Menlo Security | March 01, 2022
Menlo Security, a leader in cloud security, today announced that the Menlo Cloud Security Platform is now available in the AWS Marketplace. Amazon Web Services (AWS) customers now have access to Menlo Security’s isolation-powered platform that eliminates malware threats, connects users to the enterprise applications from anywhere, and scales elastically to meet user demand.
Detecting and responding to today's sophisticated threats using yesterday's legacy security tools doesn't work. The Menlo Cloud Security Platform, powered by a patented Isolation Core™, proactively prevents malware threats from reaching workers without sacrificing the user experience.
With 75% of work happening in the browser every day, the browser has quickly become the primary attack surface for threat actors, ransomware, and other attacks. Menlo Security recently identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats (HEAT), that bypass traditional security defenses. HEAT attacks are a class of cyber threats targeting web browsers as the attack vector and employing techniques to evade detection by multiple layers in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection.
“Our goal is to ensure our partners and customers are able to access and deploy the Menlo Security cloud security solution on their terms and on their timeline, Today’s threat landscape is constantly evolving and becoming more sophisticated as our recent discovery of HEAT attacks demonstrates. Having our cloud security solution available in the AWS marketplace enables our channel partners to transact and seamlessly support their customers and protect their employees and networks through the AWS Consulting Partner Private Offers (CPPO) program.”
Sanjit Shah, head of strategic alliances for Menlo Security
Key features of the Menlo Cloud Security Platform include:
Centralized Platform - cloud-native platform which prevents malware from reaching users, eliminates the need for multiple appliances, and gives IT managers one interface to navigate.
Elastic Isolation Core - The patented Isolation Core™ protects against known/unknown threats and isolates them before they reach users. Zero Trust isolation provides 100% protection without special software or plug-ins, so users don't experience negative impacts or interruption.
Elastic Edge - Built to scale globally on demand. It dynamically scales to meet enterprise-level growth-over 3M users-with no performance hit and is easily extendable with a rich set of APIs and integrations.
About Menlo Security
Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security’s isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JP Morgan Chase. Menlo Security is headquartered in Mountain View, California.
Illumio | May 06, 2022
Illumio, Inc., the Zero Trust Segmentation company, today announced an expanded relationship with IBM Security and a new integration between the companies’ technologies for advanced end-to-end threat detection and response. The integration combines IBM Security QRadar XDR with Segmentation from Illumio to provide pre-attack protections for accelerated detection and automated containment and remediation capabilities to help defend against the impacts of aggressive cyberattacks, including ransomware.
“In 2021, over half of organizations globally reported suffering a ransomware attack that blocked access to critical systems or data,” said Frank Dickson, Program Vice President at IDC. “As ransomware, and the attackers behind it, continues to plague every industry, organizations must act now to bolster cyber and business resiliency. The best way firms can safeguard their organizations is to address the five core elements of a ransomware attack: initial compromise, lateral movement, privilege escalation, data exfiltration and the encryption. Given the complexity and difficulty of the task, security tools should be adaptable, scalable and emphasize real-time visibility to enable real-time action.”
The integration provides customers with enhanced visibility into network traffic and can help limit the potential spread of attacks by segmenting application networks. When an intrusion takes place, an attacker’s external communication and movement throughout an organization’s network can be quickly detected, denied, and analyzed with the help of Illumio and QRadar SIEM. This centralized visibility and analysis can help with the detection of threats and ransomware that moves, often undetected, throughout organizations. Beyond detection, Illumio’s integration with QRadar SOAR enables incident responders to activate Illumio’s emergency ransomware containment controls in near real time, helping them to reduce the impact of ransomware and accelerate the eradication and recovery process.
“The onslaught of ransomware attacks demands end to end visibility, advanced analytics and automated actions based on an open platform – which are the foundational elements on which QRadar XDR was designed. “By leveraging its open architecture and segmentation platforms like Illumio, QRadar XDR helps customers achieve early detection, orchestration, and rapid, automated response to ransomware and other fast-moving attacks.”
Chris Meenan, VP of Product Management at IBM Security
“In February 2022, the Cybersecurity and Infrastructure Security Agency reported ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors, which signals the urgent business resilience risk it poses,” said John Skinner, VP, Business Development at Illumio. “Not only is ransomware today becoming more sophisticated and targeted, but incident rates are climbing. Successful detection and response depends on segmentation aligned with Zero Trust principles to isolate and stop ransomware before it spreads. Together, Illumio and IBM Security are empowering organizations to minimize the business impact of devastating attacks by combatting known risks at every phase.”
Illumio, the Zero Trust Segmentation company, prevents breaches from spreading and turning into cyber disasters. Illumio protects critical applications and valuable digital assets with proven segmentation technology purpose-built for the Zero Trust security model. Illumio ransomware mitigation and segmentation solutions see risk, isolate attacks, and secure data across cloud-native apps, hybrid and multi-clouds, data centers, and endpoints, enabling the world’s leading organizations to strengthen their cyber resiliency and reduce risk.
NETWORK THREAT DETECTION
SilverSky | January 11, 2022
SilverSky, a cybersecurity innovator offering powerful managed detection and response (MDR) services, today announced it completed the acquisition of Burlington, Massachusetts-based Cygilant.
As a leading cybersecurity-as-a-service provider, Cygilant operates a security operation center (SOC) in Belfast, Northern Ireland and also boasts some of the world's most notable Ph.D.-level talent focused on cybersecurity, advanced networks and data science. The addition of Cygilant's UK-based delivery center complements the current SilverSky footprint in Asia and North America while expanding SilverSky's access to European markets.
In October 2021, SilverSky announced that ITOCHU International, Inc., the North American flagship company of Tokyo-based ITOCHU Corporation, made a strategic investment of $31.5 million in SilverSky. Additionally, in August 2021, SilverSky announced the completed acquisition of New Jersey-based Advanced Computer Solutions Group, LLC (ACSG) which added a notable customer base within the U.S. education sector and marked the company's first acquisition in a series of planned growth opportunities.
"Alongside our recent growth-related announcements, this acquisition of Cygilant, a cybersecurity-as-a-service and threat-intelligence powerhouse, helps to further galvanize our efforts to globally expand the SilverSky presence as well as retain and nurture some of the industry's best cybersecurity and data science talent," said Richard Dobrow, CEO at SilverSky. "Cygilant shares our commitment to rich-service offerings that are unmatched in the industry. We're pleased to welcome the Cygilant team and their customers."
"We are excited to join SilverSky,This represents a significant next-chapter of the Cygilant journey, as our innovative SOC capabilities and deep bench of cybersecurity expertise are combined with one of the industry's most comprehensive MDR offerings. The outcome for our customers will be access to the collective set of broader managed services that will continue to enrich their cyber protections and strengthen their security posture."
Rob Scott, CEO and President at Cygilant who will be joining SilverSky as its Chief Strategy Officer
Organizations of all sizes face the same cybersecurity threats, compliance mandates, and business risk as Fortune 500 companies. SilverSky levels the playing field and enables companies, regardless of their size, to access enterprise-grade cybersecurity to meet regulatory requirements, proactively respond to threats, and rapidly reduce risk. SilverSky offers one of the most comprehensive managed detection and response (MDR) solutions in the industry. Delivered as a managed services model, SilverSky MDR makes powerful cybersecurity simple, affordable, and accessible to organizations of all sizes and across industries. Customer environments are monitored 24x7x365 by highly skilled security operations analysts in SilverSky SOCs, which were developed based on military-grade security and are powered by the latest integrated technology. SilverSky has more than 20 years of operational cybersecurity success defending thousands of customers in some of the most demanding industry sectors.
Sysdig | May 16, 2022
Sysdig, the unified container and cloud security leader, announced that Sysdig open source, the incident response standard for containers, has been extended to the cloud. Using system calls, Sysdig open source (Sysdig OSS) traditionally offers deep observability into running applications, as well as file system access and network activity, which speeds incident response and troubleshooting. Teams can quickly filter information from Sysdig OSS and take action. With the announcement of this new integration, these capabilities have been extended beyond containers to any cloud environment.
Today, Sysdig announced Edd Wilder-James has joined Sysdig from Google to lead the company’s open source ecosystem team.
The complexity of cloud-native applications – with countless components and variables – makes it extremely difficult for security analysts and system administrators to quickly triage alerts and debug problems. Sysdig OSS captures process, file system, and network activity in real time and with a high degree of granularity. The tool, which has nearly two million downloads and 6,850 GitHub stars, surfaces everything from executed commands and file system activity to network activity. Sysdig OSS then offers advanced filtering and troubleshooting capabilities, supporting root cause analysis for security and performance issues.Using a new plugin framework – originally developed by the open source community for the CNCF project Falco – Sysdig extends the number of sources Sysdig OSS can be connected with to anything that generates logs or events, including Azure, Google, and AWS CloudTrail logs. Going forward, every plugin developed for Falco can also be leveraged by Sysdig OSS. Using one tool, like Sysdig OSS, to observe events from the entire cloud-native environment streamlines investigations. Using a different tool for each environment adds complexity, which makes it massively harder to troubleshoot.
Sysdig’s Commitment to Open Source
Sysdig was founded as an open source company and Sysdig Secure and Sysdig Monitor were both built on an open source foundation to address the security challenges of modern cloud applications. Both projects were created by Sysdig to leverage deep visibility as a foundation for security, and they have become standards for container and cloud threat detection and incident response. Falco, which was contributed to the CNCF in 2018, is now an incubation-level hosted project with more than 45 million downloads.
Sysdig OSS and Falco can be used together as a powerful open source solution to reduce risk at runtime. Sysdig OSS acts as a flight recorder, capturing a detailed record for inspection. Falco acts as a security camera, continuously detecting unexpected behavior, configuration changes, intrusions, and data theft in real time. Teams can use Sysdig OSS and Falco together to detect and respond to threats.
“If you want to see what is going on inside an application, Sysdig OSS gives you that record. “Sysdig open source was the inspiration for Falco. While Falco will monitor and alert based on your policies, Sysdig open source will tell you what happened at a particular time, before and after the event. Having the ability to use both open source tools in the cloud is extremely powerful.”
Loris Degioanni, Founder and CTO of Sysdig
Sysdig is driving the standard for cloud and container security. The company pioneered cloud-native runtime threat detection and response by creating Falco and Sysdig as open source standards and key building blocks of the Sysdig platform. With the platform, teams can find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions and compliance. From containers and Kubernetes to cloud services, teams get a single view of risk from source to run, with no blind spots, no guesswork, no black boxes. The largest and most innovative companies around the world rely on Sysdig.