Field Effect and RosettiStarr Collaborated for Cybersecurity

Field Effect has announced a strategic alliance with RosettiStarr, a global intelligence, investigations, and security services firm. This collaboration will provide best-in-class cyber security services to RosettiStarr’s customers worldwide, providing advanced protection against cyber threats.

RosettiStarr will leverage Field Effect’s managed detection and response solution (MDR), Covalence. Covalence is the only such tool built from the ground up to provide small and medium-sized businesses with comprehensive, sophisticated protection from a single platform. Its distinct strength is that it sees into every aspect of a company’s threat surface and aggregates data from multiple security events into simple, actionable steps, allowing quick and easy threat prevention and resolution.

Kip Edwards, Managing Director, and General Counsel of RosettiStarr commented, “Cyber security risks are embedded in everything we do online, and it is imperative that businesses enhance their security postures to meet the dynamic threat cyber criminals pose to critical systems and sensitive data. By combining Field Effect’s deep technical proficiency with RosettiStarr’s expertise in investigations, intelligence, and security, we can now deliver full-spectrum incident response services to businesses and law firms managing breaches along with a best-in-class security solution enabling our clients to monitor their threat surface and prevent attacks in the first place.”

RosettiStarr collaborated with Field Effect to create a first-of-its-kind instance of this powerful application, designed to assist institutional investors in implementing a cyber security standard across their portfolio investments while also providing real-time situational awareness of the threat surfaces of their holdings.

RosettiStarr will also collaborate with Field Effect to assist clients in responding to cyber incidents around the world, and it is now offering a comprehensive pre-transactional cyber maturity assessment for prospective clients’ investments. Field Effect and RosettiStarr’s collaboration reflects their ongoing commitment to strengthening the cyber resilience of people and organizations around the world.

Shri Kalyanasundaram, Chief Growth Officer at Field Effect, commented “We built Covalence to ensure organizations of all sizes have access to powerful cyber security protection. By joining forces with RosettiStarr, which is known for its world-class intelligence and security solutions, we’ve created a comprehensive suite of security services that will help protect their customers at the time they need it most.”

Deepwatch Introduced MXDR for Cybersecurity

Deepwatch launched managed extended detection and response (MXDR) service that provides an automated response to threats at the RSA Conference. Deepwatch protects enterprise networks and secures their digital economy. It has transformed the modern SOC through a cloud security platform backed by exceptional engineers, developers, and security experts.

Deepwatch’s MXDR service enhances detection capabilities by providing high-fidelity, contextualized alerts that enable rapid response and containment of cyber threats.

Wes Mullins, chief technology officer at Deepwatch stated, “Deepwatch MXDR automates response capabilities that help security operations teams contain threats and mitigate risk faster and more confidently than ever before. Automation delivers accelerated response times when powered by robust and accurate information on detected threats. High-fidelity alerts, enriched with information across endpoint, network, cloud, email, and identities correlated over a while, enables security teams to swiftly identify and contain threats before they disrupt business.”

Deepwatch MXDR reduces the risk of business-impacting security incidents by responding at machine speed, allowing analysts to complete the rest in human time. Deepwatch produces the most comprehensive high-fidelity alerts by leveraging the Deepwatch SecOps platform to collect, process, and analyze security telemetry from data sources.

Dave Gruber, Principal ESG Analyst stated, “Security leaders considering XDR should focus on security outcomes, including fast and efficient alert triage and prioritization, advanced threat detection, and rapid detection and response times, all aimed at supporting a growing attack surface. ESG research shows that half of the security teams prefer a fully managed XDR solution, with 52% of organizations believing that an MDR service provider can do a better job at threat detection and response than they can. Other MDR use cases reported in support of XDR deployments include the need for more expert security skills, staffing augmentation, and off-hours coverage.”

Deepwatch enhances threat detection while reducing alert overload by correlating related threat activity for a single entity and escalating only alerts that exceed the customer-defined risk threshold. Deepwatch MXDR automates response actions through advanced detection capabilities, reducing lag time and reliance on security personnel and cross-departmental resources.

Read more news:

OVO Energy and Noetic Cyber Collaborated for Critical Cybersecurity

Mandiant and Interos to Provide Risk Management

Mandiant and Interos have announced a strategic partnership to provide advanced insights and analysis to help enterprises defend against cyber-attacks and other operational resilience threats. The collaborative partnership aims to bring to market new intelligence based on insights gleaned from the Interos Resilience Lab, as well as Interos’ SaaS platform and Mandiant’s frontline investigations and remediations of high-impact cyber-attacks around the world. Interos reinvents supply chain management and business relationships to reduce risk, avoid disruptions, and achieve superior enterprise adaptability.

According to the Mandiant M-Trends 2022 report, global supply chains remain an appealing target for threat actors looking to exploit trusted business-to-business relationships, as attacking the supply chain provides an opportunity to pivot from one supplier network into multiple customer networks at the same time. In fact, when the initial infection vector was identified, supply chain compromise accounted for 17 percent of Mandiant intrusions investigated in 2021, up from less than 1% in 2020.

Marshall Heilman, Chief Technology Officer of Mandiant commented, “Interos is focused on helping organizations ensure operational resilience; continuously delivering in-depth analysis on criticality for risk and risk management. Together with Interos, Mandiant will be able to proactively problem-solve with a company that is leading the way in ensuring organizations of all sizes understand key attack vectors across the supply chain, threat actors, and nation-state threats.”

The partnership announcement comes after the Cybersecurity and Infrastructure Security Agency (CISA) issued a recent alert warning of an increase in malicious cyber activity targeting managed service providers (MSPs). The advisory also advised MSPs to understand and manage supply chain risk proactively.

Nishant Gupta, Chief Technology Officer, Interos stated, “The CISA warning is more evidence that existing supply chain risk management systems were not designed for today’s complex risk environment. Our collaboration with Mandiant will provide multi-factor risk intelligence to help commercial and government organizations better protect targeted entities in their third-party relationships to insulate them from disruption, ransomware, and IP theft. We’re proud to partner with Mandiant to help leaders discover hidden business relationships and exposure to cyber vulnerabilities.”

Read more articles:

CyberCube and Kroll Launched CAERS

LookingGlass Suite For Cyber & Threat Intelligence

LookingGlass Cyber Solutions has announced the release of LookingGlass Suite, which simulates the adversary’s perspective to provide cybersecurity executives and their teams with a more holistic assessment of their organization’s cyber risk. The LookingGlass Suite includes three solutions for cyber threat intelligence and attack surface management: scoutPRIME, scoutINSPECT, and scoutTHREAT. LookingGlass Suite, which is based on intelligence about an organization’s internet-facing infrastructure, third-party supplier vulnerabilities and exposures, and active malicious threats, enables organizations to quickly identify relevant cybersecurity issues and reduce the time to act.

Bryan Ware, CEO, LookingGlass Cyber Solutions commented, “Current events continue to demonstrate that all organizations, particularly critical infrastructure, face increasing cybersecurity risks. The consequences and impacts on enterprises and their customers and stakeholders require a new generation of tools. Now more than ever, it is imperative for organizations to stay a step ahead of the adversary strategically, while also ensuring their security teams have the technical details and intelligence, they need to meet operational objectives. With LookingGlass Suite, cybersecurity executives can leverage the adversarial perspective to inform organizational risk models and operational teams can access more relevant threat intelligence analysis to anticipate threats, prevent attacks, and respond faster.”

Each solution adds value by providing attack surface insights or enriched threat intelligence to a broad range of cybersecurity personnel, from analysts and threat hunters to network, security, and information technology (IT) operations teams. When combined in the LookingGlass Suite, customers gain enhanced visibility with a map of their extended attack surface overlaid with threat intelligence. This provides security teams with a better understanding of how their organization appears to an adversary, how their attack surface evolves, and which risks are more likely to be exploited.

The LookingGlass Suite will provide a streamlined user experience, with a single point of entry leading to a comprehensive dashboard of the day’s most relevant cyber insights. Other significant features include more holistic risk scoring based on deeper reviews of vulnerabilities and exposures, expanded data sharing and integration capabilities based on cybersecurity data sharing standards (STIX 2.1) and executive reporting.

Cody Pierce, Chief Product Officer, LookingGlass stated, “Our priority is to make it easier for users to get the answers and insights they need faster. We understand that more data and tools are not the answer. It boils down to context. When used collectively, these solutions provide tremendous contextualization around the threats and exposures that are the highest priority. With this information, cybersecurity teams can make better decisions that lead to more secure, resilient outcomes for their organization.”

Read more articles:

Importance of Threat Intelligence in 2022!!

Flosum Trust Center by Flosum for Secured Salesforce Environments

Flosum Trust Center by Flosum is an integrated security solution that monitors, alerts, and scans for potential threats in a Salesforce environment. It enables businesses to follow SecOps and DevSecOps best practices while focusing on securing Salesforce environments from cybersecurity threats and data breaches. Flosum is an Enterprise Continuous Integration Delivery and Release Management Solution for Salesforce.

According to a report, by 2022, ninety percent of software development projects will claim to use DevSecOps practices, up from forty percent in 2019.

Girish Jashnani, CEO of Flosum commented, “Taking ownership of security within a third-party platform helps to manage risk, which is why we like to say that customers have a shared sense of responsibility for ensuring the security and trust of their Salesforce environment. Flosum’s new security automation solution assists customers in staying secure without requiring advanced security teams for implementation.”

Flosum Trust Center adds an adaptive security framework, existing customers can easily incorporate Trust Center into their solution, and new customers can implement Trust Center with or without Flosum’s Release Management platform. The Trust Center enables close collaboration between corporate security and Salesforce teams.

Flosum Trust Center will provide a full Security Event and Information Management (SEIM) solution that will enhance data masking, code security, and detailed audit trails to reduce audit costs, complementing existing Salesforce Privacy Center, Trust, and Shield solutions.

Flosum Trust Center features and benefits for Salesforce customers include Org monitoring, a consolidated view of all org settings, and best practices enforcement. Templates for security, users can create templates and apply them to multiple organizations. Salesforce teams will save time while collaborating with InfoSec to ensure that hardening rules are followed. Users can create security policies within these templates, and those policies will always be enforced.

Remediation allows clients to address changes or issues raised by their templates. These can be completed by moving the item to a solution branch. Security violations in DevOps allow the use of templates to indicate violations to the developer as they work, saving the company from any potential conflicts or issues. Audit trails, allow users to track all changes in detail, allowing them to prioritize their designated risk levels and keep the audit record for any length of time.  Data masking provides sample data to sandbox environments to ensure realistic tests without jeopardizing confidential data. Masking can be used on both data at rest and data in transit between organizations.

Read more articles:

API Security Should Be Your Priority in 2022

thatDot Launched Novelty Detector for Cybersecurity

thatDot launched Novelty Detector, a real-time graph AI for cybersecurity anomaly detection on categorical data based on Quine, their open-source streaming graph. thatDot transforms high-volume data into high-value data by allowing data engineers to build data pipelines much faster and with profound new capabilities. Novelty Detector’s patent-pending technique scores streaming data in real-time using categorical data to detect malicious behavior much earlier in the kill chain, with fewer false positives and lower analyst effort.

Ryan Wright, CEO of thatDot commented, “Current analytical tools are built for numeric data, leaving aside all the valuable context contained and behavioral signals in categorical data that is key to distinguishing between unique and anomalous events, and if new events are normal. Categorical data at scale is the future of anomaly detection in cybersecurity. Using Novelty Detector, organizations gain real-time novelty scores, assessments, and explanations through behavioral fingerprinting, without the frustration and fatigue of overwhelming volumes of false positives.”

Anomaly detection traditionally ignores categorical data, relying instead on numerical data and statistical analysis, which fails in the face of high data dimensionality, resulting in massive volumes of false positives and alert fatigue for SOC analysts. Malicious activity goes undetected or is discovered too late in the kill chain to avoid exposure and damage.

Only thatDot’s Novelty Detector, built on open-source streaming graph technology, taps into vast amounts of previously unused categorical data to model the behaviors of systems, devices, applications, and users accurately and efficiently, all without requiring expensive data labeling or analyst effort.

Novelty Detector provides real-time novelty scoring on streaming data as it is ingested. When combined with previous data context and the power of graph data models, Novelty Detector significantly reduces false positives while easily scaling to millions of events per second.

Gery Szlobodnyik, CEO of TraceRiser stated, “Novelty Detector is a remarkable combination of a powerful graph AI software tool for anomaly detection that is easy to operate. We feed data into the system, and it tells us when it has seen enough to start delivering value. I wish all machine learning systems were that simple.”

Read more articles:

Laird Connectivity Launched Summit Suite for Device Protection

Microchip Launched Arm Cortex-M23 Microcontroller

Blackberry and NXP Semiconductors Partnered to Counter Cyber Attacks

BlackBerry has announced that it will support quantum-resistant secure boot signatures for NXP Semiconductors’ crypto-agile S32G vehicle networking processors as part of a demonstration to show how to mitigate the risk of potential quantum computing attacks on in-vehicle software.

The new integration will enable the software to be digitally signed using the recently endorsed CRYSTALS Dilithium quantum-resistant digital signature scheme by the National Institute of Standards and Technology (NIST), providing peace of mind to those relying on and delivering long-lifecycle assets such as systems in critical infrastructure, industrial controls, aerospace, and military electronics, telecommunications, transportation infrastructure, and connectivity. The collaboration is intended to safeguard against an increasingly perilous future in which quantum computers can easily defeat traditional code signing schemes.

Joppe Bos, Senior Principal Cryptographer at NXP Semiconductors commented, “As quantum computers continue to advance in development, it’s increasingly important to work to secure today’s systems against these future threats. Collaborating with BlackBerry strengthens our solution to address the critical need to harden code signing and software update infrastructure against future cryptosystem vulnerabilities.”

The NXP S32G chip’s secure boot flow feature enables BlackBerry’s Code Singing and Key Management Server to achieve agile and effective quantum protection. Utilizing the quantum-resistant signature schemes like Dilithium for low-level device firmware, over-the-air software updates, and software bills of materials (SBOMs) reduces the risk of potential quantum computing attacks on critical software updates, addressing a major security concern for a variety of industries.

Jim Alfred, VP, BlackBerry Technology Solutions commented, “In the lead up to Y2K, US business spent upwards of $100 billion to avoid calamity and the issue was simply a matter of adding two digits to the date field. Y2Q, when quantum attacks become possible, is on another level, posing a significant threat to industries selling or operating long-lived assets with updatable software. NXP shares our vision of mitigating the risk of quantum computing concerns and, thanks to their support for hash-based signatures, together we can provide cybersecurity teams with the tools they need now to prevent their existing security measures from becoming obsolete.”

Read more articles:

Nebulon to Support Dell PowerEdge Servers

Fortinet Launched FortiNDR to Help Identify Cyberattacks

Fortinet FortiNDR is a new network detection and response offering that uses artificial intelligence and pragmatic analytics to enable faster incident detection and threat response. Advanced, persistent cybercrime is more vicious and volatile than ever before, with an attack surface that continues to grow with hybrid IT architectures and ongoing staff shortages due to the cybersecurity skills gap.

Legacy security solutions also face a daunting and time-consuming manual alert triage process that diverts valuable resources away from higher-priority tasks like threat mitigation. As cybercriminals improve their abilities, so should an organization’s security tool.

John Maddison, EVP of Products and CMO at Fortinet commented, “With the introduction of FortiNDR, we’re adding robust network detection and response to the Fortinet Security Fabric. Powered by purpose-built machine learning, deep learning, pragmatic analytics, and advanced AI capabilities, FortiNDR automatically detects and responds to abnormal network activity to thwart security incidents. Fortinet’s full suite of detection and response offerings feature native integration for a coordinated response to empower security teams to move from a reactive to a proactive security posture.”

FortiNDR also includes native integrations with the Fortinet Security Fabric as well as API integrations with third-party solutions for a coordinated response to discovered threats to reduce their impact. Quarantining devices generating anomalous traffic, enforcing with third-party devices via an API framework, initiating an orchestrated process guided by SOAR, and other common automation to speed response.

Robust Portfolio of Detection and Response Solutions from Fortinet’s existing detection and response portfolio includes managed detection and response (MDR), endpoint detection and response (EDR), and extended detection and response (XDR) solutions.

John Grady, Senior Analyst, Cybersecurity at ESG stated, “As enterprises struggle to coordinate threat detection and response across individual point products, the ability for them to leverage a complete set of integrated SOC capabilities as part of a cybersecurity platform promises significant improvement in the effectiveness and efficiency of discovering and mitigating threats. Fortinet’s portfolio of detection and response products such as FortiNDR, FortiEDR, FortiXDR, and more, which are all integrated as part of a platform, should be considered for any organization looking to improve their security operations function.”

Read more articles:

cyber threat intelligence!

Cohesity & Palo Alto collaborated on cyber resilience

Cohesity has partnered with Palo Alto Networks to integrate its Cohesity Helios next-generation data management platform with Palo Alto Networks’ Cortex XSOAR security orchestration, automation, and response (SOAR) platform for improved ransomware detection and recovery.

The ability to detect and take necessary precautions against cyber-attacks is required. This integration will improve cyber resilience by providing detailed automatic alerts via the AI-enabled Helios platform, which can easily detect anomalies in backup data and aid in the detection of an emerging attack. Cortex XSOAR initiates an automated playbook to triage and mitigate the impact of a potential cyber-attack after being alerted by Cohesity. Integrating a next-generation data management platform with a SOAR (Security Orchestration, Automation, and Response) capability can significantly speed up threat detection and response while also lowering an organization’s risk exposure.

Brian Spanswick, CISO at Cohesity commented, “Any delay in ransomware response and recovery could result in extended downtime, data loss, and business disruption. This integration can help more effectively link data management and data security processes — key to staying one step ahead of ever-persistent ransomware attacks and improving an organization’s cyber resilience.”

Cohesity provides comprehensive anti-ransomware protection to better shield backup data from cybercriminals. The Cohesity architecture helps to ensure that backup data is immutable and cannot be overwritten. Its software, powered by AI insights, continuously monitors an organization’s data for any anomalies. In the worst moment, Cohesity can assist in locating and recovering a clean copy of data, reducing downtime, minimizing loss, and ensuring business continuity.

Alerts that are detailed and timely can help security analysts quickly determine how to respond and can help relieve stress and burnout. According to Forrester Consulting’s “2020 State of Security Operations” study, security analysts are asked to fight a fire with a garden hose. Only 47% of respondents said their organizations can handle the majority of all the security alerts they receive in a single day.

Matt Chase, director of Cortex Alliances at Palo Alto Networks stated, “The integration of Cortex XSOAR with Cohesity’s next-gen data management platform is a significant advancement in helping our joint customers protect themselves from the impact of ransomware attacks and improve their cyber resilience. The AI-powered Cohesity platform issues detailed alerts based on data anomalies. The granular quality of these alerts helps Cortex XSOAR security analysts more quickly and accurately determine the scope and severity of the incident, helping customers maintain business continuity in the event of an attack.”

Read more articles:

QuSecure Introduced Post-Quantum Cybersecurity

QuSecure Introduced Post-Quantum Cybersecurity

QuSecure launched QuProtect an end-to-end PQC software-based solution tailored to protect encrypted communications and data with quantum resilience utilizing quantum secure channels. In an industry-first innovation, QuProtect enables organizations to use quantum resilient technology to prevent current cyberattacks alongside shielding networks from future post-quantum cyberthreats.

QuProtect provides quantum-resistant cryptography in real-time, on any device. It addresses the most vulnerable aspects of the digital ecosystem by adding zero-trust, next-generation post-quantum cryptography, and active defense into an all-around cybersecurity suite. QuProtect offers end-to-end quantum security as a service (QSaaS) architecture, the whole approach is built around the entire data lifecycle, including data storage, communication, and use.

Skip Sanzeri, QuSecure Founder and COO commented, “Enterprises are charged with providing high levels of data security. We are facing the largest computer upgrade cycle in history as all public-key cryptography globally needs to be upgraded to PQC. Our QuProtect solution provides organizations with a first-mover advantage as the industry accelerates toward a quantum future. QuProtect allows organizations and their clients to maintain the highest level of quantum-resilient security to address cyber threats with minimal disruption to existing systems.”

QuProtect secures quantum communications channels for any node on the network by utilizing National Institute of Standards and Technology (NIST) approved quantum algorithms. Its technology supports backward compatibility and can translate from PQC to standard Transport Layer Security (TLS), ensuring network interoperability. No other company combines QuSecure’s broad-based quantum and post-quantum technologies to provide secure, interoperable cybersecurity to organizations’ networks against quantum threats.

Laura Thomas, former CIA Chief of Base and currently VP of Corporate Strategy at ColdQuanta stated, “Quantum technologies have the potential to represent a platform shift, and platform shifts don’t come around that often. When they do, they bring enormous opportunity coupled with the power for intense disruption, in all areas, including national security and economic security. Organizations should be evaluating post-quantum encryption solutions now and mapping out the resources and timelines needed to deploy them on their networks. QuSecure is playing a key role in future-proofing our networks from current classical and future quantum attacks.”

Read more articles:

C2A Security and Stefanini to Bring Cybersecurity Solutions