DATA SECURITY, PLATFORM SECURITY
SCYTHE | September 09, 2022
SCYTHE, a leader in adversarial emulation, announced the release of version 4.0 of the company’s flagship cybersecurity platform, offering new features and functionality that will extend capabilities for greater collaboration between blue, red, and purple teams. SCYTHE runs real-world adversary emulations that help security teams reduce detection and response rates, validate controls, and optimize resources by enabling teams to prioritize vulnerabilities, and focus on the highest risk issues to the business. Its scalable platform automates adversary emulations and expands your team’s threat intelligence skills so that you can multiply your cybersecurity team’s velocity and reduce cybersecurity risk.
SCYTHE has the largest, public library of threats in the breach attack simulation industry and has more capabilities than all other competitors combined as shown by Tidal Cyber’s Community Edition of their SaaS threat-informed defense platform.
With a redesigned UI, SCYTHE 4.0 makes threats easier to manage by bringing campaign details to the surface, allows for greater communication between team members, and makes it simpler to take action via Jira integrations—all available as an on-prem or SaaS offering. Through automation, communication, and integrations, SCYTHE 4.0 is designed to help security teams collaborate, as a purple team, on adversary emulation.
“The new SCYTHE 4.0 platform sets a new standard for adversary emulation automation for offensive, defensive, and hybrid purple teams to help customers strengthen defenses, share actionable data between teams to better resolve real-world cybersecurity concerns quickly, and improve collaboration,” said Stephanie Simpson, VP, Product. “Version 4.0 is based on feedback from our customers and prospects about what they need to optimize their teams’ breach and attack simulation (BAS) capabilities.”
In addition to this, SCYTHE’s Cyber Threat Intelligence (CTI) Team just released offerings that are complementary to the SCYTHE platform capabilities and services that can serve as an extension of your security team. This includes emergency action emulation plans, custom plans, cloud-focused plans, and emulation plans covering more diverse tactics, techniques and procedures.
What’s New With 4.0?
SCYTHE version 4.0 was designed to enhance collaboration within security teams and improve the user experience. These updates include:
Collaboration features — SCYTHE enables greater collaboration between blue, red, and purple teams to create and leverage existing adversary emulation plans. The updated, user-friendly dashboard clearly displays outcomes and severity of campaign results. Users can have different access levels to create and personalize realistic attacks or re-run existing attacks. In-platform messaging now allows for better and faster communication between users.
Workflow automation — Users can take a more collaborative team approach and seamlessly share actionable insights through a Jira integration.
SaaS and on-prem — Previously an exclusively on-prem solution, SCYTHE 4.0 now has a SaaS offering available to provide flexibility to customers in any type of environment.
SCYTHE 4.0 will be available for customers in Q4.
SCYTHE is like hiring the hacker you always wanted, but could never afford. SCYTHE transforms your organization’s capabilities and defines a new technology category: Attack, Detect, and Respond to integrate cybersecurity risk management across people, process, and technology. The SCYTHE 4.0 platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns. Customers can easily and quickly validate the risk posture and exposure of their business and employees and the performance of enterprise security teams and existing security solutions.
DATA SECURITY,ENTERPRISE SECURITY,PLATFORM SECURITY
Laminar | November 30, 2022
Laminar, a leader in public cloud data security, today announced it is supporting the launch of Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned purpose-built data lake. With support for the Open Cybersecurity Schema Framework (OCSF) standard, Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response.
“All cybersecurity in the end is about protecting data and all cybersecurity is more effective and efficient with data-context. “Laminar is proud to be a launch partner for Amazon Security Lake, adding data-context to security events for better risk models, effective investigations and efficient remediation.”
Amit Shaked, co-founder and CEO, Laminar
Amazon Security Lake helps organizations aggregate, manage, and derive value from log and event data on the cloud and on-premises to give security teams greater visibility across their organizations. With Amazon Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases. Amazon Security Lake helps customers optimize security log data retention by optimizing the partitioning of data to improve performance and reduce costs. Now, analysts and engineers can easily build and use a centralized security data lake to improve the protection of workloads, applications, and data.
Laminar is a Data Security Posture Management (DSPM) leader that delivers autonomous, agentless, and continuous data security for everything that you build and run on the cloud. Laminar provides autonomous discovery and classification for all data across AWS and hybrid cloud environments into a cloud data catalog, prioritization of data assets by our proprietary risk model, and an agentless and asynchronous approach to DSPM to reduce the exposure surface without impacting performance.
“Data is every enterprise’s most valuable asset, which makes protecting it a critical capability for all cybersecurity solutions,” said Rod Wallace, General Manager for Amazon Security Lake. “Amazon Security Lake enables security teams to optimize security log data collection and retention by optimizing the partitioning of data to improve performance and reduce costs. With the Laminar integration, analysts and engineers can store their data in the OCSF format for further analytics to improve the protection of workloads, applications, and data.”
Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers and cloud data warehouses. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne.
DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY
AwareGO | October 17, 2022
Human cyber risk management and awareness company AwareGO announced today that during the National Cybersecurity Awareness Month, the company launches its long-awaited full Employee Cybersecurity Risk Audit and consultation.
“Today, around 90% of all successful cybersecurity attacks involve employees enabling the break-in. It is therefore critical for anyone responsible for an organization's cybersecurity to have a clear picture of what employees know and how they behave in the face of potential threats. Only then is it possible to effectively respond with training or other risk-reducing approaches.” said AwareGO Chief Executive Officer Ari Jonsson, Ph.D. “AwareGO's Human Risk Assessment software is the first of its kind when it comes to measuring both the knowledge and the behavior of employees for a broad range of cybersecurity threats, going far beyond just phishing. This capability is allowing us to now launch our full-service Employee Cybersecurity Risk Audit for organizations. In this audit, our cybersecurity experts work directly with individual organizations to set up the appropriate assessment, execute it, evaluate the outcome and map that to effective risk-reducing decisions.”
AwareGO is renowned for its industry-leading Human Risk Assessment and its uniquely effective approach to security awareness training. Created by cybersecurity experts, behavioral scientists and interaction designers, the Human Risk Assessment uses interactive scenarios to assess employees across a wide range of threat areas and key behaviors. The resulting dashboards and reports help identify vulnerable departments and roles, and offer actionable insights to create informed security strategies to improve any organization’s overall cyber defense and reduce cybersecurity risks.
The Employee Cybersecurity Risk Audit is designed to apply the capability of the Human Risk Assessment as effectively and as efficiently as is possible for client organizations, so that they may quickly identify vulnerabilities among their employees and address them right away. The audit is conducted by AwareGO experts who will work with clients through the entire process. The first step is to work with the client to determine the scope and priorities for the audit, based on company structure, risk profile, security stance and more. Then, the employees will be assessed across six different threat areas: phishing; passwords; sensitive data handling; device handling; physical security; and remote work. When that has been completed, our experts deliver a detailed report on the results and consult with the client to identify potential next steps to reduce vulnerabilities, as well as to develop an informed cybersecurity strategy for the future — backed up by data.
Organizations interested in the Employee Cybersecurity Risk Audit can schedule a 15-30 minute call with AwareGO through this web page to learn more about the process and to get a price quote based on the expected scope of the project for their case.
AwareGO is a global provider of human cyber risk and awareness solutions that help enterprises, and SMEs identify, quantify and remediate the human risk factor when it comes to cybersecurity. To date, AwareGO has successfully trained more than 8 million employees worldwide. Based in Iceland, the company has locations in the United States, Czech Republic, and Croatia.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Cerberus Sentinel | September 07, 2022
Cerberus Cyber Sentinel Corporation , an industry leader as a managed cybersecurity and compliance provider, based in Scottsdale, Ariz., announced that it has completed the acquisition of NLT Secure, a cybersecurity company with headquarters in Providencia, Chile, and U.S. offices in Tampa, Florida. Under the terms of the agreement, NLT Secure became a wholly owned subsidiary of Cerberus Sentinel.
NLT Secure provides a broad range of security solutions and managed services to organizations throughout South America. Lorenzo Espinoza, founder and chairman, NLT Secure, will continue to manage the company's team of professionals and will work closely with the leadership team in Latin America.
“NLT Secure accelerates our growth strategy into Latin America and is an excellent cultural fit. “As cybersecurity continues to be a global challenge requiring a breadth of capabilities, NLT has made this its mission to help secure businesses and organizations. NLT Secure has partnered with our Arkavia Networks and CUATROi teams, also based in Chile, for several years and compliments our combined service offerings.”
David Jemmett, CEO and founder of Cerberus Sentinel
"Our vision has always been to protect and guarantee the continuity of operations for our clients considering the challenging scenario of cyber threats they face every day. I want to deeply thank the incredible team of professionals that make up NLT, because it is thanks to their passion and commitment that we have managed to make this dream come true. I´m so excited to take this step together with the incredible team of Cerberus Sentinel, with whom we share a culture and a vision,” said Espinoza.
About Cerberus Sentinel
Cerberus Sentinel is an industry leader as a managed cybersecurity and compliance provider. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.