Software Security
Trellix | January 22, 2024
Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation.
Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation.
“The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.”
One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement.
“The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.”
The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape.
“The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.”
One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies.
About Trellix
Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com.
About One Source
One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.
Read More
Software Security
Keeper Security, Inc. | January 11, 2024
Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, announces Granular Sharing Enforcements will soon be available for all products in the Keeper® platform. Granular Sharing enables administrators to enforce detailed creating and sharing permissions at the user level. By implementing these permissions, organizations can ensure employees only have access to the resources necessary for their roles, minimizing the risk of unauthorized access, data breaches and lateral movement within a network.
"It's critical for organizations to have security solutions that help them adhere to increasing regulations and compliance requirements," said Craig Lurey, CTO and Co-founder of Keeper Security. "Granular permission control helps organizations enhance their security posture by restricting access to sensitive information and systems. With Granular Sharing Enforcements, it's easier than ever for IT administrators to better control the principle of least privilege and streamline operations within their organizations."
Keeper's added Granular Sharing Enforcement policies provide more detailed restrictions that administrators can apply to users for both creating and sharing records. Most employees do not need access to all of the data or functionalities within an organization, and many industries and geographical regions have specific regulations and compliance requirements regarding data protection and privacy, including HIPAA, GDPR, PCI DSS and SOX. Granular permission controls enable organizations to align with local and industry regulations by allowing them to define and enforce access policies. This helps in ensuring the organization is compliant with industry standards and legal requirements.
Key features of Keeper's Granular Sharing Enforcements include:
Auditing: Keeper provides clear alerting and reporting on over 100 different event types.
Version control: Only a small subset of users have permissions to update or share records, helping teams ensure information is consistent and accurate.
Seamless access on any device: Keeper provides the same user experience across platforms, ensuring cross functionality and ease of use, whether on web, desktop or mobile.
Encryption: Keeper provides secure sharing with elliptic curve encryption, ensuring cybercriminals cannot intercept passwords or other shared records in transit.
Keeper Administrators can easily customize permissions to best suit the compliance needs of their organization. Administrators modify permissions in the Enforcement Policies section of the Admin Console for the chosen role by selecting Creating and Sharing. Most permissions are activated by default for maximum security. Enforcements have been designed to be simple and powerful, allowing admins to choose the appropriate settings for their unique needs.
Granular Sharing Enforcements will be available for all sharing needs within Keeper's Enterprise Password Manager, Keeper Secrets Manager and KeeperPAM. With Keeper's zero-knowledge password management and security platform, IT administrators have complete visibility into employee password practices, enabling them to monitor password use and enforce password security policies, including strong, unique passwords, Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), and other security policies. Keeper Secrets Manager® is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data.
Its latest offering, KeeperPAM™, provides next-generation Privileged Access Management (PAM) that is disrupting the traditional PAM market. KeeperPAM delivers enterprise-grade password, secrets and privileged connection management within a unified SaaS platform that is cost-effective, easy to use and simple to deploy. KeeperPAM enables least-privilege access with zero-trust and zero-knowledge security. Enterprises select Keeper because of its strong security architecture, ability to support federated and passwordless authentication with any identity provider, seamless integration into on-premises, cloud or hybrid environments and ease of use across desktop and mobile devices.
About Keeper Security
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper's affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging.
Read More
Platform Security
D3 Security | January 08, 2024
D3 Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. D3 Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.
“In the context of security, AI’s impact is likely to be profound, tilting the scales in favor of defenders and empowering organizations to defend at machine speed. At Microsoft, we are privileged to have a leading role in advancing AI innovation, and we are so grateful to our incredible ecosystem of partners, whose mission-driven work is critical to helping customers secure their organizations and confidently bring the many benefits of AI into their environments,” said Vasu Jakkal, Corporate Vice President, Microsoft Security.
D3 Security is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility.
“D3 has always pushed SOAR technology forward, be it through our deep research into integration design; our Event Pipeline, which reduces alert-handling time by up to 99%; or our operationalizing of the MITRE ATT&CK and D3FEND frameworks,” said Gordon Benoit, President, D3 Security. “By teaming with Microsoft in the Security Copilot Partner Private Preview, we will be able to use AI to evolve SOAR in ways that would have sounded impossible just a year ago.”
Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft's unique global threat intelligence and more than 65 trillion daily signals.
About D3 Security
D3 Security’s Smart SOAR™ (security orchestration, automation, and response) solves entrenched problems in cybersecurity by transforming separate tools into a unified ecosystem with multi-tier automation, codeless orchestration, and robust case management. Smart SOAR performs autonomous triage and reduces false positives so enterprise, MSSP, and public sector security teams can spend more time on real threats.
Product or service names mentioned herein may be the trademarks of their respective owners.
Read More
End Point Protection
Malwarebytes | January 24, 2024
Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats.
"Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students."
Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams
Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks.
Key features of the ThreatDown K-12 Bundle include:
Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing.
24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle.
Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console.
Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks.
Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students.
About Malwarebytes
Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.
Read More