DATA SECURITY

Darktrace's Cyber AI Analyst is now running open Investigations

Darktrace | February 22, 2022

Darktrace
Darktrace, a global leader in cyber security AI, announced significant upgrades to its flagship Cyber AI Analyst product, which now intelligently groups incidents to cover the life cycle of complex compromises as they develop and progress across various entities within a company's digital estate. In addition, Cyber AI Analyst now treats incidents as 'open investigations,' with fresh supporting evidence being added to ongoing cases regularly.

Cyber AI Analysts' open investigations piece together cross-entity incidents, so a SaaS account takeover can now be linked back to the same compromised credentials used on a local device. In addition, Cyber AI Analysts' open investigations are known for augmenting human analysts by continuously investigating to surface and prioritize the most critical incidents. This procedure is similar to open criminal investigations, in which a single piece of evidence can link two seemingly unconnected crimes.

With ever-growing, distinct digital estates, it's vital that Cyber AI Analyst investigations are tailored to their specific circumstances rather than following a one-size-fits-all paradigm with pre-programmed investigative strategies. The on-the-fly technological approach to studies by AI Analysts allows it to identify the needle in a thousand haystacks, which could be essential in linking different compromises.

Previously, several events would have been treated as separate incidents. When AI Analyst finds a link between two incidents, it can automatically integrate them. As a result, early adopter customers have seen a 63 percent reduction in total incidents and a 92 percent reduction in the most critical incidents as a result of the shift to open investigations, further reducing time-to-meaning and analyst triage time, allowing customers to focus on macro-level tasks and initiatives.

Cyber AI Analyst open investigations can be run manually by a human member of the security team or triggered automatically by a third-party event, such as an alert ingested directly from another security solution, to validate and further contextualize their detections and decisions, in addition to continuously running based on directly observed events. Furthermore, investigations are immediately connected into human and technological ecosystems for consumption, whether through the Darktrace UI, exportable results, or third-party technologies like SIEMs and ticketing systems.

"Our Cyber AI Research Centre focused on identifying ways to piece together seemingly disparate activity from different sources and entities to tie multiple possible indicators of compromise closely, This cross-entity approach to incident discovery allows for the automated detection of compromises, and the automated determination of their full scope, without human attention. This influential research evolved to directly impact these key updates that make understanding incidents easier for Darktrace customers."

Dr. Tim Bazalgette, Research, and Development Product Lead, Darktrace

Spotlight

The internet was designed to share information, not protect it. Commerce and life is now shared on the net. As organizations exploit their digital assets, they create risks which must be managed. Initially, most organizations took a defensive posture focused solely on secure information technology and digital assets. Organizations soon learned it is not practical to protect everything, every time


Other News
DATA SECURITY, PLATFORM SECURITY

Orange and Netskope Partner on Carrier-class Connectivity and SSE Services for a Secure, Cloud-smart Platform

Orange Cyberdefense | September 23, 2022

Orange Business Services, a global network-native digital services company, Orange Cyberdefense, a leading cybersecurity services provider, and Netskope, a leader in secure access service edge (SASE), are partnering to deliver a new SSE (Security Service Edge) solution embedded into the Orange Telco Cloud Platform. The enhanced solution is designed to deliver optimal performance with maximized security, meaning enterprises will no longer need to find a compromise between the two. A decade of shifting to cloud and mobile computing, along with the ever-present demands of hybrid work environments, have put security and networking requirements on a collision course. While SSE addresses the security challenges, enterprises need to incorporate them into overarching connectivity strategies to realize the full benefits of SASE. The partnership will leverage Orange Cyberdefense’s security expertise and Netskope’s global security private cloud footprint and SSE leadership, enabling Orange Business Services to deliver consistent internet security on and off the network. This will help protect enterprise customers from data loss and the growing volume of sophisticated threats across cloud, web and private applications, with the full attributes of a cloud-native platform. The co-managed solution will reduce complexity for enterprises, providing continuously updated cloud security via the Orange Business Services Telco Cloud Platform. Telco Cloud Platform is a revolution in the way networks are built, run, and managed with enhanced performance. The software-defined approach optimized for telco workloads allows for greater agility and cost reduction. Securing an enterprise’s most important assets: people and data This innovative hybrid architecture embeds Netskope’s points-of-presence (POPs) within the Orange network, strengthening the Orange customer value proposition by delivering the benefits of the Orange network, including speed and agility, while enabling customers to tap into the power of Netskope Intelligent SSE. Netskope Intelligent SSE provides granular visibility and real-time data and threat protection for cloud services, websites, and private apps accessed from anywhere, on any device. “Cloud transformation and hybrid work models mean that traditional security architectures are no longer effective or efficient. Plugging our market leading platform into Orange’s network will enable Orange to significantly increase its offering to enterprises looking to secure data without limiting business productivity.” Sanjay Beri, CEO, Netskope “Increasingly enterprises are using the internet as their only WAN transport, even in a growing threat landscape. Working together we are delivering Orange customers a SASE-ready WAN edge while upgrading the security of the enterprise’s network without downgrading the user experience.” says Hugues Foulon, CEO, Orange Cyberdefense. “This innovative partnership is an important part of our Evolution Platform concept designed to simplify connectivity, cloud, and security and support business outcomes from end-to-end, providing real-time protection for our users, their applications, and data, wherever they are. It underscores our position as a trailblazer in SSE and managed services, providing the right balance of performance, speed, and protection to our customers,” adds Aliette Mousnier-Lompré, CEO, Orange Business Services. About Orange Business Services Orange Business Services is a network-native digital services company and the global enterprise division of the Orange Group. It connects, protects, and innovates for enterprises worldwide to support sustainable business growth. Leveraging its connectivity and system integration expertise throughout the digital value chain, Orange Business Services is well placed to support global businesses in areas such as software-defined networks, multi-cloud services, Data and AI, smart mobility services, and cybersecurity. It securely accompanies enterprises across every stage of the data lifecycle end-to-end, from collection, transport, storage and processing to analysis and sharing. About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

AwareGO Launches Employee Cybersecurity Risk Audit for Organizations

AwareGO | October 17, 2022

Human cyber risk management and awareness company AwareGO announced today that during the National Cybersecurity Awareness Month, the company launches its long-awaited full Employee Cybersecurity Risk Audit and consultation. “Today, around 90% of all successful cybersecurity attacks involve employees enabling the break-in. It is therefore critical for anyone responsible for an organization's cybersecurity to have a clear picture of what employees know and how they behave in the face of potential threats. Only then is it possible to effectively respond with training or other risk-reducing approaches.” said AwareGO Chief Executive Officer Ari Jonsson, Ph.D. “AwareGO's Human Risk Assessment software is the first of its kind when it comes to measuring both the knowledge and the behavior of employees for a broad range of cybersecurity threats, going far beyond just phishing. This capability is allowing us to now launch our full-service Employee Cybersecurity Risk Audit for organizations. In this audit, our cybersecurity experts work directly with individual organizations to set up the appropriate assessment, execute it, evaluate the outcome and map that to effective risk-reducing decisions.” AwareGO is renowned for its industry-leading Human Risk Assessment and its uniquely effective approach to security awareness training. Created by cybersecurity experts, behavioral scientists and interaction designers, the Human Risk Assessment uses interactive scenarios to assess employees across a wide range of threat areas and key behaviors. The resulting dashboards and reports help identify vulnerable departments and roles, and offer actionable insights to create informed security strategies to improve any organization’s overall cyber defense and reduce cybersecurity risks. The Employee Cybersecurity Risk Audit is designed to apply the capability of the Human Risk Assessment as effectively and as efficiently as is possible for client organizations, so that they may quickly identify vulnerabilities among their employees and address them right away. The audit is conducted by AwareGO experts who will work with clients through the entire process. The first step is to work with the client to determine the scope and priorities for the audit, based on company structure, risk profile, security stance and more. Then, the employees will be assessed across six different threat areas: phishing; passwords; sensitive data handling; device handling; physical security; and remote work. When that has been completed, our experts deliver a detailed report on the results and consult with the client to identify potential next steps to reduce vulnerabilities, as well as to develop an informed cybersecurity strategy for the future — backed up by data. Organizations interested in the Employee Cybersecurity Risk Audit can schedule a 15-30 minute call with AwareGO through this web page to learn more about the process and to get a price quote based on the expected scope of the project for their case. About AwareGO AwareGO is a global provider of human cyber risk and awareness solutions that help enterprises, and SMEs identify, quantify and remediate the human risk factor when it comes to cybersecurity. To date, AwareGO has successfully trained more than 8 million employees worldwide. Based in Iceland, the company has locations in the United States, Czech Republic, and Croatia.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY

Wib Raises $16 Million Investment to Accelerate Growth and Tackle Rising API Security Problem

Wib | November 08, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA. API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk. Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. "APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk. Gil Don, CEO and Co-Founder of Wib "What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security." A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach. About Wib Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.

Read More

DATA SECURITY, ENTERPRISE IDENTITY

SandboxAQ Acquires Cryptosense to Accelerate Delivery of Security Solutions to Global Organizations

SandboxAQ | September 14, 2022

SandboxAQ, an enterprise SaaS company delivering the compound effects of AI and Quantum tech (AQ) to governments and the Global 1000, today announced it has acquired Cryptosense, a leading cybersecurity and encryption analysis software company. SandboxAQ's acquisition comes just weeks after the company unveiled its Strategic Investment Program and initial investment in evolutionQ. The acquisition of Cryptosense complements and accelerates the deployment of SandboxAQ's Post-Quantum Cryptography (PQC) solutions to corporations and government institutions worldwide. SandboxAQ's cybersecurity products enable large enterprises to scale cryptography management across their IT infrastructure, providing CISOs with a single, 360° view of how encryption is used throughout the enterprise – a critical first step in migrating to PQC. This migration to stronger cybersecurity is important for critical infrastructure sectors such as financial services, technology, energy, biopharma, logistics, and government. Cryptosense is used by leading technology and financial services organizations and is a fellow NIST NCCOE partner. The combined customer relationships will help SandboxAQ bring its PQC solutions to market faster and protect these organizations and their customers from existing and emerging quantum threats, such as Store Now, Decrypt Later (SNDL) attacks. "Rapid advances in quantum computing and AI challenge the effectiveness and performance of existing cryptography-based cybersecurity solutions. The combined leadership, talent, and expertise that SandboxAQ and Cryptosense bring to the marketplace accelerates the deployment of more effective cryptography solutions to protect the world against the security threats of today and tomorrow," said Jack D. Hidary, CEO of SandboxAQ. "The caliber of the Cryptosense team is recognized throughout the information security community, with the leadership by Graham Steel and Clément Jeanjean. We welcome Cryptosense to the SandboxAQ family and look forward to our continued success as one company." "The complementary functionality and expertise between Cryptosense and SandboxAQ enables us to build and deliver SaaS solutions at scale with higher touch customer service. PQC implementation is critical to protect the world's sensitive data and together we will make a greater impact." Dr. Graham Steel, Cryptosense founder Cryptosense was advised by Stifel and Hogan Lovells and SandboxAQ was advised by Morgan Lewis. About SandboxAQ SandboxAQ is an enterprise SaaS company, providing solutions at the nexus of AI and Quantum technology (AQ) to address some of the world's most challenging problems. The company's core team and inspiration formed at Alphabet Inc., emerging as an independent, growth-capital-backed company in 2022. About Cryptosense Cryptosense is an enterprise SaaS company that helps organizations identify and catalog the cryptography leveraged within their applications and infrastructure. Some of the largest technology and financial services companies worldwide use Cryptosense for their cybersecurity needs. Cryptosense announced a $4.8 million funding round in May 2021 backed by Amadeus Capital Partners, Elaia Partners and BGV.

Read More

Spotlight

The internet was designed to share information, not protect it. Commerce and life is now shared on the net. As organizations exploit their digital assets, they create risks which must be managed. Initially, most organizations took a defensive posture focused solely on secure information technology and digital assets. Organizations soon learned it is not practical to protect everything, every time

Resources