PLATFORM SECURITY

SentinelOne and Okta Integration Accelerates Incident Response with XDR and Identity Security

SentinelOne | May 31, 2022

SentinelOne
SentinelOne, an autonomous cybersecurity platform company, today announced SentinelOne XDR Response for Okta, enabling security teams to quickly respond to credential compromise and identity-based attacks. The integration of SentinelOne’s XDR platform with Okta’s identity management capabilities offers a powerful new solution to accelerate response and minimize enterprise risk.

“Attackers exploit endpoint and identity security and access gaps. SentinelOne and Okta are leaders in securing both of these enterprise domains. “Incorporating SentinelOne Singularity XDR into the Okta identity platform improves the contextual awareness of our solution, ensuring that every identity is verified and malicious actors cannot advance laterally in pursuit of high-value targets. With SentinelOne across enterprise attack surfaces and Okta enforcing identity policies, organizations enjoy the best of both worlds in a single solution.”

Stephen Lee, VP Technical Strategy & Partnerships, Okta

According to the 2022 Verizon Data Breach Investigations Report, 82% of breaches involved the human element including the use of stolen credentials. While there are existing solutions that secure various pieces of the enterprise they are often siloed, causing gaps in visibility and making it difficult to achieve a holistic understanding of an organization’s security posture.

“Groupon is on a constant journey of modernization, adopting new and cutting-edge cloud technologies like SentinelOne Singularity XDR and Okta to best protect our employees and customers,” said Ryan Ogden, Director of Information Security, Groupon. “Consolidating context from various tools and automating response force multiplies our team to address the growing scale and speed of threats.”

SentinelOne’s StorylineTM observes all concurrent processes across OSs and cloud workloads, providing rich context for any potential endpoint security incident. When a threat is detected, Singularity XDR informs Okta of the last logged-in user for that endpoint and Okta provides identity context from Okta data. By combining XDR and identity context, the joint solution helps security analysts quickly determine who is doing what on which device, significantly reducing the risk of endpoint or identity-based attacks.

SentinelOne XDR Response for Okta provides a fully automated remediation process, alleviating the burden on the SOC team and allowing analysts to focus on higher-value tasks. Other key use cases include:
  • Threat Enrichment - automatically enriches threats within Singularity XDR with recent login information via Okta to make security data actionable.
  • User Suspension - terminates active sessions originating from compromised devices to minimize response time for prevention and remediation.
  • Reset Password - forces password resets, preventing SSO-enabled lateral movement across corporate applications.
  • Force Reauthentication - initiates a multi-factor authentication (MFA) workflow within Okta, locking the account until the user re-authenticates with a valid MFA token for identity verification.

“Compromising identities and moving laterally to exploit an organization’s ‘crown jewels’ is the blueprint of modern attacks,” said Yonni Shelmerdine, Vice President of Product Management, SentinelOne. “Organizations need robust endpoint protection and visibility into user sessions to respond effectively to malicious activity. With SentinelOne and Okta, enterprises gain enterprise-grade context for effective security operations.”

About SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Spotlight

A thin client, also dubbed a lean or slim client, is a computer or an application that depends heavily on some other computer (its server) to fulfil its traditional computational roles. Thin client usage results in lower administrative costs and greater security


Other News
DATA SECURITY,SOFTWARE SECURITY

Rubrik Surpasses $400 Million in Subscription ARR and Launches Rubrik Zero Labs, Data Threat Research Unit to Help Combat Global Cyber Events

Rubrik | September 01, 2022

Rubrik, the Zero Trust Data Security™ Company, today announced it surpassed $400 million in software subscription annual recurring revenue (ARR) to date, growing over 100 percent year over year. The company has achieved a net dollar retention rate greater than 140 percent based on its ability to retain customers and expand within the customer base. Today, over 4,500 customers around the world and across multiple industries rely on Rubrik to help them secure their data and keep their business running, including BMO Financial Group, Citigroup, Estee Lauder, Fiserv, The Home Depot, and many others. The company also announced the launch of Rubrik Zero Labs, Rubrik’s new cybersecurity research unit to analyze the global threat landscape, report on emerging data security issues and give organizations research-backed insights and best practices to secure their data against the increasing threat of cyber events. “There is no industry, government, or company that is immune to cyberattacks. These threats continue to increase in volume and sophistication and have the power to bring entire organizations to their knees. “We are striking a chord with organizations globally because they need a better strategy to protect their data. With Rubrik, they are better able to secure their business from ongoing cyber events.” Bipul Sinha, CEO and Co-Founder of Rubrik Cybersecurity Veteran Steven Stone Joins as Head of Rubrik Zero Labs Today Rubrik announced it has named Steven Stone as the Head of Rubrik Zero Labs. Stone will lead Rubrik’s new data threat research unit to uncover real-world intrusions from a range of threats including espionage-based data breaches to ransomware attacks, and to inform customers and partners of the best ways to proactively address risk in their business operations. He has over 15 years of experience in threat intelligence with roles in the U.S. military, intelligence community, and private sector, including Mandiant/FireEye and IBM. Most recently, he was Vice President of Adversary Operations at Mandiant, leading global teams who were responsible for adversary hunting, attribution, and data collection efforts. “Data and insights are critical for understanding, responding, preventing, and recovering from cyber events. In many cases, the data aspects are the least understood across the threat landscape, and we want to close this delta. Comprehensive threat intelligence will enable organizations to make informed decisions so they can be prepared for a full swath of cyber threats,” said Stone. “I’m thrilled to pioneer the data threat intelligence unit at Rubrik and help to deliver valuable insights to our customers and the cybersecurity industry so that together we can stay ahead of the evolving data threat landscape.” Additional Milestones: Rubrik has also achieved a number of recent industry recognitions, landmark accomplishments, and launches including: Launched Rubrik Security Cloud to secure customers’ data wherever it lives across enterprise, cloud, and SaaS while delivering data resilience, data observability, and data recovery Grew the leadership team by appointing Mike Mestrovich as Chief Information Security Officer (CISO), following his role as CISO at the Central Intelligence Agency (CIA). Appointed Chris Krebs — former director of the U.S. Cybersecurity and Infrastructure Agency (CISA) — as Chair of Rubrik’s new CISO Advisory Board, where he will assemble some of the nation’s top CISOs to facilitate information exchange and thought leadership in data security. Rubrik also named Ghazal Asif, who previously served as Google’s Head of Channel for EMEA, as Head of Global Partners and Alliances Named a Leader in the 2022 Gartner® Magic Quadrant™ for Enterprise Backup and Recovery Software Solutions, positioned the furthest overall in Completeness of Vision for third year in a row Rubrik ranked amongst highest scoring 3 vendors for all Use Cases in 2022 Gartner® Critical Capabilities™ for Enterprise Backup and Recovery Software Solutions for 2 consecutive years Received numerous industry accolades, including placement on the Forbes Cloud 100 for the sixth year in a row, and distinction as winner of the Global InfoSec Awards as Hot Company in Data Security About Rubrik Rubrik is a cybersecurity company, and our mission is to secure the world’s data. We pioneered Zero Trust Data Security™ to help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

PlainID, The Authorization Company™, Announces thought leadership collaboration with The Cyber Hut

PlainID | September 05, 2022

PlainID, the Authorization Company™, announces today the release of "Build vs Buy: Guide to Evaluating Authorization" in collaboration with Simon Moffatt, founder and analyst of The Cyber Hut. The increase in remote work and digital commerce has created a proliferation of digital identities which demand secure, frictionless access to applications and the underlying data. The guide is designed to address and inform on key criteria when considering whether to build and maintain authorization policies "inside" an application vs leveraging the benefits of an external authorization engine. The need for functionally rich applications capable of operating in a digitally optimized computing architecture has motivated enterprises to consider migrating their legacy, internally developed policies to an Authorization Platform such as PlainID. "Externalized Authorization is now an essential part of the security arsenal - foundational for agile business operations - allowing the modern enterprise to share data, assets and applications to a range of new stakeholders," said Simon Moffatt. "This guide aims to empower the buyer on a range of topics associated with next generation authorization. It will hopefully be a great asset to the security executive and practitioner alike." Numerous industry analysts are recommending externalizing authorization and authentication as a means to increase an enterprise's security resilience and a prerequisite to creating a Zero Trust architecture. "PlainID is more than delighted to collaborate with Simon and The Cyber Hut. We strongly believe in the virtue of thought leadership and the importance of this subject matter. The power and broad value of authorization are just beginning to be realized, and our hope is that this guide helps firms make informed decisions." Tom Ammirati, PlainID's Chief Revenue Officer PlainID helps businesses advance and modernize by simply and securely connecting identities of all types with the digital assets they need to do their jobs, accomplish tasks at scale, and conduct digital commerce. By making authorization decisions simple, smart, granular, and contextual, PlainID helps enterprises achieve a positive and measurable impact on user experience, enterprise security, and data privacy. Powered by policy-based access control (PBAC), leading-edge features include PlainID's Centralized Management Dashboard, which provides users the ability to create and manage enterprise-wide authorization policies from a central point while maintaining distributed enforcement capabilities. The Platform provides out-of-the-box PlainID Authorizers™ that address common authorization patterns for API gateways, microservices, data, and applications. About PlainID PlainID Inc. The Authorization Company™, is the recognized leader in Authorization as a Service powered by Policy Based Access Control (PBAC). PlainID's simple, straightforward solution to authorization management enables organizations to create, manage and enforce authorization policies across an enterprise. By securely connecting identities to digital assets via PlainID Authorizers, firms can meet the digital demands of user journeys, enable zero trust architectures and provide data security. The PlainID Authorization Platform enables rapid business growth by connecting new and legacy technologies with the latest and most advanced authorization features.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Sealing Technologies Inc. Awarded $168.5M to Provide USMC Cyber Defense Support

Sealing Technologies Inc. | August 30, 2022

Sealing Technologies, Inc. (SealingTech), a Veteran Owned Small Business (VOSB) that provides innovative cybersecurity solutions, was recently awarded a $168.5 million task order to assist the U.S. Marine Corps (USMC) with their Defensive Cyber Weapons System (DCWS). SealingTech will support the Marine Corps Cyber Protection teams by building a holistic cyber defense solution comprised of SealingTech fly away kits and a suite of tools to analyze vulnerabilities, map key cyber terrain and respond to incidents. "The DCWS system is an important enabler of cyberspace maneuver across the Department of Defense's (DoD) key terrain. "We are both humbled and excited that the USMC has trusted SealingTech with this critical mission and we are hitting the ground running to ensure its success." Ed Sealing, Founder and CEO of SealingTech With this contract award, and their support to the Army, Navy, and US Air Force cyber teams, SealingTech continues to posture the DoD cyber operators with a standard defensive cyber operating platform in preparation for a Joint Cyber Warfighting Architecture. As an industry partner, SealingTech is ideally positioned to work across all DoD services and agencies to identify best practices and enable the most effective and efficient joint solution. About Sealing Technologies Inc. SealingTech is a Veteran Owned Small Business (VOSB) that rapidly delivers innovative cybersecurity solutions that modernize, protect, and defend the networks and systems of the Federal Government and private industries. SealingTech's vast cyberspace experience and knowledge provides cutting-edge research, engineering and integration services that support the United States and their allies.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

LMG Security Introduces New Proactive Cybersecurity Solutions

LMG Security | September 30, 2022

LMG Security, an internationally recognized cybersecurity consulting firm, has expanded its popular selection of cybersecurity advisory, testing, and training services with a new line of cybersecurity solutions. These solutions are designed to reduce the burden organizations face from implementing or managing cybersecurity technology, as well as create fast, easy access to skilled cybersecurity staff to augment internal teams. LMG Security is pleased to announce it now offers the following new solutions and services: Virtual CISO and Staff Augmentation: Organizations struggle to find and retain cybersecurity talent. LMG Security provides staff augmentation services that enable organizations to quickly access the specialized cybersecurity skills they need on a fractional basis. Endpoint Detection and Response Implementation: LMG Security implements and seamlessly integrates an endpoint detection and response solution that helps organizations defend against zero-day attacks, supply chain vulnerabilities, and other common cybersecurity threats. Multi-Factor Authentication Implementation (MFA): Protect against attack vectors such as phishing, business email compromise, and cross-cloud attacks with a customized MFA implementation. Password Manager Implementation: A password manager is a simple, affordable way to decrease the risk of a data breach from weak or reused passwords. LMG Security's team implements the password manager and ensures that it is optimally configured. Managed On-Demand Employee Cybersecurity Training: Get experts to design and manage your cybersecurity training for you. An LMG Security cybersecurity specialist will plan and monitor your training program to ensure your employees have the skills to be an effective "human firewall." Continuous Attack Surface Monitoring: LMG Security's team implements and seamlessly integrates a solution that scans Internet-facing systems to help organizations identify assets that are exposed or vulnerable. All LMG Security cybersecurity solutions are implemented and managed by experts who ensure that each solution follows all cybersecurity best practices and is optimally integrated with each organization's existing tech stack. "Organizations are struggling to find and hire skilled cybersecurity talent. "We make it easy for our clients by offering expert virtual CISO and cybersecurity staff augmentation services, as well as implementation and management services for key cybersecurity solutions." Davidoff continued, "IT teams are stretched to the limit at most organizations. We're excited to launch these new cybersecurity solutions that will help organizations defend against the constantly changing threat landscape." Sherri Davidoff, president and CEO of LMG Security ABOUT LMG Security LMG Security is an internationally recognized leader in the cybersecurity consulting industry. This full-service cybersecurity firm provides one-stop shopping for a wide array of cybersecurity services. Specializing in technical testing, advisory and compliance services, and training for more than a decade, the LMG Security team's security testing services were featured on the Today show. In addition, the team has published cutting-edge research on cell phone intrusion detection and banking Trojans, written books on network forensics, data breaches, and an upcoming book on ransomware and cyber extortion, and routinely speak or train at Black Hat, RSA and many other security conferences. LMG Security is privately held and headquartered in Missoula, Montana.

Read More

Spotlight

A thin client, also dubbed a lean or slim client, is a computer or an application that depends heavily on some other computer (its server) to fulfil its traditional computational roles. Thin client usage results in lower administrative costs and greater security

Resources