Software Security
Business Wire | September 27, 2023
Today, Cyolo, provider of the fastest and most secure zero-trust access and connectivity solution for hybrid organizations with IT and OT, in partnership with KuppingerCole, released an industry analysis focused on zero trust and remote access for operational technology (OT) environments.
The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks.
OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and Supply Chains as vectors – while experiencing expanded OT-specific threats. While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions.
Cyolo can help organizations with OT infrastructure to define and manage access control to those complex environments, said John Tolbert, Lead Analyst at KuppingerCole.
Overall key insights include:
OT Threat Landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being.
Core Cybersecurity Regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework.
OT Security Architectures and Key Functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol level threats.
As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and making the product easier than ever to use for both administrators and end users in the industrial space.
With Cyolo 4.3, industrial organizations will be able to extend their multi-factor authentication (MFA) across environments through an integration with Duo Security to support their physical tokens as required. Additionally, the company has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. Cyolo is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using SCIM.
“Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organizations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O'Donnell, Vice President ICS/OT of Cyolo. “With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defenses against evolving cyber threats.”
The announcement of Cyolo 4.3 highlights the company’s commitment to advancing zero-trust capabilities and it comes on the heels of Cyolo being listed as a Representative Vendor in the 2023 Gartner® “Market Guide for Zero Trust Network Access” report for the second consecutive year and recognized by Frost & Sullivan with the 2023 North American New Product Innovation Award for Secure Remote Access to Operational Infrastructure and Industrial Control Systems (OT/ICS).
As the threats to critical infrastructure continue to evolve, Cyolo zero-trust access solution continues to provide the utmost protection and ease of use. To learn more about Cyolo 4.3, visit here. Access the report for a full view of the industry here.
Register here to attend the joint webinar from Cyolo and KuppingerCole on how to achieve secure remote access for OT environments, to be held on Tuesday, October 10 at 7 a.m. PT.
About Cyolo
Cyolo helps hybrid organizations in the IT and OT spaces to stay safe, secure and productive in an era of distributed workforces and unprecedented cyberthreats. Cyolo’s next-generation zero-trust access solution enables all users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely via modern identity-based access. Providing one unified solution that integrates with the existing tech stack and deploys easily in the cloud, on-premises or in a hybrid model, Cyolo empowers the global workforce to securely access anything from anywhere.
Read More
Platform Security
SentinelOne | September 18, 2023
SentinelOne, a global leader in autonomous cybersecurity, is addressing the pressing need for rapid and effective responses to the escalating wave of cyber breaches. Today, the company announced the launch of Singularity RemoteOps Forensics, a pioneering digital forensics product designed to streamline and accelerate incident response readiness. This innovative solution promises to empower organizations of all sizes, ushering in a new era of efficient and scalable investigation and response capabilities in the face of evolving cybersecurity challenges.
Integrated seamlessly with the SentinelOne Singularity Platform and as an add-on to Sentinel One's Endpoint and Cloud Workload Security solutions, RemoteOps Forensics offers a rapid, adaptable digital forensics and incident response solution. Security teams can leverage this tool to enhance efficiency by optimizing resources and accelerating Mean Time to Resolution. With the capability for targeted investigations on various assets, including endpoints and server workloads, it enables conditional trigger-based evidence collection. This automation efficiently gathers evidence, such as process data, ports, service listings, MFT, Amcache, JumpLists, and memory dumps, orchestrating them in under a minute. Consolidating evidence into the Singularity Security DataLake allows for the correlation of SentinelOne and partner data with forensics data in a unified search, facilitating a comprehensive view of attacks, rapid root cause identification, and risk mitigation.
Furthermore, it provides the ability to analyze collected evidence alongside Endpoint Detection and Response (EDR) data within a single console, empowering proactive defense against future threats. The integration and analysis of this combined data unveil concealed indicators of compromise, detect advanced attack patterns, and offer insights into threat actors' tactics, techniques, and procedures.
RemoteOps Forensics is a cost-effective and resource-efficient solution that seamlessly integrates with the SentinelOne agent. This integration alleviates the necessity of deploying and provisioning multiple tools throughout the investigative process, resulting in significant time and resource savings for organizations. In addition, this innovative solution prioritizes the maintenance of forensic integrity by minimizing changes made to the disk, and it leverages SentinelOne's anti-tampering and metadata collection capabilities to safeguard data integrity. In doing so, it streamlines investigations and upholds the highest standards of forensic rigor, reinforcing organizations' cybersecurity defenses with a comprehensive and efficient approach.
Jane Wong, Senior Vice President of Products and Strategy at SentinelOne, said,
As timelines for reporting and responding to breaches shrink, it is imperative that the security teams have advanced forensics capabilities that can make investigations faster and more efficient, and with Singularity RemoteOps Forensics, the team is delivering them.
[Source – Business Wire]
SentinelOne's new forensic capabilities help develop incident response by enabling security teams to conduct thorough investigations more quickly, Jane also mentioned eliminating the requirement for specialized expertise or additional tools.
About SentinelOne
SentinelOne is a leading provider of autonomous cybersecurity solutions. With its identified Singularity Platform, the company excels at detecting, preventing, and responding swiftly to cyber threats. SentinelOne enables businesses to protect their endpoints, cloud workloads, containers, and identities, as well as their mobile and network-connected devices, with unparalleled speed, accuracy, and ease of use. With a formidable clientele comprising over 11,000 customers, SentinelOne has proven itself as the trusted guardian of a secure digital future.
Read More
Software Security
Keeper Security, Inc. | September 25, 2023
Keeper Security, a prominent cybersecurity software provider specializing in zero-trust and zero-knowledge solutions safeguarding credentials, privileged access, secrets, and remote connections, has announced the unveiling of a new, contemporary User Interface (UI) for the Keeper Password Manager application on Android. This awaited release introduces enhanced usability, intelligent search capabilities, and quicker synchronization times. With a focus on a polished appearance and user-friendly interactions, these enhancements are designed to simplify the utilization of Keeper's robust password and passkey management features, offering improved clarity and search functionality.
Keeper has adopted an incremental approach to enhancing the user experience, consistently refining the appearance, usability, and overall feel of its applications while staying mindful of the importance of consistency, familiarity and the world-class security and functionality that Keeper users have come to expect. With this update, Keeper's new user experience has been effectively implemented across all platforms, encompassing desktop, web browsers, and iOS. Android users can also anticipate an upcoming dark mode experience soon.
Android users of Keeper will encounter refreshed themes, including a default Light Mode and improved user-selectable themes. Additionally, new features include:
Streamlined Usability
Friendlier Interface
Accessibility and Inclusion
Advanced Search
Craig Lurey, CTO and Co-Founder of Keeper Security, said,
We are excited to introduce these enhancements to our Android app, completing the rollout of our stunning new user interface (UI) to every Keeper user.
[Source – Cision PR Newswire]
Lurey stated that the update represented their ongoing commitment to delivering the best possible user experience while maintaining the highest security standards. He mentioned that with the improved usability, modernized interface, and lightning-fast sync times, Keeper Password Manager for Android continued to be a go-to solution for organizations and individuals looking to secure their digital identities.
About Keeper Security
Keeper Security is revolutionizing the way to secure passwords, confidential data, and secrets for individuals and organizations worldwide. The company's user-friendly cybersecurity platform is built on the foundation of zero-trust and zero-knowledge security, providing protection for users on all devices. Its solution is quick to deploy and seamlessly integrates with any technology stack, effectively preventing breaches, lowering help desk expenses, and ensuring compliance. Trusted by millions of individuals and numerous global organizations, Keeper leads in top-tier password management, privileged access, secrets management, secure remote access, and encrypted messaging solutions.
Read More
Platform Security
Business Wire | October 31, 2023
Stellar Cyber, the innovator of Open XDR, announced today that a top 200 managed security service provider (MSSP), BLOKWORX, has added Stellar Cyber Open XDR Platform to its security stack to enhance context and increase the differentiation of its security offerings. Stellar Cyber’s Network Detection and Response (NDR) capabilities and unique ability to identify threats at the network layer played a pivotal role in BLOKWORX’s ultimate decision.
The Stellar Cyber Open XDR Platform enables MSSPs to produce consistent security outcomes with existing staff. In addition, Stellar Cyber complements security teams’ human expertise, making them more productive and efficient.
BLOKWORX is a leading MSSP delivering data-centric security services aimed at managed security providers (MSP) with limited in-house cybersecurity resources. BLOKWORX sets itself apart from other MSSPs with its extensive networking expertise. “Most MSSPs focus on the endpoint when it comes to threat detection, then broaden their efforts,” said Robert Boles, Founder & President of BLOKWORX. “While we can and do look at endpoints, together with Stellar Cyber, we take a more comprehensive approach, looking at all layers of the network, allowing us better to understand the real depth and breadth of a threat and more completely protect a client's network from cloud to edge to endpoint.”
We are delighted that BLOKWORX underscores how the Stellar Cyber Open XDR Platform accentuates the differentiation and value they offer their customers, said Jim O’Hara, Stellar Cyber Chief Revenue Officer. BLOKWORX is already a deeply valued partner, and we look forward to developing our relationship further.
BLOKWORX played a critical role in integrating Stellar Cyber and Deep Instinct. They invested significant cycles working with the dev teams from Stellar Cyber and Deep Instinct, ensuring the integration works as expected. The result is a resilient integration between the two products that protect enterprises globally. “BLOKWORX was an invaluable contributor to the integration work we completed with Deep Instinct,” said Andrew Homer, VP of Technology Alliances at Stellar Cyber. “When you see this type of dedication from a partner, you want to work harder to deliver the best possible outcomes, and that is what we did.”
“We will not bring anything into our stack that doesn’t pass our comprehensive vetting process, especially when a product claims to be multi-tenant. Stellar Cyber checked every box in our vetting process,” added Robert Boles.
Unlike other SecOps platforms requiring several multifaceted technical professionals to deploy, use, and maintain, the Stellar Cyber Open XDR Platform delivers NG-SIEM, NDR, UEBA, SOAR, and TIP capabilities in an efficient way that allows security analysts to focus on security operations. In addition, powered by deep learning AI and an “open” integration architecture, Stellar Cyber intelligently correlates alerts, logs, and telemetry data, providing security analysts with the holistic view of threats they need to mitigate them quickly.
About Stellar Cyber
Stellar Cyber delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley. For more information, visit https://stellarcyber.ai.
About BLOKWORX
Most IT Managed Service Providers can’t keep up with all the security options and threats that come at their clients on their own. BLOKWORX simplifies security solutions and constantly prevents cyber threats before they become catastrophic events so MSPs can protect their clients, reduce their risks and have peace of mind growing their business, with a trusted and proven security partner watching their backs. We Defend. We Protect. You Grow. For more information, visit www.blokworx.com.
Read More