DATA SECURITY, PLATFORM SECURITY

SCYTHE New Version 4.0 Enhances Collaboration Across Multiple Security Team Roles

SCYTHE | September 09, 2022 | Read time : 03:00 min

SCYTHE
SCYTHE, a leader in adversarial emulation, announced the release of version 4.0 of the company’s flagship cybersecurity platform, offering new features and functionality that will extend capabilities for greater collaboration between blue, red, and purple teams. SCYTHE runs real-world adversary emulations that help security teams reduce detection and response rates, validate controls, and optimize resources by enabling teams to prioritize vulnerabilities, and focus on the highest risk issues to the business. Its scalable platform automates adversary emulations and expands your team’s threat intelligence skills so that you can multiply your cybersecurity team’s velocity and reduce cybersecurity risk.

SCYTHE has the largest, public library of threats in the breach attack simulation industry and has more capabilities than all other competitors combined as shown by Tidal Cyber’s Community Edition of their SaaS threat-informed defense platform.

With a redesigned UI, SCYTHE 4.0 makes threats easier to manage by bringing campaign details to the surface, allows for greater communication between team members, and makes it simpler to take action via Jira integrations—all available as an on-prem or SaaS offering. Through automation, communication, and integrations, SCYTHE 4.0 is designed to help security teams collaborate, as a purple team, on adversary emulation.

“The new SCYTHE 4.0 platform sets a new standard for adversary emulation automation for offensive, defensive, and hybrid purple teams to help customers strengthen defenses, share actionable data between teams to better resolve real-world cybersecurity concerns quickly, and improve collaboration,” said Stephanie Simpson, VP, Product. “Version 4.0 is based on feedback from our customers and prospects about what they need to optimize their teams’ breach and attack simulation (BAS) capabilities.”

In addition to this, SCYTHE’s Cyber Threat Intelligence (CTI) Team just released offerings that are complementary to the SCYTHE platform capabilities and services that can serve as an extension of your security team. This includes emergency action emulation plans, custom plans, cloud-focused plans, and emulation plans covering more diverse tactics, techniques and procedures.

What’s New With 4.0?

SCYTHE version 4.0 was designed to enhance collaboration within security teams and improve the user experience. These updates include:

  • Collaboration features — SCYTHE enables greater collaboration between blue, red, and purple teams to create and leverage existing adversary emulation plans. The updated, user-friendly dashboard clearly displays outcomes and severity of campaign results. Users can have different access levels to create and personalize realistic attacks or re-run existing attacks. In-platform messaging now allows for better and faster communication between users.
  • Workflow automation — Users can take a more collaborative team approach and seamlessly share actionable insights through a Jira integration.
  • SaaS and on-prem — Previously an exclusively on-prem solution, SCYTHE 4.0 now has a SaaS offering available to provide flexibility to customers in any type of environment.

SCYTHE 4.0 will be available for customers in Q4.

About SCYTHE
SCYTHE is like hiring the hacker you always wanted, but could never afford. SCYTHE transforms your organization’s capabilities and defines a new technology category: Attack, Detect, and Respond to integrate cybersecurity risk management across people, process, and technology. The SCYTHE 4.0 platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns. Customers can easily and quickly validate the risk posture and exposure of their business and employees and the performance of enterprise security teams and existing security solutions.

Spotlight

The SolarWinds breach provides a useful reminder that modern adversaries, both cybercriminals and hostile state-actors, continue to innovate and evolve in sophistication, guile, and persistence. They are using the same advanced tools in the development of their attacks – heuristics, machine learning, artificial intelligence, inc


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform

SaaS Alerts | September 12, 2022

SaaS Alerts, the cybersecurity company purpose-built for Managed Service Providers (MSPs) to protect and monetize their customers' core business SaaS applications, announced today that it has secured a $22 million growth investment from global software investor Insight Partners to accelerate the growth of its SaaS Security monitoring and response platform. The accelerated rate of SaaS Application adoption by businesses, driven by the need to provide collaboration and productivity tools to remote workforces and for more centralized and tightly controlled business data resources, has elevated awareness and critical concern for major threat vectors and security gaps that exist in SaaS Application security. These security concerns present opportunities for MSPs to better safeguard their clients while offering SaaS security services that drive profitable new revenue streams. SaaS Alerts was designed to help MSPs monitor and protect their customers' usage of today's most popular SaaS applications such as Microsoft 365, Google Workspace, Salesforce, Dropbox and more – and to safeguard against security threats to a business' SaaS environment such as data theft, data that's at risk due to unintentional employee mishaps and actions taken by bad actors. "We couldn't be more excited to partner with Insight Partners and we see their investment in SaaS Alerts as a monumental endorsement for what we have built and what we intend to build as we collaborate going forward. "I'm very proud of our team for reaching this milestone and look forward to working with Insight to continue to build value for our MSP partners and stakeholders." Jim Lippie, CEO of SaaS Alerts "SaaS applications have become essential for businesses of every size and MSPs need the ability to better protect those applications on behalf of their customers. SaaS Alerts has pioneered SaaS security for MSPs and has a clear vision for how detecting and correlating abnormal user behavior can greatly impact the MSP industry," said Philine Huizing, Principal at Insight Partners. "We're excited to partner with SaaS Alerts as the company scales to address this unique opportunity." About SaaS Alerts SaaS Alerts is the cybersecurity company purpose-built for MSPs to protect and monetize customers' core SaaS business applications. SaaS Alerts offers a unified, real-time monitoring platform for MSPs to protect against: data theft, data at risk and bad actors and integrates with the most popular SaaS Applications. Learn more at www.saasalerts.com. About Insight Partners Insight Partners is a global software investor partnering with high-growth technology, software, and Internet startup and ScaleUp companies that are driving transformative change in their industries. As of June 30, 2022, the firm has over $80B in regulatory assets under management. Insight Partners has invested in more than 700 companies worldwide and has seen over 55 portfolio companies achieve an IPO. Headquartered in New York City, Insight has offices in London, Tel Aviv, and Palo Alto. Insight's mission is to find, fund, and work successfully with visionary executives, providing them with practical, hands-on software expertise to foster long-term success. Insight Partners meets great software leaders where they are in their growth journey, from their first investment to IPO.

Read More

DATA SECURITY, ENTERPRISE IDENTITY, ENTERPRISE SECURITY

SyncDog Announces Partnership with 3Eye Technologies to Expand Access to Mobile Endpoint Security Technology

SyncDog Inc. | October 28, 2022

SyncDog, Inc., the leading Independent Software Vendor (ISV) for next generation mobile security and data loss prevention, today announced a partnership with 3Eye Technologies to develop a smarter, more advanced offering for its mobility and cloud strategy to accelerate sales initiatives. SyncDog's Secure.Systems™ Workspace offers companies and government organizations a more secure and scalable solution for addressing all the challenges that go along with enabling employees on mobile devices—with immediate opportunities around helping to bring organizations into compliance with the federal government's CMMC 2.0 framework and other security & privacy regulatory standards. The rising popularity and rapid adoption of hybrid work models means that employees are empowered to conduct their work from wherever they are and on whatever device they have on hand–even personally owned (BYOD) devices. However, hybrid and remote work policies emphasize the importance of having robust data protection and endpoint security solutions. Now, more than ever, the ability for both private and public sector institutions to achieve compliance and adopt the cybersecurity and data protection standards outlined in industry frameworks is more critical than ever, as evidenced by the federal government's push to implement CMMC 2.0. In accordance with CMMC and other federally regulated requirements, SyncDog's unified Trusted Mobile Workspace provides a holistic, zero-trust approach that helps bring organizations into compliance with the federal government's CMMC framework along with other broadly recognized regulatory standards. "We are excited to partner with 3Eye to offer even more organizations a smarter and more efficient approach to a secure mobility architecture. A particularly compelling opportunity will be in enabling government employees and federal contractors to collaborate in real-time outside the office in a secure way – even while using BYOD/Personal devices – and still complying with CMMC 2.0 regulations. "This partnership will help broaden the range of organizations securely transferring data between the device and organization's secure network and provide reassurance that devices and processes they are following and implementing adhere to necessary regulations." Brian Egenrieder, Chief Revenue Officer at SyncDog "The prevalence of hybrid and remote work has IT and security teams grappling with ever evolving and complex cybersecurity challenges. This widespread workforce shift has made the need for enterprise mobility more important than ever, but these challenges are only exacerbated by the lack of robust mobile security strategies," said Conor MacFarlane, President and CEO of 3Eye Technologies. "SyncDog technology protects sensitive data no matter what device it is on, making it easier for people to conduct business securely. It's a terrific addition to our portfolio of highly advanced mobility and security technologies." 3Eye Technologies is a mobile-first distributor, who partners with best of breed vendors to provide the highest quality mobility, security, and identity solutions to deliver cutting-edge technologies through its reseller database. SyncDog will leverage 3Eye Technologies' distribution capabilities to build upon their growing market presence and connect SyncDog with more customers across new commercial markets and regions. About SyncDog Inc. SyncDog is the leading ISV for building mobile frameworks that extend app functionality to devices while securing corporate and government networks from mobile-endpoint threats. SyncDog's flagship solution, Secure.Systems, delivers a rich and unimpeded mobile experience for employees working remotely, and supports a multitude of enterprise productivity apps within a NIST-certified (FIPS 140-2 cert. #2687) workspace. Secure.Systems is ideal for organizations that want to deliver a rich mobile app experience across BYOD, CYOD (choose your own device), or other endpoint device policy. Secure.Systems is a natural complement to security and compliance auditing initiatives to satisfy the mandates of CMMC, HIPAA, GDPR, PCI DSS, GLBA, FISMA, and other laws/standards for data security. About 3Eye Technologies 3Eye Technologies is a value-added distributor of mobility, security, and identity solutions, committed to helping our partners identify, configure, and deliver solutions that enable seamless and secure work, wherever work gets done.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,SOFTWARE SECURITY

Wib Raises $16 Million Investment to Accelerate Growth and Tackle Rising API Security Problem

Wib | November 08, 2022

Wib, the fast-growth cybersecurity startup pioneering a new era in API security, today announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars and existing investors. The investment will be used to enhance Wib's pioneering holistic API security platform and accelerate international growth as it expands operations across the Americas, UK and EMEA. API security is one of the biggest challenges facing CIOs today. Traditional API security solutions are siloed and fragmented, leaving CIOs with a choice of multiple point products or bolt-on integrations to create a patchworked solution. This results in increased cost and complexity, reduced visibility and control, and greater exposure to risk. Wib's holistic API security platform is the only solution to provide complete visibility across the entire API landscape, from code to production, helping unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. By delivering rigorous real-time inspection, management, and control at every stage of the API lifecycle, Wib can automate inventory and API change management; identify rogue, zombie and shadow APIs and analyse business risk and impact, helping organisations to reduce and harden their API attack surface. "APIs have become the Achilles heel of cyber defenses and the number one threat vector for cyber-attacks. "APIs account for 91% of today's internet traffic with over 50% being invisible to business IT and security teams. These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk. Gil Don, CEO and Co-Founder of Wib "What's more, traditional and legacy web security approaches, like WAFs and API Gateways, were never designed to protect against modern logic-based vulnerabilities. The Wib platform has been purposely built for an API driven world creating a new category of API native security." A recent report by industry research firm GigaOm, placed Wib as a "fast mover" in the "leaders" category, stating, "Wib is a new company but brings a strong enough offering to jump straight into the leaders category" and "Wib is a new entrant in this space, but it offers a comprehensive solution." Wib was also called out for its capability in "source code analysis with an eye toward API weaknesses is Wib's greatest strength." The report ranks Wib's API Runtime Protection, Monitoring and Reporting as exceptional in its focus and execution. This is a real testament to the Wib's innovative API security platform and approach. About Wib Wib is pioneering a new era in API security with its industry first holistic API security platform. Providing continuous and complete visibility and control across the entire API ecosystem, Wib enables developers to code with confidence and security teams to secure with surety.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Malwarebytes and Stellar Cyber Partner to Investigate and Mitigate Cyber Threats

Malwarebytes | November 28, 2022

Malwarebytes, a global leader in real-time cyber protection, today announced a new partnership with Stellar Cyber, an industry-leading Open XDR platform that delivers comprehensive, unified security without complexity. The partnership helps resource-constrained teams produce consistent security outcomes across all environments; on-premises, cloud and anything in between. The partnership comes at a critical time in the cybersecurity landscape, as security products become more complex and IT teams spend more time maintaining their security controls, instead of investigating and mitigating cyber threats. According to a 2020 report from Palo Alto Networks, only 46 percent of security operations decision makers are satisfied with their current ability to detect threats. "They point to wasted time chasing false leads, poorly integrated security tools, and a large learning curve for effectively using those tools," according to the report. "Every security team should be able to deliver continuous, consistent security regardless of their skills or experience. "By tightly integrating Malwarebytes' cutting-edge EDR technology with the Stellar Cyber Open XDR platform, IT teams are able to close the gaps between security controls that attackers exploit." Andrew Homer, Vice-President of Technology Alliances at Stellar Cyber The integration pairs Malwarebytes' EDR solution–which collects detailed threat information for analysis and investigation–with the Stellar Cyber Open XDR Platform that ingests, normalizes, and enriches security data, including endpoints, network, cloud and logs into a single repository. Malwarebytes EDR collects critical endpoint and server data and sends it to Stellar Cyber, which analyzes the data to identify potential threats. As security analysts complete investigation in Stellar Cyber, response actions are sent to Malwarebytes to eliminate the threat. "Today's IT and security teams spend more time sifting through data than eliminating actual threats. Organizations need real-time data sharing and visibility to enable decisive actions before attackers are successful," said Brian Thomas, Malwarebytes Vice President of Worldwide MSP and Channel programs. "Stellar Cyber shares our mission to simplify cybersecurity for resource-constrained organizations. Together we uniquely deliver an intelligent and automated solution that allows security teams to be more efficient, and organizations more productive and protected." About Stellar Cyber Stellar Cyber Open XDR platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to successfully secure their environments. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, that mission has expanded to provide cyberprotection for every one. Malwarebytes provides consumers and organizations with device protection, privacy, and prevention through effective, intuitive, and inclusive solutions in the home, on-the-go, at work, or on campus.

Read More

Spotlight

The SolarWinds breach provides a useful reminder that modern adversaries, both cybercriminals and hostile state-actors, continue to innovate and evolve in sophistication, guile, and persistence. They are using the same advanced tools in the development of their attacks – heuristics, machine learning, artificial intelligence, inc

Resources