Mandiant and Interos to Provide Risk Management

Mandiant and Interos have announced a strategic partnership to provide advanced insights and analysis to help enterprises defend against cyber-attacks and other operational resilience threats. The collaborative partnership aims to bring to market new intelligence based on insights gleaned from the Interos Resilience Lab, as well as Interos’ SaaS platform and Mandiant’s frontline investigations and remediations of high-impact cyber-attacks around the world. Interos reinvents supply chain management and business relationships to reduce risk, avoid disruptions, and achieve superior enterprise adaptability.

According to the Mandiant M-Trends 2022 report, global supply chains remain an appealing target for threat actors looking to exploit trusted business-to-business relationships, as attacking the supply chain provides an opportunity to pivot from one supplier network into multiple customer networks at the same time. In fact, when the initial infection vector was identified, supply chain compromise accounted for 17 percent of Mandiant intrusions investigated in 2021, up from less than 1% in 2020.

Marshall Heilman, Chief Technology Officer of Mandiant commented, “Interos is focused on helping organizations ensure operational resilience; continuously delivering in-depth analysis on criticality for risk and risk management. Together with Interos, Mandiant will be able to proactively problem-solve with a company that is leading the way in ensuring organizations of all sizes understand key attack vectors across the supply chain, threat actors, and nation-state threats.”

The partnership announcement comes after the Cybersecurity and Infrastructure Security Agency (CISA) issued a recent alert warning of an increase in malicious cyber activity targeting managed service providers (MSPs). The advisory also advised MSPs to understand and manage supply chain risk proactively.

Nishant Gupta, Chief Technology Officer, Interos stated, “The CISA warning is more evidence that existing supply chain risk management systems were not designed for today’s complex risk environment. Our collaboration with Mandiant will provide multi-factor risk intelligence to help commercial and government organizations better protect targeted entities in their third-party relationships to insulate them from disruption, ransomware, and IP theft. We’re proud to partner with Mandiant to help leaders discover hidden business relationships and exposure to cyber vulnerabilities.”

Read more articles:

CyberCube and Kroll Launched CAERS

Palo Alto Networks Launched Supply Chain Security!

Palo Alto Networks, a global cybersecurity leader launched Prisma Cloud Supply Chain Security. It provides a comprehensive view of potential vulnerabilities or misconfigurations that occur in the software supply chain, which gives enterprises the leverage to easily trace and remedy them. These security issues could allow attackers to enter networks, disseminate harmful payloads throughout an organization’s software, and access sensitive data if not swiftly rectified or, better still, avoided when coding.

Prisma Cloud Supply Chain Security enables the security of the interrelated components that make up and supply cloud-native apps by using a full stack, full lifecycle approach. It can aid in the detection of vulnerabilities and misconfigurations in code, such as open-source packages, infrastructure as code (IaC) files, and delivery pipelines, such as VCS and CI pipeline setups.

Senior Vice President, Prisma Cloud products at Palo Alto Networks, Ankur Shah, stated “Every day new vulnerabilities are found in open source and other software components that have previously been integrated into the organization’s software code. Without the proper tools, it is very difficult for organizations to quickly spot where they have used the unpatched versions of these components. Prisma Cloud is designed to help protect organizations from code to cloud; and now that customers can visualize their software supply chain, it’s easier to spot, prioritize, and remediate security weaknesses at the onset of development and during delivery pipelines.”

Multiple providers of code or cloud resource layer only give vulnerability and misconfiguration data. Prisma Cloud, already a leader in cloud-native security and the most comprehensive Cloud-Native Application Protection Platform (CNAPP), now offers Supply Chain Security, which provides not only full lifecycle visibility and protection but also the context of where a vulnerability fits into a cloud architecture’s layers.