DATA SECURITY

AT&T Cybersecurity Introduces a New Managed Endpoint Security Solution

AT&T Cybersecurity | April 20, 2021

Through its partnership with SentinelOne, AT&T* has introduced a managed endpoint security solution. AT&T Managed Endpoint Security with SentinelOne correlates endpoint threat identification with a single software agent that combines Antivirus, Endpoint Protection, Endpoint Detection and Response, and IoT security functions. The new solution protects endpoints from malware and other cyberattacks while still monitoring increasingly sophisticated vulnerabilities in a corporate network or cloud system.

AT&T Managed Endpoint Security with SentinelOne includes threat monitoring and management by AT&T Security Operations Center (SOC) analysts 24 hours a day, seven days a week. Customers will benefit from a single SOC team delivering constant surveillance of separate threat detection stacks for better network visibility and quicker endpoint threat detection when combined with AT&T Managed Threat Detection and Response.

Why is this important?

Businesses are faced with expanding network perimeters that need security. Endpoint cyberattacks and adversary sophistication are on the rise. As a result, SOC teams can become overburdened with alerts and data that have a little background for identifying problems. This is particularly difficult when tracking endpoints for security and identification in both on-premises and cloud environments.

The willingness of SOC teams to view threats holistically from a single agent is critical for reacting to threats effectively and confidently. To do this, threat identification and response on endpoints need to be coordinated and automated by correlated security alerts. AT&T Managed Endpoint Security scales and augments security departments that are understaffed or overburdened.

What makes this new cybersecurity solution different?

AT&T Managed Endpoint Security with SentinelOne monitors any process that happens on and between each endpoint, using Artificial Intelligence (AI) and Machine Learning on the agent to detect and counteract threats at machine speed.
The autonomous agent protects an endpoint even though it is turned off, allowing today's remote workers to function.

AT&T, as one of the world's leading Managed Security Services Providers (MSSPs), recognizes that the network edge is continuously shifting and expanding, which can generate security gaps that must be identified with greater visibility. AT&T Managed Endpoint Security with Sentinel One provides the visibility and operates to secure you 24 hours a day, 7 days a week. AT&T SOC analysts have trusted experts who have specialist threat hunting, monitoring, and response capability.

To secure your endpoints, AT&T and SentinelOne have combined their systems and enabled coordinated and automatic incident response. Additional integrations between AT&T Alien Labs, SentinelOne, and the AT&T SOC add layers of context for the SOC management team to obtain greater insights that contribute to improved and quicker threat detection and response.

Spotlight

CrowdStrike CEO George Kurtz explains today's announcement of new, advanced features to the CrowdStrike Falcon™ Platform. The updates represent a leap forward for endpoint detection and response functions along with advanced antivirus and anti-ransomware capabilities, to stop breaches faster across the enterprise.


Other News
PLATFORM SECURITY

Resecurity® Brings Cyber Threat Intelligence to Microsoft Azure

Resecurity | July 01, 2022

Resecurity, a cybersecurity and intelligence company, today announced its award-winning cybersecurity threat intelligence and risk monitoring platform is now available on Microsoft's Azure Marketplace. Microsoft's Azure Marketplace is the most comprehensive marketplace on the planet, offering thousands of certified cloud applications and software to over four million active users and subscribers. With cyber-risk ranking as a top concern for CEOs and business owners1, enterprises are looking for additional support to secure and manage the evolving cyber threatscape. More importantly, they're looking for trusted vendors who provide scalable, secure solutions that can work inside existing operating systems. Today, nearly 70 percent of organizations worldwide use Microsoft Azure for their cloud services.2 By joining the Microsoft Azure marketplace, Resecurity's software solutions will be easily accessible to the millions of Microsoft Azure customers needing comprehensive cybersecurity management and monitoring. "Enterprises continue to battle increasing cyber threats emerging from the Dark Web and ransomware groups targeting cloud services. Trusted partners like Microsoft Azure have enabled organizations to confidently bring in the cybersecurity expertise and solutions they need to protect their ecosystems. "Resecurity is dedicated to helping organizations worldwide mitigate these risks with our reliable, scalable and accessible cybersecurity and threat intelligence software." Gene Yoo, CEO of Resecurity Resecurity's AI-powered solutions provide proactive alerts and comprehensive visibility of digital risks targeting the enterprise ecosystem. The innovative platform allows administrators to reduce potential blind spots and security gaps by quickly seeing in-depth analysis and specific artifacts obtained through the dark web, botnets activity, network intelligence and high-quality threat intelligence data. Microsoft Azure users who integrate Resecurity into their cybersecurity strategy will benefit from: Around-the-clock security monitoring of your cloud workloads and enterprise ecosystem, In-depth risk evaluation of the entire enterprise ecosystem (Dark Web, Compromised Accounts, Data Leaks, Network Hygiene, Cloud Security, etc.), A scalable software solution that can monitor a digital footprint of any size (Domains, Network Ranges, Cloud-based Nodes), AI-powered threat intelligence that leverages Rescurity's Dark Web intelligence repositories with over 3.4 billion records and cyber intelligence analysts deployed across all continents, Contextualized risk alerts and data-backed suggested actions to enable a proactive security strategy.Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). About Resecurity Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, Resecurity was named as one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California by Inc. Magazine. An Official Member of Infragard, AFCEA, NDIA, SIA and FS-ISAC.

Read More

DATA SECURITY

Netskope Revolutionizes Data Protection with Patented Lightweight, Cloud-Powered Endpoint Data Loss Prevention

Netskope | May 24, 2022

Netskope, the leader in Security Service Edge (SSE) and zero trust,announced a key expansion of data protection capabilities to endpoint devices and private apps. The introduction of a patented endpoint data loss prevention (DLP) solution will enable Netskope Intelligent SSE customers to protect data everywhere it moves across the hybrid enterprise. Zero trust principles are critical to SSE, which describes the security stack needed to enable a modern Secure Access Service Edge (SASE) architecture. Data protection is of utmost importance throughout a SASE architecture—specifically, the need for security to move with data wherever it is accessed, and apply zero trust to determine the right level of access. Additionally, legacy and endpoint DLP offerings have failed enterprises by being siloed, complicated, and intrusive, hindering user productivity. Netskope has been consistently recognized by top industry analysts for its advanced data protection capabilities. With today's continued expansion of the Netskope Intelligent SSE platform, Netskope customers will be able to protect data across SaaS, IaaS, private applications, web, e-mail, and endpoint devices from a single converged data protection solution, leveraging machine learning, user and entity behavior analytics (UEBA), and insider threat mitigation capabilities to improve security efficacy, efficiency, and agility. Notable features of Endpoint DLP include: Context-aware, zero trust data protection on local peripherals and devices, such as USB drives and printers Unified data classification, policy enforcement, and incident management for DLP across SaaS, IaaS, private apps, web, e-mail, and endpoint devices A patented lightweight endpoint agent with cloud-based inspection and contextual data protection policies that enhance the user experience Machine learning and Advanced Analytics to help simplify data classification and policy definition, lowering operational overhead UEBA, which makes it possible to identify and stop complex data loss scenarios such as insider risk, where users are unintentionally or even maliciously abusing their access to data "No SASE or zero trust journey will be successful without data protection capabilities that can address all critical use cases in a way that is easy to deploy and doesn't slow down users, The introduction of Endpoint DLP extends Netskope's award-winning data protection capabilities that much further, to critical use cases with endpoint devices. While some competitors may offer unified policy and management or provide data protection for certain vectors, Netskope is the only vendor that can provide truly converged data protection across the full IT environment. We are very excited to deliver Endpoint DLP to customers as another Netskope game-changer." John Martin, Chief Product Officer, Netskope "With Netskope's new eDLP, we can now offer single-pass data protection —across all vectors, from the cloud to the endpoint —with unified policies, within a single management console," said Mick Coady, Global Vice President CyberSecurity Solutions, World Wide Technology. "As a Platinum Partner in Netskope's Evolve partner program, we're seeing the huge growth opportunity that Netskope's Intelligent SSE approach represents. This new addition will accelerate that growth." A work-from-anywhere, or "hybrid," environment makes it increasingly difficult to maintain security models based on implicit trust in any entity that wants to connect. Zero trust principles enable organizations to govern access to data based on behavior by users, devices, networks, and applications— increasing confidence in policy enforcement everywhere. By evaluating several contextual elements—user identity, device identity and security posture, time of day, geolocation, business role, sensitivity level of the data, and more—the resource itself can determine an appropriate level of confidence, or trust, only for that specific interaction and only for that specific resource. Using Netskope Intelligent SSE with zero trust principles applied throughout the environment, businesses become more agile, reduce risk, and streamline solution deployment and maintenance. "DLP has been extremely complicated and cumbersome, and that's before you factor in cloud, web, email, private apps, and endpoints," said Frank Dickson, IDC Group Vice President, Security & Trust. "Netskope looks to address complexity with integration, providing a unified cloud delivered solution. Compared to old school network and endpoint-based DLP solutions, having DLP in this integrated solution makes it dramatically easier to protect data wherever it may be and in a manner that is frictionless for end users. It is a win-win." About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. The Netskope Intelligent Security Service Edge (SSE) platform is fast, easy to use, and secures people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

WEB SECURITY TOOLS

Indusface Enhances its Web Application & API Protection (WAAP) platform AppTrana with Industry's First Risk-Based Protection to APIs

Indusface | May 19, 2022

Indusface, a leading application security SaaS company that continually detects security risks, provides real-time protection, and improves the performance of Websites and Applications, today announced that it is adding Risk-Based API Protection to its WAAP platform, AppTrana. APIs are the lifeline of the digital economy with many companies adopting the API-first approach. However, the growth of APIs is also opening up new risk vectors that they are not aware of. According to Gartner, more than 90% of applications have more attack surface exposed through API than UI and by 2022, API Abuse will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications. Indusface is revolutionizing the API security space by building on its API Protection capabilities. The company is doing so through the most comprehensive API protection to date by extending its risk-based approach to the same. "AppTrana's risk-based approach is unique and something that resonates with our customers. What customers are really interested in is knowing how well their application is protected based on the risk posture of their application. Building on this, we are now enhancing our API Protection capabilities by providing a risk-based approach to API security which we believe would revolutionize the market. With this, customers will be able to identify vulnerabilities found in their public APIs and quickly correlate how these are protected through API-specific policies and positive security policies applied in AppTrana providing the most comprehensive protection for APIs." Ashish Tandon, Founder and CEO, Indusface As with any security, you can protect only what you know and protection is as strong as the weakest link. The major challenges with APIs are discoverability and the ability to understand the context of APIs so that security can be tailored accordingly. It is to address these challenges that Indusface is enhancing its API protection in AppTrana. Collectively through a multi-step approach, customers get to discover APIs, understand risk posture and ensure comprehensive protection of APIs. With Indusface AppTrana's Risk-based API Protection, you get: To understand the risk posture of the APIs through unlimited automated API scans including manual tests for identifying business logic vulnerabilities. This enables organization to understand the weakest links of the APIs and get clear visibility around how these links are protected. Visibility into API traffic patterns and discovery of shadow APIs, so that you are no longer blindsided by what you don't know To protect APIs with API-specific rules written specifically to protect against OWASP Top 10 API vulnerabilities Behavioral-based protection against DDoS attacks on APIs by analyzing API traffic pattern Behavioral-based protection against BOT attacks Positive security for APIs through analysis of swagger (OpenAPI 2.0) files and creation of automated positive security policies Accurate, real-time view of vulnerabilities blocked by API specific rules, positive security policies, custom rules, and those that need fixes in the application About Indusface Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 3000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers' Choice' in all the 7 segments for Voice of Customer WAAP (Web Application and API Protection) Report 2022, is a "Great Place to Work" certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

Read More

DATA SECURITY

Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round

Flow Security | August 05, 2022

Flow Security today announced $10M in seed funding and launched the first data security platform that discovers and protects both data at rest and in motion. The funding was led by Amiti, with participation from GFC, Amdocs Ventures, and industry leaders such as CyberArk CEO Udi Mokady and Demisto CEO and co-founder Slavik Markovich. Enterprises of all sizes continue to make heavy investments in technology stacks as they transition to modern cloud application architectures. This new era promises many benefits, but has also led to significant data sprawl and major difficulties in securing data. With the widespread adoption of modern architectures, securing sensitive data such as PII, PHI, financial information, and intellectual property has become a near-impossible task. Flow Security helps organizations overcome these challenges by continuously mapping and detecting all data-related risks for an improved data security posture. Flow is the only data security platform that supports use cases including discovering and classifying data flows to external services, policy enforcement, automatic data-related threat modeling, and reducing data access permissions to the minimum. Flow has a growing customer base in highly-regulated markets such as e-commerce, fintech, healthcare, insurtech, and more. "Discovery, mapping and protecting data is usually a manual process, which is not effective in large organizations," says Nir Chervoni, Head of Data Security of Booking.com, "Automatic data mapping should consist of analyzing the actual payload, and not only its metadata. So far, Flow is the only company I've seen that provides that capability for multiple scenarios." "Security and data protection teams are struggling to keep up with the rapid pace of today, and Flow is making their lives exponentially easier," said Ben Rabinowitz, Managing Partner and Founder at Amiti Ventures. "We're thrilled to be a partner on this journey, and eager to help capitalize on this opportunity to give security teams the technology they need to become business enablers." "We've reviewed dozens of different data security tools lately, and we weren't satisfied with any of them. "But Flow's data-in-motion approach is a game changer. It took the platform a few days to map data-related threats that usually take months of manual work to detect." Ralph Pyne, VP of Security at NextRoll "Data security is not a new problem, but the challenges are changing and growing," said Jonathan Roizin, co-founder and CEO of Flow Security. "Organizations are moving at a record pace and quickly transitioning to the cloud and cloud-first applications. These transformations often make life easier, but they also make the jobs of security professionals even more difficult. With Flow, security teams are no longer forced to chase down information. It simplifies security and regulatory processes and bridges the gap between security and development teams." About Flow Security Flow Security revolutionizes data security with the first platform that discovers and protects data not only at rest, but also in motion. Founded in 2021 by Jonathan Roizin and Rom Ashkenazi, the Israel-based company is backed by Amiti, GFC, Amdocs Ventures, and market-leading angel investors.

Read More

Spotlight

CrowdStrike CEO George Kurtz explains today's announcement of new, advanced features to the CrowdStrike Falcon™ Platform. The updates represent a leap forward for endpoint detection and response functions along with advanced antivirus and anti-ransomware capabilities, to stop breaches faster across the enterprise.

Resources