DATA SECURITY

AaDya Security Partners with EclecticIQ to Deliver Next Generation Endpoint Protection to Small and Midsize Businesses

AaDya Security | November 20, 2021

AaDya-Security
Detroit-based AaDya Security announced today that the company has partnered with EclecticIQ, a leading global provider of cyber threat intelligence, hunting and response technology and services, to offer its innovative endpoint detection and response (EDR) technology to customers of AaDya's all-in-one cybersecurity platform.

Built specifically for small and midsize business customers, AaDya's platform is the first to offer six pillars of protection in a unified platform. The solution is powered by Judy, a unique AI and machine learning agent that works on the back-end to ensure each of the pillars (single sign-on, password management, endpoint detection and response, threat detection and automated remediation, anti-phishing, and compliance mapping) work in tandem to provide a seamless experience for both the end-user and platform administrators.

AaDya this year also launched a successful channel partner program to offer its solution to managed IT and security service providers and value-added resellers who recognize the benefits of the unified platform for themselves and their clients.

"Judy was built by our engineers to deliver a full suite of enterprise-grade security tools in one simple, accessible, and affordable platform,We are thrilled about our partnership with EclecticIQ, which aligns perfectly with our mission to provide small and midsize business customers access to the same security as their larger counterparts at a fraction of the cost. Their EDR solution hits all the marks in that it is light enough for our customers to implement and manage without having to compromise on security. Combined with the fact we were able to work with the EclecticIQ team to fully integrate the solution with Judy's capabilities made our decision to partner with them an easy one."

Raffaele Mautone, CEO and founder of AaDya

"AaDya built their solution with the understanding that security should not be a barrier to productivity," said Julie Cullivan, a veteran cybersecurity executive and AaDya board member. "The fact that many current security solutions are complicated and cumbersome to deploy has caused many SMB organizations to go unprotected. EclecticIQ's EDR technology was the perfect fit at the perfect time, allowing AaDya to expedite getting their endpoint solution pillar to market at a critical time for many small businesses as they face more cyber-risk and are being forced to meet the latest compliance requirements. I look forward to watching the partnership between these two innovative cybersecurity companies make a significant impact."

With many recent high-profile attacks and a renewed focus on security at all levels of the Nation's value chain, across all verticals and businesses of all sizes, timing has never been more critical to provide accessible and reliable protection against ubiquitous attacks like ransomware and phishing to a market segment that has traditionally been an afterthought for the big players in cybersecurity.

EclecticIQ, founded in 2014, is a leading cybersecurity company which is pioneering the intelligence-led analyst-centric platform that helps MSSPs, enterprises and governments to manage threat intelligence, hunting, detection and response.

EclecticIQ Endpoint Response is a full-featured, flexible and embeddable endpoint detection and response (EDR) solution designed for integration into existing security stacks. It ensures kernel-driven reliability to capture events in real-time on Windows, macOS, and Linux endpoints using the unique endpoint telemetry plugin supported by open source osquery-based agent. It is easily integrated into existing toolsets and workflows via a straightforward REST API which leverages configuration, notifications, scheduled queries, and ad hoc queries for faster time to detection and response. And it installs in minutes, so this low-cost, low-footprint multifaceted solution enables faster mitigation of endpoint attacks.

"When we understood the potential of AaDya's Judy platform, it became obvious that EclecticIQ's highly embeddable EDR would make it both more powerful and more extensible for further market-specific innovation," said Sridhar Jayanthi, senior vice president, endpoint security, EclecticIQ. "The fact that AaDya could significantly accelerate their endpoint goals with EclecticIQ's proven technology makes this an ideal partnership."


About AaDya Security
Headquartered in Detroit, Michigan, AaDya Security provides smart, simple, effective and affordable cybersecurity software solutions for small and midsize businesses. Our all-in-one cybersecurity platform, powered by Judy, an interactive AI virtual assistant, provides enterprise-grade, 24/7 protection and support for companies who lack the time, expertise and capital to successfully implement these solutions on their own. 

About EclecticIQ
EclecticIQ is a global provider of threat intelligence, hunting and response technology and services. Stay ahead of rapidly evolving threats and outmaneuver your adversaries by embedding Intelligence at the core™ of your cyberdefenses. We operate worldwide with offices and teams across Europe and UK, North America, India and via value-add partners.

Spotlight

In order to protect corporate data and resources from mobile device security threats, it’s critical to have device security policies in place—as well as processes and tools to ensure their effectiveness. There is a balance to strike here between making sure the password cannot easily be guessed with minimal password strength requirements but also making sure that the password complexity requirements do not annoy end users. Specifying the timeout duration is a part of this balance as well. If the duration is set too short, users will be annoyed with repeated password entries and if the duration is too long, then the device is more easily susceptible upon being stolen or lost


Other News
DATA SECURITY

Flashpoint Acquires Vulnerability Intelligence Leader Risk Based Security

Flashpoint | January 13, 2022

Flashpoint, the trusted leader in threat intelligence and risk prevention, today announced it has acquired Risk Based Security (RBS), a Richmond, Virginia-based company specializing in vulnerability and data breach intelligence, as well as vendor risk ratings. The integration of RBS’s collections and technology into the Flashpoint platform offers a wide range of cybersecurity practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps, and vendor risk management teams—the contextual threat intelligence and automation they need to detect, prioritize, and thwart emerging cyber risks rapidly and holistically. “I am incredibly excited to welcome the RBS team to Flashpoint,This acquisition will enable our clients to rapidly detect critical vulnerabilities before they are widely known, and then automate how they prioritize and remediate these issues. This is a game changer for security teams and represents a vital step towards achieving Flashpoint’s vision of being the single vendor that enterprises can rely on to mitigate all types of security risks and protect critical assets.” Flashpoint CEO Josh Lefkowitz Since its founding in 2011, Risk Based Security has partnered with a diverse group of clients, including Microsoft, BlackRock, Northrop Grumman, Swisscom, American Electric Power, Amtrak, and numerous other enterprises across the technology, financial, insurance, and consumer goods sectors. To date, RBS possesses over 90,000 vulnerabilities in its collections that are not assigned CVE IDs and therefore do not exist in the National Vulnerability Database (NVD). RBS’s proprietary technology consistently identifies vulnerabilities before they are commonly known—and maps those vulnerabilities to an enterprise’s software—providing clients with a critical edge and head-start on potential adversaries. “We’re thrilled to join forces with Flashpoint,” said Jake Kouns, CEO of RBS. “It’s rare to find two organizations so similar in culture with a mutual drive to get things done. Our visions align perfectly, and we are excited to collaborate with them to bring a holistic, risk-based intelligence offering to a broad market.” AN ASSET-BASED APPROACH TO INTELLIGENCE AND RISK MANAGEMENT RBS’s extensive vulnerability, data breach, and proprietary vendor risk ratings empower security teams to quickly assess and remediate vulnerabilities based on their unique risk profile—making it the only vulnerability management tool on the market that provides scanless, real-time vulnerability intelligence with vendor and product risk ratings. With this technology, Flashpoint will be able to reveal a customer’s exposure to critical vulnerabilities and supply chain weaknesses, provide contextual awareness into how these vulnerabilities are being exploited by threat actors, and prioritize and automate the actions needed to remediate potential threats. In light of recent critical vulnerabilities like the highly-publicized disclosure of Log4j, early detection and rapid prioritization of risks is more important than ever. Moving beyond a reactive approach to threats, a combined Flashpoint and RBS solution will drive immediate and differentiated value to all types of security practitioners who are focused on protecting critical assets and infrastructure. ABOUT FLASHPOINT Trusted by governments and the Fortune 500, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks such as cyber threats, ransomware, fraud, physical threats, and more. Leading security practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps and vendor risk management teams—rely on Flashpoint's intelligence platform to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. ABOUT RISK BASED SECURITY Risk Based Security (RBS) provides detailed information and analysis on Vulnerability Intelligence, Vendor Risk Ratings and Data Breaches. Our product, the Risk Based Security Platform, combines VulnDB and Cyber Risk Analytics (CRA), providing organizations access to the most comprehensive security intelligence knowledge bases available, including advanced search capabilities, access to raw data via API, and email alerting to assist organizations in taking the right actions in a timely manner.

Read More

DATA SECURITY

Noetic Cyber Partners with SentinelOne to address growing cybersecurity asset management challenges

Noetic Cyber | February 03, 2022

Noetic Cyber, a cloud-based continuous cyber asset management and controls platform, today announced a partnership with autonomous cybersecurity platform company SentinelOne (NYSE:S). This partnership delivers an end-to-end cybersecurity asset management solution that leverages SentinelOne's endpoint and cloud workload telemetry, combined and correlated with information from other information sources, to generate a high-fidelity, continuously updated, multidimensional map of all assets and their cyber relationships. The current fragmentation of IT management, DevOps and security tools makes it difficult for security teams to see all the assets in the business and to understand the relationships between them. In fact, 71% of global IT leaders admit to finding new endpoints in their environment on a weekly basis. Endpoint and cloud workload telemetry is a vital part of this information, providing high-fidelity, relevant insights into threats and cyber assets. The integration of SentinelOne Singularity XDR and the Noetic platform enables teams to extend the visibility, detection and endpoint insights of SentinelOne into a wider asset inventory and management architecture, maximizing their value. "We are very excited to be partnering with Noetic Cyber on this integrated solution," said Chuck Fontana, SVP of Business Development, SentinelOne. "There is a significant security challenge in not understanding the cyber risk of all assets in your environment. Together with Noetic, we're able to close that gap and ensure a hygienic cybersecurity environment for organizations across industries." The SentinelOne Connector for Noetic is an API-based integration. Joint customers install the SentinelOne Connector into the Noetic platform and provide it with API credentials to establish a bi-directional integration between the two platforms. The Noetic platform periodically polls SentinelOne, looking for information indicating new, updated or removed endpoints. This information is ingested, aggregated and correlated with information from other data sources, presented to security teams via innovative graph database technology. Pre-packaged queries and dashboards help analysts to uncover coverage and compliance gaps and hidden risks. The Noetic platform also includes a comprehensive automation workflow engine, which allows security teams to pre-determine corrective action, such as deploying the SentinelOne agent to unprotected machines, triggering a scan or disconnecting a machine from the network. "Through this innovative partnership with SentinelOne, we are able to jointly address security coverage gaps and automatically correct misconfigured endpoints that could otherwise leave organizations vulnerable,Leveraging the high-fidelity data provided by SentinelOne, Noetic provides unparalleled insights into your cyber assets, identifies security risks and uses automation to continuously close them." Paul Ayers, CEO of Noetic About SentinelOne SentinelOne's cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform. About Noetic Cyber Noetic Cyber enables security teams to make faster, more accurate decisions to detect coverage gaps and reduce cyber risk. The Noetic solution is a cloud-based Continuous Cyber Asset Management & Controls Platform that provides teams with unified visibility of all assets across their cloud and on-premises systems, and delivers continuous, automated remediation to close coverage gaps and enforce security policy. Noetic improves security tools and control efficacy by breaking down existing siloes and improving the entire security ecosystem. Founded in 2019, Noetic is based in Boston and London.

Read More

NETWORK THREAT DETECTION

SilverSky Announces Acquisition of Cygilant, Gains UK Presence and Renowned Data Research Talent

SilverSky | January 11, 2022

SilverSky, a cybersecurity innovator offering powerful managed detection and response (MDR) services, today announced it completed the acquisition of Burlington, Massachusetts-based Cygilant. As a leading cybersecurity-as-a-service provider, Cygilant operates a security operation center (SOC) in Belfast, Northern Ireland and also boasts some of the world's most notable Ph.D.-level talent focused on cybersecurity, advanced networks and data science. The addition of Cygilant's UK-based delivery center complements the current SilverSky footprint in Asia and North America while expanding SilverSky's access to European markets. In October 2021, SilverSky announced that ITOCHU International, Inc., the North American flagship company of Tokyo-based ITOCHU Corporation, made a strategic investment of $31.5 million in SilverSky. Additionally, in August 2021, SilverSky announced the completed acquisition of New Jersey-based Advanced Computer Solutions Group, LLC (ACSG) which added a notable customer base within the U.S. education sector and marked the company's first acquisition in a series of planned growth opportunities. "Alongside our recent growth-related announcements, this acquisition of Cygilant, a cybersecurity-as-a-service and threat-intelligence powerhouse, helps to further galvanize our efforts to globally expand the SilverSky presence as well as retain and nurture some of the industry's best cybersecurity and data science talent," said Richard Dobrow, CEO at SilverSky. "Cygilant shares our commitment to rich-service offerings that are unmatched in the industry. We're pleased to welcome the Cygilant team and their customers." "We are excited to join SilverSky,This represents a significant next-chapter of the Cygilant journey, as our innovative SOC capabilities and deep bench of cybersecurity expertise are combined with one of the industry's most comprehensive MDR offerings. The outcome for our customers will be access to the collective set of broader managed services that will continue to enrich their cyber protections and strengthen their security posture." Rob Scott, CEO and President at Cygilant who will be joining SilverSky as its Chief Strategy Officer About SilverSky Organizations of all sizes face the same cybersecurity threats, compliance mandates, and business risk as Fortune 500 companies. SilverSky levels the playing field and enables companies, regardless of their size, to access enterprise-grade cybersecurity to meet regulatory requirements, proactively respond to threats, and rapidly reduce risk. SilverSky offers one of the most comprehensive managed detection and response (MDR) solutions in the industry. Delivered as a managed services model, SilverSky MDR makes powerful cybersecurity simple, affordable, and accessible to organizations of all sizes and across industries. Customer environments are monitored 24x7x365 by highly skilled security operations analysts in SilverSky SOCs, which were developed based on military-grade security and are powered by the latest integrated technology. SilverSky has more than 20 years of operational cybersecurity success defending thousands of customers in some of the most demanding industry sectors.

Read More

ENTERPRISE SECURITY

SecurityScorecard and Marsh McLennan Collaborate to Elevate Cybersecurity in Challenging Risk Landscape

SecurityScorecard | January 28, 2022

SecurityScorecard, the global leader in cybersecurity ratings, today announced a collaboration with Marsh McLennan, the world's leading professional services firm in the areas of risk, strategy and people, to enable organizations around the world to improve their cyber resilience. As part of the collaboration, Marsh McLennan's Cyber Risk Analytics Center will leverage SecurityScorecard's data and analytics to gain real-time cyber risk insights and define risk mitigation strategies for the Company's global client base. The companies will also collaborate on joint research aimed at increasing awareness of cyber risk and educating the market on risk management strategies. "We are excited to work with Marsh McLennan, which understands that to stay competitive, you must stay innovative," said Prashant Pai, Senior Vice President and General Manager of Strategic Initiatives at SecurityScorecard. "Given how fast the cyber risk landscape evolves, it's essential that business leaders have access to the most up-to-date and complete view of a client's cybersecurity posture." "Cyber risk evolves minute-to-minute, making it challenging to build data-driven risk management strategies,SecurityScorecard's data and analytics are a valuable addition to our proprietary insights, furthering our ability to help our clients stay on top of emerging vulnerabilities and threats that may impact their businesses." Scott Stransky, Managing Director, Marsh McLennan Cyber Risk Analytics Center SecurityScorecard continuously monitors millions of entities worldwide and non-intrusively assesses their security posture across 10 risk categories including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security and patching cadence. About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.

Read More

Spotlight

In order to protect corporate data and resources from mobile device security threats, it’s critical to have device security policies in place—as well as processes and tools to ensure their effectiveness. There is a balance to strike here between making sure the password cannot easily be guessed with minimal password strength requirements but also making sure that the password complexity requirements do not annoy end users. Specifying the timeout duration is a part of this balance as well. If the duration is set too short, users will be annoyed with repeated password entries and if the duration is too long, then the device is more easily susceptible upon being stolen or lost

Resources