NETWORK THREAT DETECTION

Radware and CHT Security Team Up to Protect NCSoft Taiwan’s Product Launch During Massive DDoS Attacks

Radware | December 02, 2021

Radware a leading provider of cyber security and application delivery solutions, today announced that CHT Security, selected Radware’s DefensePro DDoS Protection solution to safeguard gaming publisher NCSoft Taiwan from massive DDoS attacks during a very popular game launch. CHT Security is Taiwan’s leading managed security service provider and a subsidiary of Chunghwa Telecom, the largest telco in Taiwan.

Supported by Radware’s data center protection and CHT Security’s comprehensive professional services, the leading global gaming company was able to mitigate the DDoS attacks and introduce its new game without incident.

“As we’ve expanded our business, we’ve seen a large increase in DDoS attacks in Taiwan in recent years,” said Jeff Hung, general manager for CHT Security. “Based upon our long-standing, positive experience, we selected Radware to ensure NCSoft Taiwan’s successful product launch and have increased the use of DefensePro to support our business. The key success factor to this joint effort is the combination of CHT Security’s defense expertise in real-time tuning and the cutting-edge features of Radware’s DefensePro to deliver high-quality and low-latency defense services against cyber threats.”

According to Radware’s recently published Q3 DDoS and Application Attack Report, the number of DDoS attacks blocked during the first nine months of 2021, already exceeded the total number of malicious events blocked in 2020. Gaming and telecom endured the highest attack volumes, accounting for over 50% of the total blocked volume in the third quarter of 2021.

“DDoS attacks are becoming more frequent, sophisticated, and dangerous,With the growing availability of attack tools and botnets, organizations need multi-layered DDoS protection backed by expert emergency response teams. We value our trusted relationship with CHT Security and are excited that it has chosen to safeguard its customers with our solutions.”

Yoav Gazelle, vice president of international sales for Radware

Radware’s DefensePro provides automated DDoS defense and protection from fast moving, high volume, encrypted, or very short duration threats. It defends against IoT-based, Burst, DNS, and TLS/SSL attacks to secure organizations against emerging network multi-vector attacks, ransom DDoS campaigns, IoT botnets, and other types of cyber-threats.

About CHT Security
Founded in 2017, CHT Security is a subsidiary company of Chunghwa Telecom, the largest telco in Taiwan. CHT Security is now the leading managed security service provider in Taiwan with rich experiences in information defense practices, and the R&D capabilities to deliver cyber security services and solutions, including security testing, SOC monitoring, incident response, and digital forensics, satisfying cybersecurity needs for enterprises and government institutions. CHT Security is ISO 20000, ISO 27001, and ISO 17025 certified, and was awarded the 2021 Taiwan Managed Security Services Company of the Year Award by Frost & Sullivan.

About Radware
Radware is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down.

Spotlight

HPE Gen 10 includes the HPE Silicon Root of Trust, which provides a level of protection at the control plane via iLO 5. One of the key changes HPE made in their own manufacturing supply chain is to design their own silicon that contains a fingerprint in the silicon from the factory so that detecting changes in the firmware is possible, with the added benefit of being able to recover the firmware and restore the OS and data on the server to a pre-compromised state. This helps prevent having to pay the ransom in ransomware attacks, as well as preventing needing to replace compromised hardware.


Other News
NETWORK THREAT DETECTION

SecurityScorecard Ignites European Adoption of Security Ratings Through Partnership with Exclusive Networks

SecurityScorecard | April 07, 2022

SecurityScorecard, the global leader in cybersecurity ratings, today announced a Pan-European exclusive distribution agreement with Exclusive Networks, a global cybersecurity specialist for digital infrastructure, to accelerate adoption of security ratings throughout Europe. The partnership, with Exclusive Networks owned specialist value-added distributor Ignition Technology, enables European organisations to instantly rate, analyze and continuously monitor their security risk, to harden their security postures. "The evolving geopolitical landscape is causing CISOs throughout Europe to reevaluate their cybersecurity postures, requiring them to have greater visibility across their attack surface than ever before. As the threat landscape expands, Exclusive Networks' expertise in helping disruptive cybersecurity solutions like SecurityScorecard breakthrough in EMEA will dramatically scale the number of European organizations that will be able to instantly improve their security postures through much needed data, visibility and insights." Jan Bau, VP, EMEA Sales, at SecurityScorecard SecurityScorecard provides comprehensive security ratings, automated assessments, and guidance from industry experts, providing easy-to-understand A-F graded scorecards for improved communication, effective compliance reporting and more informed decision making. The solution allows organisations to automate and accelerate questionnaire exchange with over 20 compliance survey templates and questionnaires at scale. "Exclusive Networks is focused on meeting customer and partner demand across Europe for the most impactful cybersecurity solutions on the market today," said Sean Remnant, Chief Strategy Officer, Exclusive Networks. "SecurityScorecard provides our network of customers and partners with instant visibility into their security postures and that of their vendors and business partners, to fully understand their true cyber risk." Exclusive Networks is a global trusted cybersecurity specialist for digital infrastructure driving the transition to a totally trusted digital future for all people and organisations. Located in 43 countries, with the ability to service customers in over 170 countries across five continents, Exclusive Networks has a unique 'local sale, global scale' model, combining the extreme focus and value of local independents with the scale and service delivery of a single worldwide distribution powerhouse. About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors.

Read More

WEB SECURITY TOOLS

Indusface Enhances its Web Application & API Protection (WAAP) platform AppTrana with Industry's First Risk-Based Protection to APIs

Indusface | May 19, 2022

Indusface, a leading application security SaaS company that continually detects security risks, provides real-time protection, and improves the performance of Websites and Applications, today announced that it is adding Risk-Based API Protection to its WAAP platform, AppTrana. APIs are the lifeline of the digital economy with many companies adopting the API-first approach. However, the growth of APIs is also opening up new risk vectors that they are not aware of. According to Gartner, more than 90% of applications have more attack surface exposed through API than UI and by 2022, API Abuse will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications. Indusface is revolutionizing the API security space by building on its API Protection capabilities. The company is doing so through the most comprehensive API protection to date by extending its risk-based approach to the same. "AppTrana's risk-based approach is unique and something that resonates with our customers. What customers are really interested in is knowing how well their application is protected based on the risk posture of their application. Building on this, we are now enhancing our API Protection capabilities by providing a risk-based approach to API security which we believe would revolutionize the market. With this, customers will be able to identify vulnerabilities found in their public APIs and quickly correlate how these are protected through API-specific policies and positive security policies applied in AppTrana providing the most comprehensive protection for APIs." Ashish Tandon, Founder and CEO, Indusface As with any security, you can protect only what you know and protection is as strong as the weakest link. The major challenges with APIs are discoverability and the ability to understand the context of APIs so that security can be tailored accordingly. It is to address these challenges that Indusface is enhancing its API protection in AppTrana. Collectively through a multi-step approach, customers get to discover APIs, understand risk posture and ensure comprehensive protection of APIs. With Indusface AppTrana's Risk-based API Protection, you get: To understand the risk posture of the APIs through unlimited automated API scans including manual tests for identifying business logic vulnerabilities. This enables organization to understand the weakest links of the APIs and get clear visibility around how these links are protected. Visibility into API traffic patterns and discovery of shadow APIs, so that you are no longer blindsided by what you don't know To protect APIs with API-specific rules written specifically to protect against OWASP Top 10 API vulnerabilities Behavioral-based protection against DDoS attacks on APIs by analyzing API traffic pattern Behavioral-based protection against BOT attacks Positive security for APIs through analysis of swagger (OpenAPI 2.0) files and creation of automated positive security policies Accurate, real-time view of vulnerabilities blocked by API specific rules, positive security policies, custom rules, and those that need fixes in the application About Indusface Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 3000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers' Choice' in all the 7 segments for Voice of Customer WAAP (Web Application and API Protection) Report 2022, is a "Great Place to Work" certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

Read More

DATA SECURITY

Noetic Cyber Partners with SentinelOne to address growing cybersecurity asset management challenges

Noetic Cyber | February 03, 2022

Noetic Cyber, a cloud-based continuous cyber asset management and controls platform, today announced a partnership with autonomous cybersecurity platform company SentinelOne (NYSE:S). This partnership delivers an end-to-end cybersecurity asset management solution that leverages SentinelOne's endpoint and cloud workload telemetry, combined and correlated with information from other information sources, to generate a high-fidelity, continuously updated, multidimensional map of all assets and their cyber relationships. The current fragmentation of IT management, DevOps and security tools makes it difficult for security teams to see all the assets in the business and to understand the relationships between them. In fact, 71% of global IT leaders admit to finding new endpoints in their environment on a weekly basis. Endpoint and cloud workload telemetry is a vital part of this information, providing high-fidelity, relevant insights into threats and cyber assets. The integration of SentinelOne Singularity XDR and the Noetic platform enables teams to extend the visibility, detection and endpoint insights of SentinelOne into a wider asset inventory and management architecture, maximizing their value. "We are very excited to be partnering with Noetic Cyber on this integrated solution," said Chuck Fontana, SVP of Business Development, SentinelOne. "There is a significant security challenge in not understanding the cyber risk of all assets in your environment. Together with Noetic, we're able to close that gap and ensure a hygienic cybersecurity environment for organizations across industries." The SentinelOne Connector for Noetic is an API-based integration. Joint customers install the SentinelOne Connector into the Noetic platform and provide it with API credentials to establish a bi-directional integration between the two platforms. The Noetic platform periodically polls SentinelOne, looking for information indicating new, updated or removed endpoints. This information is ingested, aggregated and correlated with information from other data sources, presented to security teams via innovative graph database technology. Pre-packaged queries and dashboards help analysts to uncover coverage and compliance gaps and hidden risks. The Noetic platform also includes a comprehensive automation workflow engine, which allows security teams to pre-determine corrective action, such as deploying the SentinelOne agent to unprotected machines, triggering a scan or disconnecting a machine from the network. "Through this innovative partnership with SentinelOne, we are able to jointly address security coverage gaps and automatically correct misconfigured endpoints that could otherwise leave organizations vulnerable,Leveraging the high-fidelity data provided by SentinelOne, Noetic provides unparalleled insights into your cyber assets, identifies security risks and uses automation to continuously close them." Paul Ayers, CEO of Noetic About SentinelOne SentinelOne's cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform. About Noetic Cyber Noetic Cyber enables security teams to make faster, more accurate decisions to detect coverage gaps and reduce cyber risk. The Noetic solution is a cloud-based Continuous Cyber Asset Management & Controls Platform that provides teams with unified visibility of all assets across their cloud and on-premises systems, and delivers continuous, automated remediation to close coverage gaps and enforce security policy. Noetic improves security tools and control efficacy by breaking down existing siloes and improving the entire security ecosystem. Founded in 2019, Noetic is based in Boston and London.

Read More

SOFTWARE SECURITY

GTT Launches Secure Connect to Enhance Enterprise Cloud Security

GTT | March 23, 2022

GTT Communications, Inc., a leading global cloud networking provider to multinational clients, has announced its new Secure Connect offering to extend and strengthen the protection of the enterprise network connecting to the internet and accessed by users from any location. The new service is based on the SASE framework and integrates with GTT Managed SD-WAN. GTT Secure Connect leverages a single cloud platform for agile and ubiquitous delivery of network security, offering a range of features that include CASB (Cloud Access Security Broker), SWG (Secure Web Gateway), ZTNA (Zero Trust Network Access) and FWaaS (Firewall as a Service) capabilities. GTT Secure Connect addresses the growing requirement for secure access to enterprise resources in an environment characterized by the widespread use of digital technologies, broad adoption of cloud applications and a remote workforce. GTT Secure Connect utilizes a cloud delivery model that provides centralized policy control at a site and user level for improved scalability and extends the security perimeter to any network endpoint. Additionally, the integration of security with the functionality of GTT Managed SD-WAN improves performance and simplifies network management. The comprehensive SASE-based feature set can be tailored to meet individual enterprise requirements for anti-virus, firewall and anti-malware protections, more effective blocking of malicious sites, augmented cloud security monitoring, and prevention of unauthorized access to network resources in a work-from-anywhere model. With GTT Secure Connect, network access is based on user, device and application identity — rather than the physical location or IP address — enabling seamless and secure networking between users, private, SaaS and public clouds, and the enterprise data center. “In an enterprise environment where digital business and the use of cloud applications has become more critical, coupled with the challenge of supporting a hybrid workforce and an intensifying cyber-threat landscape, customers are demanding network integrated security solutions that are comprehensive with an improved user experience. GTT Secure Connect has been designed to meet these customer requirements, leveraging our industry-leading SD-WAN capability combined with state-of-the-art, cloud-based security technologies, delivering a more effective and efficient solution that provides next-generation connectivity and protection managed all in one place.” Don MacNeil, GTT COO According to industry research firm Omdia, only 15 percent of enterprises globally have a fully developed approach to cybersecurity and digital risk. Further research by the firm shows that when SD-WAN is combined with security, enterprises report an extra boost in perceived value over just SD-WAN. “Omdia finds securing networks a consistent area of enterprise concern and investment. Enterprise network transformation needs to address the complexity of securing internet VPNs, cloud applications and a remote workforce,” said Cindy Whelan, practice leader, enterprise network services at Omdia. “GTT’s new Secure Connect brings together network and security, supported by professional services, to help enterprises with their security and performance needs in a period of rapid digital transformation and an intensifying cyber-threat landscape.” The underlying technology platform of GTT Secure Connect is Prisma® Access provided by Palo Alto Networks, an industry leader in global cybersecurity. GTT Secure Connect integrates Prisma Access with GTT’s software-defined networking solutions and global Tier 1 IP network. GTT Secure Connect is complemented by GTT Professional Services, which offers the technical expertise and operational experience to support the complete solution from initial design to installation and ongoing service management. This includes project management, technical management and incident management support. Through EtherVision, GTT’s unified customer management portal, GTT Secure Connect provides customers with the insights and control they need to operate their network and manage their security environment. About GTT GTT provides secure global connectivity, improving network performance and agility for your people, places, applications and clouds. We operate a global Tier 1 internet network and provide a comprehensive suite of cloud networking and managed solutions that utilize advanced software-defined networking and security technologies. We serve thousands of businesses with a portfolio that includes SD-WAN and other WAN services, internet, security and voice services. Our customers benefit from a customer-first service experience underpinned by our commitment to operational excellence.

Read More

Spotlight

HPE Gen 10 includes the HPE Silicon Root of Trust, which provides a level of protection at the control plane via iLO 5. One of the key changes HPE made in their own manufacturing supply chain is to design their own silicon that contains a fingerprint in the silicon from the factory so that detecting changes in the firmware is possible, with the added benefit of being able to recover the firmware and restore the OS and data on the server to a pre-compromised state. This helps prevent having to pay the ransom in ransomware attacks, as well as preventing needing to replace compromised hardware.

Resources