ARIA integrates SDS solution with Sumo Logic To Counter Network-Borne Attacks

CSP Inc. | February 25, 2020

  • ARIA Cybersecurity Solution delivers a software defined approach for improved cyberattack incident response.

  • The ARIA™ Software-Defined Security (SDS) solution was engineered to work seamlessly with other security tools.

  • Customers will greatly benefit from the real-time security intelligence and insights derived from the metadata traffic provided by ARIA to get deep visibility needed to preemptively stop network borne attacks.

Aria Cybersecurity Solutions has announced an integration with Sumo Logic to provide security teams with cloud-native, real-time security intelligence and insights to help stop network-borne threats, including those involving Internet of Things (IoT) devices, without interfering with business operations.


ARIA Cybersecurity Solution delivers a software-defined approach for improved cyber attack incident response, including threat detection, investigation containment, and proactive asset protection.


This integration with ARIA is another way we are helping enterprise security teams leverage the power of continuous intelligence to accelerate their investigative processes which is vital to keep pace in a world of rapidly evolving threats. Our joint customers will greatly benefit from the real-time security intelligence and insights derived from the metadata traffic provided by ARIA to get deep visibility needed to preemptively stop network borne attacks.

- John Coyle, Vice President (Business Development), Sumo Logic.

Sumo Logic, the leader in continuous intelligence, enables organizations of all sizes to address the data challenges and opportunities presented by digital transformation, modern applications, and cloud computing.


READ MORE: SIEM is a great tool but it's administrative challenges are a barrier


The ARIA™ Software-Defined Security (SDS) solution was engineered to work seamlessly with other security tools, such as Sumo Logic’s Continuous Intelligence Platform, through open, RESTful APIs.


The integration with the Sumo Logic Continuous Intelligence Platform is a win-win for both of our organizations. Sumo customers are data savvy and those in cybersecurity are especially keen on leveraging internal network data to strengthen their security posture. The ARIA SDS solution is the perfect complement to Sumo as the improved network visibility naturally leads to better threat search queries and dashboards needed to identify and stop the cyberattacks that do the most harm.

- William Bent, VP Cybersecurity Product Management

The ARIA SDS Packet Intelligence application feeds NetFlow metadata from every packet to Sumo Logic, including traffic from usually overlooked internal network east-west paths. Once this enriched data is available in Sumo Logic, security professionals can quickly create queries to generate more accurate, comprehensive, and actionable dashboards. This information enables them to conduct real-time ransomware, malware, ATP and other intrusion investigation and take action to contain and stop threats before significant harm is done.


READ MORE: Why complexity issues persist in SIEM and Cybersecurity

Spotlight

The Defence Signals Directorate is the national authority on the security of information across government. DSD provides a range of information security services to ensure that sensitive government electronic information systems are not susceptible to unauthorized access, compromise or disruption. The Cyber Security Operations Centre was established in DSD as an initiative of the Australian Government’s Defence White Paper to mitigate the cyber threat to Australia’s national security. The Centre meets two needs. It provides Defence with a cyber warfare capability and provides a resource designed to serve all government agencies. In the past decade, the growing importance of operations in cyber space has become increasingly apparent. Our national security is under threat from a range of cyber actors. Our adversaries are often well resourced, highly skilled and able to defeat commercially available security solutions.


Other News
DATA SECURITY

ContraForce Announces $2M Seed Investment from DataTribe

ContraForce | December 28, 2021

DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today a $2M seed investment in ContraForce, a leader in no-code security automation for small and medium-sized businesses. ContraForce delivers a no-code security automation platform that makes cyber security accessible for small and medium-sized businesses that lack the resources and expertise to defend themselves. In addition, ContraForce also brings this facility to security compliance; a critical feature, as customers, regulators and insurance companies are putting increasing pressure on small and mid-sized organizations to not only be secure, but also to prove it. No longer is it acceptable for smaller organizations to be a step behind in their security and compliance. Hackers are increasingly targeting them for ransomware or as an entry point into a supply chain. Because small businesses typically have limited resources to cope with a cyber attack, cyber attacks can represent an existential risk for them. ContraForce enables small and mid-sized businesses to manage this risk with their easy-to-use, self-service platform to automate threat detection, response, and compliance. “We are thrilled to announce DataTribe's most recent investment in ContraForce on the heels of the company winning the fourth annual DataTribe Challenge,” said John Funge, Managing Director at DataTribe. “By providing a sort of security and compliance ‘easy button’, ContraForce is filling a really significant gap. Just because an organization is small does not mean that it does not possess vital data, IP, or access to strategic networks. It is paramount that smaller organizations overcome the resource barriers to robust security. ContraForce’s unique approach dramatically lowers these barriers.” “I am looking forward to working with DataTribe as we build on the ContraForce team's passion for simple and effective cybersecurity solutions designed for the needs of small and medium-sized businesses,” Stan Golubchik, CEO and co-founder of ContraForce ContraForce’s security and compliance solutions map security vulnerabilities to the industry standard MITRE ATT&CK framework. They create and adapt security detection and response capabilities in real-time, ensuring the environment is secured in hours across the cloud, network, endpoint, and users. By using ContraForce, an organization without dedicated security personnel can respond to threats without having to learn or write complex security detection code and response workflows. About DataTribe DataTribe is a startup foundry that invests in and co-builds world-class startups focused on generational leaps in cybersecurity and data science. Founded by leading investors, startup veterans, and alumni of the U.S. intelligence community, DataTribe commits capital, in-kind services, access to an unparalleled network, and decades of professional expertise to give their companies an unfair advantage. DataTribe is headquartered in the Washington-Baltimore metro area, in Fulton, Maryland. About ContraForce ContraForce is the new no-code security automation company. We focus on securing the small and medium-sized businesses by helping their security and IT teams work smarter, allowing them to implement automated operations that are effective in combating cyberattacks and demonstrating compliance. ContraForce is headquartered in McKinney, Texas and was founded and built by industry security and cloud experts from Armor, McAfee, and Intel. ContraForce's mission is to empower IT and Security teams and enable them to be more efficient.

Read More

DATA SECURITY

ITC Secure and Cassava Technologies Announce Joint Venture to Expand Industry Leading Security Operations and Microsoft Cloud Security Expertise

ITC Secure | December 16, 2021

ITC Secure (ITC), a leading advisory-led cyber security services company and a Microsoft Gold cyber security partner, and Cassava Technologies, the pan-African technology leader, announced today that they have entered into a Joint Venture (JV) to build and launch an extensive portfolio of cyber security services, powered by Microsoft Azure cloud technologies in Africa. Hardy Pemhiwa, the CEO of Cassava Technologies said: “Digital transformation in Africa is accelerating the adoption of cloud services which is creating an urgent need to better protect users and business-critical data. Cassava Technologies footprint covering more than 15 countries in Africa, we are well-positioned to meet the growing needs of businesses and individuals and expand access to cybersecurity and other digital services. We look forward to bringing ITC’s world-class cyber expertise, coupled with Microsoft’s industry-leading technology, to build Africa’s digital future.” “The strategic partnership between ITC Secure and Cassava Technologies, as a pan-African technology leader, will bring Microsoft’s cutting-edge cloud security solutions to the African market to drive the growth of the technology sector and innovation across Africa.” Andre Pienaar, the Chairman of ITC Secure Admiral Mike Mullen, the Chairman of ITC Secure USA said: “The combination of ITC Secure and Cassava Technologies will help guide us to the future while addressing the growing needs of individuals and organisations in the African market for a secure digital world, built on the best solutions and delivered by the best experts.” Replicating best practice of a leading UK SOC to build a cutting-edge SOC in Africa ITC’s 24/7 Operations Centre, based in London, is at the forefront of delivering managed security services. As part of the JV, ITC and Cassava Technologies will build a state-of-the-art SOC in Africa. The centre will leverage Cassava Technologies’ in-depth knowledge of the African continent and ITC’s extensive experience in cybersecurity, to enable the rapid delivery of cyber services and operations on the continent. Steering the future ITC’s mission to ‘make the digital world a safer place to do business’ echoes Cassava Technologies’ vision of a digitally connected future that leaves no African behind. This JV addresses the growing need to ensure that individuals and organisations are safe and secure online and will further demonstrate how cyber security can be a business enabler, helping to drive growth and create jobs across Africa. Facilitating knowledge transfer locally The skills gap in the cyber security industry continues, with recruitment and retention an ongoing challenge. The JV will facilitate access to experts globally and close collaboration and knowledge transfer locally. This will enable faster on the ground response, the sharing of cyber security best practice and streamlined sharing of internal resource. Extended portfolio of cyber security services ITC’s integrated delivery model provides access to the best cyber security skills, technology, and governance. Encompassing a unified suite of solutions that start with an advisory-led approach, including Identity and Access Management capabilities and managed security services like Managed Detection and Response. At the heart of ITC’s integrated delivery model is PULSE, an extended detection and response platform powered by Microsoft Sentinel, that integrates specialist knowledge and expertise. ITC is a Microsoft Gold partner in Security and Cloud and a member of the Microsoft Intelligent Security Association. Organisations will gain access to a level of expertise recognised by Microsoft as the “highest, most consistent capability” – underpinned by a cohesive set of services that scale. About ITC Secure ITC Secure is an advisory-led cyber security services company. We have a 25+ year track record of delivering business-critical services to over 300 blue-chip organisations - bringing together the best minds in security, a relentless focus on customer service and advanced technological expertise to help businesses succeed. With our integrated delivery model, proprietary platform and customer-first mindset, we work as an extension of your team throughout your cyber journey and always think not only about you, but also your customers and the reputation of your brand. ITC Secure a certified Great Place to Work® and is headquartered in London, UK. With a dynamic balance of the best in people, technology, and governance, we make cyber resilience your competitive advantage. About Cassava Technologies Cassava Technologies is a pan-African technology leader providing a vertically integrated ecosystem of digital solutions, designed to significantly accelerate connectivity and drive digital transformation across the African continent. Cassava Technologies creates the enabling digital infrastructure with cross-border fibre, renewable energy solutions, and a state-of-the-art network of data centres that provides access for millions to complementary digital services of Wi-Fi, Cloud, cybersecurity and fintech solutions. This ecosystem aims to transform the lives of individuals and businesses across the continent by enabling social mobility and economic prosperity.

Read More

PLATFORM SECURITY

Trend Micro Unites Industry With Most Powerful and Complete Security Platform

Trend Micro | April 26, 2022

Trend Micro Incorporated , a global cybersecurity leader, announced the launch of Trend Micro One, a unified cybersecurity platform with a growing list of ecosystem technology partners that enables customers to better understand, communicate, and lower their cyber risk. Organizations are battling on all fronts to face mounting cyber risks from their complex and growing attack surface with stretched teams and siloed security products. The unified security platform approach delivers a continuous lifecycle of risk and threat assessment with attack surface discovery, cyber risk analysis, and threat mitigation and response. Inaugural partners of the Trend Micro One technology ecosystem include: Bit Discovery, Google Cloud, Microsoft, Okta, Palo Alto Networks, ServiceNow, Slack, Qualys, Rapid7, Splunk, and Tenable. "We are so proud that ecosystem partners value integrating into our platform. Collectively we help enterprises fight the bad guys known as cybercriminals. Alone we are strong, but together our industry is unstoppable in helping customers eliminate security gaps anywhere, identify internal and external enterprise assets, and take critical steps to mitigate them. Kevin Simzer, COO of Trend Micro According to Gartner®, "vendors are increasingly acquiring or developing these adjacent technologies and integrating them into a single platform. The benefits are best realized when this integration minimizes consoles and configuration planes and reuses components (e.g., endpoint agents) and information.1" "We all know that digital transformation is table stakes for the post-pandemic enterprise. But this comes with additional risks: a bigger target for threat actors to aim at and more visibility and security coverage gaps for them to hide in," said Jeremiah Grossman, CEO of Bit Discovery. "Trend Micro's approach stands out from the crowd — notably with its blend of multiple sources of asset and risk visibility, including external attack surface visibility powered by Bit Discovery. Trend Micro's platform helps customers quickly get a prioritized and comprehensive understanding of their attack surface." As a unified platform, Trend Micro One delivers powerful risk assessment capabilities, but the ecosystem partners extend that to make it the most complete in the industry. Joint customers benefit from truly connected visibility, better detection and response capabilities, and comprehensive protection across security layers and systems. Trend Micro One supports this approach by enabling customers to: Discover the attack surface: Identify, monitor, and profile cyber assets in customers' environments. Understand and continuously assess risk: Analyze risk exposure, the status of vulnerabilities, the configuration of security controls, and types of threat activity. Effectively mitigate risk: Ensure the right preventative controls and take swift action to mitigate risk and remediate attacks across the enterprise by leveraging Trend Micro's threat and risk intelligence. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.

Read More

DATA SECURITY

CloudCover Continues to Move Into a New Era of CyberSafety with the Launch of CloudCover’s Cyber Liability

CloudCover | December 27, 2021

The cybersecurity insurance market is in trouble, fueled by a rapid increase in cyber attacks – up 486% from the beginning of 2018 through the end of 2021, according to Aon. As a result, insurers have little choice but to raise rates and scrutinize policy terms and conditions, as there’s no historical data to set policies and premiums like traditional insurance products. CloudCover, the company Reimagining CyberSecurity, is making strides to improve cyber safety by creating the first end-to-end cyber security technology and insurance platform. Today, the company announces the continued rollout of its suite of CloudCover insurance products with the launch of a new insurance offering: CloudCover Cyber Liability (CCCL) and Information Systems Business Interruption (ISBI) insurance. The release of the cybersecurity insurance coverage brings forward an entirely new market category: cybersecurity network and data insurance cover that utilizes the CC/B1 PlatformTM to obtain the data analytic set required to efficiently underwrite and set accurate premiums. CloudCover’s $1 Million Ransomware Warranty was launched in September 2021. Through its CCCL insurance, CloudCover will issue a $1 million cover per occurrence and a $10 million aggregate policy. This insurance option covers: First-party response costs, including any costs associated with the investigation and remediation of cybersecurity breaches, as well as payment for costs associated with notifying affected parties of the breach, Third-party liability and regulatory costs, including any costs associated with the defense of lawsuits, regulatory fines, and penalties in addition to the costs associated with any judgements rendered from those activities, and Cover for any ransom demanded by cyber criminals who have locked the insured company’s network or computer systems. Similar to the CCCL coverage, CloudCover will also issue $1 million coverage per occurrence and a $10 million aggregate policy for its ISBI coverage. The insurance policy provides payment for lost revenue in the event that a Distributed Denial of Service (DDoS) attack disrupts or compromises the insured party’s network. Both insurance covers are powered by CloudCover’s CC/B1 Platform, an advanced Intelligent Threat ManagementTM security solution. The CC/B1 relies on a patented AI/ML (automated intelligence/machine learning), X-NDR (extended network detection and response), SOAR (security, orchestration, automation and response) technology that empowers risk awareness, risk control, and risk transfer in near real time. The platform operates as a Firewall EverywhereTM, collecting data from all corners of an organization’s network, streamlining and utilizing machine learning to detect, analyze, and stop suspicious activity – all while using the collected network patterns with risk scoring and building actuarial models for incremental cybersecurity network insurance. “This marriage of cybersecurity technology and cyber insurance represents the creation of a new market,No other security vendor is able to provide cybersecurity risk scoring, risk event mitigation and mediation, accurate identification and threat stopping, and cyber risk insurance underwriting and auto-adjudication for claims in one platform. Using cybersecurity technology to learn about a company’s network and utilizing that data to create more accurate premiums and better coverage gives our industry the opportunity to better control cybersecurity insurance losses in the future, as we’ll be able to detect threats and issue micro-policies in a fraction of a second.” Stephen Cardot, founder and CEO of CloudCover In the months ahead, CloudCover plans to debut the final product in its initial CyberSafety Insurance Coverage portfolio: Cybersecurity Network Data Insurance, which will be the first insurance policy to insure data in motion with both first- and third-party liability coverage. This insurance, which will launch in February 2022, makes it possible for organizations to insure and thereby value their intangible assets, i.e., data, just as they would other company assets – something that’s been long seen as impossible in the FASB/GAAP industry. In order to purchase CloudCover’s insurance offerings, a company will need to have the CC/B1 Platform installed on its network in addition to completing CloudCover’s CyberSafety Registry. About CloudCover CloudCover is an AI-driven, virtual machine-learning cybersecurity platform. CloudCover has reimagined cybersecurity as a risk-predictive CyberSafety Platform – delivering real-time extended network detection and response through a patented, math-based security orchestration automated response risk aware/control solution. The CloudCover SOAR capability accumulates data between an organization’s diverse security technologies and environments and streamlines them into holistic actions on potential risks. The CC/B1 Platform provides an ever-evolving, protective security layer to your existing cybersecurity tech stack – meaning network threats are detected in near zero-second speed with near zero-threat accuracy. With CloudCover, the elusive “single pane of orchestration” capability of an organization’s network security isn’t a myth – it’s reality.

Read More

Spotlight

The Defence Signals Directorate is the national authority on the security of information across government. DSD provides a range of information security services to ensure that sensitive government electronic information systems are not susceptible to unauthorized access, compromise or disruption. The Cyber Security Operations Centre was established in DSD as an initiative of the Australian Government’s Defence White Paper to mitigate the cyber threat to Australia’s national security. The Centre meets two needs. It provides Defence with a cyber warfare capability and provides a resource designed to serve all government agencies. In the past decade, the growing importance of operations in cyber space has become increasingly apparent. Our national security is under threat from a range of cyber actors. Our adversaries are often well resourced, highly skilled and able to defeat commercially available security solutions.

Resources