SOFTWARE SECURITY

Sysdig Open Source Is Extended to Secure Cloud Services

Sysdig | May 16, 2022

Sysdig
Sysdig, the unified container and cloud security leader, announced that Sysdig open source, the incident response standard for containers, has been extended to the cloud. Using system calls, Sysdig open source (Sysdig OSS) traditionally offers deep observability into running applications, as well as file system access and network activity, which speeds incident response and troubleshooting. Teams can quickly filter information from Sysdig OSS and take action. With the announcement of this new integration, these capabilities have been extended beyond containers to any cloud environment.

Today, Sysdig announced Edd Wilder-James has joined Sysdig from Google to lead the company’s open source ecosystem team.

The complexity of cloud-native applications – with countless components and variables – makes it extremely difficult for security analysts and system administrators to quickly triage alerts and debug problems. Sysdig OSS captures process, file system, and network activity in real time and with a high degree of granularity. The tool, which has nearly two million downloads and 6,850 GitHub stars, surfaces everything from executed commands and file system activity to network activity. Sysdig OSS then offers advanced filtering and troubleshooting capabilities, supporting root cause analysis for security and performance issues.Using a new plugin framework – originally developed by the open source community for the CNCF project Falco – Sysdig extends the number of sources Sysdig OSS can be connected with to anything that generates logs or events, including Azure, Google, and AWS CloudTrail logs. Going forward, every plugin developed for Falco can also be leveraged by Sysdig OSS. Using one tool, like Sysdig OSS, to observe events from the entire cloud-native environment streamlines investigations. Using a different tool for each environment adds complexity, which makes it massively harder to troubleshoot.

Sysdig’s Commitment to Open Source

Sysdig was founded as an open source company and Sysdig Secure and Sysdig Monitor were both built on an open source foundation to address the security challenges of modern cloud applications. Both projects were created by Sysdig to leverage deep visibility as a foundation for security, and they have become standards for container and cloud threat detection and incident response. Falco, which was contributed to the CNCF in 2018, is now an incubation-level hosted project with more than 45 million downloads.

Sysdig OSS and Falco can be used together as a powerful open source solution to reduce risk at runtime. Sysdig OSS acts as a flight recorder, capturing a detailed record for inspection. Falco acts as a security camera, continuously detecting unexpected behavior, configuration changes, intrusions, and data theft in real time. Teams can use Sysdig OSS and Falco together to detect and respond to threats.

“If you want to see what is going on inside an application, Sysdig OSS gives you that record. “Sysdig open source was the inspiration for Falco. While Falco will monitor and alert based on your policies, Sysdig open source will tell you what happened at a particular time, before and after the event. Having the ability to use both open source tools in the cloud is extremely powerful.”

Loris Degioanni, Founder and CTO of Sysdig

About Sysdig
Sysdig is driving the standard for cloud and container security. The company pioneered cloud-native runtime threat detection and response by creating Falco and Sysdig as open source standards and key building blocks of the Sysdig platform. With the platform, teams can find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions and compliance. From containers and Kubernetes to cloud services, teams get a single view of risk from source to run, with no blind spots, no guesswork, no black boxes. The largest and most innovative companies around the world rely on Sysdig.

Spotlight

From Ashley Madison to TalkTalk and Stagefright to fishy root certificates, 2015 was a memorable – although not a devastating – year for cyber security. We witnessed less widespread, panic inducing vulnerabilities in 2015 than in years past; while 2014 will go down in the security history books as the year of Heartbleed, ShellShock and point-of-sale malware, 2015 was comparatively tame.


Other News
DATA SECURITY

ShardSecure® To Present at Black Hat Cybersecurity Conference

ShardSecure | August 09, 2022

ShardSecure, inventor of the innovative MicroshardTM technology that mitigates data security and privacy risks in the cloud, will be exhibiting at Black Hat 2022, the leading information security event, from August 6 to 11 in Las Vegas, Nevada. While at Black Hat, ShardSecure will showcase their patented microsharding solution at Booth #30 in the Business Hall's Innovation City. During the conference, ShardSecure will demonstrate how microsharding renders sensitive data unintelligible in the wrong hands, offering crucial protection in multi-cloud and hybrid-cloud environments. ShardSecure Lead Developer Anthony Whitehead will present "Microsharding, an Alternative to Encryption for Data at Rest" from 2:25 to 2:45 p.m. PT on August 10 in the Business Hall, Theater C. Additionally, VP of Marketing Marc Blackmer will be interviewed on microsharding and encryption by Chuck Harold of SecurityGuyTV at 9:20 a.m. PT on August 11. "We're looking forward to making new connections and sharing how we can help organizations strengthen their data resilience, maintain business continuity, and mitigate the impact of ransomware," said Marc Blackmer. "Black Hat is an excellent opportunity for ShardSecure to participate in key industry conversations, strengthen our brand, and grow our networking opportunities." Microshard technology works to desensitize sensitive data by digitally shredding it into tiny microshards. Those microshards are then mixed with poison data and distributed to multiple customer-owned storage locations of the customer's choosing. Its self-healing data also reverses unauthorized data deletion and tampering — including ransomware — for data at rest. Through its ability to reconstruct data impacted by storage service outages, ShardSecure also helps protect against the effects of data loss and allows business operations to continue unaffected during an outage. "We're pleased to be sharing Microshard technology with a wide audience of thought leaders and vendors at Black Hat. "Combined with several new partnerships and our recent availability in Azure Marketplace, Black Hat is allowing us to reach more organizations with our innovative data security and data resilience solution. We look forward to continuing the discussion about how we can help organizations maintain control of their sensitive data in the cloud while protecting it from outages and attacks." Bob Lam, CEO and Co-Founder of ShardSecure About Black Hat Now in its 25th year, Black Hat USA is a leading cybersecurity event. With trainings, briefings, and virtual and in-person events, Black Hat 2022 will present the latest research, development, and trends in the information security industry. About ShardSecure ShardSecure is changing the nature of data security. It believes that all organizations can easily and securely enjoy the benefits of cloud adoption without surrendering control of their data. Inventors of the patented Microshard technology, ShardSecure cloud-enables sensitive data by desensitizing it in multi-cloud and hybrid-cloud environments.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

SandboxAQ Acquires Cryptosense to Accelerate Delivery of Security Solutions to Global Organizations

SandboxAQ | September 14, 2022

SandboxAQ, an enterprise SaaS company delivering the compound effects of AI and Quantum tech (AQ) to governments and the Global 1000, today announced it has acquired Cryptosense, a leading cybersecurity and encryption analysis software company. SandboxAQ's acquisition comes just weeks after the company unveiled its Strategic Investment Program and initial investment in evolutionQ. The acquisition of Cryptosense complements and accelerates the deployment of SandboxAQ's Post-Quantum Cryptography (PQC) solutions to corporations and government institutions worldwide. SandboxAQ's cybersecurity products enable large enterprises to scale cryptography management across their IT infrastructure, providing CISOs with a single, 360° view of how encryption is used throughout the enterprise – a critical first step in migrating to PQC. This migration to stronger cybersecurity is important for critical infrastructure sectors such as financial services, technology, energy, biopharma, logistics, and government. Cryptosense is used by leading technology and financial services organizations and is a fellow NIST NCCOE partner. The combined customer relationships will help SandboxAQ bring its PQC solutions to market faster and protect these organizations and their customers from existing and emerging quantum threats, such as Store Now, Decrypt Later (SNDL) attacks. "Rapid advances in quantum computing and AI challenge the effectiveness and performance of existing cryptography-based cybersecurity solutions. The combined leadership, talent, and expertise that SandboxAQ and Cryptosense bring to the marketplace accelerates the deployment of more effective cryptography solutions to protect the world against the security threats of today and tomorrow," said Jack D. Hidary, CEO of SandboxAQ. "The caliber of the Cryptosense team is recognized throughout the information security community, with the leadership by Graham Steel and Clément Jeanjean. We welcome Cryptosense to the SandboxAQ family and look forward to our continued success as one company." "The complementary functionality and expertise between Cryptosense and SandboxAQ enables us to build and deliver SaaS solutions at scale with higher touch customer service. PQC implementation is critical to protect the world's sensitive data and together we will make a greater impact." Dr. Graham Steel, Cryptosense founder Cryptosense was advised by Stifel and Hogan Lovells and SandboxAQ was advised by Morgan Lewis. About SandboxAQ SandboxAQ is an enterprise SaaS company, providing solutions at the nexus of AI and Quantum technology (AQ) to address some of the world's most challenging problems. The company's core team and inspiration formed at Alphabet Inc., emerging as an independent, growth-capital-backed company in 2022. About Cryptosense Cryptosense is an enterprise SaaS company that helps organizations identify and catalog the cryptography leveraged within their applications and infrastructure. Some of the largest technology and financial services companies worldwide use Cryptosense for their cybersecurity needs. Cryptosense announced a $4.8 million funding round in May 2021 backed by Amadeus Capital Partners, Elaia Partners and BGV.

Read More

PLATFORM SECURITY

Searchlight Security Elevates Dark Web Intelligence to Board Level with New Automated Reporting

Searchlight Security | August 02, 2022

Searchlight Security, the dark web intelligence company, has introduced new automated reporting functionality into its DarkIQ dark web monitoring solution to help security analysts and MSSPs to quickly and easily communicate external threats to executives. DarkIQ is a powerful dark web monitoring solution that utilizes the most comprehensive dark web dataset on the market, and the only one that includes dark web traffic to and from the organization’s network. It takes the attributes that are most important to a business - including employee credentials, software, devices, IP addresses, network components, and company datasets - and alerts organizations to their presence in deep and dark web marketplaces, forums, and conversations, which could indicate an imminent attack. This threat intelligence is specific to the organization, removing “alert fatigue” and allowing security teams to prioritize the most urgent threats to the business. DarkIQ’s new automated reporting function builds on its existing capabilities by helping analysts to more easily communicate the dark web intelligence they discover - improving response times to possible attacks and educating the wider business on dark web threats. “Our mission is to make dark web intelligence as relevant and actionable for businesses as possible and our new reporting function is a huge part of that. Threat intelligence is only powerful if it can be understood and acted on - otherwise it is just noise. Communication is everything.” Eric Milam, EVP product at Searchlight Security DarkIQ Reporting gives enterprise security teams and MSSPs the ability to: Generate slick reports with one click - with threat intelligence data automatically pulled, inputted, and presented from the DarkIQ platform. Select the right level of detail for the audience - with an “Executive” report option for a high level summary or “Detailed” report for security personnel, which includes recommended remediative actions that should be taken based on the threat data. Add and remove reporting fields - to further customize the report to suit the audience by adding, moving, or removing components, as well as the ability for security teams to add their own analysis, context and observations. Customize design - with the ability to brand reports and change the font and color scheme, a particularly important feature for MSSPs reselling DarkIQ to their customers. Resource more effectively - with less time spent on reporting so they can spend more time protecting the business. Demonstrate Return on Investment - with the ability to show imminent threats that have been identified and prevented through dark web intelligence. Milam concluded: “In threat intelligence, the job isn’t done until the report is filed. This is a burden on security teams that we wanted to - and have been able to - alleviate, because every minute less they spend reporting is a minute more they can spend stopping the bad guys. At the same time, they have a better solution to deliver pre-attack intelligence with more clarity so the business can be more proactive in stopping imminent threats.” About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More

ENTERPRISE IDENTITY,PLATFORM SECURITY,SOFTWARE SECURITY

Safe Security Introduces Free Assessments to Provide Trusted Financial Risk Calculations for Cyber Attacks and Cyber Insurance Discussions

Safe Security | August 17, 2022

Safe Security, a global leader in cybersecurity risk quantification and management, today announced two industry-first assessment tools to empower organizations to make holistic financial decisions based on their actual cyber risk. At no cost, organizations can access Safe Security’s Interactive Cost Calculator, as well as the Cyberinsurance Assessment, which are designed to enable data-driven discussions about risk and coverage requirements. “Executive leadership from the CEO and board members, to CISOs, risk teams, and CFOs are asking questions like, ‘how much will a cyber attack cost us?’ Or, ‘how much should our cyber insurance cost?’ Today, those leaders either do not have a financial figure at all or possess a financial figure from a ‘black-box’ approach that they can’t explain or trust,” said Saket Modi, co-founder and CEO of Safe Security. “Based on our research, Safe Security is offering organizations the opportunity to understand the financial impact of a cyber attack with full visibility into how the assessment is calculated so you can trust and explain the numbers. Knowledge is power, and our mission is to arm you with an unbiased assessment that can be used for risk discussions and insurance negotiations.” Interactive Cost Calculator for Cyber Attacks Safe Security’s Interactive Cost Calculator for cyber attacks is a free, tunable calculator that enables organizations to understand their potential financial risk due to a cyber attack, such as ransomware. The easy-to-use assessment gathers specific inputs about the company, and provides a cost estimate based on Safe Security’s cost model that takes into account cost drivers associated with security incidents. The output can be customized to the parameters of an organization to further refine the estimate. Inside-Out Cyberinsurance Assessment Safe Security’s Inside-Out Cyberinsurance Assessment helps companies better understand their cyber health and reduce premiums. Cyber insurance premiums keep rising despite increasing cybersecurity investments. Companies can gain specific guidance on how their cybersecurity risk posture compares to others in the same industry, how much coverage they need, and the top actions they should take to ensure a successful cyber insurance renewal. The SAFE platform runs a cyber risk assessment based on the following data points: API feeds from the organization’s internal technology environment Maturity of the organization’s cybersecurity policies and products About Safe Security Safe Security is a leader in cybersecurity and digital business risk quantification management, with a mission to build a safer digital future. Safe’s cyber risk quantification and management (CRQM) platform enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.

Read More

Spotlight

From Ashley Madison to TalkTalk and Stagefright to fishy root certificates, 2015 was a memorable – although not a devastating – year for cyber security. We witnessed less widespread, panic inducing vulnerabilities in 2015 than in years past; while 2014 will go down in the security history books as the year of Heartbleed, ShellShock and point-of-sale malware, 2015 was comparatively tame.

Resources