DATA SECURITY

Morphisec Announces New Incident Response Services as Enterprise Attacks Escalate

Morphisec | August 16, 2021

Morphisec, a leader in cloud-delivered endpoint and server security solutions, today announced the launch of its new incident response services at HIMSS21. The service will help organizations across the healthcare industry, and various other markets, identify, contain, and report on security incidents in progress while validating or verifying the lack of a breach.

Morphisec adds this service at a time when a flood of cyber threats have placed businesses under increasing pressure, making incident response necessary for industries like healthcare and manufacturing that need to be operational 24/7. In fact, Morphisec’s Consumer Healthcare Cybersecurity Threat Index found earlier this year that 1 in 5 Americans had a healthcare provider affected by cyberattacks over the last twelve months.

Morphisec’s new IR services aims to assist these organizations with containing in-progress incidents, reducing damage, providing recommendations for long-term risk reduction, and auditing critical infrastructure to ensure the lowest possible risk exposure to a cyberattack. The company's highly experienced and on-demand IR team will be led under the direct supervision of the CTO’s office.

“In this worsening threat landscape, it’s vital that all businesses have access to the expertise they need to keep their business up and running in the event of a breach -- even if they lack dedicated security professionals,” said Michael Gorelik, Morphisec’s CTO and head of incident response. “Morphisec’s incident response services help every organization under attack to quickly contain the incident, ensure business continuity, and minimize direct and indirect losses. With extensive experience in security incident investigation, companies are in good hands with our talented IR team who will go above and beyond to help them protect their assets from backdoors and persistent malware.”

Morphisec’s incident response services will leverage the company’s zero trust at runtime solution to quickly pinpoint and contain threats, promising immediate results before forensic activities are even finalized. Responders will also educate businesses on the root cause of the incident and, in turn, the required corrective actions to improve their current tools and processes.

Forensic collection and investigation of affected assets, including the building of an activity timeline, supplying indicators of compromise (IOCs), scoping the impact, mapping of exfiltrated IP, and more
Malware analysis: In-depth analysis of a given malware, backdoor, or fileless code, to identify the potential impact
Working around the clock during the investigation, with availability whenever we’re needed
The option to develop customized scripts to minimize follow-up impact
“As cyberattackers continue to target our critical industries such as healthcare, we’re proud to offer this crucial service to organizations who simply cannot afford downtime,” added Gorelik. “Morphisec's impressive suite of cloud-delivered endpoint and server security solutions are already protecting our customers across 8 million endpoints, and the addition of our new incident response service adds a vital layer to triage critical security incidents and reduce the risk of attack for the future.”

About Morphisec

Morphisec is the world leader in providing advanced security solutions for midsize to small enterprises around the globe. The company’s security products simplify and automatically block modern attacks from the endpoint to the cloud. Unlike traditional security solutions relying on human intervention, Morphisec delivers operationally simple, proactive prevention. This approach protects businesses around the globe with limited security resources and training from the most dangerous and sophisticated cyber attacks.

Spotlight

Each quarter Prolexic publishes a wide variety of metrics gathered from distributed-denial-of-service (DDoS) attacks against its global client base, which includes over 100 financial services firms. This quarter showed a significant shift in tactics as DDoS perpetrators used more reflection attacks, which increased 265% over Q3 2012 and 70% over the previous quarter.


Other News
SOFTWARE SECURITY

Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS

Palo Alto Networks | June 24, 2022

Over the last two years, organizations have expanded their use of cloud environments by more than 25%. Many are now struggling to manage the technical complexity of cloud migration, including the ability to secure their applications across the entire application development lifecycle. Palo Alto Networks (NASDAQ: PANW), a leader in The Forrester Wave™: Cloud Workload Security, Q1 2022, today announced the addition of Out-of-Band Web Application and API Security (Out-of-Band WAAS) to Prisma® Cloud to help organizations secure web applications with maximum flexibility. Until now, a primary industry approach to securing web applications has been to deploy inline web application firewalls (WAFs). Some organizations are reluctant to introduce WAFs or API security solutions inline, however, due to performance and scalability concerns. With today's announcement, Prisma Cloud can provide organizations with deep web and API security both inline and out of band, allowing them to choose how to protect their applications in the cloud. "Companies no longer have to decide between application security and performance. By adding Out-of-Band WAAS to Prisma Cloud, we are empowering customers with flexible security options that fit their evolving application needs," said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. "As more organizations move workloads to the cloud, the capabilities that make up Prisma Cloud help provide the most complete protection, reducing complexity and increasing visibility across infrastructure, workloads, identities and applications." "As organizations increasingly build and deploy their applications in the cloud, protecting their business-critical applications without impacting performance has been a challenge. "Adding the option of Out-of-Band WAAS helps both developer and security teams secure their applications with the same level of security as traditional in-line WAFs and API security without impacting performance." Melinda Marks, senior analyst, ESG In addition to Out-of-Band WAAS, Prisma Cloud is getting new threat detection, alert prioritization and permissions management capabilities to help provide organizations with deeper, unified visibility across their entire cloud application portfolio: Multicloud Graph View for Cloud Infrastructure Entitlement Management (CIEM): Discover over-privileged accounts and understand access risk across multicloud environments. Prisma Cloud now provides a graph view of the net effective permissions across AWS, Microsoft Azure and Google Cloud. Multicloud Agentless Cloud Workload Protection: Extend visibility into cloud workloads and application risks across Azure and Google Cloud, in addition to AWS, to complement existing agent-based protection. DNS-Based Threat Detection: Surface malicious activity and anomalous behavior in cloud environments. Prisma Cloud Threat Detection now leverages machine learning (ML) and advanced threat intelligence to identify bad actors hiding in DNS traffic. MITRE ATT&CK® Alert Prioritization: Enable security teams to prioritize risks and incidents based on the industry's most widely adopted framework. About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

DATA SECURITY

Security Tops Retailers’ Wish Lists this Holiday Season

Futurex | November 17, 2021

Record sales expected in 2021, along with hackers; Futurex recommends point-to-point encryption for retailers to protect cardholder data BULVERDE, Texas, November 17, 2021 — As we enter the biggest retail season of the year, transactions are increasing, as are the numbers of hackers and skimmers — targeting shoppers’ cardholder data. The last thing retailers need to worry about is cyber threats that lead to ransomware or data breaches, as they welcome shoppers and juggle supply chain disruptions. Futurex, a leader in hardened, enterprise-class data security solutions, recommends retailers implement point-to-point encryption (P2PE) to encrypt cardholder data at the point of sale to keep it safe from malware that might be spying on network traffic and capturing credit card numbers. Futurex secures transactions for several of the nation’s largest retailers, protecting shoppers’ sensitive cardholder data and payment information. U.S. retail sales now through December are expected to grow 10.5% to a record $859 billion, compared to 2020, according to the National Retail Federation. Meanwhile, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned about the increase of cyber threats, including ransomware, around the holidays. “Behind every gift, every purchase, and every payment, retailers and consumers depend on secure transactions to protect payment information,” said Ryan Smith, vice president, global business development, at Futurex. “As the critical security backbone of the global financial ecosystem, we work with the world’s largest retailers and financial institutions to safeguard data in transit and at rest." The use of hardware security modules (HSMs) in transaction processing is critical, as payment HSMs provide the cryptographic functions needed to support end-to-end data security, including encryption and cryptography key management. In a compliant P2PE environment, sensitive data is encrypted from the point of interaction and decrypted only within the secure boundary of a FIPS 140-2 Level 3 or PCI HSM-validated HSM. Learn more about point-to-point encryption. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

SOFTWARE SECURITY

ColorTokens Launches Xcloud, Autonomous Cloud Security Protection for All Enterprise Environments

ColorTokens | April 06, 2022

ColorTokens Inc., a leading innovator in autonomous Zero Trust cybersecurity solutions, announced the launch of its new product, Xcloud. Xcloud's agentless, automated, and deep scanning technology finds the most elusive threats across cloud and container environments fast and without disruption. Xcloud combines vulnerability management, malware detection, and compliance monitoring all in one platform, saving time, resources, and cost. Customers worldwide can now gain access to Xcloud directly from AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS). Today's enterprises are leveraging cloud technologies at a hyper-scale. According to the Gartner® Hype Cycle™ for Cloud Security, 2021, "By 2023, 70% of all enterprise workloads will be deployed in cloud infrastructure and platform services, up from 40% in 2020. By 2025, more than 99% of cloud breaches will have a root cause of preventable misconfigurations or mistakes by end-users." To address the unique challenges of cloud security — shortages of skilled staff, tools not designed for the cloud, limited or no visibility, and the inability to control cloud security — enterprises need simple, fast, agentless, and autonomous tools to provide the support they need. "In today's cloud era, it is widely embraced that cloud environments require agentless tools. But current tools for cloud security follow a fragmented approach, and these siloed point security tools cannot deliver end-to-end visibility on the comprehensive security posture of the enterprise business," says Rajesh Khazanchi, chief executive officer of ColorTokens. "ColorTokens now uniquely solves enterprise cloud security challenges, combining Xcloud with our comprehensive platform to bring unparalleled risk visibility, essential insights, and automation into the risks that threaten cloud and container environments." With nothing to install, deploy, or configure, Xcloud keeps you secure automatically. Xcloud uniquely allows security teams to find and fix the deepest risks in their cloud: Uncover more critical risks. Xcloud's ShadowScan™ dives deeper into workloads and containers at the OS level to detect vulnerabilities and risky configuration issues that are often missed. ShadowScan™ creates and scans a complete replica of workloads to eliminate disruptions, downtime, and impact to applications. Prevent supply chain attacks. Xcloud's ChainScan™ uncovers hidden vulnerabilities in critical application libraries and scans container and cloud workloads for all software dependencies. This allows enterprises to identify the risks introduced in third-party packages throughout their entire application software supply chain. Detect the latest threats. Xcloud automatically tracks the latest vulnerabilities and malware from multiple threat intelligence and vulnerability sources. Every security scan of environments uses a real-time database to find the latest threats so businesses can continuously detect and remediate new threats. "When compared to the two other leading solutions in the cloud security market, ColorTokens' Xcloud uniquely delivers brilliant ease of use and unmatched deep visibility into the cloud," says Harish Akali, CTO of ColorTokens. "As a result of Xcloud's automated, agentless, customer-obsessed approach, combined with its availability in AWS Marketplace, Xcloud delivers instantaneous onboarding and results and without any disruption." Ravi Pattabhi, VP of cloud security at ColorTokens To access Xcloud today, visit ColorTokens in AWS Marketplace. ABOUT COLORTOKENS ColorTokens Inc. is a leading innovator in SaaS-based Zero Trust cybersecurity solutions that provides global enterprises with a unique set of products and services for securing applications, data, and users across cloud and hybrid environments. Through its award-winning Xtended ZeroTrust™ Platform and context-aware machine learning-powered technologies, ColorTokens helps businesses accurately assess and improve their security posture dynamically.

Read More

SOFTWARE SECURITY

ConnectWise Amplifies MSP Cyberattack Defense with Incident Response Service

ConnectWise | April 20, 2022

ConnectWise, the world’s leading software company dedicated to the success of IT solution providers, today announced a new service offering designed to help MSPs and their clients rapidly respond to attacks and recover from security incidents. The ConnectWise Incident Response Service provides direct, around-the-clock access to a team of expert cybersecurity analysts to provide immediate assistance to assess, contain and remediate threats to minimize impact and business disruption. According to the 2022 ConnectWise MSP Threat Report, there was a 10-15% increase in ransomware incidents by quarter in 2021, with 56% of all incidents occurring in the second half of the year. When it comes to cyberattacks, preparation is the best prevention for MSPs that are increasingly becoming targets of threat actors. For MSPs and their clients that often lack resources to properly respond to incidents, the ConnectWise Incident Response Service provides an immediate life-line to skilled cybersecurity experts that accelerate incident resolution and help avoid mistakes that can be costly to business operations. “With a talent shortage, more sophisticated threat actors and more technologies to protect, cybersecurity incidents can quickly overwhelm an MSP and their end client and jeopardize protection of their client’s critical assets. Every second counts in a cyberattack, so having a team of security experts at a moment’s notice is a game-changing force multiplier for an MSP’s successful delivery of cybersecurity services. With this service, MSPs can confidently turn to ConnectWise to gain swift understanding and control of the situation to eradicate threats and prevent costly downtime.” Raffael Marty, General Manager, Cybersecurity, ConnectWise The ConnectWise Incident Response Service also aids in the recovery process with forensic examination of system data, user activity and artifacts of digital evidence to determine the extent of compromise and identify which threat actor might be involved. The ConnectWise Incident Response Service is available today to both ConnectWise partners and non-partners. About ConnectWise ConnectWise is the world's leading software company dedicated to the success of IT solution providers through our unmatched software, services, community. ConnectWise’s innovative, integrated, and security-centric platform – Asio™ - provides unmatched flexibility, automation, and scale that fuels profitable, long-term growth for our Partners. ConnectWise equips TSPs with cybersecurity solutions, unified monitoring and management solutions, and business automation solutions—all while providing industry-leading operational maturity offerings to accelerate business transformation.

Read More

Spotlight

Each quarter Prolexic publishes a wide variety of metrics gathered from distributed-denial-of-service (DDoS) attacks against its global client base, which includes over 100 financial services firms. This quarter showed a significant shift in tactics as DDoS perpetrators used more reflection attacks, which increased 265% over Q3 2012 and 70% over the previous quarter.

Resources