DATA SECURITY
SentinelOne | January 15, 2022
SentinelOne an autonomous cybersecurity platform company, today announced integrations with Remediant, Blue Hexagon, Keysight, and Automox, expanding the set of capabilities available via SentinelOne’s Singularity Marketplace. With comprehensive integrations across enterprise use cases, the Singularity Marketplace enables customers to unify leading technologies to autonomously protect against threats at machine speed.
Enable Zero Trust with Remediant
SentinelOne’s joint solution with Remediant enables organizations to enforce Zero Trust solutions across cloud, hybrid, and on-premises infrastructure with a single agent. With the rise of credential stuffing attacks and ransomware, endpoints and identities are two of the most exploited attack vectors today. SentinelOne captures behavioral telemetry across user endpoints, cloud workloads and IoT, feeding process and file activities to Remediant. This enables administrators, auditors, and incident responders to identify malicious sessions and activity in a single workflow.
“This partnership with SentinelOne marks one of the first, and best, examples of what becomes possible when leading identity and endpoint security solution providers align their capabilities,” said Paul Lanzi, Co-founder, Remediant. “As partners, we are both aware that today's remote workforce has to be secured by a new generation of tools that secure endpoints and privileged access. We're launching this partnership because EDR and identity vendors working together is one of the most powerful things we can do for our customers to ensure they can defend against attacks."
Strengthens Cloud Ransomware Security with Blue Hexagon
SentinelOne’s integration with Blue Hexagon enables the rapid detection and prevention of malware and ransomware in the cloud. As the first line of defense, SentinelOne secures endpoints, cloud workloads and IoT devices with AI powered protection, detection and response. The integration shares Blue Hexagon’s awareness of malware and ransomware reducing the time to respond through automated remediation. In addition, cloud misconfigurations are shared with SentinelOne.
“We are excited to partner with SentinelOne, a leader in XDR, to provide a threat detection and response solution that unifies endpoint, cloud, and network security.With Singularity XDR and Blue Hexagon, joint customers can use leading solutions to seamlessly share ransomware intelligence and automate response across cloud environments.”
Nayeem Islam, CEO and Cofounder, Blue Hexagon
Proactive Threat Simulation with Keysight
SentinelOne’s integration with Keysight allows joint customers to safely simulate threats in order to validate threat detection and remediation. Keysight’s Threat Simulator attacks both network and endpoints from a ‘Dark Web’ environment. Attacks are validated against Singularity XDR’s protection and detection models using SentinelOne’s rich API functionality, identifying gaps in the cyber kill chain and suggesting updates to organizational security infrastructure.
“The integration of Keysight Threat Simulator with SentinelOne is exciting because it allows our joint customers to automate validation of their security processes and defenses before actual threats occur,” said Greg Copeland, Director of Technical Alliances, Keysight. “Cyber defense groups can test and train their operations teams using realistic scenarios, to sharpen their skills and procedures proactively.”
Automate Vulnerability Management with Automox
SentinelOne and Automox’s joint solution delivers end-to-end vulnerability discovery and remediation. As corporate networks become more technically diverse, organizations often struggle to keep up with patch management and cyber hygiene, forcing security teams to adopt multiple tools that require heavy training, dedicated on-site resources, and multiple dashboards. SentinelOne and Automox provide the visibility and workflows needed to significantly reduce the time to remediation and the burden on in-house resources.
“As corporate IT environments become more distributed and overwhelmed with multiple operating systems and a vast inventory of third-party software, organizations are left wide open to cyber attacks,” said Jay Prassl, founder and CEO at Automox. “SentinelOne mirrors our mission to proactively reduce security exposure. Through our partnership, enterprise and government organizations benefit from a powerful, cloud-enabled solution to detect and remediate vulnerabilities, seamlessly and at scale.”
About SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.
Read More
PLATFORM SECURITY
Red Sift | May 09, 2022
Red Sift, provider of the only integrated cloud email security and brand protection platform, today announced a strategic partnership with SMX, the cybersecure email specialist, to help enterprises in Australia and New Zealand strengthen their email security posture and threat protection. Through this exclusive arrangement, Red Sift’s best-in-class Reporting Platform integrates with SMX’s new Domain Protection Service (DPS) to deliver a new joint DMARC implementation offering, helping customers improve email threat monitoring and agility in responding to threats. Red Sift and SMX will be showcasing their joint offering at AusCERT 2022 in Broadbeach, Australia, May 10-13 (booth #B19).
SMX’s DPS service enables enterprises to maintain an effective DMARC implementation, using Red Sift’s best-in-class Reporting Platform to identify, quantify, and respond in real-time to dynamic threats. Red Sift’s real-time reporting provides vital data that allows SMX to deliver their expertise in refining the security profile and manage SMX DPS deployments effectively across an enterprise’s domains. SMX’s expertise, coupled with Red Sift’s reporting capabilities, provides the level of agility and monitoring required to keep up with today’s email threat landscape.
“Every company in Australasia has a unique threat environment and clients increasingly want a region-specific, locally designed and supported approach to cyber security,” says Richard Fraser, CEO of SMX. “Our DMARC managed service, DPS, made possible through this strategic partnership with Red Sift, provides clients with the tailored protection profile required to respond in real-time to dynamic threats, and will enhance email cyber-security throughout Australia and New Zealand.”
According to Gartner, 90% of the Global 2000 will have DMARC in place by 2026. As email threats continue to evolve and become increasingly complex, it is more important now than ever before that enterprises establish a streamlined and sustainable DMARC implementation process that can be easily updated to reflect today’s dynamic digital environment. With the Red Sift and SMX partnership, enterprises now have access to an end-to-end email threat monitoring service, powered by real-time reporting with actionable insights that enable them to maximize their agility in quantifying and responding to threats. As a result, customers have greater confidence in their DMARC implementation and overall email security posture.
“SMX shares our mission to provide enterprises with the solutions necessary to proactively protect their business and brand reputation from email security threats, rather than ‘mopping up’ after an attack. Our partnership with SMX enables us to help more organizations in Australia and New Zealand strengthen their DMARC implementations, and we’re excited to continue to scale globally in partnership with SMX.”
Cameron McLean, Regional Manager, Asia Pacific, Red Sift
Experts from Red Sift and SMX will be on hand at booth #B19 at AusCERT 2022 to showcase their joint DMARC managed service for enterprises.
About Red Sift
Red Sift enables security-first organizations to successfully communicate with and ensure the trust of their employees, vendors and customers. As the only integrated cloud email and brand protection platform, Red Sift automates BIMI and DMARC processes, makes it easy to identify and stop business email compromise, and secures domains from impersonation to prevent attacks. Founded in 2015, Red Sift is a global organization with international offices in the UK, Spain, Australia, and North America. It boasts a client base of all sizes and across all industries, including Wise, Telefonica, Pipedrive, ITV, Dominos, and top global law firms. Find out how Red Sift is delivering actionable cybersecurity insights to its global customers at redsift.com.
About SMX
SMX is a cyber security company with specialist expertise in email. It’s all we do. That means you get local expertise to help you secure your organisation’s email. And when you protect your email, you’re also protecting your brand reputation.
For more than 17 years, our in-house development team has been delivering that to hundreds of public and private sector businesses, offering training, support and the latest in tech solutions.
Read More
SOFTWARE SECURITY
ConnectWise | April 20, 2022
ConnectWise, the world’s leading software company dedicated to the success of IT solution providers, today announced a new service offering designed to help MSPs and their clients rapidly respond to attacks and recover from security incidents. The ConnectWise Incident Response Service provides direct, around-the-clock access to a team of expert cybersecurity analysts to provide immediate assistance to assess, contain and remediate threats to minimize impact and business disruption.
According to the 2022 ConnectWise MSP Threat Report, there was a 10-15% increase in ransomware incidents by quarter in 2021, with 56% of all incidents occurring in the second half of the year. When it comes to cyberattacks, preparation is the best prevention for MSPs that are increasingly becoming targets of threat actors. For MSPs and their clients that often lack resources to properly respond to incidents, the ConnectWise Incident Response Service provides an immediate life-line to skilled cybersecurity experts that accelerate incident resolution and help avoid mistakes that can be costly to business operations.
“With a talent shortage, more sophisticated threat actors and more technologies to protect, cybersecurity incidents can quickly overwhelm an MSP and their end client and jeopardize protection of their client’s critical assets. Every second counts in a cyberattack, so having a team of security experts at a moment’s notice is a game-changing force multiplier for an MSP’s successful delivery of cybersecurity services. With this service, MSPs can confidently turn to ConnectWise to gain swift understanding and control of the situation to eradicate threats and prevent costly downtime.”
Raffael Marty, General Manager, Cybersecurity, ConnectWise
The ConnectWise Incident Response Service also aids in the recovery process with forensic examination of system data, user activity and artifacts of digital evidence to determine the extent of compromise and identify which threat actor might be involved. The ConnectWise Incident Response Service is available today to both ConnectWise partners and non-partners.
About ConnectWise
ConnectWise is the world's leading software company dedicated to the success of IT solution providers through our unmatched software, services, community. ConnectWise’s innovative, integrated, and security-centric platform – Asio™ - provides unmatched flexibility, automation, and scale that fuels profitable, long-term growth for our Partners. ConnectWise equips TSPs with cybersecurity solutions, unified monitoring and management solutions, and business automation solutions—all while providing industry-leading operational maturity offerings to accelerate business transformation.
Read More
ENTERPRISE SECURITY
Confluera | February 19, 2022
Confluera, the leading provider of next-generation cloud cyber attack detection and response, today released the findings of their latest research report, which explores how IT leaders detect, evaluate, and act against cybersecurity threats in today's cloud environment. The study, 2022 Cloud Cybersecurity Survey Report, showcases the perspective of 200 U.S. IT leaders at medium to large sized organizations and how they are tackling the increasingly complex remote, cloud-centric IT security landscape.
The majority of organizations are accelerating their cloud adoption with 97% of IT leaders surveyed stating that their strategy includes the expansion of cloud deployments. The strategy includes expansion in scale and in many cases, the adoption of multiple platforms such as AWS, Google Cloud and Azure. This strategy is not without its challenges, however. Approximately, 63% of IT professionals identified cyberthreats designed to target cloud services as the top obstacle to their cloud strategy.
Cloud and multi-cloud adoption has greatly increased the workload of already burdened IT teams. Of the 200 IT leaders surveyed, only about half of the respondents said that they are adequately staffed to manage the frequency of alerts they receive. IT teams spend 54% of their time investigating security alerts, with over half of those alerts turning out to be false or benign alarms. As threats within the cloud proliferate, IT leaders are looking for solutions to help them quickly separate the signal from the noise so they can act on the real threats promptly. Some key findings of the survey as it relates to cloud deployments are below.
More than 65% of IT leaders said cloud IaaS adoption (AWS, Azure, Google Cloud, etc.) was the primary contributor to their increased workload in 2021
When asked what challenges were associated with adopting multiple cloud platforms,
69% said maintaining consistent cybersecurity coverage across all cloud infrastructures
Nearly 50% said securing the resources to manage different cloud infrastructures
Nearly 45% identified the difficulty detecting threats progressing from one cloud infrastructure to another
"While accelerated cloud adoption continues to be a critical element in adapting to the new way of doing business, it has strained IT leader's ability to manage their workload, Organizations need to ensure proper people, processes, and tools are in place for the team to expand the complex cloud environments without sacrificing their attention to security."
John Morgan, CEO of Confluera
Morgan continued, "To make matters worse, the Great Resignation has demonstrated the burnout that workers across the U.S. economy are feeling, and nowhere is this burnout more obvious than in the cybersecurity teams. Organizations must ensure frequent conversations between executives and cybersecurity managers to ensure they are well equipped to adequately manage alerts, maintain systems, and avoid burnout within their teams.
Other key findings include the following:
85% of IT leaders said that they experienced increased workload due to shift in work model including remote workers
Nearly 70% of IT leaders said that the change in work model has made it more difficult to keep company resources secure
Nearly 59% of all alert investigations turn out to be false alarms or benign activities
90% of IT leaders said they create threat storyboards but close to 60% rely on third-party services to create storyboards after the incident
Not all findings in the report were so glum, however. In a positive sign, 84% of IT leaders were optimistic about their cybersecurity readiness for 2022. The majority of respondents note the availability of new cybersecurity tools as the reason for their positive outlook, with 59% saying that a Detection and Response solution for the cloud, or CxDR, is the innovation they are most excited about for future deployment.
"2021 was a tough year for many IT leaders, but the market is now providing organizations with the tools they need to effectively manage the infrastructures they have and even expand them further," added Morgan. "Given proper resources and effective communication, IT leaders have every right to be positive as we move into the new year."
About the Study
Confluera commissioned an independent research firm to survey U.S. IT leaders using a national network of verified panel providers. A total of 200 respondents completed the survey, which was conducted between December 3-7, 2021. Those surveyed included those with senior titles, including Manager, Director, and VP/C-level. The margin of error for this study is +/-5.9% at the 95% confidence level.
About Confluera
Confluera is the leading provider of next-generation Cloud eXtended Detection and Response (CxDR) solutions. Recognized by Forbes as one of the Top 20 Cybersecurity Startups to Watch in 2021, Confluera's storyboard technology automates cyber attack analysis making small and large security teams more efficient. The solution has unprecedented visibility of attacks in the cloud and modern application architectures, reveals threats in real-time, and will shut down advanced multistage attacks.
Read More