Software Security

AttackIQ Announces Integration with Vectra AI

AttackIQ
AttackIQ®, the leading independent provider of Breach and Attack Simulation (BAS) systems, today announced a new integration with Vectra®, an AI-driven threat detection and response platform. The integration facilitates joint customers to detect attacks that circumvent existing security controls and make sure rapid response to emerging threats.

"In today's hyper-complex threat environment, organizations must think proactively and adopt advanced security capabilities to prevent successful attacks. This integration will allow our customers to validate the efficacy of the Vectra AI platform by utilizing AttackIQ's PCAP replay and related network scenarios to find and fix coverage gaps throughout their security infrastructure before adversaries exploit them."

Carl Wright, Chief Commercial Officer at AttackIQ

AttackIQ has a "assume breach" mentality, knowing that an attacker will breach an organization's perimeter defenses not if, but when. The AttackIQ Security Optimization Platform, which leverages automated breach and attack simulation technology and the MITRE ATT&CK framework, enables companies to assess the performance of their security controls, recognize misconfigurations or coverage gaps, and prioritize resources on areas with the highest possibility of risk exposure.

Geert Busse, Head of Next-Gen Solutions Pre Sales EMEA, Westcon said that "It is exciting to see AttackIQ and Vectra joining forces to help customers enable a proactive, threat-informed defense. As key vendors in our Westcon Next Generation Solutions go-to-market strategy, these two organizations are the backbone of our technology pillar, focusing on defense against emerging threats by delivering automation, integration and efficiency that our industry needs to detect and stop the latest generation of Threat Actors."

The Vectra Platform leverages security-led artificial intelligence (AI) to enable threat detection and response, ensuring that threats are identified and stopped before they have a chance to cause havoc. The platform collects data from network packets and logs to provide visibility into businesses' public cloud and SaaS environments, federated identity infrastructure, and data center networks. Vectra's proprietary technique to using artificial intelligence to detection analyzes all detections to prioritize risks and map events to the MITRE ATT&CK architecture without relying on noise or hunting. Additionally, it facilitates proper remediation and speedy reaction through other security tools already installed in your security stack.

Spotlight

The challenges and risks of an everywhere world Every day, enterprise technology leaders are expected to support the digital imperative to work, develop, and deliver everything, everywhere — by bringing together distributed workforces, devices, clouds, systems, applications, and networks. But, there’s a problem. Technology teams


Other News
Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

Data Security

CrowdStrike Announces General Availability of Falcon Data Protection to Disrupt Legacy DLP

CrowdStrike | December 18, 2023

CrowdStrike (NASDAQ: CRWD) today announced the general availability of CrowdStrike FalconData Protection, liberating customers from legacy data loss prevention (DLP) products with a modern, frictionless approach to data security that prevents adversary exfiltration and accidental leakage. With this latest offering for the AI-native CrowdStrike Falcon XDR platform, customers can consolidate costly and ineffective DLP point products with CrowdStrike’s single, revolutionary lightweight agent. Organizations struggle with legacy DLP solutions that are difficult to deploy, complex to manage and unable to comprehensively track data in the modern cloud and AI era. This results in risky monitor-mode only deployments that fail to stop data theft. CrowdStrike Falcon Data Protection harnesses the CrowdStrike Falcon platform’s industry-leading visibility and protection for the epicenter of productivity and risk – the endpoint – to secure critical data from insider threats and adversaries. With CrowdStrike Falcon Data Protection, enterprises can now: Deploy data protection immediately from their existing Falcon agent to consolidate legacy DLP point products, reduce complexity and gain nearly instant time to value. Instantly expand visibility of data flows across the enterprise to rapidly identify and shut down data exfiltration or accidental leakage. Accelerate detection and response with a single console and unified workflow that saves security analysts time investigating potential data theft. “Today's DLP market is where legacy AV was when we started CrowdStrike: ripe for disruption. With this release, we’re bringing to market the future of data protection as part of a unified platform,” said Raj Rajamani, head of products at CrowdStrike. “We’re proud to have partnered with some of the largest organizations in the world to develop a groundbreaking approach to data protection that enables customers to stop the breach, while consolidating legacy DLP tools. Customers can deploy Falcon Data Protection immediately from their existing agent with near zero configuration requirements.” About CrowdStrike CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

Read More

Data Security

Rubrik Chosen by Carhartt to Drive Complete Cyber Resilience

Rubrik | January 10, 2024

Rubrik, the Zero Trust Data Security™ company, today announced that America’s premium workwear brand Carhartt has consolidated multiple legacy backup tools with Rubrik Security Cloud to achieve cyber resilience. After moving to Rubrik, Carhartt realized more than 50 percent in monthly cost savings, while significantly improving its data security capabilities. “Data resilience is key to the continued security and success of our business. We work hard to ward off intruders but we have to operate on the assumption that they will find a way in,” said Michael Karasienski, cloud platforms manager at Carhartt. “Rubrik Security Cloud restores data fast and without fail for both our cloud and on-premises environments. Rubrik plays a key role in building trust in our system with secure protocols and access controls; it isn’t just a data security solution, it’s peace of mind for our brand.” Established in 1889, Carhartt has a rich heritage of developing rugged products for workers on and off the job. The company honors hard work, approaching its business with the same honesty, dependability, and trust that its consumers display day-in and day-out. Prior to Rubrik, Carhartt used a variety of different backup solutions across its operations. After an upgrade of a critical application failed, Carhartt’s administrators discovered that that application data hadn’t been backed up, forcing the team to reconstruct more than two-weeks’ worth of data manually. Furthermore, the Carhartt team discovered malware in backups from its legacy tools, resulting in weeks of searching data sets to manually complete the investigation. With Rubrik Security Cloud, Carhartt’s IT team can now devote more time to other priorities — like business requests, incidents, and reducing technical debt — while saving more than 50 percent in operational costs each month. The company’s IT and Security teams are also collaborating to reduce risk to the organization, zeroing in on malware and tying investigations into its security operations center. “A highly interconnected business like Carhartt is responsible for mountains of sensitive data. Protecting that data is paramount to maintain customer trust and minimize business disruption,” said Anneka Gupta, Chief Product Officer at Rubrik. “Outdated legacy technology was never built with security in mind, so organizations must turn to modernized platforms and zero-trust methodologies to defend their data. With a holistic solution like Rubrik Security Cloud, organizations like Carhartt know their business will be resilient in the face of any cyber threat.” Carhartt utilizes numerous Rubrik products, including Anomaly Detection, Sensitive Data Monitoring, Threat Hunting, as well as its integration with Microsoft Sentinel. About Rubrik Rubrik is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

Read More

Software Security

Salt Security API Protection Platform Wins Gold in 13th Annual Best in Biz Awards

Salt Security | December 13, 2023

Salt Security, the leading API security company, today announced that the Salt Security API Protection Platform has been named a Gold Winner in the "Enterprise Product of the Year - Security Software" category in the Best in Biz Awards 2023. The Salt Security API Protection Platform is a best-in-class solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. With its patented approach to blocking today's low-and-slow API attacks, only Salt provides the adaptive intelligence needed to protect APIs. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights into API threats and vulnerabilities, including those outlined in the OWASP API Security Top 10 list. "APIs sit at the core of today's modern applications, connecting enterprises to vital data and services," said Michael Nicosia, co-founder and COO, Salt Security. "Given the amount of sensitive information being transmitted through APIs, along with the growing complexity of API attacks, strong API security has become critical for modern businesses. The Salt platform is the only solution that provides cloud-scale big data and real-time analysis across all application environments, pinpointing and stopping attackers in their tracks. We are honored to have our solution's unique capabilities recognized by the Best in Biz Awards." According to the Salt Labs State of API Security Report, Q1 2023, 94% of organizations experienced security problems in production APIs in the past year, with a 400% increase in unique attackers overall in the last six months. The Salt platform protects APIs across their full lifecycle – build, deploy and runtime phases. Through its unique API Context Engine (ACE) architecture, the Salt platform provides API design analysis in pre-production, discovers all APIs, pinpoints and stops API attackers, and provides remediation insights learned during runtime to harden APIs. "As in years past, determining winners in some categories was a matter of selecting the very best from among the very good and came down to the smallest details," said Best in Biz Awards staff. "Each year, the judges are impressed by the innovations, growth, and change emanating from the winning companies and permeating across layers of society, from their employees through clients to local and global communities." The 13th annual program saw intense competition among more than 600 entries from public and private companies, representing all industries and regions in the U.S. and Canada and ranging from some of the most iconic global brands to the most innovative start-ups and beloved local companies. This year's judges highlighted the winning companies' breadth and depth of innovation, their novel approaches to employing new technologies, impressive workplace benefits and employee diversity and inclusion programs, as well as continued community involvement and critical investments in environment and corporate social responsibility programs. About Salt Security Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and hardening APIs. Deployed quickly and seamlessly integrated within existing systems, the Salt platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives. For more information, visit: https://salt.security/ About Best in Biz Awards Since 2011, Best in Biz Awards has been the only independent business awards program judged by a who's who of prominent reporters and editors from top-tier publications from North America and around the world. Over the years, judges in the prestigious awards program have ranged from Associated Press to the Wall Street Journal and winners have spanned the spectrum, from blue-chip companies that form the bedrock of the global economy to some of the world's most innovative start-ups and nimble local companies. Each year, Best in Biz Awards honors are conferred in two separate programs: North America and International, and in 100 categories, including company, team, executive, product, and CSR, media, PR and other categories. For more information, visit: http://www.bestinbizawards.com.

Read More

Spotlight

The challenges and risks of an everywhere world Every day, enterprise technology leaders are expected to support the digital imperative to work, develop, and deliver everything, everywhere — by bringing together distributed workforces, devices, clouds, systems, applications, and networks. But, there’s a problem. Technology teams

Resources