Data Security,Platform Security,Software Security

Cymulate Integrates with the Trend Micro Vision One XDR Platform

Cymulate Integrates with the Trend Micro Vision One XDR Platform
Cymulate, the market leader in Threat Exposure Assessment and Cybersecurity Controls Validation, today announced a new technology integration with Trend Micro, a global cybersecurity leader, which reduces risk related to cyber threats. In addition to joining the Trend Micro Vision One ecosystem partner program, the company has completed the technology integration of its cybersecurity risk validation and exposure management solution with the Trend Micro Vision One XDR platform. The collaboration will correlate simulated attacks with ongoing events and alerts, enhancing the security control environment and management against malicious behavior and real and simulated malware.

Today's malicious actors are becoming increasingly sophisticated in their execution of attacks. As a result, organizations must have measures in place to protect their network and ensure they are constantly monitoring their environment for new threats.

Together, the integrated Cymulate and Trend Micro Vision One XDR solution provides comprehensive protection against cyber threats and strengthens an organization's security posture with the following benefits:

  • Automated and continuous security validation across the entire attack kill-chain
  • Ongoing simulation that operationalizes the MITRE ATT&CK framework
  • Creating auto remediation playbooks to new threats and attack vectors
  • Configuration of Trend Micro's XDR policies to Cymulate's actionable remediation guidance

"Cyberattacks are not showing any signs of slowing down and need a united front from security providers to combat them. "We are delighted to be partnering with Trend Micro so that businesses can better understand any weaknesses in their security posture and optimize their existing security infrastructure to better protect their organizations."

Carolyn Crandall, chief security advocate at Cymulate

"Security validation is an essential step for organizations to take towards cyber resilience," said Jon Clay, vice president of threat intelligence at Trend Micro. "Integrating our solutions with Cymulate is an exciting milestone for us. This new offering will significantly strengthen the risk assessment capability and provide enhanced seamless protection for mission-critical environments through ongoing simulated attacks deployed alongside events and alerts coming from Trend Micro."

Cymulate's platform is recognized for its ability to continuously test a business's security posture against immediate threats and to validate whether security controls are functioning properly to stop in-network activities tied to execution methods, OS manipulation, data manipulation, lateral movement, data exfiltration, and other actions that inform on how bad the incursion or breach might be. The breadth and depth of this platform have earned it recognition as the gold standard for continuous threat exposure management (CTEM) programs, an emerging security program that was coined by Gartner, Inc.

About Cymulate
Cymulate's continuous risk validation and exposure management platform provides security professionals with the ability to continuously challenge, validate and optimize their on-premises and cloud cyber-security posture with visualization end-to-end across the MITRE ATT&CK® framework. The platform provides automated, expert and threat intelligence led risk assessments that are simple to deploy and use for organizations of all cybersecurity maturity levels. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarios and advanced attack campaigns tailored to their unique environments and security policies.

About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world.

Spotlight

Other News
Platform Security

Stellar Cyber and Proofpoint Strategic Alliance to Deliver Comprehensive Email Security Solution For SecOps Teams

Stellar Cyber | January 23, 2024

Stellar Cyber, the innovator of Open XDR, announced a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this alliance, Proofpoint and Stellar Cyber customers benefit from an out-of-the-box integration enabling swift email investigations and real-time response actions to email-driven attacks. Proofpoint Targeted Attack Protection monitors emails to identify suspicious emails and potentially malicious attachments and URLs. Once identified, the findings are shared with Stellar Cyber automatically. Stellar Cyber’s Open XDR platform ingests, normalizes, and analyzes Proofpoint findings and other collected data to deliver a comprehensive threat picture. As security analysts conduct investigations, they can instruct integrated third-party products – including Proofpoint – on corrective actions. “Protecting organizations against email-borne attacks is a top priority, and security teams need a way to automatically correlate threat telemetry across the entire attack surface in order to quickly remediate threats,” said Andrew Homer, VP of Strategic Alliances, Stellar Cyber. “This new partnership with Proofpoint is the latest example of Stellar Cyber delivering on its Open XDR strategy to provide customers turn-key integrations that improve productivity and threat detection.” “Email attacks remain the number one entry point into an organization, and the level of sophistication of these attacks continues to grow exponentially,” said D.J. Long, Vice President, Strategic Alliances & Business Development, Proofpoint. “We’re thrilled to work with Stellar Cyber on this strategic alliance to help customers protect against advanced email-based threats and unify their cybersecurity defense.” Through this alliance, Stellar Cyber and Proofpoint give security teams an advantage over attackers, resulting in the following: Real-time threat signals exchanged for proactive detection Correlation of Proofpoint alerts across the entire attack surface Automated response actions for immediate threat containment About Stellar Cyber Stellar Cyber’s Open XDR Platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill level to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

API Security

Cequence and Vercara Partner to Combat Cyber Threats and Revolutionize API Security

Cequence Security | January 25, 2024

Cequence Security is proud to announce a new partnership with Vercara, a leading provider of cloud-based services that secure the online experience. This collaboration aims to fortify the cybersecurity landscape by pairing Vercara’s network and application protections with Cequence Security's innovative Unified API Protection (UAP) platform. Security teams encounter substantial hurdles in safeguarding API applications from cyber-attacks, including the rapid development and deployment of API applications across diverse cloud providers. The unmanaged and unprotected nature of these APIs can harbor critical vulnerabilities, making them susceptible to exploitation. Moreover, the lack of a clear and consistent security posture across the application footprint introduces further complexities. To address these challenges, Cequence Security's UAP platform provides a comprehensive discovery of the entire API attack surface, encompassing both external and internal APIs. It ensures compliance with security and governance best practices, eliminating unknown and unmitigated API security risks. Furthermore, the solution offers native real-time inline protection, blocking API attacks before they reach applications. "The absence of API protection puts you at risk of potential theft, fraud, non-compliance, and business disruptions,” said Carlos Morales, SVP Solutions at Vercara. “Our partnership with Cequence combines our collective best-in-class services to address the evolving demands of the cybersecurity landscape, ensuring that businesses can confidently deploy needed applications and successfully navigate the complexities of API security with advanced, holistic protection.” Arun Gowda, VP, Business Development at Cequence Security, said, “In the evolving landscape of cybersecurity, the extensive risk of data compromise in API breaches goes beyond external APIs to internal ones. These often-overlooked internal APIs can access sensitive data not intended for public exposure. APIs have changed the game for attackers, making it imperative to prioritize the security of all assets accessible through APIs, including those not expected to be publicly exposed.” He added, “We are pleased to combine our innovative API security solutions with Vercara's innovative WAF and DDoS services to deliver advanced, holistic API protection. This collaboration reinforces our commitment to provide unparalleled security measures for businesses reliant on APIs.” Cequence Security's UAP platform is unparalleled in addressing all phases of the API security lifecycle. It provides: Discovery: A continuous API attack surface discovery management product that assesses your application footprint, offering a complete inventory of external APIs. Compliance: A security posture management product that identifies security risks in APIs, ensuring compliance with specifications, security test requirements, and governance best practices. Protection: Detects and prevents sophisticated automated API attacks and business logic abuse using advanced machine learning rules, providing real-time protection without relying on third-party components. About Cequence Security Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection across all internal and external APIs to defend against attacks, targeted abuse, and fraud. Requiring less than 15 minutes to onboard an API without requiring any instrumentation, SDK, or JavaScript integration, the flexible deployment model supports SaaS, on-premises, and hybrid installations. Cequence solutions scale to handle the most demanding Fortune and Global 2000 organizations, securing more than 8 billion daily API calls and protecting more than 3 billion user accounts across these customers. To learn more, visit www.cequence.ai. About Vercara Vercara is a purpose-built, global, cloud-based security platform that provides layers of protection to safeguard businesses’ online presence, no matter where attacks originate or where they are aimed. Delivering the industry’s highest-performing solutions and supported by unparalleled 24/7 human expertise and hands-on guidance, top global brands depend on Vercara to protect their networks and applications against threats and downtime. Vercara’s suite of cloud-based services is secure, reliable, and available, delivering peace of mind and ensuring that businesses and their customers experience exceptional interactions all day, every day. Pressure-tested in the world’s most tightly regulated and high-traffic verticals, Vercara’s mission-critical security portfolio provides best-in-class DNS and application and network security (including DDoS and WAF) services to its Global 5000 customers and beyond. For more information, visit vercara.com.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More