Commvault launched Metallic ThreatWise

Commvault  launched Metallic ThreatWise, an early warning system that proactively surfaces unknown and zero-day threats to minimize compromised data and business impact. According to Enterprise Strategy Group, only 12% of the IT directors polled expressed confidence in having the necessary tools and location-neutral security to equally secure data both on-premises and in the cloud. 

Jon Oltsik, Senior Principal Analyst and Fellow at Enterprise Strategy Group stated, “In surveying enterprise IT directors with direct knowledge and influence on their company’s data security strategies, the results we found were eye-opening. It is very clear that many IT teams do not have adequate tools in place to detect ransomware attacks on production environments early enough in the attack chain to neutralize stealthy cyber-attacks before they cause harm. Ransomware has revolved around encryption for a long time, but newer extortion techniques like exfiltration go beyond rapidly spreading malware, and data recovery alone cannot help if sensitive business data is leaked to the Dark Web.” 

ThreatWise from Commvault adds an early warning system that no other vendor in this market offers, further defining data security. It employs decoys to foresee threats in production environments, lure malicious actors into using fake resources and equip businesses with tools to protect data. In addition, Commvault is expanding the capabilities of its wider platform, which is already available, in terms of machine learning, critical threat detection, and security. 

Ranga Rajagopalan, Senior Vice President, Products, Commvault commented, “Data recovery is important, but alone it’s not enough. Just a few hours with an undetected bad actor in your systems can be catastrophic. By integrating ThreatWise into the Metallic SaaS portfolio, we provide customers with a proactive, early warning system that bolsters their zero-loss strategy by intercepting a threat before it impacts your business.” 

ThreatQuotient introduces New ThreatQ TDR Orchestrator Features!

ThreatQuotient announced a new version of ThreatQ TDR Orchestrator, which is known to be the industry’s first solution for a simplified, data-driven approach to security operations. The expanded automation, analysis, and reporting capabilities of ThreatQ TDR Orchestrator speed up threat detection and response across several platforms. 

Leon Ward, Vice President of Product Management at ThreatQuotient stated that “Leveraging automation to do the heavy lifting and cut through the noise is vital to helping cybersecurity teams thrive under pressure. ThreatQuotient continues to innovate in a way that drives meaningful operational benefits to customers. Many process-based SOAR platforms are designed such that only security engineers and analysts have the skills necessary to use them directly; making these traditional platforms hard to implement and maintain which drives higher costs over time. This ThreatQ TDR Orchestrator release reinforces the need for no-code solutions that empower operators to adapt to dynamic threat landscapes faster and focus their energy on security operations workflows that provide critical business context.” 

ThreatQuotient’s most recent study, whose complete release is scheduled for later in 2022, reveals indications that security automation adoption is progressing as 98% of businesses increase their budgets in this area. The study also shows that firms are more confident in automation itself, with over 88% of businesses expressing some level of confidence in the results of automation, up from only 59% the year before. However, 98% of respondents claim that implementation issues plagued them. ThreatQuotient has prioritized the development of ThreatQ TDR Orchestrator to enable more effective operations that can be directly measured by time savings and FTEs gained, improved risk management, and easier-to-use security automation solutions that are less expensive than traditional automation tools and learn over time. 

The latest version of ThreatQ TDR Orchestrator provides the following benefits: 

  1. Prioritize automation on the most important events/alerts 
  1. Playbooks are easier to maintain  
  1. Less training is required upfront  

Secureworks partners with Netskope and SCADAfence

Secureworks has announced that it will expand its alliances program into new solution areas. Threats are moving into crucial production environments and the service edge, so detection tools must advance as well. Through two new partners, Netskope and SCADAfence, Secureworks expands the scope of potential security vulnerabilities addressed by Secureworks Taegis XDR to include Secure Access Service Edge (SASE), Operational Technology (OT), and Industrial Control Systems (ICS). Better detection with a higher value is now more accessible to organizations than ever. 

Chris Bell of Secureworks commented, “We’re bringing together the best-of-breed detection and response capabilities across domains where we see the threat landscape most exposed to adversary attacks. As part of our mission to help secure human progress, we will continue to forge new alliances that can deliver technology innovation while incorporating new threat intelligence into the methods and intentions of the adversary.” 

Secureworks is focusing on Secureworks Taegis as a unifying XDR platform by announcing two new and rapidly expanding partnerships across new alliance domains. Taegis’ broad integration capabilities offer the best detection and quickest response times without vendor lock-in, and continuously expanding open technology makes it simple for customers to integrate with Taegis. 

As a pioneer in the Secure Access Service Edge (SASE) framework for converged networking and security, Netskope has developed a distinctive method for safeguarding data and people across devices and applications, inside and outside the conventional company network. Customers will be able to conduct all investigations and apply detectors using Secureworks Taegis thanks to the integration between Netskope and Secureworks, allowing for a more comprehensive view of threats and business risks and opening cyber environments to the edge. 

Secureworks extends Taegis XDR into the industrial environment in collaboration with SCADAfence, bringing OT intelligence into a unified view with all other security telemetries across the IT landscape. Security analysts now have more context about the threats they are looking into thanks to SCADAfence’s extension of market-leading insights, awareness, and asset discovery into a truly open XDR platform. 

Avast Introduces a New Ransomware Shield for Businesses!

Avast, a market leader in digital security and privacy, today introduces a new ransomware shield for companies, giving businesses an additional layer of defense against ransomware assaults. This will guarantee that organizations can secure their most vital documents and, most importantly, client data, with proactive protection that bars illegal access. As part of the Avast Essential, Premium, and Ultimate Business Security packages for businesses using Windows and MacOS, the new feature is now accessible and free of charge. 

Filip Hlinka, VP of Product, Avast Business, stated that “Small businesses are facing a growing threat from ransomware, with cybercriminals increasingly targeting smaller organizations to encrypt crucial business data and disrupt operations. The results can be devastating for small businesses that lack the financial and technical resources to rebound from such attacks. Avast’s antivirus has always offered consumers and business users powerful protection against cyber threats including ransomware, and Ransomware Shield offers a purpose-built, additional layer of protection which helps to secure businesses’ most crucial files against these highly damaging attacks.” 

While Web Shield, File Shield, and Behavior Shield, which are currently available to Avast clients, provide ransomware protection, Ransomware Shield complements these features to offer multi-layered security, guaranteeing businesses can continue to access their systems and data without interruption. For Ransomware Shield to function, files and folders must be protected from being changed, destroyed, or encrypted by unidentified apps. The most sensitive and vital information held by businesses is further protected by the ability of users to decide which programs have access to their files. Moreover, users have the option to modify the policy’s list of protected files and folders in the Avast Business Hub, where the new feature is immediately enabled by default. 

Read More : ActZero Announces the Release of Blueprint for Ransomware Defense

Anomali announced new updates to its Platform

Anomali announced quarterly updates to its platform to strengthen its customers and partners in profiling adversaries. The update enhances Anomali’s threat intelligence and extended detection and response (XDR) capabilities with new features, allowing enterprise organizations to stay one step ahead of adversaries and avoid business disruptions while optimizing security expenses. 

Anomali has been working on incorporating attack flows into The Anomali Platform. This release pushes the platform closer to an Attack Flow Library for Anomali ThreatStream, which will serve as a gateway for new Attack Flows that sequence cyberattack techniques. This capability will add new context to adversary behavior and assist security teams in profiling the adversary. It will also allow them to better protect the organization prior to an attack, detect an attack in real-time, and respond post-attack. 

Mark Alba, Chief Product Officer at Anomali stated, “Anomali’s August release offers new capabilities and enhancements for security operations teams struggling to identify not only who’s targeting them, but how and why they are being targeted.” 

CISOs and security professionals can leverage this predictive visual mapping to align attacks with potential gaps in their security posture in order to get ahead of the threat. In the macroeconomic environment, customers are looking for capabilities that will increase the impact of their existing investments. The new extensible framework to the platform will enable the automation of routine tasks. The first implementation in this release is available to automate enrichments in the investigation’s workbench. A drag-and-drop process for configuring a multi-stage enrichment task can be easily set up and run as needed, saving analysts time performing repetitive tasks. 

  • This platform release also includes support for MITRE ATT&CK Mobile & ICS: intelligence aggregation, contextualization, and analysis for Mobile and ICS attack surfaces to strengthen overall security posture.  
  • MITRE ATT&CK Enterprise v11 in Anomali Lens Scheduled retrospective search Aids the SOC in automating the correlation of historical events with newly available intelligence in order to generate reports and learn about other adversary behavior, threat actors, and TTPs. This allows CISOs to detect real-time threats in their local IT environment. 

Jon Oltsik, Senior Principal Analyst and Fellow, ESG Research stated, “ESG research found that 97% of security professionals believe that MITRE ATT&CK is important to their organization’s security operations strategy. Anomali’s commitment to integrating the MITRE ATT&CK Framework into its solutions and participating in the MITRE Engenuity Center for Threat Informed Defense can help security teams adopt the framework and better understand cyber adversaries.” 

McAfee Extends its Partnership with Visa to Protect its Clients from Threats

McAfee, a US-based software development company that offers all-in-one protection with personal info removal, identity monitoring, VP, antivirus, ad more services has expanded its partnership Visa, a global leader in digital payments that allows Visa partners in the UK to provide online protection solutions to cardholders of Visa Business.

Pedro Gutierrez, SVP Global Consumer Sales & Operations at McAfee, commented, “With increasingly complicated global issues such as the ongoing impacts of the COVID-19 pandemic and difficulties stemming from the global supply chain, small businesses are increasingly reliant on their digital infrastructure, and it’s never been more important to ensure the proper protections have been implemented. We are proud to partner with Visa to offer solutions to their Visa Business cardholders and look forward to helping these organizations stay secure so they can focus on what matters most to their business.”

According to the Verizon Business 2021 Data Breach Investigations Report, small businesses will make up more than half of the data breaches in 2021, making them a prime target for hackers in a world that is becoming more and more digital. Small business owners are frequently unable to fully protect themselves and their clients from the rise in online threats due to a lack of financial and human resources. The increase in attacks highlights the necessity for small businesses to take precautions to protect their digital assets from the most recent dangers impacting businesses today.

According to the size and requirements of each business, the McAfee security solution will offer protection for a different number of PCs, Macs, iOS, and Android devices.

Helen Jones, Head of Visa Business Solutions, Visa, Europe, stated, “With more of us embracing digital commerce, businesses of all sizes deserve access to simple, secure and robust systems. Visa is focused on investing in its network, harnessing the most cutting-edge innovations to protect people and businesses from emerging threats. And with this offer, Visa Business cardholders can access McAfee Total Protection for additional peace of mind.”

Normalyze Raises Millions to Help Manage Sensitive Data

Normalyze is an agentless platform that assists organizations in better managing sensitive data, as well as attack paths to it in today’s complex, multi-cloud environments, thereby protecting customers from large and damaging data breaches. Security teams can continuously assess, prioritize, and react to cloud data threats and stop sensitive data loss using Normalyze’s graph-powered platform.

Normalyze has emerged from stealth with $22.2 million in Series A funding led by Lightspeed Venture Partners and Battery Ventures. This funding round brings the company’s total funding to $26.6 million.

Amer Deeba, Cofounder and CEO at Normalyze stated, “Today’s enterprises find their data scattered throughout their various cloud environments with limited visibility of where sensitive data resides. It’s a massive problem that current cloud security offerings aren’t equipped to handle. We built Normalyze to help companies of all sizes discover, classify and secure sensitive data across all public clouds. With simple onboarding and minimum ramp-up time, our platform provides full visibility on data security posture to better gauge risk and proactively respond to sensitive data threats.”

Normalyze has the unique ability to bring together all security stakeholders in one user interface, from the CISO to the security engineer to DevOps, to discover data, classify it, and prioritize the discovery of attack paths that can lead to sensitive information. Normalyze’s data-first cloud security platform works in three stages, it builds an intelligent graph with deep context and transitive trust relationships representing all the data stores, applications, identities, and infrastructure resources in all clouds and how they all connect during discovery and analysis. The agentless data scanner from Normalyze then determines which data stores contain sensitive information and automatically maps it to specific profiles such as PCI, HIPAA, and GDPR.

Ravi Ithal, Cofounder and CTO of Normalyze commented, “Our graph-powered platform is a hub that connects all data with assets, identities, accesses, misconfigurations, and vulnerabilities to help security teams continuously discover sensitive information, determine attack paths, and automate remediation efforts to secure it. With the Normalyze one-pass scanner, users can scan structured and unstructured data stores to discover sensitive information based on predefined compliance profiles for PII, GDPR, HIPAA, and more with minimal upfront configuration and cost, all while ensuring data never leaves their cloud environments.”

Read more articles:

Cyware Declared SOC 2 TYPE 2 Compliance for Data Security

LookingGlass Suite For Cyber & Threat Intelligence

LookingGlass Cyber Solutions has announced the release of LookingGlass Suite, which simulates the adversary’s perspective to provide cybersecurity executives and their teams with a more holistic assessment of their organization’s cyber risk. The LookingGlass Suite includes three solutions for cyber threat intelligence and attack surface management: scoutPRIME, scoutINSPECT, and scoutTHREAT. LookingGlass Suite, which is based on intelligence about an organization’s internet-facing infrastructure, third-party supplier vulnerabilities and exposures, and active malicious threats, enables organizations to quickly identify relevant cybersecurity issues and reduce the time to act.

Bryan Ware, CEO, LookingGlass Cyber Solutions commented, “Current events continue to demonstrate that all organizations, particularly critical infrastructure, face increasing cybersecurity risks. The consequences and impacts on enterprises and their customers and stakeholders require a new generation of tools. Now more than ever, it is imperative for organizations to stay a step ahead of the adversary strategically, while also ensuring their security teams have the technical details and intelligence, they need to meet operational objectives. With LookingGlass Suite, cybersecurity executives can leverage the adversarial perspective to inform organizational risk models and operational teams can access more relevant threat intelligence analysis to anticipate threats, prevent attacks, and respond faster.”

Each solution adds value by providing attack surface insights or enriched threat intelligence to a broad range of cybersecurity personnel, from analysts and threat hunters to network, security, and information technology (IT) operations teams. When combined in the LookingGlass Suite, customers gain enhanced visibility with a map of their extended attack surface overlaid with threat intelligence. This provides security teams with a better understanding of how their organization appears to an adversary, how their attack surface evolves, and which risks are more likely to be exploited.

The LookingGlass Suite will provide a streamlined user experience, with a single point of entry leading to a comprehensive dashboard of the day’s most relevant cyber insights. Other significant features include more holistic risk scoring based on deeper reviews of vulnerabilities and exposures, expanded data sharing and integration capabilities based on cybersecurity data sharing standards (STIX 2.1) and executive reporting.

Cody Pierce, Chief Product Officer, LookingGlass stated, “Our priority is to make it easier for users to get the answers and insights they need faster. We understand that more data and tools are not the answer. It boils down to context. When used collectively, these solutions provide tremendous contextualization around the threats and exposures that are the highest priority. With this information, cybersecurity teams can make better decisions that lead to more secure, resilient outcomes for their organization.”

Read more articles:

Importance of Threat Intelligence in 2022!!

CyberCube and Kroll Launched CAERS

CyberCube launched Cyber Aggregation Event Response Service (CAERS) a new cyber incident response service for clients of its SaaS products. Kroll will provide information and guidance to CyberCube’s clients on major cyber aggregation events and frontline threat intelligence derived from thousands of incident response cases handled each year.

CyberCube is a cloud-based platform, which is known for its data access and advanced multi-disciplinary analytics, assists insurance organizations in making better decisions when placing insurance, underwriting cyber risk, and managing cyber risk aggregation.

Following a major cyber event, the CAERS team will provide the most up-to-date information to CyberCube’s clients, while CyberCube’s SaaS products, such as Broker Manager, Account Manager, and Portfolio Manager, will aid in the response to any looming cyber disaster.

Darren Thomson, Head of Cyber Intelligence Services at CyberCube commented, “With cyber events becoming increasingly common, the speed and accuracy with which organizations respond to them is critical. That’s why we’ve launched this response service, specifically tailored to CyberCube’s growing client base. The pressure on our clients during a major cyberattack can be extreme. With CAERS, our team—comprising data scientists, actuaries, engineers, economists, and cyber security experts—will become an extension of our clients’ teams, providing the updates they need and sharing both our expertise and data.”

CyberCube’s products include Portfolio Manager, Broking Manager, and Account Manager, which are designed for insurance intermediaries and risk carriers and are used by industry leaders across the insurance ecosystem.

Benedetto Demonte, Chief Operating Officer for Kroll’s Cyber Risk practice stated, “We’re pleased to be contributing to CAERS because effective incident response depends on the most current and relevant threat intelligence available. In our most recent Threat Landscape Report, we saw a 356% growth in the number of attacks quarter-on-quarter where the infection vector was a zero-day or freshly announced software exploit. Ransomware groups have also been found to be leveraging newly announced vulnerabilities just days after release. It is only with access to frontline intelligence that firms can prioritize resources, mitigate the risk of a cyberattack and react appropriately if the worst happens.”

Read more articles:

Benefits of Cloud Security in 2022!!

Importance of Threat Intelligence in 2022!!

To protect your assets and ensure the integrity, availability, and confidentiality of your business in the digital world, it’s critical to acquire information about possible and ongoing cyber-attacks. Cyber-attacks can not only harm your company’s reputation, but espionage can also cost you millions of dollars in the event of a cyber-attack. As a result, it’s critical to gather threat intelligence and plan for an assault ahead of time before a threat turns into an incident.

Threat intelligence, according to InfosecurityOutlook experts, is the collection, processing, analysis, and dissemination of current and predictive security data that enables security teams, developers, and automated tools to make intelligent decisions about their infrastructure, data, and users’ security.

Threat intelligence is important because it gathers raw data on emerging or existing threat actors and threats from a range of sources. This data is then analyzed and filtered to create threat intelligence feeds and management reports that automated security control solutions can use.

Benefits of Threat Intelligence

Threat intelligence aids in the prevention of cyber-attacks as well as the recovery of damages in the event of an incidence. Threat intelligence provides the following real benefits for improving your organization’s security posture.

Network Infrastructure Security

Once a threat actor has gained access to your network, they can crawl through it utilizing lateral movement and syphon out sensitive or financial information. You may secure your network’s infrastructure and prevent threat actors from progressing if they have already entered your environment by scanning for certain IoCs and blocking them in your environment.

Assessing Security Posture

Threat intelligence aids in the assessment of your infrastructure’s security posture. It provides details on how to exploit vulnerabilities detected in various software, tools, and apps. Threat intelligence allows you to keep track of new vulnerabilities that are found or exploited, as well as which important assets are in danger. In this manner, as soon as the suppliers correct any vulnerabilities or defects in them, you may apply timely patches or updates to your essential assets.

Use of Threat Intelligence in Compromise Assessment

Threat intelligence can also be used to assess your surroundings in order to determine if it has been compromised. If you suspect that some of your assets have been compromised, you can request a compromise assessment to ensure that your assets are recovered as quickly as possible. The evaluation will investigate the presence of a threat actor in your environment using global threat feeds.

Sharing of Threat Intelligence Data

Threat intelligence data sharing aids several organizations in hardening their defenses at the same time. If a known threat actor plans espionage, organizations with access to the campaign’s indicators of compromise can block the indicators and gain immunity to the attack ahead of time.

Data Loss Minimization

As Threat Intelligence aids in the blocking of known malicious domains and IPs associated with global threat actors, the blockage stops known threat actors from infiltrating your environment using the same malicious IPs and domains. As a result, such attackers will be unable to install information-stealing malware or ransomware in your environment, enhancing the protection of your data.

Users may reduce cyber hazards in advance by focusing on the most relevant cyber threats to your company. Your cyber security posture will stay reactive without threat intelligence, waiting for an incident, theft, or breach to work against you. Threat intelligence substitutes this reactive approach with a proactive one, allowing you to prevent cyber-attacks before they happen. Organizations can use threat intelligence to discover infrastructure flaws that could be used in future cyber-attacks and rectify those flaws to eliminate entry points for threat actors.


Therefore, threat intelligence allows you to see your security posture and warns you about prospective risks. Organizations can make targeted investments of resources and assets to boost cyber security in the appropriate direction with this improved understanding and proactivity. It not only helps to deflect incoming threats, but it also helps to reduce your environment’s weaknesses.