PLATFORM SECURITY

Vectra Becomes AWS Security Competency Partner

Vectra | June 30, 2022

Vectra
Vectra AI, a pioneer in threat detection and response, said today that it has been an Amazon Web Services (AWS) Security Competency Partner, proving its technical knowledge and demonstrated customer success when it comes to further protecting AWS environments. The competence designation acknowledges Vectra's strong cloud security experience and proven technology, which assists clients in further enhancing their security measures across hybrid architectures and cloud environments.

Vectra's AWS Security Competency distinguishes it as an AWS Partner Network (APN) member that delivers specialized threat detection technologies to assist organizations in adopting, developing, and deploying complex security projects on AWS. To be eligible for this distinction, APN members must have extensive AWS knowledge and be able to offer solutions on AWS effortlessly. Vectra earned AWS Security Competency accreditation after a thorough qualification process based on references and customer feedback.

"Becoming an AWS Security Competency Partner is an exciting milestone for Vectra and for many of our customers who leverage AWS as a critical component in their everyday operations. Solving threat detection and response challenges for our customers is top priority and this competency further validates our ability to do that in the cloud and wherever organizations choose to configure their environments."

Michael Porat, Vectra SVP, Corporate and Business Development

"We are an AWS shop. Using AWS VPC Traffic Mirroring, Vectra gives us full visibility into our Nitro-based instances," said Mirza Baig, IT Security Manager at Municipal Property Assessment Corporation (MPAC).

To monitor all infrastructure-as-a-service traffic, the Vectra platform interfaces with AWS Virtual Private Cloud (VPC) traffic mirroring. It also integrates with AWS Security Hub to publish Vectra detections as findings, enabling security teams to correlate Vectra attacker detections with other data sources for faster threat hunting and incident investigations.

"Achieving the AWS Security Competency validates Vectra for its technical expertise and ability by enabling customers to further secure their journey through the different stages of cloud adoption—from migration through day-to-day management," said Dudi Matot, Security Segment Lead at AWS.

Spotlight

TIBCO LogLogic can be integrated into Splunk environments to handle data collection from log sources to immediately optimize the flow of data being sent to Splunk and reduce the amount of data that Splunk indexes. There are two primary benefits. First, there are direct cost-savings based on the differences in licensing. Second, the smaller data volume being handled by Splunk makes processing and searches faster. By integrating LogLogic as the primary log data collection source, Splunk customers can achieve massive cost-savings and improve performance in a way that is invisible to the Splunk end-users.


Other News
SOFTWARE SECURITY

SentinelOne Integrates with Torq, Streamlining SOC Workflows with Automated Incident Response

SentinelOne | June 29, 2022

SentinelOne , an autonomous cybersecurity platform company, today announced a new integration with Torq, a no-code security automation platform. The combination of SentinelOne and Torq allows security teams to accelerate response time, reduce alert fatigue, and improve overall security posture. “SentinelOne’s powerful intelligence and protection helps security teams protect their employees and customers – no matter how complex the environment. “With Torq, security teams can extend the power of SentinelOne to systems across the organization to automate workflows, respond faster, maintain/boost compliance to benefit from a proactive security posture.” Eldad Livni, Chief Innovation Officer, Torq The SentinelOne integration with Torq combines SentinelOne’s powerful detection and protection with Torq’s no-code automation, enabling customers to limit alert fatigue, respond to threats at machine speed, and proactively identify and remediate risks. Torq makes it easy for security teams to create automated workflows, with a drag and drop workflow builder and hundreds of templates aligned with industry best practices and frameworks from MITRE and NIST. With robust data from SentinelOne, the Torq solution has access to more high-fidelity threat data for improved enrichment, accelerated response times, and alert fatigue reduction. Torq workflows can listen for SentinelOne alerts, and ingest these to trigger action in any security or operations tool. The solution deploys out-of-the-box in minutes with no coding, installation, or ‘connectors’ needed. Key benefits of the integration include: Real-time threat enrichment - automatically enrich alerts from any system with data directly from SentinelOne Singularity. Automated remediation - remediate threats with fully autonomous or partially autonomous remediation workflows to accelerate mean time to respond. Optimize SOC workflows - clearly and quickly orchestrate threat hunting, information sharing, and ticket creation for vulnerability management. Bot-driven collaboration - Create no-code interactive chat bots that allow users to perform critical actions, run deep visibility queries, or control SentinelOne endpoints from within Slack or other chat tools. “The SentinelOne-Torq integration provides joint customers with a powerful combination of best-in-breed automated security solutions,” said Ruby Sharma, Head of Technical Partnerships, SentinelOne. “Not only are customers utilizing industry leading endpoint protection and XDR, they also have access to innovative security automation tools that can accelerate workflow automation. We are pleased to make this integration available via the Singularity Marketplace, and we look forward to expanding our offerings to address even more use cases.” About SentinelOne SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Read More

DATA SECURITY

NTT DATA Selects Swimlane to Deliver Low-Code Security Automation in EMEA

NTT DATA | June 01, 2022

Swimlane, the leader in low-code security automation, today announced its partnership with NTT DATA, a global leader in IT services and cybersecurity, to reduce risk for shared customers via Swimlane’s award-winning low-code automation platform. The partnership will help organizations in the Europe, the Middle East and Africa (EMEA) region address compliance and regulatory requirements and tackle the challenges associated with managing big data. In addition to extending low-code security automation to its customers, NTT Data has also chosen Swimlane to scale its own security operations. In a recent study, 55% of European enterprises reported struggling to recruit IT talent, citing a lack of advanced skills in job candidates. As the global cybersecurity talent shortage prevails, security administrators in the EMEA region are increasingly overburdened with manually performed repetitive and time-consuming tasks needed to track, mitigate and resolve security events across multiple security platforms. Without automation, security teams cannot realistically analyze and adequately prioritize security alerts at the rate necessary to protect networks while also ensuring their organization remains compliant with regulatory standards across countries operated in. Now, joint customers can leverage the power of Swimlane’s platform to respond quickly, innovatively, and effectively to today's complex challenges. They will gain visibility into the performance, capacity, and value of their security strategy with self-service dashboards, granular reporting, and extensive visualization capabilities. “We are excited to expand our investment in the EMEA market by partnering with a true leader in the region that carries immense credibility in the security space. “This partnership will enable enterprises across highly-targeted industries like financial services, critical infrastructure, healthcare and retail to harness their institutional knowledge to leverage security automation and build a system of record that transcends the entire security organization.” Toby Van de Grift, Vice President of EMEA for Swimlane Together, Swimlane’s low-code automation platform and NTT Data’s deep industry expertise deliver an offering that enables continuous compliance and prevents data breaches while helping security teams more efficiently manage the growing volume of alerts and complexity of processes. NTT Data will also create its own unique applications of the Swimlane platform to deliver continued value to customers. “The flexibility of the Swimlane platform makes it the ideal solution for both our company and our customers to harness the power of low-code security automation, allowing every team member to create response processes that align with unique business processes,” said Patrick Schraut, SVP CyberSecurity at NTT DATA. “This partnership will allow our customers to receive more value from their existing technology investments while making it easier for them to utilize automation to alleviate the stress security teams face today.” NTT DATA joins partners like Elastic, Guidepoint, Optiv, and Pareto Cyber, in Swimlane’s Medley Global Partner Program. Its addition reflects the program’s continued global expansion to meet the growing need for low-code security automation in the EMEA region. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Supporting use cases beyond SOAR, Swimlane improves the ease with which security teams can overcome process and data fatigue, as well as chronic staffing shortages. Swimlane unlocks the potential of automation beyond the SOC by delivering a low-code platform that serves as the system-of-record for the entire security organization and enables anyone within the organization to contribute their knowledge and expertise to the protection of the organization. About NTT DATA NTT DATA – a part of NTT Group – is a trusted global innovator of IT and business services headquartered in Tokyo. We help clients transform through consulting, industry solutions, business process services, IT modernization and managed services. NTT DATA enables clients, as well as society, to move confidently into the digital future. We are committed to our clients' long-term success and combine global reach with local client attention to serve them in over 50 countries.

Read More

SOFTWARE SECURITY

Bluum Launches Comprehensive Cybersecurity Offering to Schools

Bluum | June 14, 2022

Bluum, North America's leading education technology solutions provider, recently announced the launch of a comprehensive cybersecurity offering to schools. Cybersecurity needs and solutions for schools have evolved in recent years – even beyond those brought about by hybrid and remote learning – so Bluum responded with security solutions for people, processes and technology. According to the SecurityScorecard 2018 report, education ranks last out of 17 industries in terms of cybersecurity, demonstrating that a legacy solution that only includes a first-generation firewall and antivirus software has long been rendered obsolete. Since 2016, there have been more than 1,300 publicly disclosed attacks in the U.S., which averages out to more than one K-12 cyber incident per school day. More than three million students have been affected by cybersecurity breakdowns since February 2018, with education institutions spending an average of $2.73 million to address the impact of a ransomware attack. "With limited budgets, highly skilled IT personnel and time, K-12 organizations are hard-pressed to create a solid cybersecurity plan. "Cybersecurity is an incredibly technical and extensive area in IT that is rapidly evolving and needs to stay ahead of ever-evolving attack methods. Historically, school IT budget constraints have resulted in ineffective and outdated systems, so Bluum has developed comprehensive countermeasures to fill that void." Bluum Vice President of Product Strategy and Growth Andre Vashilko Whether cybersecurity incidents are caused externally or self-inflicted, Bluum can assist in preventative measures before, during and after the incidents and attacks. To get started, Bluum has debuted easy-to-use services to help schools assess their cybersecurity needs and identify immediate and future solutions. Vulnerability scans and penetration testing will detect critical areas of concern and exposure in the infrastructure, while a complementary customer survey will provide further insights into a school's specific needs. About Bluum Bluum empowers educators with technology solutions that improve learning and make it more accessible, assisting more than 27 million students grow and flourish.

Read More

DATA SECURITY,ENTERPRISE IDENTITY,NETWORK THREAT DETECTION

Radiant Logic Named Winner of 1st Annual Cybersecurity Impact Award

Radiant Logic | August 18, 2022

Radiant Logic, the Identity Data Fabric company, announced today that it has been named the winner of the 2022 Cybersecurity Impact Award for “Best Enterprise Security Solution for Employee and Nth Party Access” from Aite-Novarica Group, a global advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to the Financial Services industry. In its first year, the Cybersecurity Impact Awards program identifies the organizations and vendors pioneering new and disruptive cybersecurity tools and services. Award recipients and their innovations are bringing the financial services industry one step closer to stopping illicit cyber activity. “Our Cybersecurity Impact Awards help CISOs looking for highly innovative solutions that deliver transformative value to the institution,” said John Horn, Cybersecurity Practice Director at Aite-Novarica Group. “Seven judges worked through a rigorous scoring process to select Radiant Logic for this award. Radiant’s unique approach allows CISOs to leverage identity silos across the business, and recreate Identity as a powerful enabler for the workforce, third parties, and customers.” The award winners were selected based on various factors, including innovation, market need, and impact on customer experience and operational efficiency. All entries were considered by a panel of industry expert judges. “We’re thrilled to receive this award in such a competitive category. “RadiantOne has been known over the last twenty years as the technical enabler for solving enterprise-grade security and business challenges; with this award, we’re pleased to be recognized as a strategic investment in the security infrastructure.” Joe Sander, CEO of Radiant Logic After years of inorganic growth, piecemeal identity solutions, and a loss of control due to unplanned remote work, identity sprawl is a reality for most modern enterprises. This sprawl leads to tremendous technical debt, increased risk posture, reduced productivity, and poor decision-making capabilities. RadiantOne’s ability to unify identity data across disparate sources creates an authoritative identity data pipeline, improving security, efficiency, and ease-of-use across the organization. About Radiant Logic Radiant Logic, the enterprise Identity Data Fabric company, helps organizations combat complexity and improve security by making identity data easy to use, manage, and protect. The RadiantOne Platform turns identity data into a strategic asset, enabling organizations to improve decision making, accelerate innovation, and minimize risk. About Aite-Novarica Group Aite-Novarica Group is an advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to hundreds of banks, insurers, payments providers, and investment firms—as well as the technology and service providers that support them. Comprising former senior technology, strategy, and operations executives as well as experienced researchers and consultants, our experts provide actionable advice to our client base, leveraging deep insights developed via our extensive network of clients and other industry contacts.

Read More

Spotlight

TIBCO LogLogic can be integrated into Splunk environments to handle data collection from log sources to immediately optimize the flow of data being sent to Splunk and reduce the amount of data that Splunk indexes. There are two primary benefits. First, there are direct cost-savings based on the differences in licensing. Second, the smaller data volume being handled by Splunk makes processing and searches faster. By integrating LogLogic as the primary log data collection source, Splunk customers can achieve massive cost-savings and improve performance in a way that is invisible to the Splunk end-users.

Resources