ThreatConnect partners Microsoft Graph Security API to Strengthen Security Automation

ThreatConnect | August 19, 2020

ThreatConnect, Inc.®, provider of the industry’s only intelligence-driven security operations solutions, announced today that it has joined the Microsoft Intelligent Security Association and will integrate Microsoft solutions with the ThreatConnect Threat Intelligence (TIP) and Security Orchestration Automation and Response (SOAR) Platform using the Microsoft Graph Security API. This integration allows ThreatConnect clients to connect with nearly any piece of Microsoft technology, including Azure Sentinel, O365, and Microsoft Defender ATP, using the Microsoft Graph Security API. The integration allows clients to retrieve alerts, perform data enrichment, gain relevant threat intelligence, and carry out incident response actions.

The Microsoft Graph Security API is a single interface that connects to Microsoft security products. Through this integration, made possible by ThreatConnect’s robust App Services capability, clients are able to subscribe to and listen for Microsoft Graph Notifications, parse these notifications for subsequent operations, and manage Graph Mail and security alerts via ThreatConnect Playbooks. Some examples of actions supported:

Spotlight

Organizational practices in the digital age are inevitably linked to the processing of data, and built upon the systems that support these efforts. Collectively, cybersecurity and privacy professionals are responsible for guiding and implementing organizational decisions that ensure data is collected, processed, protected and shared consistent with
evolving norms.


Other News
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Upstream Deepens Investment in Michigan, US with a New Vehicle Security Operation Center

Upstream | September 08, 2022

Upstream, the creator of industry-leading cloud-based cybersecurity and data management platform for connected vehicles and smart mobility, is opening its first U.S.-based vehicle security operation center (vSOC) in Ann Arbor, Michigan, to closely surveil and mitigate emerging cyber threats and risks for its U.S.-based automotive clients. Data and connectivity are the foundation of the automotive industry's transformation, unlocking new revenue streams and business opportunities for automotive stakeholders and users. But, connectivity and mobility applications bring a wide range of cyber risks. "Upstream enables OEMs to build trust into the connected vehicles ecosystem. "Our platform monitors over 12 million vehicles worldwide. We see new attack surfaces and threats on a regular basis, fueled by a wide variety of vulnerabilities, including EV charging networks, expanded use of smartphone apps that control basic car functions and infotainment systems. This is the right timing to open our U.S.-based vSOC, and Michigan is a natural choice." Yoav Levy, CEO and co-founder of Upstream "Companies continue to invest in Michigan because of our world-class talent, quality of life, low cost of doing business and culture of innovation," said Trevor Pawl, Michigan's Chief Mobility Officer. "Michigan remains committed to being the global epicenter of the next revolution of the automotive industry and we applaud Upstream's continued success and investment in Michigan's autonomous and electrified future." "Vehicles are benefiting from a wave of technology innovation, producing transportation that is safer and smarter thanks to connectivity," said Faye Francy, executive director of Auto-ISAC, a global information sharing community established by automakers to address cybersecurity risks. "The very technology that provides us with these new efficiencies also introduces potential cyber risk to the vehicle, and vSOC operations is an application for the automotive industry to proactively address the risk." In fact, Upstream found more than 50 percent of all reported automotive-related cybersecurity incidents took place during the past two years alone. "Customer experience applications, by OEMs and smart mobility providers, are one of the fastest growing attack surfaces and account for 6 percent of total attacks in 2022 so far compared to 2 percent in 2021, explains Yaniv Maimon, Upstream's director of vSOC. "Charging stations and infrastructure have also become a significant concern, especially given range anxiety concerns and the constant pressure to accelerate EV adoption." At the Michigan vSOC, Upstream is hiring and training experienced local cyber and automotive experts to operate the vSOC, offer cross-functional response and mitigate attacks in real time. "Southeast Michigan's emergence as a high-tech mobility hub and its proximity to our automotive customers, their Tier-1 suppliers and cybersecurity talent makes it a perfect setting for our new vSOC," Levy said, adding that traditional security operation centers focus on compliance and IT assets and lack the holistic and contextual view required to mitigate cybersecurity threats against vehicles, services and entire fleets. The Michigan-based vSOC is expected to be fully operational by the end of the year. It adds to Upstream's growing network of automotive-specific security centers already active in Israel, and coming soon in Japan. Additional vSOC investments are expected in Europe in the near future. About Upstream: Upstream provides a cloud-based data management platform purpose-built for connected vehicles, delivering unparalleled automotive cybersecurity detection and response (V-XDR) and data-driven applications. The Upstream Platform unlocks the value of vehicle data, empowering customers to build connected vehicle applications by transforming highly distributed vehicle data into centralized, structured, contextualized data lakes. Coupled with AutoThreat® Intelligence, the first automotive cybersecurity threat intelligence solution, Upstream provides industry-leading cyber threat protection and actionable insights, seamlessly integrated into the customer's environment and Vehicle Security Operation Centers (vSOC).

Read More

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

AwareGO Launches Employee Cybersecurity Risk Audit for Organizations

AwareGO | October 17, 2022

Human cyber risk management and awareness company AwareGO announced today that during the National Cybersecurity Awareness Month, the company launches its long-awaited full Employee Cybersecurity Risk Audit and consultation. “Today, around 90% of all successful cybersecurity attacks involve employees enabling the break-in. It is therefore critical for anyone responsible for an organization's cybersecurity to have a clear picture of what employees know and how they behave in the face of potential threats. Only then is it possible to effectively respond with training or other risk-reducing approaches.” said AwareGO Chief Executive Officer Ari Jonsson, Ph.D. “AwareGO's Human Risk Assessment software is the first of its kind when it comes to measuring both the knowledge and the behavior of employees for a broad range of cybersecurity threats, going far beyond just phishing. This capability is allowing us to now launch our full-service Employee Cybersecurity Risk Audit for organizations. In this audit, our cybersecurity experts work directly with individual organizations to set up the appropriate assessment, execute it, evaluate the outcome and map that to effective risk-reducing decisions.” AwareGO is renowned for its industry-leading Human Risk Assessment and its uniquely effective approach to security awareness training. Created by cybersecurity experts, behavioral scientists and interaction designers, the Human Risk Assessment uses interactive scenarios to assess employees across a wide range of threat areas and key behaviors. The resulting dashboards and reports help identify vulnerable departments and roles, and offer actionable insights to create informed security strategies to improve any organization’s overall cyber defense and reduce cybersecurity risks. The Employee Cybersecurity Risk Audit is designed to apply the capability of the Human Risk Assessment as effectively and as efficiently as is possible for client organizations, so that they may quickly identify vulnerabilities among their employees and address them right away. The audit is conducted by AwareGO experts who will work with clients through the entire process. The first step is to work with the client to determine the scope and priorities for the audit, based on company structure, risk profile, security stance and more. Then, the employees will be assessed across six different threat areas: phishing; passwords; sensitive data handling; device handling; physical security; and remote work. When that has been completed, our experts deliver a detailed report on the results and consult with the client to identify potential next steps to reduce vulnerabilities, as well as to develop an informed cybersecurity strategy for the future — backed up by data. Organizations interested in the Employee Cybersecurity Risk Audit can schedule a 15-30 minute call with AwareGO through this web page to learn more about the process and to get a price quote based on the expected scope of the project for their case. About AwareGO AwareGO is a global provider of human cyber risk and awareness solutions that help enterprises, and SMEs identify, quantify and remediate the human risk factor when it comes to cybersecurity. To date, AwareGO has successfully trained more than 8 million employees worldwide. Based in Iceland, the company has locations in the United States, Czech Republic, and Croatia.

Read More

DATA SECURITY, NETWORK THREAT DETECTION, PLATFORM SECURITY

IronYun® Announces Integration with Genetec™ Security Center Designed For Comprehensive Visual Intelligence

IronYun | November 01, 2022

IronYun Inc., a leader in AI vision for security, safety and operational applications, today announced the integration of the award winning Vaidio AI Vision Platform with Genetec™ Security Center. Genetec customers can now add advanced, accurate, and field-proven AI video analytics to their existing infrastructure, to improve security, safety, and operational efficiency. "Integrating Vaidio with Security Center makes it easy to add advanced artificial intelligence to existing infrastructure to increase functionality and make security operations even more effective and efficient." Paul Sun, IronYun CEO With the ability to analyze video from Security Center and to seamlessly feed alerts and notifications into the Security Center interface, the Vaidio AI Vision Platform continues to build on an award-winning foundation. Vaidio won the 2020 New Product Showcase for Commercial Monitoring and received two New Product Showcase Awards in 2021 for Mobile Applications and Video Analytics. Also in 2021, IronYun partnered with DP World and Verizon to study Vaidio AI Vision in port and warehouse safety and operational applications. In addition, IronYun was recognized as a Major Player in IDC's Worldwide Video Analytics MarketScape as "a good decision for enterprises that have extensive video surveillance capabilities and want to upgrade to advanced analytics that incorporate the latest technology." The Vaidio AI Vision Platform is an open software platform that can be deployed on-prem on servers, on edge devices, and/or in the cloud. Vaidio orchestrates multiple next-generation AI video analytics engines to provide such functions as video search, intrusion detection, license plate recognition, face search and recognition, people and vehicle counting, vehicle make and model recognition, social health analytics, and many others. Vaidio works with any IP camera and integrates out of the box with Genetec Security Center. Vaidio AI monitors real-time video streams with superhuman accuracy, and accelerates forensic video search of stored video. The platform offers the flexibility to purchase only needed analytics, with the option to run multiple analytics on a single camera, and to add more analytic functionality over time. Vaidio's optimized, next-generation AI vision algorithms maximize hardware resource efficiency, to effectively lower overall solution costs relative to competitive alternatives. The latest Vaidio releases add new AI-enabled safety detection, privacy blurring and associated data and user management features, a fully featured parking management application, (the first 3rd party application developed on the Vaidio platform), Vaidio Data, a robust business intelligence engine, and Vaidio Command Center, for centralized management of complex, distributed, large scale environments. About Vaidio The Vaidio AI Vision Platform offers 30 AI -enabled next-generation video analytics functions for security, safety, access control and operational applications. Vaidio is an open platform that works with any IP camera, scales from 1 to 1,000s of cameras, and integrates with market leading VMSs for real-time, forensic and holistic situational awareness. The Vaidio Platform is differentiated by higher accuracy and greater resource efficiency across a vast array of advanced AI-enabled video analytics. Relative to competitive alternatives, Vaidio can reduce hardware requirements up to 80%, and false alerts up to 99.995% -- reducing both up front and long-term operating costs. About IronYun IronYun has evolved the artificial intelligence at the core of the Vaidio Platform to create a resource-efficient, open platform that is field-proven to maximize accuracy and performance across the industry's broadest array of analytics functions. We are NDAA approved, headquartered in Stamford, CT, and our Vaidio Platform is deployed across tens of thousands of cameras for government, healthcare, education, retail, transit and enterprise customers worldwide.

Read More

DATA SECURITY, ENTERPRISE IDENTITY, SOFTWARE SECURITY

SynSaber Adds New Dynamic Pipeline to OT Cybersecurity Platform

SynSaber | October 21, 2022

SynSaber, an early-stage ICS/OT cybersecurity and asset monitoring company, today announced the addition of a new Dynamic Pipeline feature to the company's platform, providing customers with improved scalability and flexibility. Building upon the product launched in February 2022, this update includes a comprehensive set of features and capabilities to collect, analyze, and curate data at the OT edge. SynSaber was purpose-built to bring edge visibility to industrial networks (oil and gas, water and electric utilities, advanced manufacturing) so that organizations can deploy and scale rapidly, integrate with current technology, and detect threats to protect business-critical assets. "SynSaber partners with some of the most important critical infrastructure operators in the nation to protect and provide visibility into how ICS/OT assets are exposed to potential cyber attacks. "With our latest update to the platform, customers are now able to extend visibility and flexibility throughout the organization for cybersecurity to act as a business continuity vehicle and empower operators and asset owners to prevent any operational disruption." Jori VanAntwerp, Co-Founder/CEO of SynSaber Dynamic Pipeline 's Key Benefits: Users can modify data sources, processors, and destinations in real-time, enabling dynamic configuration changes without interruption to visibility. Pipeline configuration can be modified and deployed within SynSaber's visual-based interface. The ability to dynamically configure Saber sensors from a visual-based interface allows for greater control and ease of access. In addition to the improved scalability and flexibility the dynamic pipeline provides, the v1.1.0 update includes enhancements to some of the existing features from SynSaber version v1.0.0. These feature improvements include: Custom flow module enables near real-time processing and analysis of data and asset identification. Improved Syslog support allows fast and efficient communication with existing infrastructure and technologies. About SynSaber SynSaber is the simple, flexible, and scalable industrial asset and network monitoring solution that provides continuous insight into the status, vulnerabilities, and threats across every point in the industrial ecosystem, empowering operators to observe, detect and defend OT/IT systems and protect critical infrastructure. SynSaber is privately held with funding from SYN Ventures, Rally Ventures, and Cyber Mentor Fund.

Read More

Spotlight

Organizational practices in the digital age are inevitably linked to the processing of data, and built upon the systems that support these efforts. Collectively, cybersecurity and privacy professionals are responsible for guiding and implementing organizational decisions that ensure data is collected, processed, protected and shared consistent with
evolving norms.

Resources