NETWORK THREAT DETECTION

Radware and CHT Security Team Up to Protect NCSoft Taiwan’s Product Launch During Massive DDoS Attacks

Radware | December 02, 2021

Radware a leading provider of cyber security and application delivery solutions, today announced that CHT Security, selected Radware’s DefensePro DDoS Protection solution to safeguard gaming publisher NCSoft Taiwan from massive DDoS attacks during a very popular game launch. CHT Security is Taiwan’s leading managed security service provider and a subsidiary of Chunghwa Telecom, the largest telco in Taiwan.

Supported by Radware’s data center protection and CHT Security’s comprehensive professional services, the leading global gaming company was able to mitigate the DDoS attacks and introduce its new game without incident.

“As we’ve expanded our business, we’ve seen a large increase in DDoS attacks in Taiwan in recent years,” said Jeff Hung, general manager for CHT Security. “Based upon our long-standing, positive experience, we selected Radware to ensure NCSoft Taiwan’s successful product launch and have increased the use of DefensePro to support our business. The key success factor to this joint effort is the combination of CHT Security’s defense expertise in real-time tuning and the cutting-edge features of Radware’s DefensePro to deliver high-quality and low-latency defense services against cyber threats.”

According to Radware’s recently published Q3 DDoS and Application Attack Report, the number of DDoS attacks blocked during the first nine months of 2021, already exceeded the total number of malicious events blocked in 2020. Gaming and telecom endured the highest attack volumes, accounting for over 50% of the total blocked volume in the third quarter of 2021.

“DDoS attacks are becoming more frequent, sophisticated, and dangerous,With the growing availability of attack tools and botnets, organizations need multi-layered DDoS protection backed by expert emergency response teams. We value our trusted relationship with CHT Security and are excited that it has chosen to safeguard its customers with our solutions.”

Yoav Gazelle, vice president of international sales for Radware

Radware’s DefensePro provides automated DDoS defense and protection from fast moving, high volume, encrypted, or very short duration threats. It defends against IoT-based, Burst, DNS, and TLS/SSL attacks to secure organizations against emerging network multi-vector attacks, ransom DDoS campaigns, IoT botnets, and other types of cyber-threats.

About CHT Security
Founded in 2017, CHT Security is a subsidiary company of Chunghwa Telecom, the largest telco in Taiwan. CHT Security is now the leading managed security service provider in Taiwan with rich experiences in information defense practices, and the R&D capabilities to deliver cyber security services and solutions, including security testing, SOC monitoring, incident response, and digital forensics, satisfying cybersecurity needs for enterprises and government institutions. CHT Security is ISO 20000, ISO 27001, and ISO 17025 certified, and was awarded the 2021 Taiwan Managed Security Services Company of the Year Award by Frost & Sullivan.

About Radware
Radware is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down.

Spotlight

The Department of Business, Innovation and Skills has released the 2013 Information Security Breaches Survey. It makes for pretty depressing reading. It seems that cyber criminals are lasering in on both large and small businesses, with SMEs increasingly vulnerable.This infographic counts the cost of a “worst-case” breach for both small or large businesses.


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training

Veristor Systems, Inc. | September 28, 2022

Veristor Systems, Inc., a trusted provider of transformative business technology solutions, and SANS Security Awareness, the global leader in providing security awareness training, today announce that Veristor has become a certified provider of SANS Security Awareness' comprehensive suite of products to enable a data-driven approach to cybersecurity training for an organization's end users. "Researchers from Stanford University found that as much as 88% of all data breaches are caused by an employee mistake. "This shows that end users are the most critical vulnerability gap in today's enterprise. Yet if properly trained, they can also be the most resilient security defense – a human firewall. Together with the experts from SANS Security Awareness we are helping customers guard their environments with an army of well-trained employees. With proven training to spot and act when suspicious activity arises, users can take an active role in preventing the growing wave of cyberattacks." Daniel Martin, Principal Security Consultant, vCISO, Veristor The SANS Security Awareness suite of dynamic multilingual computer-based training, games, phishing simulations, and engagement materials teach vital security behaviors to effectively manage human cyber risk. With different training styles to match different corporate cultures, employee comprehension levels, and learning preferences, SANS Security Awareness training equips workforces to recognize and prevent current cyberattacks, including work-from-home threats. The platform delivers valuable metrics to measure the effectiveness of each program, and customization features to tailor training to meet specific organizational needs." With some groups requiring even greater specialized training, in addition to addressing core human behavior risk topics, SANS Security Awareness also offers secure development and coding techniques, understanding NERC CIP compliance requirements, and handling Industrial Control Systems (ICS) incidents. "We are very pleased to be partnering with the cybersecurity experts at Veristor to provide the SANS Security Awareness program to their customers," said Brad Stilling, Director of Global Sales for SANS Security Awareness. "Regular awareness training is an essential activity for organizations looking to ensure security and compliance. When employees feel informed and empowered to recognize and address cyber risks, they can protect the organization. With SANS Security Awareness, Veristor customers are now better positioned to detect and prevent cyber-attacks." For organizations starting their awareness training journey, Veristor delivers a SANS Human Risk Insight assessment to identify program cost reductions, eliminate unneeded staff training, and create risk metrics to baseline and benchmark an organization's human cyber risk. The SANS Security Awareness training solutions are now offered as a part of Veristor's suite of security solutions that are designed to solve business challenges through the intelligent application of next-generation security technology. About Veristor Systems, Inc. Veristor, which recently announced a merger with Anexinet, is a leading provider of transformative business technology solutions that helps its customers accelerate the time-to-value for the software, infrastructure and systems they deploy. We do this by harnessing deep expertise in today's most advanced data center, security, networking, hybrid cloud, and big data technologies and guiding businesses to the right solutions for their most pressing challenges. And with a full suite of design, deployment, support, and managed service offerings, we work shoulder-to-shoulder with our customers at every step of their technology journey to make technology truly work for them. About SANS Security Awareness SANS Security Awareness provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their human cybersecurity risk. SANS Security Awareness has worked with over 1,300 organizations and trained over 6.5 million people around the world. The SANS Security Awareness program offers globally relevant, expert authored tools and training to enable individuals to shield their organization from attacks and a fleet of savvy guides and resources to work with you every step of the way.

Read More

DATA SECURITY,PLATFORM SECURITY

Orange and Netskope Partner on Carrier-class Connectivity and SSE Services for a Secure, Cloud-smart Platform

Orange Cyberdefense | September 23, 2022

Orange Business Services, a global network-native digital services company, Orange Cyberdefense, a leading cybersecurity services provider, and Netskope, a leader in secure access service edge (SASE), are partnering to deliver a new SSE (Security Service Edge) solution embedded into the Orange Telco Cloud Platform. The enhanced solution is designed to deliver optimal performance with maximized security, meaning enterprises will no longer need to find a compromise between the two. A decade of shifting to cloud and mobile computing, along with the ever-present demands of hybrid work environments, have put security and networking requirements on a collision course. While SSE addresses the security challenges, enterprises need to incorporate them into overarching connectivity strategies to realize the full benefits of SASE. The partnership will leverage Orange Cyberdefense’s security expertise and Netskope’s global security private cloud footprint and SSE leadership, enabling Orange Business Services to deliver consistent internet security on and off the network. This will help protect enterprise customers from data loss and the growing volume of sophisticated threats across cloud, web and private applications, with the full attributes of a cloud-native platform. The co-managed solution will reduce complexity for enterprises, providing continuously updated cloud security via the Orange Business Services Telco Cloud Platform. Telco Cloud Platform is a revolution in the way networks are built, run, and managed with enhanced performance. The software-defined approach optimized for telco workloads allows for greater agility and cost reduction. Securing an enterprise’s most important assets: people and data This innovative hybrid architecture embeds Netskope’s points-of-presence (POPs) within the Orange network, strengthening the Orange customer value proposition by delivering the benefits of the Orange network, including speed and agility, while enabling customers to tap into the power of Netskope Intelligent SSE. Netskope Intelligent SSE provides granular visibility and real-time data and threat protection for cloud services, websites, and private apps accessed from anywhere, on any device. “Cloud transformation and hybrid work models mean that traditional security architectures are no longer effective or efficient. Plugging our market leading platform into Orange’s network will enable Orange to significantly increase its offering to enterprises looking to secure data without limiting business productivity.” Sanjay Beri, CEO, Netskope “Increasingly enterprises are using the internet as their only WAN transport, even in a growing threat landscape. Working together we are delivering Orange customers a SASE-ready WAN edge while upgrading the security of the enterprise’s network without downgrading the user experience.” says Hugues Foulon, CEO, Orange Cyberdefense. “This innovative partnership is an important part of our Evolution Platform concept designed to simplify connectivity, cloud, and security and support business outcomes from end-to-end, providing real-time protection for our users, their applications, and data, wherever they are. It underscores our position as a trailblazer in SSE and managed services, providing the right balance of performance, speed, and protection to our customers,” adds Aliette Mousnier-Lompré, CEO, Orange Business Services. About Orange Business Services Orange Business Services is a network-native digital services company and the global enterprise division of the Orange Group. It connects, protects, and innovates for enterprises worldwide to support sustainable business growth. Leveraging its connectivity and system integration expertise throughout the digital value chain, Orange Business Services is well placed to support global businesses in areas such as software-defined networks, multi-cloud services, Data and AI, smart mobility services, and cybersecurity. It securely accompanies enterprises across every stage of the data lifecycle end-to-end, from collection, transport, storage and processing to analysis and sharing. About Netskope Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

DATA SECURITY,NETWORK THREAT DETECTION,PLATFORM SECURITY

Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch

Pathlock | September 27, 2022

Pathlock, the leading provider of application security and controls automation for critical business applications, today announced the acquisition of Grey Monarch, a UK-based specialist SAP Partner dedicated to SAP Process Automation. The acquisition will strengthen Pathlock's vision of providing the industry's most complete 360-degree platform for application security and controls automation for the SAP ecosystem. Since 2008, Grey Monarch has developed expertise in SAP Security, Segregation of Duties, SAP Licence Optimization, SAP Background Processing Automation and Secure Managed File Transfer. With this acquisition, the SAP community will benefit from the very best SAP Process Automation advice, implementation skills, and software and training capabilities, improving levels of security, enhancing their users' experience and streamlining audit, compliance and control procedures. "It's now more imperative than ever for organizations to utilize a holistic view of user access and privileges so they can be managed, monitored and controlled to ensure the maximum protection of data, business processes and intellectual property," said David Lloyd, Director and Co-Founder, Grey Monarch. "Combining Grey Monarch's capabilities with the Pathlock family of expertise, resources and product portfolio will provide our customers, existing and new, with an unsurpassed visibility into their business applications." "We're thrilled to complete the acquisition of Grey Monarch. "We continue to see a strong demand for our globally recognized application security and controls automation solutions, and know that with Grey Monarch's specialization in SAP process automation we can continue to enable our global customers to revolutionize the way they secure their sensitive financial and customer data." Piyush Pandey, CEO of Pathlock In May 2022, Pathlock announced a $200M capital raise sponsored by Vertica Capital Partners alongside a merger with Appsian and Security Weaver and the acquisition of Belgium-based CSI Tools and Germany-based SAST SOLUTIONS. The company has successfully doubled in size in terms of revenue and employees and is now servicing over 1,400 customers across all major industries on a global scale with offices across the United States, Belgium, the UK, Germany, Israel and India. About Pathlock Pathlock is the leader in application security and controls automation. With Pathlock, enterprises can manage all aspects of access governance via a single platform, across applications, including user provisioning, ongoing User Access Reviews, segregation of duties, control testing, and audit preparation. Today, many of the world's most respected, global 2000 companies rely on Pathlock to protect their critical digital assets from financial, operational, regulatory and security threats, ensure corporate compliance and improve performance. Our customers have saved millions in employee productivity, labor costs, audit fees and data loss prevention.

Read More

DATA SECURITY

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

HYAS | August 10, 2022

Leading security technology firm HYAS Infosec — whose proactive solutions ensure that businesses can keep moving full forward in our ever-changing world — today announced the general release of its newest product, HYAS Confront, a cybersecurity solution offering complete visibility into every corner of a production environment. HYAS will be demoing Confront at Black Hat USA in Las Vegas from August 8 to August 11. Production environments are increasingly becoming a target for bad actors, as they want their attacks to cause as much disruption as possible. Afterall, if a company’s production environment is rendered inoperable, its ability to generate income is shut down. HYAS Confront addresses this growing issue by giving DevSecOps teams complete visibility into their production environment. HYAS Confront finally gives them a definitive picture of which devices on their network are communicating with one another, which devices are sending traffic outside the network, and how often and to whom they are sending it. HYAS Confront also automatically identifies communication to known command and control servers as well as other risks and threats. “We have gotten an excellent response from our first customers, who began using the service during development and testing. “We are extremely proud of the solution we have brought to market and the vital role it fulfills in providing complete network visibility.” HYAS CEO David Ratner Most cybersecurity solutions on the market today focus on protecting the perimeter of your network, but unfortunately, regardless of the strength of your outward-facing security posture, you will be breached at some point. The numbers bear this out, with 97 percent of companies reporting having experienced a successful cybersecurity breach at some point. However, even if bad actors sneak past your perimeter security, they can’t hide from the foundational network monitoring provided by HYAS Confront. Once deployed, a process that usually takes less than 30 minutes, it establishes a baseline of normal, healthy network traffic. With this data, HYAS Confront can recognize aberrations from normal traffic patterns that could indicate a problem. When such an anomaly is discovered, Confront alerts administrators so they can take appropriate action. But the benefits of full production environment visibility doesn’t end with security. HYAS Confront can also reveal issues like misconfigurations, violations of policies or controls, and incomplete removal of malware after an attack. One of the most difficult aspects of incident response is ensuring that the environment is actually clean again, and HYAS Confront’s visibility can play a vital role in that process. It can also be a useful tool for understanding service assurance. This innovative solution integrates seamlessly with other network management and security infrastructure, working alongside them to enhance the value of these pre-existing investments. This improves overall network health, preventing problems down the road and giving businesses the confidence to move forward at full speed. “Production environments are so critical to a company’s ability to function, and unfortunately, no matter how strong your perimeter is, bad actors will eventually find a way in,” said Ratner. “HYAS Confront’s distinctive ability to detect anomalies within your production environment ensures that even in these cases, you can uncover the problem before it does damage, letting businesses operate confidently and without fear of costly interruptions.” About HYAS HYAS is a valued partner and world-leading authority on cyber adversary infrastructure and communication to that infrastructure. We help businesses see more, do more, and understand more about the nature of the threats they face — or don’t even realize they are facing — in real time. HYAS’s foundational cybersecurity solutions and personalized service provide the confidence and enhanced risk mitigation that today’s businesses need to move forward in an ever-changing data environment.

Read More

Spotlight

The Department of Business, Innovation and Skills has released the 2013 Information Security Breaches Survey. It makes for pretty depressing reading. It seems that cyber criminals are lasering in on both large and small businesses, with SMEs increasingly vulnerable.This infographic counts the cost of a “worst-case” breach for both small or large businesses.

Resources