DATA SECURITY

DataSet, a Revolutionary Live Enterprise Data Platform, Launched by SentinelOne

SentinelOne | February 17, 2022

SentinelOne
SentinelOne, a self-contained cybersecurity platform, today announced the debut of DataSet, the company's data analytics solution. DataSet goes beyond cybersecurity use cases with the purchase of Scalyr, providing an unlimited enterprise data platform for live data queries, analytics, insights, and preservation.

The Singularity XDR platform from SentinelOne was created to automatically defend against security attacks by treating cybersecurity as a data problem. AI models use data sets to identify whether behaviors are benign or malicious in real-time. Individual data points are automatically linked to create machine-made contextualized stories for visibility and reaction across the company. Threat hunters can outperform their opponents using EDR and XDR hunting queries, which provide curated data sets. SentinelOne's autonomous cybersecurity is built on a foundation of data expertise. Processing petabytes of data, increasing at an exponential scale, and doing it in real-time has been a part of our path to providing market-leading autonomous cybersecurity.

“For cybersecurity to be effective, it must make split-second autonomous decisions because every millisecond matters. The way SentinelOne solves cybersecurity with data-inspired us to apply our expertise beyond cybersecurity to a wide range of enterprise use cases,”  “Our enterprise customers have the same data needs as SentinelOne - the ability to understand and action live data sets at speed. We’re announcing DataSet because we believe every business benefits from the power of understanding and acting on its data. Instantaneous, easy to use, and efficient understanding of a data set is the key to making better business decisions.”

Tomer Weingarten, CEO, SentinelOne

DataSet is a flexible cloud-native enterprise data platform for all forms of data, both current and historical, at petabyte size. DataSet can process massive amounts of live data in real-time, delivering log management, data analytics, and alerting with unparalleled speed, performance, and efficiency - built on a security and privacy-first foundation - by eliminating data schema requirements from the ingestion process and index limitations from querying.

Data-Defined Era
“Distributed cloud infrastructure and containerized applications contribute to a vast amount of fast-moving data. The amount of data created in the next three years will be more than the data created over the past 30 years,” said Stephen Elliot, Group VP, Research IT, Cloud Operations, and DevOps at IDC. “The ability to cost-effectively analyze data at scale will become a necessity for every organization.”

DataSet Market Adoption
“With DataSet, our engineering, infrastructure, and security teams have one single source of truth to make data-driven decisions. We no longer have to stitch context across teams and use cases,” said Joshua Danielson, Chief Information Security Officer at Copart. “DataSet enables us to act based on data, reduce time to detect and resolve anomalies, and maintain security posture.”

“Before DataSet, there was no central management of logs due to the diverse technologies at TomTom. Having to search multiple tools was holding us back, certainly during incidents,” said Carl Meert, Product Manager SRE and Observability at TomTom. “DataSet unifies all of our data from all sources. As a result, we are now much faster at detecting and responding to incidents.”

Experience DataSet
SentinelOne has named Rahul Ravulur to lead DataSet as part of the launch. He has over 25 years of experience designing and operating large-scale enterprise solutions, most recently as the product lead at Splunk. Ravulur will oversee the DataSet business to gain traction with the world's premier data-driven companies.

“SentinelOne is taking a bold step to externalize its data expertise - to help all businesses unlock the power of their data,” said Ravulur. “With the launch of DataSet, we help organizations overcome the slow, costly legacy platforms that can’t handle the scalability requirements of tomorrow. DataSet is built for the future of data insights and action.”

Spotlight

Cyberspace has long been plagued by hackers and malware. Hackers can trace their origins to the “phone phreaks” of the 1970s, who hacked into phone systems to make free long distance calls.1 The first virus was set loose on the Internet even before it was the Internet: the Creeper virus was first detected on ARPANET, the forerunner of the Internet, in 1971.2 Early on, hackers and virus writers were more annoying than dangerous, but today they represent serious threats not only to individuals and businesses, but to entire nations and even the global economy. According to Norton, the global cybercrime industry – which is now dominated by organized, professional gangs – has already overtaken the global trade in heroin, cocaine and marijuana.3 Politically motivated hackers – “hacktivists” – have penetrated heavily fortified military and government intelligence networks. China has been implicated in systematic attacks on U.S. computer networks – from the Defense Department to Google to JP Morgan Chase. A 2008 Russian cyber assault crippled the essential electronic infrastructure of the Republic of Estonia.


Other News
PLATFORM SECURITY

Talon Cyber Security Selected for Exclusive Microsoft for Startups Program

Talon Cyber Security | June 30, 2022

Talon Cyber Security, provider of the first secure enterprise browser, today announced it has been selected as a partner for Microsoft for Startups, a global program dedicated to accelerating the trajectory of high-potential startups. As a program member, Talon will receive access to Microsoft technology, mentorship and business support. “Talon is proud to be working with an established leader like Microsoft as we continue to aggressively scale to meet the demand for our secure enterprise browser. “Our goal is to make security for the future of work simple by enabling secure access for managed and unmanaged devices, and the feedback we have received from the world’s largest brands has been amazing. As we continue to gain traction, it is incredible to have the support of a true industry giant like Microsoft.” Ofer Ben-Noon, co-founder and CEO, Talon Cyber Security The traditional approach of enabling secure access to modern applications is complex, expensive and puts organizations at risk. The TalonWork browser acts as the first line of defense and control point for enterprise security, while drastically reducing complexity and cost. Talon brings enterprise-grade security to the browser, delivering native features like authentication, data loss prevention, zero trust controls and more. Customers leverage TalonWork to gain visibility into and secure SaaS applications, web activity, managed devices and unmanaged devices. Built on Chromium, TalonWork consistently delivers the high-quality user experiences required to secure the future of work. “Talon’s mission to help its customers simplify security programs for distributed workforces is a great fit for the program,” said Jeff Ma, Vice President, Microsoft for Startups, Microsoft. “We look forward to helping Talon deliver their innovative solution to our joint customers.” Talon leverages Microsoft’s infrastructure to facilitate seamless, real-time collaboration among its global team that enables it to deliver exceptional service to its customers. The company’s unique approach to security has led to significant corporate momentum. Talon won the Innovation Sandbox Contest at RSA Conference 2022, a prestigious competition where 10 industry leaders battle for the title of “Most Innovative Startup” each year. About Talon Cyber Security Talon Cyber Security is modernizing security programs and improving user experiences for hybrid work by delivering the first secure enterprise browser. Built on Chromium, the TalonWork browser provides customers with the consistent user experiences, deep security visibility, and control over SaaS and web applications needed to simplify security for the future of work. Talon was named the Most Innovative Startup of 2022 at the prestigious RSA Conference Innovation Sandbox Contest.

Read More

SOFTWARE SECURITY

Thrive Integrates SOAR Technology into their Security Operations to Enhance Real-Time Cyber Threat Detection

Thrive | May 20, 2022

Thrive, one of the leading Managed Security Services Providers (MSSPs) in the world, has made a significant investment to upgrade their 24x7x365 eyes-on-glass Security Operation Center (SOC) by integrating a Security Orchestration, Automation, and Response (SOAR) engine. The SOAR capabilities will enable the Thrive global security team to better navigate today's complex, risk-laden environment for clients via tool aggregation and coordinated response, unified operations, reduced alert fatigue, and Artificial Intelligence (AI). This will result in a significant reduction of incident response times for client threats and provide higher quality information for the Thrive SOC to combat intricate cyber risks in real time. By 2025, the amount lost to cyber theft is expected to reach $10.5 trillion annually, which is the single greatest transfer of wealth in history, according to a report from AT&T. These glaring statistics indicate why cybersecurity has become imperative in the world of commerce. "Cybersecurity threats and vulnerabilities are constantly multiplying, due to not only more sophisticated social engineering but also a rise in micro-ransomware incidents, That means vigilance against attacks of all kinds must also evolve. Incorporating a SOAR into our robust global security operations unit will allow Thrive clients to have a stronger defense system in place against cybersecurity attacks and enable our team to respond more expeditiously to any issues should they arise." Mike Gray, CTO of Thrive Thrive's integrated managed cybersecurity solutions provide a proactive and expert approach to security management for identifying and remediating security issues. Powered by next-gen technology, proven frameworks and service-driven experts, Thrive's unified cybersecurity platform enables Thrive's 24x7x365 SOC to automatically address critical security issues without client intervention. By creating a stress-free experience that solves for the technical complexity and talent shortage mid-market enterprises face, Thrive's cybersecurity solutions fortify the digital transformation initiatives that propel business growth. About Thrive Thrive is a leading provider of NextGen managed services designed to drive business outcomes through application enablement and optimization. The company's Thrive5 Methodology utilizes a unique combination of its Application Performance Platform and strategic services to ensure each business application achieves peak performance, scale, uptime, and the highest level of security.

Read More

SOFTWARE SECURITY

GuidePoint Security Achieves AWS Security Competency Status

GuidePoint Security | July 27, 2022

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today that it has achieved the Compliance and Privacy distinction in the Amazon Web Services (AWS) Security Competency. This designation recognizes that GuidePoint Security has demonstrated and successfully met AWS’s technical and quality requirements for providing customers with a deep level of consulting services expertise in Compliance and Privacy to help them achieve their cloud security goals. Achieving the Compliance and Privacy distinction in the AWS Security Competency differentiates GuidePoint Security as an AWS Partner that provides specialized consulting services designed to help companies from startups and mid-sized businesses to the largest global enterprises to adopt, develop, and deploy security into their AWS environments, increasing their overall security posture on AWS. To receive the designation, partners must possess deep AWS expertise and deliver solutions seamlessly on AWS. “GuidePoint Security was an original AWS Security Competency launch partner and we are proud to be launch partner yet again for the updated AWS Security Competency program having achieved the Compliance and Privacy distinction,” said Anil Badruddin, Practice Director – AWS Cloud Security, GuidePoint Security. “Our team is dedicated to helping organizations achieve their security goals by combining our in-depth knowledge of technical solutions along with our deep expertise of the powerful security tools AWS provides.” AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise. GuidePoint Security’s distinction for Compliance and Privacy is based on the following attributes: Specialized consulting service offerings including: cloud security assessments, cloud governance, solution design and implementation, and security automation The ability to develop enterprise-wide security playbooks to help organizations mature their cybersecurity programs Deep technical expertise for a wide range of third-party security solution providers and AWS native services to help customers identify, implement, and manage the right solutions for their environment and business Expertise in helping customers ensure Payment Card Industry Data Security Standard (PCI DSS) compliance on AWS (GuidePoint Security is certified as a PCI QSA) About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk.

Read More

SECURITY AUDIT AND COMPLIANCE

NetWitness Launches Comprehensive XDR Offerings for Next Generation Security

NetWitness | June 08, 2022

NetWitness, a globally trusted provider of cybersecurity technologies and incident response, today announced NetWitness XDR, a family of products and capabilities delivering comprehensive detection and response on premise, in the cloud or as a hybrid of the two. This new offering and product architecture delivers the full range of deployment options enterprises seek today to meet their unique cybersecurity needs and use cases. NetWitness XDR delivers a robust set of capabilities enabling extended detection and response (XDR) and helping customers stay ahead of the most sophisticated cyber threats. These include: Unified collection, data, and visibility across multiple security layers Automatic enrichment of data using any technical or business source A wide toolset of detection technologies including, but not limited to, advanced behavioral analysis External and internal threat intelligence to identify known security risks and threat actors Truly insightful context, visualization, and investigation tools Threat hunting tools and methodologies to identify previously unknown threats Highly repeatable and measurable incident investigation and response processes A strong array of both automated and human response options “NetWitness has enjoyed the trust of some of the world’s most security sensitive organizations because of its unique ability to monitor the entire attack surface across the network, endpoint, cloud, IoT, logs and more,” said CEO of RSA and NetWitness, Rohit Ghai. “We have been delivering XDR capability to the market for several years and today we are delighted to announce new innovations in the platform and reintroduce it to the market as NetWitness XDR.” Under this new model, NetWitness XDR will be comprised of three main product lines that showcase its uniquely powerful support for all XDR use cases. NetWitness Platform XDR 12 is the newest major release of NetWitness Platform. This technology stack, typically deployed as customer-managed software or hosted by MSSPs, has been enhanced to focus on detection capabilities that identify threats faster and decrease their impact. The company’s new cloud-native SaaS version will be known as NetWitness Vision XDR and is currently in design preview. The third product line, NetWitness XDR Cloud Services, is a set of optional SaaS applications that take advantage of the cloud’s inherent elastic nature to deliver flexible and cost-effective components which can be used to augment either Platform XDR or Vision XDR. “Our network-forward approach allows us to stand out in this emerging space and highlights NetWitness XDR’s ability to detect across customers’ growing number of systems and devices. “We are embracing the belief that the best XDR must be consumable on prem, in the cloud, and hybrid.” Director of Product Management and Research, Kevin Bowers Developed initially in 1996, NetWitness began as a government-sponsored research project to inspect network packets for cyberthreats and tools to detect and respond to them. Since then, the technology has continuously evolved and been innovated to tackle today’s most complex attacks. NetWitness now features fully integrated components for network, log, endpoint and IoT detection and response that drive its threat intelligence and security orchestration platform, NetWitness Orchestrator. With its long history and global footprint, NetWitness XDR integrates directly with the world’s most critical and widely deployed tools, as well as many specialized and industry-specific solutions. NetWitness XDR will host demonstrations at its booth at RSA Conference this year for Platform XDR and Vision XDR. ABOUT NetWitness NetWitness, an RSA® Group Business, provides comprehensive and highly scalable threat detection and response capabilities for organizations around the world. The NetWitness Platform delivers complete visibility combined with applied threat intelligence and user behavior analytics to detect, prioritize, investigate threats, and automate response. This empowers security analysts to be more efficient and stay ahead of business-impacting threats.

Read More

Spotlight

Cyberspace has long been plagued by hackers and malware. Hackers can trace their origins to the “phone phreaks” of the 1970s, who hacked into phone systems to make free long distance calls.1 The first virus was set loose on the Internet even before it was the Internet: the Creeper virus was first detected on ARPANET, the forerunner of the Internet, in 1971.2 Early on, hackers and virus writers were more annoying than dangerous, but today they represent serious threats not only to individuals and businesses, but to entire nations and even the global economy. According to Norton, the global cybercrime industry – which is now dominated by organized, professional gangs – has already overtaken the global trade in heroin, cocaine and marijuana.3 Politically motivated hackers – “hacktivists” – have penetrated heavily fortified military and government intelligence networks. China has been implicated in systematic attacks on U.S. computer networks – from the Defense Department to Google to JP Morgan Chase. A 2008 Russian cyber assault crippled the essential electronic infrastructure of the Republic of Estonia.

Resources