the foundation for the next-generation Web3 innovation on the Stellar network. Join the growing number of enterprises, financial institutions, government agencies, and users and developers who trust AnChain.AI for their Web3 and digital asset security needs. If you're a user or developer on Stellar looking to enhance your security and compliance posture, get started today. About AnChain.AI AnChain.AI (HQ in San Francisco) is an award-winning AI-powered cybersecurity company enhancing Web3 security, risk, and compliance strategies. AnChain.AI was founded in 2018 by cybersecurity and enterprise cloud veterans. Backed by both Silicon Valley and Wall Street VCs, and selected in the Berkeley Blockchain Xcelerator, we are trusted by 100+ customers from over 10+ countries in sectors: VASPs, financial institutions, and government, including the U.S. SEC (Securities and Exchange Commission). AnChain.AI Web3 Security Suite protects over $50 billion Web3 crypto assets. RSA Innovation Sandbox Finalist 2023. CNBC Top Startups Award 2022.

Read More