Deepwatch | January 09, 2024
Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience.
Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting.
According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.”
Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include:
Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization.
Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads.
Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle.
Reporting and Reviews - Deepwatch provides customers with reports, including:
Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations.
Summary presentations on the solution engagement status, including but not limited to hunting reports.
Up to two executive reviews of the solution and observables per year.
Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria.
Annual intelligence reports on incident lessons learned and predictions.
Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report.
Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities.
“As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.”
Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.
Boomi | January 12, 2024
Boomi™, the intelligent connectivity and automation leader, today announced that the Boomi platform has achieved StateRAMP Authorization. This achievement reflects Boomi’s unwavering commitment to data security and compliance, and to delivering a secure and reliable solution that government agencies can rely on to safeguard their data and operations.
“At Boomi, we are committed to democratizing modernization. Securing StateRAMP authorization for our platform was paramount, enabling public sector organizations to seamlessly and securely integrate and leverage cloud applications,” said Sean Wechter, Chief Information Officer at Boomi. “Through a strategic alliance with StateRAMP, Boomi actively collaborates with its leadership board, facilitating streamlined documentation and audit processes to expedite digital transformation within the public sector."
According to the U.S. Government Accountability Office, government agencies plan to spend billions of dollars each year to support their IT and cybersecurity efforts, including transitioning IT resources to secure, cost-effective commercial cloud services.1 However, agencies are challenged to select secure cloud-based solutions, making it difficult for these organizations to modernize and improve constituent experiences.
StateRAMP, a nationally recognized risk authorization management program that provides a standardized approach to assessing cloud products, improves security and simplifies procurement by building a pool of pre-authorized Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) solutions for public sector entities.
As organizations more frequently implement cloud-based solutions, they also require validated access to integration platform as a service (iPaaS) to streamline application and resource integration. iPaaS integrates cloud-to-cloud, cloud-to-on premises, and on-premises-to-on-premises platforms, helping public sector organizations break down data silos to enhance information flow, improve citizen services, and increase operational effectiveness.
Boomi aims to make the world a better place by connecting everyone to everything, anywhere. The pioneer of cloud-based integration platform as a service (iPaaS), and now a category-leading, global software as a service (SaaS) company, Boomi touts the largest customer base among integration platform vendors and a worldwide network of approximately 800 partners – including Accenture, Capgemini, SAP, and Snowflake. Global organizations turn to Boomi’s award-winning platform to discover, manage, and orchestrate data, while connecting applications, processes, and people for better, faster outcomes. For more information, visit boomi.com.
Network Threat Detection
Flashpoint | December 11, 2023
Flashpoint, the leader in high-fidelity threat intelligence and data-driven insights, and Scale AI, whose proprietary data engine powers the most advanced large language, generative, and computer vision models with high-quality data, announced today a groundbreaking partnership that unites Donovan, Scale’s AI-powered decision-making platform, with Flashpoint's pioneering open-source intelligence. This strategic alliance promises to advance intelligence and security operations for government agencies, including the U.S. Department of Defense and Intelligence Community, substantially enhancing their ability to tackle complex global security challenges with advanced threat detection and in-depth analysis.
“Merging Scale’s advanced AI technology with Flashpoint's unparalleled intelligence and data isn't just about setting a new industry standard; it's about revolutionizing how government agencies manage national security challenges in today's digital landscape," said Andrew Makridis, the former COO of the Central Intelligence Agency who serves on the advisory boards of both Scale and Flashpoint National Security Solutions (FNSS), a dedicated Flashpoint business unit that serves the unique needs of national security organizations. "This partnership will enable agencies to quickly adapt to emerging threats and leverage data-driven insights for strategic operations.”
"Flashpoint's collaboration with Scale AI represents a significant expansion of our capabilities in national security intelligence," said Flashpoint CEO Josh Lefkowitz. "Our tailored, actionable intelligence perfectly complements Scale’s AI technology, enhancing our ability to help organizations in the public sector identify and address evolving security challenges effectively."
“Our partnership with Flashpoint is a game-changer. Through our Donovan LLM platform, we are helping analysts in the cyber and infrastructure security domain take advantage of the data trove Flashpoint delivers. We are enhancing decision-making and security frameworks for our government clients," said John Brennan, General Manager of Scale AI’s Public Sector business unit. "We chose Flashpoint for their unparalleled cyber intelligence depth and actionability, a cornerstone in our joint efforts to fortify national and homeland security through artificial intelligence."
Flashpoint will discuss the advanced capabilities from our partnership with Scale AI at booth #1937 during 2023 DoDIIS Worldwide Conference in Portland, Oregon, starting December 12. Visit our booth to learn about how this partnership will equip national security teams with the essential data, intelligence, and insights needed for mission success.
Flashpoint National Security Solutions (FNSS)
FNSS is a dedicated Flashpoint business unit that serves the unique needs of national security organizations. FNSS partners with teams across defense, federal law enforcement, federal civilian agencies, state and local government, and the intelligence community, to enhance global situational awareness and drive mission success through industry-leading technology and intelligence expertise.
Trusted by governments, commercial enterprises, and educational institutions worldwide, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks. Leading security practitioners—including physical and corporate security, cyber threat intelligence (CTI), fraud, vulnerability management, national security, and vendor risk management teams—rely on Flashpoint’s Ignite platform and its team of intelligence analysts to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. Discover more at flashpoint.io or join the conversation on LinkedIn, Twitter, and YouTube.
Scale unlocks AI for every industry. Our proprietary data engine powers the most advanced large language, generative, and computer vision models with high-quality data. Our experience partnering with leading AI companies allows us to provide the blueprint for any organization to apply AI. Scale is trusted by industry leaders including Meta, Microsoft, U.S. Army, DoD's Defense Innovation Unit, Open AI, Cohere, Anthropic, Stability AI, General Motors, Toyota Research Institute, Brex, Instacart and Flexport.
Picus Security | December 12, 2023
Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced the Picus Managed Security Services Provider (MSSP) Partner Program. Picus has a long-standing 100% channel approach and works closely with MSSPs to deliver security validation services that quantify risk and reduce threat exposure. Now, it's easier than ever for MSSPs and their customers to get started with security validation to measure the effectiveness of security controls with real-world attack simulations and then scale up testing programs to perform validation checks consistently.
The new Picus MSSP Program provides the flexibility MSSPs need to introduce automated validation services and generate new recurring revenues quickly. Designed for customers of varying levels of cyber maturity, the program features interval-based and continuous licensing options. With interval-based licensing, MSSPs can purchase credits that allow an entry cadence for validation assessments. Then, once customers are ready to advance their security program maturity and increase the frequency of assessments they can easily switch to a continuous licensing model. The program means MSSPs can help customers to 'crawl,' 'walk,' and then 'run' with validation.
"With this new MSSP program, it's never been simpler for managed service providers to get the consistent and accurate validation insights needed to improve security outcomes for clients," said Ryan Kunker, Picus Security, Senior Director of Channels and Alliances. "By shining a light on security effectiveness in areas such as security control validation, automated security validation presents an enormous opportunity for MSSPs to improve security outcomes for clients and identify new upsell opportunities."
Security validation powered by BAS is a core pillar of Continuous Threat Exposure Management (CTEM). It helps security teams to understand if security controls provide the coverage needed to defend organizations against the latest threats, including ransomware and Advanced Persistent Threats. Gartner estimates that security services providers that adopt cybersecurity validation assessments will see an improvement of over 5% in their acquisition, retention and upsell rates.*
"We are constantly looking for new ways to provide real actionable value to our clients," said Perry Schumacher, Chief Strategy Officer at Ridge IT. "We evaluated Picus in our cyber range against our best practice configurations and it showed us opportunities to improve beyond today's best tools and practices. The Picus platform helps us provide better security for our clients by increasing our effectiveness. Our clients who purchase Picus begin a continuous improvement journey for their cyber security and are always in a cyber-ready state."
In addition to real-world threat simulation, the Picus platform also offers asset and vulnerability discovery, attack path mapping, detection engineering as code, and AI-based threat profiling - capabilities that help MSSPs to manage customers' threat exposure even more efficiently. To enable MSSPs to validate the security of multiple clients simultaneously, the platform also offers a multi-tenant portal.
"Now more than ever, every dollar spent in the security budget must be carefully weighed on merit and returned value," said Darren Humphries, Acora Group CISO and MSSP Cyber Portfolio CTO. "For strengthening the security of our own company portfolio and that of our customers, Picus is a key tool that helps us measure the efficacy of the protective security tools we use as well as our detective SOC and SIEM capabilities. Picus is a true force multiplier."
About Picus Security
Picus Security helps security teams consistently and accurately validate their security posture. Our Security Validation Platform simulates real-world threats to evaluate the effectiveness of security controls, identify high-risk attack paths to critical assets, and optimize threat prevention and detection capabilities.
As the pioneer of Breach and Attack Simulation, we specialize in delivering the actionable insights our customers need to be threat-centric and proactive.
Picus has been named a 'Cool Vendor' by Gartner and is recognized by Frost & Sullivan as a leader in the Breach and Attack Simulation (BAS) market.