ARIA integrates SDS solution with Sumo Logic To Counter Network-Borne Attacks

  • ARIA Cybersecurity Solution delivers a software defined approach for improved cyberattack incident response.

  • The ARIA™ Software-Defined Security (SDS) solution was engineered to work seamlessly with other security tools.

  • Customers will greatly benefit from the real-time security intelligence and insights derived from the metadata traffic provided by ARIA to get deep visibility needed to preemptively stop network borne attacks.

Aria Cybersecurity Solutions has announced an integration with Sumo Logic to provide security teams with cloud-native, real-time security intelligence and insights to help stop network-borne threats, including those involving Internet of Things (IoT) devices, without interfering with business operations.


ARIA Cybersecurity Solution delivers a software-defined approach for improved cyber attack incident response, including threat detection, investigation containment, and proactive asset protection.


This integration with ARIA is another way we are helping enterprise security teams leverage the power of continuous intelligence to accelerate their investigative processes which is vital to keep pace in a world of rapidly evolving threats. Our joint customers will greatly benefit from the real-time security intelligence and insights derived from the metadata traffic provided by ARIA to get deep visibility needed to preemptively stop network borne attacks.

- John Coyle, Vice President (Business Development), Sumo Logic.

Sumo Logic, the leader in continuous intelligence, enables organizations of all sizes to address the data challenges and opportunities presented by digital transformation, modern applications, and cloud computing.


READ MORE: SIEM is a great tool but it's administrative challenges are a barrier


The ARIA™ Software-Defined Security (SDS) solution was engineered to work seamlessly with other security tools, such as Sumo Logic’s Continuous Intelligence Platform, through open, RESTful APIs.


The integration with the Sumo Logic Continuous Intelligence Platform is a win-win for both of our organizations. Sumo customers are data savvy and those in cybersecurity are especially keen on leveraging internal network data to strengthen their security posture. The ARIA SDS solution is the perfect complement to Sumo as the improved network visibility naturally leads to better threat search queries and dashboards needed to identify and stop the cyberattacks that do the most harm.

- William Bent, VP Cybersecurity Product Management

The ARIA SDS Packet Intelligence application feeds NetFlow metadata from every packet to Sumo Logic, including traffic from usually overlooked internal network east-west paths. Once this enriched data is available in Sumo Logic, security professionals can quickly create queries to generate more accurate, comprehensive, and actionable dashboards. This information enables them to conduct real-time ransomware, malware, ATP and other intrusion investigation and take action to contain and stop threats before significant harm is done.


READ MORE: Why complexity issues persist in SIEM and Cybersecurity

Spotlight

Other News
Software Security

Keeper Security’s Latest Update Improves Android and User Interface

Keeper Security, Inc. | September 25, 2023

Keeper Security, a prominent cybersecurity software provider specializing in zero-trust and zero-knowledge solutions safeguarding credentials, privileged access, secrets, and remote connections, has announced the unveiling of a new, contemporary User Interface (UI) for the Keeper Password Manager application on Android. This awaited release introduces enhanced usability, intelligent search capabilities, and quicker synchronization times. With a focus on a polished appearance and user-friendly interactions, these enhancements are designed to simplify the utilization of Keeper's robust password and passkey management features, offering improved clarity and search functionality. Keeper has adopted an incremental approach to enhancing the user experience, consistently refining the appearance, usability, and overall feel of its applications while staying mindful of the importance of consistency, familiarity and the world-class security and functionality that Keeper users have come to expect. With this update, Keeper's new user experience has been effectively implemented across all platforms, encompassing desktop, web browsers, and iOS. Android users can also anticipate an upcoming dark mode experience soon. Android users of Keeper will encounter refreshed themes, including a default Light Mode and improved user-selectable themes. Additionally, new features include: Streamlined Usability Friendlier Interface Accessibility and Inclusion Advanced Search Craig Lurey, CTO and Co-Founder of Keeper Security, said, We are excited to introduce these enhancements to our Android app, completing the rollout of our stunning new user interface (UI) to every Keeper user. [Source – Cision PR Newswire] Lurey stated that the update represented their ongoing commitment to delivering the best possible user experience while maintaining the highest security standards. He mentioned that with the improved usability, modernized interface, and lightning-fast sync times, Keeper Password Manager for Android continued to be a go-to solution for organizations and individuals looking to secure their digital identities. About Keeper Security Keeper Security is revolutionizing the way to secure passwords, confidential data, and secrets for individuals and organizations worldwide. The company's user-friendly cybersecurity platform is built on the foundation of zero-trust and zero-knowledge security, providing protection for users on all devices. Its solution is quick to deploy and seamlessly integrates with any technology stack, effectively preventing breaches, lowering help desk expenses, and ensuring compliance. Trusted by millions of individuals and numerous global organizations, Keeper leads in top-tier password management, privileged access, secrets management, secure remote access, and encrypted messaging solutions.

Read More

Cloud Security

Checkmarx Announces Technology Partner Program to Enable the Industry's Most Extensible, Code-to-Cloud Enterprise AppSec Ecosystem

PR Newswire | October 19, 2023

Checkmarx, the industry leader in cloud-native application security for the enterprise, today announced its Checkmarx Technology Partner program, enabling organizations to easily extend the leading AppSec platform with a wide range of technology partner capabilities. The combination of best-of-breed technology partners with the leading enterprise AppSec platform helps organizations shift everywhere, from code to cloud, with a unified AppSec posture integrated into the software development life cycle (SDLC). Checkmarx' Technology Partner Program helps organizations simplify management across their AppSec programs, get more value out of existing AppSec solutions and drive better security outcomes. Providing broad support for greater AppSec maturity throughout the entire SDLC, the Checkmarx Technology Partner program enables partners and their customers to centralize and simplify discovery in these key areas through Checkmarx One: Vulnerability and risk management systems: Aggregate, normalize and prioritize vulnerabilities and risks with a unified, holistic view with partners like ArmorCode, Brinqa and ServiceNow. SDLC tools: Integrate AppSec at all stages of the software development lifecycle within the environments and tools used daily by analysts, developers and testers with partners like GitLab, JetBrains and Security Compass. Cloud and runtime security: Match cloud assets at runtime with application source code projects so that vulnerabilities found in the developer source code are enriched with runtime context, and runtime cloud security inventories are enriched with AppSec findings – all possible through partners like AWS, Cisco Panoptica and Sysdig. Emerging technologies: Work with the most innovative startups and technologies including AI and GenAI to shape tomorrow's AppSec solutions landscape with partners like Mobb.ai. Expanding this ecosystem simplifies the process of mitigating AppSec risk for our partners' customers, making their applications exponentially more secure during a time of escalating threats, said Kobi Tzruya, Chief Research and Development Officer at Checkmarx. From protecting AI-generated code to helping build trust between developers and security teams, Checkmarx One is already the AI-driven, enterprise-ready AppSec platform of choice. Now working with other leading technology companies to meet the need for streamlined, consolidated solutions will make life easier and applications safer for everyone. Checkmarx recently announced Sysdig as its latest technology partner, bringing runtime container insights into Checkmarx One so organizations can prioritize vulnerabilities associated with container packages that are actually running and that pose the most risk. "The top application security vendors have a responsibility to team up to provide more robust and complete solutions for the world's enterprises," said Bryan Smoltz, VP of Technology Alliances at Sysdig. "By delivering runtime insights within Checkmarx One, customers have clear visibility into the workloads that are running in production so they can make better-informed security decisions. Together, we're helping to bring maximum protection at cloud speed." Technology partners also benefit from the program with new marketing and sales opportunities, and by making their solution readily accessible to Checkmarx' more than 1,800 customers, including 60% of the Fortune 100. The Checkmarx One platform scans more than 100 billion lines of code monthly and its world-renowned Checkmarx Labs security research team provides ongoing threat intelligence to inform product development and to advise customers of their best defenses in today's threat landscape. For more information about becoming a Checkmarx Technology Partner, visit this page. Click here to explore the Checkmarx One partnership ecosystem. About Checkmarx Checkmarx is the enterprise application security leader and the provider of Checkmarx One™, the industry-leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Powered by the intelligence from our industry-leading AppSec security research team, and our AI-driven technology and services, our platform is designed to enable CISOs, AppSec and development leaders to prioritize their teams' focus on what impacts their business. Our offerings secure every phase of development for every application, from the very first line of code through production, while simultaneously balancing the dynamic needs of security and development teams. It's no longer just about shifting left or right - it's about shifting everywhere. We are honored to serve more than 1,800 customers, which includes 60 percent of all Fortune 100 organizations. We are committed to moving forward with unwavering dedication to the safety and security of our customers, and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.

Read More

Platform Security

SentinelOne Launches RemoteOps Forensics for Faster Incident Response

SentinelOne | September 18, 2023

SentinelOne, a global leader in autonomous cybersecurity, is addressing the pressing need for rapid and effective responses to the escalating wave of cyber breaches. Today, the company announced the launch of Singularity RemoteOps Forensics, a pioneering digital forensics product designed to streamline and accelerate incident response readiness. This innovative solution promises to empower organizations of all sizes, ushering in a new era of efficient and scalable investigation and response capabilities in the face of evolving cybersecurity challenges. Integrated seamlessly with the SentinelOne Singularity Platform and as an add-on to Sentinel One's Endpoint and Cloud Workload Security solutions, RemoteOps Forensics offers a rapid, adaptable digital forensics and incident response solution. Security teams can leverage this tool to enhance efficiency by optimizing resources and accelerating Mean Time to Resolution. With the capability for targeted investigations on various assets, including endpoints and server workloads, it enables conditional trigger-based evidence collection. This automation efficiently gathers evidence, such as process data, ports, service listings, MFT, Amcache, JumpLists, and memory dumps, orchestrating them in under a minute. Consolidating evidence into the Singularity Security DataLake allows for the correlation of SentinelOne and partner data with forensics data in a unified search, facilitating a comprehensive view of attacks, rapid root cause identification, and risk mitigation. Furthermore, it provides the ability to analyze collected evidence alongside Endpoint Detection and Response (EDR) data within a single console, empowering proactive defense against future threats. The integration and analysis of this combined data unveil concealed indicators of compromise, detect advanced attack patterns, and offer insights into threat actors' tactics, techniques, and procedures. RemoteOps Forensics is a cost-effective and resource-efficient solution that seamlessly integrates with the SentinelOne agent. This integration alleviates the necessity of deploying and provisioning multiple tools throughout the investigative process, resulting in significant time and resource savings for organizations. In addition, this innovative solution prioritizes the maintenance of forensic integrity by minimizing changes made to the disk, and it leverages SentinelOne's anti-tampering and metadata collection capabilities to safeguard data integrity. In doing so, it streamlines investigations and upholds the highest standards of forensic rigor, reinforcing organizations' cybersecurity defenses with a comprehensive and efficient approach. Jane Wong, Senior Vice President of Products and Strategy at SentinelOne, said, As timelines for reporting and responding to breaches shrink, it is imperative that the security teams have advanced forensics capabilities that can make investigations faster and more efficient, and with Singularity RemoteOps Forensics, the team is delivering them. [Source – Business Wire] SentinelOne's new forensic capabilities help develop incident response by enabling security teams to conduct thorough investigations more quickly, Jane also mentioned eliminating the requirement for specialized expertise or additional tools. About SentinelOne SentinelOne is a leading provider of autonomous cybersecurity solutions. With its identified Singularity Platform, the company excels at detecting, preventing, and responding swiftly to cyber threats. SentinelOne enables businesses to protect their endpoints, cloud workloads, containers, and identities, as well as their mobile and network-connected devices, with unparalleled speed, accuracy, and ease of use. With a formidable clientele comprising over 11,000 customers, SentinelOne has proven itself as the trusted guardian of a secure digital future.

Read More

Software Security

SCYTHE Latest Version 4.1 Introduces Enhanced Deployment Flexibility and AI-Driven Productivity Boost

Business Wire | November 02, 2023

SCYTHE, a leading provider of cybersecurity solutions, announces the release of SCYTHE 4.1, the latest evolution in its cutting-edge cyber resilience offering. This release brings new and enhanced features to empower organizations in their continuous efforts to strengthen their cybersecurity posture. SaaS Offering for Unparalleled Flexibility SCYTHE 4.1 introduces its initial Software as a Service (SaaS) offering, providing organizations with newfound deployment flexibility. This SaaS option offers the same robust capabilities as the on-premises version, ensuring that teams can choose the deployment model that best suits their needs without pricing changes. SCYTHE's commitment to flexibility ensures that organizations can secure their infrastructure on their terms. Advanced Agent Support with Scheduling for Continuous Testing To unlock even greater control over security testing, SCYTHE 4.1 introduces advanced agent support with scheduling. This feature allows organizations to perform continuous testing by automating the deployment and execution of security assessments at specified intervals. With the power of scheduling, teams can proactively identify threats, assess controls, and evaluate their readiness to respond to cyber threats. SCYTHE empowers organizations to maintain the highest level of cyber resilience without manual intervention. Cloppy - Your AI-Powered Security Analyst In a significant leap forward, SCYTHE unveils the early access beta release of "Cloppy," its supervised machine learning (ML)-based AI analyst chatbot. Cloppy enhances team productivity, job satisfaction, and cybersecurity capabilities by delivering instant insights and recommendations. This AI-driven assistant will leverage private knowledge base instances, ensuring sensitive information stays secure. Cloppy is poised to become a trusted companion for security professionals, providing real-time guidance and augmenting their decision-making processes. As cyber threats continue to evolve, so must our approach to cybersecurity. SCYTHE 4.1 represents our commitment to innovation and empowering organizations to stay ahead of cyber adversaries, said Marc Brown, Head of Product at SCYTHE. With our SaaS offering, advanced agent support, and the introduction of Cloppy, we're equipping organizations with the tools they need to enhance their cyber resilience while simplifying offensive security. SCYTHE 4.1 Platform is now available for both new and existing customers. For more information on SCYTHE's comprehensive cyber resilience solutions, please visit https://scythe.io. About SCYTHE SCYTHE represents a paradigm shift in cybersecurity risk management, empowering organizations to Attack, Detect, and Respond efficiently. The SCYTHE platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns. SCYTHE's innovative dual-deployment options and comprehensive features ensure a proactive cybersecurity approach. Headquartered in Arlington, VA, SCYTHE is privately funded by distinguished partners dedicated to shaping a more resilient cybersecurity landscape.

Read More