DATA SECURITY

Optiv Security Launches Next-Gen Managed XDR to Stop Threats Earlier in Attack Lifecycle, Minimize Business Impact

Optiv | August 09, 2021

Optiv Security, the leading end-to-end cybersecurity solutions partner, launched its Managed Extended Detection and Response (MXDR) offering at Black Hat USA 2021. The technology-independent offering enables clients to take rapid and decisive action against today's most critical cyberattacks and strengthen their security posture.

"Optiv MXDR brings simplicity, transparency and automation to clients' environments, enhancing existing defenses to counter known and emerging threats with confidence and speed," said David Martin, chief services officer for Optiv. "What's more, we can seamlessly leverage the power of Optiv to extend and layer the offering with a full suite of complementary services like remediation, incident response, threat hunting, and beyond."

Optiv MXDR is the only managed cloud-based, next-gen advanced threat detection and response service that ingests data across various layers of technologies to correlate, normalize, enrich, and enable automated responses to malicious activity in real-time. By automating incident investigation with actionable insights, organizations can detect threats faster and prioritize which threats to mitigate first, significantly reducing the attack surface.

"We know the threat landscape; both what's at stake and how to circumvent threat actors while significantly reducing time to detect and respond," said John Ayers, XDR vice president for Optiv. "We meet clients where they are and customize our continuously managed approach to ease the burden of the unknown and allow teams to detect, respond and remediate threats faster while also automating deeper investigation for future improvements."

Devo has been named a foundational partner in Optiv MXDR, delivering scalable, cloud-native logging and security analytics via the Devo Platform, enabling full visibility across cloud and on-premise environments for Optiv customers.

"Security teams are eager to learn more about XDR as they look to consolidate their security stack for greater efficiency and accuracy in threat detection and response," said Ted Julian, SVP of Product at Devo. "Two constraints have always stood in their way: lack of real-time access to historical data, and the inability to collect and analyze the massive data volumes associated with modern operational environments. Devo eliminates these concerns and is uniquely qualified to power solutions like Optiv's MXDR."

Optiv delivers threat management solutions to more than 60 percent of Fortune 500 companies. View the complete MXDR service brief and find out how organizations can enhance their security posture with Optiv.

Optiv Security: Secure your security.TM
Optiv is a security solutions integrator "one-stop" trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, cyber operations, identity and data management, and integration and innovation, helping organizations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment.

Spotlight

Are you aspiring to work in the cyber security industry but lack coding skills? Is it really a must-have skill to possess? Find out as Watchman explains the situation.


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

KnowBe4 Launches New Mobile Learner App for Anytime, Anywhere Cybersecurity Learning

KnowBe4 | November 29, 2022

KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it is launching the new KnowBe4 Mobile Learner App to empower end users by introducing security awareness and compliance training on the go at no additional cost to customers, improving user engagement and strengthening security culture. With a large majority of the world's population using smartphones today, mobile training revolutionizes the way people learn. This new app will enable end users to complete their security awareness and compliance training conveniently from their tablets or smartphones, giving them 24/7/365 access. "The KnowBe4 Mobile Learner App is the first of its kind to launch in the security awareness and compliance training space, making it easier than ever to train users while subsequently strengthening an organization's security culture. "This new app will enable IT and security teams to improve engagement and completion rates for required training thanks to a seamless user experience. This will also help users to associate security with their personal devices, keeping it top of mind all the time rather than only when they are at work on their computers. We are making this substantial new capability available at no additional cost to all subscription levels as a show of our commitment to supporting our customers' security and human risk management objectives." Stu Sjouwerman, CEO, KnowBe4 Based on subscription levels, KnowBe4 offers 100+ Mobile-First training modules that were designed specifically for mobile. The KnowBe4 Learner App supports push notifications for custom announcements, updates on assigned training as well as KnowBe4 newsletters. About KnowBe4 KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by more than 54,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Read More

PLATFORM SECURITY

Wib Forges Partnership with SecureIT to Accelerate API Security Across Nordics

SecureIT | December 14, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a strategic partnership with SecureIT to accelerate its go-to-market momentum across the Nordics region. Based in Iceland, SecureIT is a leading provider of cybersecurity compliance, consulting and managed services to international financial institutions, airlines, large retailers, utility, biotech and healthcare, as well as multiple entities in the critical infrastructure and the government. In the wake of its recent launch and $16 million funding, Wib is actively investing in building out an international channel ecosystem of specialist cybersecurity partners to expand its reach, drive growth and leverage growing market demand for API security. The partnership with SecureIT gives access to Wib's industry-first holistic API security platform and recently launched API PenTesting-as-a-Service (PTaaS) capabilities, helping organisations across the region identify API vulnerabilities, defend against the growing tide of API based attacks and meet increasingly API centric regulatory compliance standards such as PCI DSS. "Building out our channel ecosystem is a strategic priority for Wib as we look to scale our go-to-market presence across key international territories, SecureIT has a trusted brand and strong reputation across the Nordics region with a dynamic team of qualified and experienced security and compliance professionals. Its consultative-led approach, strong compliance expertise and managed services capabilities made them the ideal partner for us and we're looking forward to a mutually beneficial relationship." -Ran Ohayon, CRO at Wib. The Nordic countries are synonymous with innovation and entrepreneurship, with an early-adopter mentality and pioneering spirit when it comes to new technologies,"explained Magnús Birgisson, CEO at SecureIT. However, where innovation leads insecurity tends to follow. APIs are critical in driving the modern applications and innovative new web services many organisations use today, but many are undetected, unmanaged and unprotected, creating vulnerability and risk. Our mission is to deliver cyber resilience to our customers across the region and our partnership with Wib is a great addition to our portfolio and will help us achieve this mission. Wib's holistic API security platform provides complete visibility across the entire API landscape, from code to production. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. Wib's new PTaaS solution combined with its API security platform, is the only offering that provides complete visibility, automatic inventory, auto-generated API documentation, and simulated attacks against test and/or production systems. About SecureIT: SecureIT is a leader in cyber security consultation, compliance and managed security services. Founded in early 2017, SecureIT has worked with multiple international financial institutions, airlines, large retailers, utility, biotech and healthcare, as well as multiple entities in the critical infrastructure and the government. SecureIT focuses on providing exceptional quality services, and to help the customer reach and maintain the desired and necessary security posture. SecureIT offers tailored consultation, assessments and audits, security testing and verification services, risk management and cyber threat intelligence services, along with extensive 24/7 monitoring, detection and response services, managed endpoint protection, API security and DDoS mitigation assessments and simulations. Meeting compliance, contractual and regulatory requirements is critical in today's business environment. About Wib: Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety. Wib's elite team of developers, attackers, defenders and seasoned cybersecurity professionals draw on real-world experience and expertise to help define and develop innovative technology solutions that enable customers with the identity, inventory and integrity of every API, wherever it may be within the development lifecycle, without compromising development or stifling innovation.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

Balbix | November 17, 2022

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the general availability of support for Google Cloud Platform (GCP). Security teams can now use Balbix to easily quantify, prioritize and mitigate risks in their Google Cloud environments. With this announcement, Balbix has also extended its Cyber Asset Attack Surface Management (CAASM) solution to support multi-cloud environments that span both GCP and Amazon Web Services. The rapid move to the cloud has made IT environments more complex to manage and secure. As a result, security teams struggle to get a consolidated view of risk. Yet, 63 percent of organizations say they look at security posture in the cloud separately from on-premises, according to Cybersecurity Insiders' 2002 State of Security Posture Report. "Our customers' environments can include over 1 million assets, spread across multiple clouds and their own facilities. Managing an attack surface this large is no longer a human-scale problem. "With Balbix's new support for GCP, our customers can use automation to manage cybersecurity posture across more of their environment." Gaurav Banga, Founder and CEO of Balbix Cyber Security Posture Automation for Google Cloud Platform Balbix now provides support for popular Google Cloud services, including Compute Engine, Cloud Storage, Cloud SQL, Google Kubernetes Engine (GKE) Cluster & Deployments, Cloud Functions, Cloud Key Management Service (KMS), Pub/Sub and Secret Manager. As a result, Balbix customers with Google Cloud environments can use automation and advanced analytics to: Get comprehensive, near real-time visibility of their Google Cloud assets. Combine data from Google Cloud with their other IT and security tools to gain security and business context for their assets. Discover misconfigurations – the most exploited attack vector for the cloud – as well as unpatched software vulnerabilities, weak credentials and trust issues. Measure risk in terms of breach likelihood and business impact in order to prioritize remediation. Calculate and report on cyber risk quantified in dollars (or other currencies) instead of risk scores Cyber Asset Attack Surface Management for Multi-Cloud Environments The addition of support for GCP extends Balbix's CAASM solution to multi-cloud environments. Security practitioners no longer need to use multiple tools or combine data manually from these tools in a custom spreadsheet to understand their security posture. They can see the relationships between assets, applications and users no matter where the assets are in the cloud or on-premises. They can also identify any gaps in coverage for security controls. Balbix provides more than just visibility. Unlike other vendors, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) solutions so security teams are able to immediately take action to reduce their cyber risk. They can continuously identify, prioritize and mitigate security issues as they emerge, while quantifying and tracking residual cyber risk in dollars. Daily cybersecurity decisions – operational as well as executive – can be made using a unified and up-to-date view of cyber risk. "By adding support for Google Cloud, Balbix has broadened its risk model to be inclusive of multiple public cloud platforms and allowed organizations to better measure their overall cyber risk," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "Customers can leverage this unified risk model to quantify cyber risk by business unit, geography, site, asset type or business owner – and quickly remediate those risks." The API-based Balbix Connector for Google Cloud Platform collects asset inventory and misconfiguration data and is available now. Visibility into other types of vulnerabilities is provided by optional Balbix sensors. These sensors also catalog the software bill of materials (SBOM) of applications running in GCP. Data collected by Balbix connectors and sensors is automatically deduplicated, correlated and inferenced to provide security teams with an accurate and unified view of risk. About Balbix Balbix enables businesses to reduce cyber risk by identifying and mitigating their riskiest cybersecurity issues faster. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate inventory of their cloud and on-premise assets, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data not opinions.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Fordefi Raises $18M Seed Round to Launch Institutional DeFi Wallet and Security Platform

Fordefi | November 09, 2022

Fordefi, a financial technology and software company, today announced an $18 million seed round and the public launch of its institutional MPC wallet built for transacting on decentralized applications (dApps). Led by Lightspeed Venture Partners, the investors of the firm's initial capital raise also include Electric Capital, Alameda Research, Jump Crypto, Castle Island, Pantera Capital, Illuminate Financial, PayPal Alumni Fund, Nima Capital, Digital Currency Group, Defiance Capital and StarkWare. "The Fordefi team is bringing to market a solution that addresses two of the biggest challenges in DeFi today: institutional-grade security and smart contract transparency," said Sam Harrison, Senior Advisor at Lightspeed Venture Partners and Managing Partner at Faction. "We are excited to support an experienced team bringing a powerful solution to market that directly solves pain points that have held institutions back from achieving the full potential of decentralized finance." "Wallet hacks made major headlines this year. Until now, decentralized finance was missing a secure, stable, and seamless way to connect to dApps," said Ken Deeter, Partner at Electric Capital. "Fordefi's single-browser extension paired with a top-notch institutional grade MPC wallet platform will unlock opportunities across DeFi for all crypto-native institutions. We're excited to be part of Fordefi's journey, as an investor, design partner and customer." Introducing the Fordefi Platform Co-founders Josh Schwartz, CEO, Dima Kogan, CTO, and Michael Volfman, Vice President of Research and Development, began developing the Fordefi platform in 2021, an unprecedented year for crypto adoption, as institutions took notice of the explosive growth and massive volumes of digital assets moved into the markets. A boom in the development of new blockchains and decentralized applications created opportunities for investing that institutions could not safely participate in, as available wallets had been designed years before and lacked the technology to securely and confidently connect them. "Decentralized finance is evolving quickly and its complexities require a dynamic solution," said Schwartz. "Legacy wallet providers are unable to meet the needs of institutions that want to access the new opportunities DeFi has created while ensuring their assets are protected. Fordefi has taken a DeFi-first approach and has built a solution engineered for how clients interact with dApps." "DeFi transactions are much more complex than simple asset transfers, and that's the key to DeFi's exciting new opportunities," said Kogan. "Unfortunately, this complexity also brings with it many new security risks. Fordefi enables institutions to interact with DeFi applications with increased operational efficiency and security through in-depth visibility into each transaction and the ability to set the right controls." A first of its kind wallet and security platform, Fordefi enables market participants to easily and securely connect to decentralized applications. Fordefi's platform is the only institutional MPC wallet on the market built for firms transacting on decentralized applications across blockchains. The solution delivers a previously unavailable degree of insight into transactions, translating smart contracts into language that users can understand, simulating every transaction in advance and independently verifying dApp names. Its advanced MPC key management capabilities are built to protect against any single point of failure, and the platform's unique policy management capabilities offer users the ability to create and define their own workflows, proactively protecting themselves from both internal and external vulnerabilities. "Fordefi has been a tremendous addition to our DeFi workflow. We've seen accelerated deployment efficiency across a comprehensive set of on-chain opportunities, alongside enhanced user intuitiveness and without compromising security." Shane Al, Head of Investments at Arc Capital and Fordefi design partner. "The Fordefi platform provides robust solutions for institutions to access thousands of DeFi opportunities with the highest levels of security. The platform is extremely customizable and allows us to manage our own policies and controls, ensuring a balance between flexibility and security - crucial for liquid fund strategies." Jacob Goh, Head of Operations & Investor Relations at DeFiance Capital, Fordefi investor and design partner. About Fordefi Fordefi's MPC wallet platform and Web3 gateway enables institutions to seamlessly connect to dApps across a wide range of chains while keeping digital assets secure. Fordefi is the first institutional MPC wallet and security platform built for decentralized finance (DeFi), offering MPC key management, self-serve DeFi policy controls, time-of-transaction smart contract insights, transaction simulation and risk alerts. Fordefi was founded in 2021 by crypto custody and cybersecurity experts, and designed in close collaboration with industry-leading trading firms, funds and custodians. Fordefi is a financial technology and software company with offices in New York and Tel Aviv. About Fordefi's Founders Josh Schwartz, Dima Kogan and Michael Volfman founded Fordefi after establishing themselves with decades of experience as leaders in crypto, cybersecurity, and financial services. Schwartz served as Chief Operating Officer at Curv, an institutional MPC wallet acquired by PayPal in 2021, and was Vice President of Sales at digital custody platform BitGo. Dr. Kogan's career spans more than 15 years in academia, industry and government. He received his PhD from Stanford with a specialization in applied cryptography and was awarded the "Best Young Researcher" prize at Eurocrypt 2018, the Theory of Cryptography Conference 2019, and Eurocrypt 2020. Volfman is an engineering manager with 20 years of experience in cybersecurity, serving as Vice President of R&D at Toka, was Chief Technology Officer and co-founder of an edtech startup, and a Director at Guardicore.

Read More

Spotlight

Are you aspiring to work in the cyber security industry but lack coding skills? Is it really a must-have skill to possess? Find out as Watchman explains the situation.

Resources