SOFTWARE SECURITY

ConnectWise Amplifies MSP Cyberattack Defense with Incident Response Service

ConnectWise | April 20, 2022

ConnectWise
ConnectWise, the world’s leading software company dedicated to the success of IT solution providers, today announced a new service offering designed to help MSPs and their clients rapidly respond to attacks and recover from security incidents. The ConnectWise Incident Response Service provides direct, around-the-clock access to a team of expert cybersecurity analysts to provide immediate assistance to assess, contain and remediate threats to minimize impact and business disruption.

According to the 2022 ConnectWise MSP Threat Report, there was a 10-15% increase in ransomware incidents by quarter in 2021, with 56% of all incidents occurring in the second half of the year. When it comes to cyberattacks, preparation is the best prevention for MSPs that are increasingly becoming targets of threat actors. For MSPs and their clients that often lack resources to properly respond to incidents, the ConnectWise Incident Response Service provides an immediate life-line to skilled cybersecurity experts that accelerate incident resolution and help avoid mistakes that can be costly to business operations.

“With a talent shortage, more sophisticated threat actors and more technologies to protect, cybersecurity incidents can quickly overwhelm an MSP and their end client and jeopardize protection of their client’s critical assets. Every second counts in a cyberattack, so having a team of security experts at a moment’s notice is a game-changing force multiplier for an MSP’s successful delivery of cybersecurity services. With this service, MSPs can confidently turn to ConnectWise to gain swift understanding and control of the situation to eradicate threats and prevent costly downtime.”

Raffael Marty, General Manager, Cybersecurity, ConnectWise

The ConnectWise Incident Response Service also aids in the recovery process with forensic examination of system data, user activity and artifacts of digital evidence to determine the extent of compromise and identify which threat actor might be involved. The ConnectWise Incident Response Service is available today to both ConnectWise partners and non-partners.

About ConnectWise
ConnectWise is the world's leading software company dedicated to the success of IT solution providers through our unmatched software, services, community. ConnectWise’s innovative, integrated, and security-centric platform – Asio™ - provides unmatched flexibility, automation, and scale that fuels profitable, long-term growth for our Partners. ConnectWise equips TSPs with cybersecurity solutions, unified monitoring and management solutions, and business automation solutions—all while providing industry-leading operational maturity offerings to accelerate business transformation.

Spotlight

Marvell chose SecureAuth IdP for its ability to provide secure access to their Juniper VPN using multi-factor authentication and single-sign-on (SSO). In less than four months, Marvell deployed a browser-based identity access management solution that offered two-factor authentication and SSO for all 7,200 employees. “Usually when IT implements an organizational-wide change, you hear grumbling, but employees were glad to finally be rid of their tokens and were pleasantly surprised how easy the SecureAuth IdP solution authenticated and granted access to the Marvell VPN. I’m confident with the high level of security, control, and scalability with SecureAuth IdP. I am also pleased with the best-in-class service and support we’ve received from the SecureAuth team.” - Todd Holloway, Senior Manager of Information Security, Marvell


Other News
SOFTWARE SECURITY

Contrast Security Joins Foojay Advisory Board to Accelerate Java Developer Community Growth, Raise Security Perspective

Contrast Security | April 13, 2022

Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announces its commitment to helping Java developers build code securely by joining the Foojay Advisory Board. "Prior to the creation of Foojay, the ecosystem of OpenJDK users lacked a vendor-neutral community platform for many years. It is wonderful to see more and more individuals and organizations, such as Contrast Security, getting involved since the foundation's inception in April 2020. Contrast Security not only shares their insights about the OpenJDK, but also provides valuable security tips and tricks as well as helps collaborate around Foojay, the place for friends of OpenJDK." said Geertjan Wielenga, Senior Director of Open Source Projects at Azul, the initiator of Foojay. Contrast Security along with the other Foojay Advisory Board Members will help guide the direction, content and oversight of Foojay.io, the community site for developers who use, target, and run their applications on top of Java and OpenJDK, with a focus on growing the community and meeting its mission to provide free information for everyday Java developers. "We're honored to join the Foojay Advisory Board because we know Java developers rely on the Foojay community and the foundation's mission of sharing information and improving the entire market as a whole. Contrast is proud to help progress security within Java applications and assist developers to build securely without having to change the way they work." Steve Wilson, Chief Product Officer at Contrast Security Contrast Secure Code Platform is the only platform on the market that embeds intelligent agents directly into the code to enable developers to detect vulnerabilities during and post-production. In addition to Java support, Contrast Secure Code Platform supports .NET, Ruby, Python, Node, PHP and Go. About Foojay: Foojay, a place for Friends of OpenJDK, is a fast-growing community focused around the OpenJDK, providing tips and insights for Java developers, and user-focused Java and OpenJDK technical dashboards with free information on all things Java. A dedicated blogging area is available on Foojay to anyone who has thoughts or code to share on topics relevant to the Java ecosystem. About Contrast Security: Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive Code Security Platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.

Read More

ENTERPRISE SECURITY

CyberRes Completes Acquisition of Debricked to Further Expand Software Supply Chain Security

CyberRes | March 15, 2022

CyberRes, a Micro Focus line of business, today announced the acquisition of Debricked, a developer-centric open source intelligence company aimed at innovating how organizations secure their software supply chain for today and the future. The addition of the cloud-native software composition analysis platform and AI/ML capabilities further drive CyberRes' strategy in the future of software resilience and DevSecOps. These aligned capabilities, combined with their vision of how developers evaluate, consume, and secure open-source components customized to their organization's need, make Debricked an extremely valuable addition to CyberRes' application security portfolio. "Nearly 90 percent of companies are developing software using open source components to accelerate their development speed to keep pace with business demands, which comes with accelerated risk," said Tony de la Lama, VP Product Management. "Our aim is to invest in and build solutions that allow organizations to secure their applications while maintaining the speed of development. Debricked is uniquely positioned in the market with their portfolio of solutions to address open source security and adds to an already robust portfolio in CyberRes to secure the software supply chain." Debricked's SaaS solution enables more intelligent selection of open source while drastically reducing the risks typically associated with it, both core requirements of modern DevSecOps programs. The service runs on state-of-the-art machine learning which enables the data quality to be extremely accurate as well as instantly updated whenever a new vulnerability is discovered. High precision, combined with developer focused UX and unique abilities to customize the service to your company's needs, makes Debricked unique in the world of open source security and positioned for accelerated growth. "We are excited at becoming a part of Micro Focus and CyberRes. Combining our team with such an industry-leading organization enables us to accelerate Debricked's journey toward our vision of making it easier for companies to use open source securely. We are also excited at the opportunity to present our customers with a full scale, robust security offering." Debricked CEO and co-founder Daniel Wisenhoff Key attributes of Debricked technologies include: Open Source Intelligence: With their latest innovation, Open Source Select, Debricked aims to make searching and comparing open source packages faster. By providing an in-depth analysis of the community health and offering contextualization, developers can make much more informed decisions. Security Vulnerabilities: Continuously and automatically identify, fix and prevent vulnerabilities in open source dependencies. Scan at every commit and get notified when new vulnerabilities appear. License Compliance: Ensure and maintain open source compliance with automated and enforceable pipeline rules, along with enabling creation of software bill of materials (SBOMs). Calculate risk levels for your repositories based on intended use. CyberRes is aimed at building the most complete portfolio that helps enterprises prepare for, respond to, and recover from cyber threats. With this acquisition, Micro Focus continues to show strong commitment and continued investment to Security and the ability to help customers and partners improve their cyber resilience posture. This additional investment includes a series of acquisitions made over the last two years, which strengthen our robust portfolio of security solutions, all focused on delivering business and technical outcomes to support cyber resilience. The latest example of how these investments come together is the recent launch of Galaxy, an immersive cyber threat experience built for CISOs and analysts. About CyberRes CyberRes is a Micro Focus line of business. We bring the expertise of one of the world's largest security portfolios to help our customers navigate the changing threat landscape by building both cyber and business resiliency within their teams and organizations. CyberRes is part of a larger set of digital transformation solutions that fight adverse conditions so businesses can continue to run today, keep the lights on, and transform to grow and take advantage of tomorrow's opportunities.

Read More

DATA SECURITY

Menlo Security Cloud Security Platform Now Available in the AWS Marketplace

Menlo Security | March 01, 2022

Menlo Security, a leader in cloud security, today announced that the Menlo Cloud Security Platform is now available in the AWS Marketplace. Amazon Web Services (AWS) customers now have access to Menlo Security’s isolation-powered platform that eliminates malware threats, connects users to the enterprise applications from anywhere, and scales elastically to meet user demand. Detecting and responding to today's sophisticated threats using yesterday's legacy security tools doesn't work. The Menlo Cloud Security Platform, powered by a patented Isolation Core™, proactively prevents malware threats from reaching workers without sacrificing the user experience. With 75% of work happening in the browser every day, the browser has quickly become the primary attack surface for threat actors, ransomware, and other attacks. Menlo Security recently identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats (HEAT), that bypass traditional security defenses. HEAT attacks are a class of cyber threats targeting web browsers as the attack vector and employing techniques to evade detection by multiple layers in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection. “Our goal is to ensure our partners and customers are able to access and deploy the Menlo Security cloud security solution on their terms and on their timeline, Today’s threat landscape is constantly evolving and becoming more sophisticated as our recent discovery of HEAT attacks demonstrates. Having our cloud security solution available in the AWS marketplace enables our channel partners to transact and seamlessly support their customers and protect their employees and networks through the AWS Consulting Partner Private Offers (CPPO) program.” Sanjit Shah, head of strategic alliances for Menlo Security Key features of the Menlo Cloud Security Platform include: Centralized Platform - cloud-native platform which prevents malware from reaching users, eliminates the need for multiple appliances, and gives IT managers one interface to navigate. Elastic Isolation Core - The patented Isolation Core™ protects against known/unknown threats and isolates them before they reach users. Zero Trust isolation provides 100% protection without special software or plug-ins, so users don't experience negative impacts or interruption. Elastic Edge - Built to scale globally on demand. It dynamically scales to meet enterprise-level growth-over 3M users-with no performance hit and is easily extendable with a rich set of APIs and integrations. About Menlo Security Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security’s isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JP Morgan Chase. Menlo Security is headquartered in Mountain View, California.

Read More

DATA SECURITY

Red Hat Unveils New Levels of Security from the Software Supply Chain to the Edge

Red Hat | May 11, 2022

Red Hat, Inc., the world's leading provider of open source solutions, today announced new security innovations and capabilities across its portfolio of open hybrid cloud technologies. Designed to help organizations mitigate risks and meet compliance requirements across increasingly complex IT environments that mix cloud services, traditional systems and edge devices, these enhancements are intended to minimize complexity, while helping customers improve their security posture and enable DevSecOps. According to Red Hat’s 2021 Global Tech Outlook report, 45% of respondents put IT Security as their top funding priority. IT security, however, is not a static demand - regulatory controls, compliance demands and threat actors shift on an almost daily basis, requiring almost constant vigilance from IT security teams. Red Hat has long been a leader in security for enterprise open source solutions, beginning with Red Hat Enterprise Linux, viewing security as a fundamental component and not an add-on. KuppingerCole Analysts recently recognized Red Hat as the Overall Leader in its Leadership Compass for Container Security. According to KuppingerCole’s evaluation, “With a massive market presence and proven expertise in container management, enhanced by the recent acquisition and integration of StackRox, a leading container security company, Red Hat is recognized as the Overall Leader in this Leadership Compass.” With today’s news, Red Hat continues a relentless march of innovation to advance security across hybrid cloud environments—from on-premises to multi-cloud to the edge—across the entire technology lifecycle and software stack. Enhancing software supply chain security Securing applications from development through the entire lifecycle can be complex and frequently requires multiple components to work together. To help simplify the process of implementing security features throughout the complete build, deploy and run process, Red Hat is introducing a software supply chain security pattern. Delivered via Red Hat OpenShift, patterns deliver complete stacks as code and define, build and test the necessary software configurations. Available as a preview, the software supply chain security pattern will bring together the necessary components to architect cloud-native applications from trusted components. The pattern uses a Kubernetes-native, continuously-integrated pipeline through Red Hat OpenShift Pipelines and Red Hat OpenShift GitOps for version control, helping to reduce complexity and save time. Additionally, through Tekton Chains, the pattern will incorporate Sigstore, an open source project aimed at making cryptographic signing of code more accessible. This addition makes it easier for artifacts to be signed in the pipeline itself rather than after application creation. In addition, in Red Hat Ansible Automation Platform 2.2, Red Hat is introducing a technical preview of Ansible content signing technology. The new capability helps with software supply chain security by enabling automation teams to validate that the automation content being executed in their enterprise is verified and trusted. Enhancing application security lifecycle from the datacenter to the edge As organizations adopt cloud-native architectures, the core enterprise needs for hardened environments, lowered attack surfaces and faster detection and response to threats remain. Applications running outside of traditional IT environments, including at the edge, introduce further security requirements that compound these already complex challenges. Beyond the physical security requirements of edge devices, CIOs and IT decision-makers are increasingly seeing a need to protect the container workloads running on these devices. An example could be implementing strategies and capabilities to prevent the lateral movement of potential attacks or breaches across edge deployments. Red Hat Advanced Cluster Security for Kubernetes brings a deployment-ready answer to these concerns, with key capabilities to protect edge workloads, including: Automated DevSecOps in the CI/CD pipeline to help protect the software supply chain for edge environments through vulnerability management, application configuration analysis and CI/CD integration Threat protection provides threat detection and incident response capabilities at runtime for common threats Network segmentation to enforce workload isolation, analyze container communication and detect risky network communication paths Integrated security starts with the operating system In the 2022 Gartner® Board of Directors Survey, 88% of board members classified cybersecurity as a business risk; just 12% called it a technology risk.1 The broad ramifications of a cyber attack or data breach have led to increased scrutiny across IT environments by investors and regulators alike. Fortifying IT environments against these potentially damaging incidents is critical, and Red Hat believes that this effort starts at the foundation, at the operating system level, with Red Hat Enterprise Linux. Red Hat Enterprise Linux 9 lays the foundation for runtime integrity verification of the operating system and application files by providing file digital signatures within RPM packages. The platform uses integrity measurement architecture (IMA) at the kernel level to verify individual files and their provenance. IMA file verification specifically helps to detect accidental and malicious modifications to systems, providing more remediation capabilities for security teams in addressing potential issues or breaches. Additional key security features in Red Hat Enterprise Linux 9 include: Enhanced security around root privileges by disabling root login via SSH by default. This helps to prevent the discovery of root passwords through brute force attacks and improving baseline security postures of an operating environment. Support for latest cryptographic frameworks with the integration of OpenSSL 3. This enables IT teams to enact new ciphers for encrypting and protecting sensitive information. Bolstered security best practices by disabling the cryptographically-broken SHA-1 hash function by default for digital signature, driving improved security hygiene. Additionally, Red Hat and IBM Research are collaborating around expanding the core security aspects of the Linux kernel, such as through support for signing and verifying elliptic curve digital signatures. This work expands the algorithms supported and reduces the size of digital signatures used throughout the Linux kernel. About Red Hat, Inc. Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.

Read More

Spotlight

Marvell chose SecureAuth IdP for its ability to provide secure access to their Juniper VPN using multi-factor authentication and single-sign-on (SSO). In less than four months, Marvell deployed a browser-based identity access management solution that offered two-factor authentication and SSO for all 7,200 employees. “Usually when IT implements an organizational-wide change, you hear grumbling, but employees were glad to finally be rid of their tokens and were pleasantly surprised how easy the SecureAuth IdP solution authenticated and granted access to the Marvell VPN. I’m confident with the high level of security, control, and scalability with SecureAuth IdP. I am also pleased with the best-in-class service and support we’ve received from the SecureAuth team.” - Todd Holloway, Senior Manager of Information Security, Marvell

Resources