Commvault launched Metallic ThreatWise

Commvault  launched Metallic ThreatWise, an early warning system that proactively surfaces unknown and zero-day threats to minimize compromised data and business impact. According to Enterprise Strategy Group, only 12% of the IT directors polled expressed confidence in having the necessary tools and location-neutral security to equally secure data both on-premises and in the cloud. 

Jon Oltsik, Senior Principal Analyst and Fellow at Enterprise Strategy Group stated, “In surveying enterprise IT directors with direct knowledge and influence on their company’s data security strategies, the results we found were eye-opening. It is very clear that many IT teams do not have adequate tools in place to detect ransomware attacks on production environments early enough in the attack chain to neutralize stealthy cyber-attacks before they cause harm. Ransomware has revolved around encryption for a long time, but newer extortion techniques like exfiltration go beyond rapidly spreading malware, and data recovery alone cannot help if sensitive business data is leaked to the Dark Web.” 

ThreatWise from Commvault adds an early warning system that no other vendor in this market offers, further defining data security. It employs decoys to foresee threats in production environments, lure malicious actors into using fake resources and equip businesses with tools to protect data. In addition, Commvault is expanding the capabilities of its wider platform, which is already available, in terms of machine learning, critical threat detection, and security. 

Ranga Rajagopalan, Senior Vice President, Products, Commvault commented, “Data recovery is important, but alone it’s not enough. Just a few hours with an undetected bad actor in your systems can be catastrophic. By integrating ThreatWise into the Metallic SaaS portfolio, we provide customers with a proactive, early warning system that bolsters their zero-loss strategy by intercepting a threat before it impacts your business.” 

ThreatQuotient introduces New ThreatQ TDR Orchestrator Features!

ThreatQuotient announced a new version of ThreatQ TDR Orchestrator, which is known to be the industry’s first solution for a simplified, data-driven approach to security operations. The expanded automation, analysis, and reporting capabilities of ThreatQ TDR Orchestrator speed up threat detection and response across several platforms. 

Leon Ward, Vice President of Product Management at ThreatQuotient stated that “Leveraging automation to do the heavy lifting and cut through the noise is vital to helping cybersecurity teams thrive under pressure. ThreatQuotient continues to innovate in a way that drives meaningful operational benefits to customers. Many process-based SOAR platforms are designed such that only security engineers and analysts have the skills necessary to use them directly; making these traditional platforms hard to implement and maintain which drives higher costs over time. This ThreatQ TDR Orchestrator release reinforces the need for no-code solutions that empower operators to adapt to dynamic threat landscapes faster and focus their energy on security operations workflows that provide critical business context.” 

ThreatQuotient’s most recent study, whose complete release is scheduled for later in 2022, reveals indications that security automation adoption is progressing as 98% of businesses increase their budgets in this area. The study also shows that firms are more confident in automation itself, with over 88% of businesses expressing some level of confidence in the results of automation, up from only 59% the year before. However, 98% of respondents claim that implementation issues plagued them. ThreatQuotient has prioritized the development of ThreatQ TDR Orchestrator to enable more effective operations that can be directly measured by time savings and FTEs gained, improved risk management, and easier-to-use security automation solutions that are less expensive than traditional automation tools and learn over time. 

The latest version of ThreatQ TDR Orchestrator provides the following benefits: 

  1. Prioritize automation on the most important events/alerts 
  1. Playbooks are easier to maintain  
  1. Less training is required upfront  

Secureworks partners with Netskope and SCADAfence

Secureworks has announced that it will expand its alliances program into new solution areas. Threats are moving into crucial production environments and the service edge, so detection tools must advance as well. Through two new partners, Netskope and SCADAfence, Secureworks expands the scope of potential security vulnerabilities addressed by Secureworks Taegis XDR to include Secure Access Service Edge (SASE), Operational Technology (OT), and Industrial Control Systems (ICS). Better detection with a higher value is now more accessible to organizations than ever. 

Chris Bell of Secureworks commented, “We’re bringing together the best-of-breed detection and response capabilities across domains where we see the threat landscape most exposed to adversary attacks. As part of our mission to help secure human progress, we will continue to forge new alliances that can deliver technology innovation while incorporating new threat intelligence into the methods and intentions of the adversary.” 

Secureworks is focusing on Secureworks Taegis as a unifying XDR platform by announcing two new and rapidly expanding partnerships across new alliance domains. Taegis’ broad integration capabilities offer the best detection and quickest response times without vendor lock-in, and continuously expanding open technology makes it simple for customers to integrate with Taegis. 

As a pioneer in the Secure Access Service Edge (SASE) framework for converged networking and security, Netskope has developed a distinctive method for safeguarding data and people across devices and applications, inside and outside the conventional company network. Customers will be able to conduct all investigations and apply detectors using Secureworks Taegis thanks to the integration between Netskope and Secureworks, allowing for a more comprehensive view of threats and business risks and opening cyber environments to the edge. 

Secureworks extends Taegis XDR into the industrial environment in collaboration with SCADAfence, bringing OT intelligence into a unified view with all other security telemetries across the IT landscape. Security analysts now have more context about the threats they are looking into thanks to SCADAfence’s extension of market-leading insights, awareness, and asset discovery into a truly open XDR platform. 

Avast Introduces a New Ransomware Shield for Businesses!

Avast, a market leader in digital security and privacy, today introduces a new ransomware shield for companies, giving businesses an additional layer of defense against ransomware assaults. This will guarantee that organizations can secure their most vital documents and, most importantly, client data, with proactive protection that bars illegal access. As part of the Avast Essential, Premium, and Ultimate Business Security packages for businesses using Windows and MacOS, the new feature is now accessible and free of charge. 

Filip Hlinka, VP of Product, Avast Business, stated that “Small businesses are facing a growing threat from ransomware, with cybercriminals increasingly targeting smaller organizations to encrypt crucial business data and disrupt operations. The results can be devastating for small businesses that lack the financial and technical resources to rebound from such attacks. Avast’s antivirus has always offered consumers and business users powerful protection against cyber threats including ransomware, and Ransomware Shield offers a purpose-built, additional layer of protection which helps to secure businesses’ most crucial files against these highly damaging attacks.” 

While Web Shield, File Shield, and Behavior Shield, which are currently available to Avast clients, provide ransomware protection, Ransomware Shield complements these features to offer multi-layered security, guaranteeing businesses can continue to access their systems and data without interruption. For Ransomware Shield to function, files and folders must be protected from being changed, destroyed, or encrypted by unidentified apps. The most sensitive and vital information held by businesses is further protected by the ability of users to decide which programs have access to their files. Moreover, users have the option to modify the policy’s list of protected files and folders in the Avast Business Hub, where the new feature is immediately enabled by default. 

Read More : ActZero Announces the Release of Blueprint for Ransomware Defense

Anomali announced new updates to its Platform

Anomali announced quarterly updates to its platform to strengthen its customers and partners in profiling adversaries. The update enhances Anomali’s threat intelligence and extended detection and response (XDR) capabilities with new features, allowing enterprise organizations to stay one step ahead of adversaries and avoid business disruptions while optimizing security expenses. 

Anomali has been working on incorporating attack flows into The Anomali Platform. This release pushes the platform closer to an Attack Flow Library for Anomali ThreatStream, which will serve as a gateway for new Attack Flows that sequence cyberattack techniques. This capability will add new context to adversary behavior and assist security teams in profiling the adversary. It will also allow them to better protect the organization prior to an attack, detect an attack in real-time, and respond post-attack. 

Mark Alba, Chief Product Officer at Anomali stated, “Anomali’s August release offers new capabilities and enhancements for security operations teams struggling to identify not only who’s targeting them, but how and why they are being targeted.” 

CISOs and security professionals can leverage this predictive visual mapping to align attacks with potential gaps in their security posture in order to get ahead of the threat. In the macroeconomic environment, customers are looking for capabilities that will increase the impact of their existing investments. The new extensible framework to the platform will enable the automation of routine tasks. The first implementation in this release is available to automate enrichments in the investigation’s workbench. A drag-and-drop process for configuring a multi-stage enrichment task can be easily set up and run as needed, saving analysts time performing repetitive tasks. 

  • This platform release also includes support for MITRE ATT&CK Mobile & ICS: intelligence aggregation, contextualization, and analysis for Mobile and ICS attack surfaces to strengthen overall security posture.  
  • MITRE ATT&CK Enterprise v11 in Anomali Lens Scheduled retrospective search Aids the SOC in automating the correlation of historical events with newly available intelligence in order to generate reports and learn about other adversary behavior, threat actors, and TTPs. This allows CISOs to detect real-time threats in their local IT environment. 

Jon Oltsik, Senior Principal Analyst and Fellow, ESG Research stated, “ESG research found that 97% of security professionals believe that MITRE ATT&CK is important to their organization’s security operations strategy. Anomali’s commitment to integrating the MITRE ATT&CK Framework into its solutions and participating in the MITRE Engenuity Center for Threat Informed Defense can help security teams adopt the framework and better understand cyber adversaries.” 

SecureAge CatchPulse Protects from Threats

SecureAge CatchPulse provides real-time threat detection by simply preventing all unauthorized applications, processes, or scripts from running. It assists organizations in staying one step ahead of unknown threats while providing a simple and intuitive experience for users of all levels, from novice home users to IT professionals. SecureAge Technology has introduced CatchPulse, formerly known as SecureAPlus. It is a proven malware prevention software with advanced AI, multiple cloud-based anti-viral engines, an easy-to-use ‘block first’ approach based on application control, and a new and improved user interface.

Dr. Ngair Teow Hin, Founder, and CEO of SecureAge commented, “At SecureAge we have always believed that people should not have to become cybersecurity experts to protect their devices and companies. While many AI systems can catch some threats, some of the time, CatchPulse is designed for the unknown – such as WannaCry and more recently REvil and Maze, which caught everyone off-guard. At SecureAge, we successfully protect governments, enterprises, and home users across the globe from being blindsided by malware attacks.”

SecureAge CatchPulse interface is designed to address the needs of varied customers. Non-tech savvy home users can leave Auto-Protect on for AI-assisted protection and cloud-based anti-viral engine support, whereas tech-savvy users can turn Auto-Protect off for interactive and informed decision-making via customized recommendations. Those with advanced knowledge can continue to delve into features for customized security.

The CatchPulse cloud management portal serves as a central hub for enterprise users to monitor security across all registered devices. The multi-layered dashboard displays the overall security status, saving power users time when navigating deeper features and functions.

When Auto-Protect is turned off or in the face of the unknown, tailored recommendations include informed security prompts to aid decision-making. Severity level indicators display the threat status with supporting references and Recommended Actions ensure users are well-informed when making decisions.

CatchPulse for Windows now comes in three versions. CatchPulse Lite is a slimmed version that includes the CatchPulse AI and antiviral engines for free. CatchPulse is a complete home version that includes the ‘block first’ approach based on application control and support for cloud-based anti-viral engines, whereas CatchPulse Pro is an enterprise version that includes the cloud management portal.

Read more articles:

Insider Threat?

Aryaka collaborates with CyLab

Aryaka partnered up with CyLab, Carnegie Mellon University’s (CMU’s) Security and Privacy Institute, to research new threat mitigation techniques and innovate enterprise networking and security solutions. Founded in 2003, CyLab is Carnegie Mellon University’s public/private collaborative computer security and privacy research institute. It is one of the largest cyber security research centers in the United States, with over 100 core and affiliated faculty and 100 graduate students. Aryaka’s collaboration with CyLab will include funding and industry expertise to aid in the research and development of sophisticated security techniques to address today’s most pressing threat issues.

Matt Carter, CEO of Aryaka commented, “We were drawn to CyLab not just because of Carnegie Mellon’s reputation of academic excellence, but because of the holistic reach and breadth of the program. CyLab’s research into AI and ML benefits multiple departments within CMU: humanities, engineering, business, psychology, and  even social sciences. And CMU’s work with government leaders has shaped public policy on security for many years.”

Aryaka is also a sponsor of CyLab’s Future Enterprise Security initiative, which takes a multidisciplinary approach to make complex security solutions accessible to all. Aryaka will use the sponsorship to connect with students, academics, and other key industry partners to make security more accessible and understandable to end-users.

Vyas Sekar, co-director of the Future Enterprise Security initiative commented, “We are thrilled to partner with a company focused on next-generation network connectivity and network security, serving many enterprise customers across many key market verticals.”

Aryaka will provide support at multiple levels throughout the program as a founding sponsor of this initiative. This includes directing research topics based on the most recent challenges and threats our customers are facing, providing industry expertise, data sets for learning and building AI models, feedback on the efficacy of various techniques, and providing students with practical experience through mentorship and internships.

Renuka Nadkarni, chief product officer at Aryaka commented, “Aryaka shares the future of enterprise security vision of CyLab. Together we will develop and innovate security techniques to defend against emerging and immediate risks and democratize it via open source to small and large enterprises. With the acute skills shortage in cybersecurity, most enterprises are faced with tremendous pressure and risk—when strong tools are available to everyone, we’re all more protected.”

Read more articles:

Cyber threat intelligence!

C2A Security and Stefanini to Bring Cybersecurity Solutions

C2A Security and Stefanini Group have announced a partnership to provide a comprehensive cybersecurity solution to the automotive industry. The partnership brings together Stefanini’s advanced Security Operations Center (SOC) services and C2A Security’s vehicle lifecycle cybersecurity solution, making the connection between product security and security monitoring.

Stefanini’s SOC services deliver expert resources and specialized tools to the automotive industry to aid in investigations, root cause analysis, complex threat hunting, and threat eradication. Stefanini’s SOC solutions and C2A Security’s AutoSec, when combined, enable an advanced SOC playbook, and provide teams with complete visibility and control over vehicle automotive cybersecurity from concept to post-production.

Farlei Kothe, CEO of Stefanini EMEA stated, “Stefanini has a well-established history of collaborating with partners to create exceptionally innovative solutions that transform businesses. We’re proud that our work with C2A builds on this track record to provide a truly comprehensive cybersecurity offering for the automotive sector.”

C2A Security AutoSec Platform is an automotive Cyber Security Management System (CSMS) that provides OEMs and their suppliers with full-spectrum control, visibility, and protection of cybersecurity status for all vehicle programs. The AutoSec platform offers product security tools such as Threat Analysis and Risk Assessment (TARA), network security and intrusion detection systems (IDS), and binary level run time protection.

Roy Fridman, CEO of C2A Security commented, “Our partnership provides an all-in-one package for OEMs and suppliers looking for advanced cybersecurity solutions that offer full lifecycle visibility, combining C2A’s security platform with Stefanini’s SOC solution. As the industry moves forward to adapt to the new requirements of the ISO/SAE 21434 standard and UNECE WP.29 regulation it is more crucial than ever for the automotive industry to have a solution in place that will keep them in compliance and protect their vehicles from potential cyber-attacks.”

Alex Bertea, Chief Cybersecurity Strategist, Stefanini EMEA said, “Tier-1s and OEMs are catching up to meet the new standard requirements that have been recently passed. Our collaboration with C2A Security will give them the complete cybersecurity package they need to ensure compliance both in and outside the vehicle.”

Read more articles:

Cyber Threat Intelligence!

Threat Intelligence – Everything!

Index Engines Introduces CyberSense Dashboard

Index Engines’ CyberSense detects the most sophisticated attack vectors by scanning backup and snapshot data with over 200 content-based analytics and machine learning to identify corruption and the most recent good version of files and databases, enabling intelligent and rapid recovery to minimize downtime. There is no other product on the market that offers the same level of depth and breadth of analytics across files, databases, and core infrastructure.

Jim McGann, Vice President of Index Engines said, “Ransomware attacks are becoming more sophisticated and more challenging to recover from. In the ongoing battle against cybercriminals, organizations need to arm themselves with the most powerful and insightful capabilities on the market today.

Therefore, CyberSense stands alone in delivering full content analytics which will uncover even the most advanced data corruption along with a new powerful and intuitive post-attack dashboard which will allow customers to quickly recover from disruption and minimize business downtime.”

Index Engines introduced a new dashboard for its CyberSense security analytics product to provide intuitive post-attack forensic reports that provide insights into data corruption caused by a ransomware attack. The new CyberSense interface streamlines the user experience by providing detailed information about who, what, where, and when an attack occurs. If signs of an attack are discovered, analytics are provided to help cyber security specialists in the recovery process. High-level information on why machine learning generated an alert and the scope of the attack.

To streamline the recovery process, exportable analytics are required to scope and analyze attacks independently/on their own. In a single dashboard, pre-programmed and customizable reports are required to investigate the attack. Who was affected, and which servers were affected? How much harm was done?

Listing of corrupted files, as well as the last good version. Capability to analyze corrupted files to determine the user account and executable used to corrupt data. When did the corruption happen, and what backups should be recovered? Customers of CyberSense will be able to access this new interface in the third quarter of 2022, with the first release focusing on post-attack recovery.

Read more articles:

The benefits of cyber threat intelligence!

Intigriti Raised €21 Million to Help Ethical Hackers

Intigriti integrates over 15,000 ethical hackers from 130 countries with businesses to test and improve their security. Through continuous pen-testing, bug bounty, and asset monitoring solutions. Intigriti transforms traditional testing techniques into a more flexible and data-driven approach. This method represents the evolution of security testing and is better suited to today’s dynamic environment.

Intigriti has managed to grow by 650 per cent since its initial funding round in 2020, establishing itself as the European pioneer and the world’s fastest-growing crowdsourced security platform. Integriti has sealed the largest funding round for a crowdsourced security platform in Europe, raising €21,133,700 million in a Series B round. Octopus Ventures, one of Europe’s largest investors, led the round. EnBW New Ventures, based out of Germany, is also a participant in the round, as is ETF Partners, a previous investor and Intigriti’s largest shareholder. Intigriti’s sole financial adviser was Results.

Stijn Jans, CEO at Intigriti said, “We anticipate crowdsourced security to be a default career option for talented cybersecurity graduates by 2026, surpassing consultancy in popularity. While the remote working culture introduced new security risks, it also provided companies with the opportunity to work with international talent that was previously out of reach.”

Intigriti has released its ‘hybrid pentest’ offering to help with the transition from traditional consulting to the new way of working. Companies will be able to work with selected researchers in individual engagements within an agreed-upon timeframe but at a result-based rate, similar to bug bounty programs. The hybrid pentest, just like all Intigriti offerings, will include triage services, a critical in-house validation process that ensures clients only receive valid, unique, and in scope vulnerability reports. Penetration testers who tried out the new service earned more than €100,000 during a successful pilot phase that led to the release.

Holger Wagner, Investment Director at EnBW New Ventures, commented, “Critical infrastructures are subject to change in the context of digitalisation. Here we still see a lot of potential in the area of security solutions and their utilisation. Technology won’t be the only answer, it is a combination with the intelligence of the crowd.”

Remy de Tonnac, Partner, ETF partners stated, “Intigriti’s commitment to a more sustainable and secure world is incredibly inspiring and we’re proud to support the business on the next phase of this tremendous journey. As the team has demonstrated over the years, ethical hackers are the future. This large and talented pool of cyber experts is perfectly positioned to address the needs of a sustainable economy by future-proofing critical sectors such as smart cities, IoT systems, smart grids, autonomous vehicles, and the sharing economy.”

Paul Davidson, Investor at Octopus Ventures stated, “Cybersecurity companies can create a certain level of automation, but human intelligence still ranks ahead when it comes to identifying security threats. Intigriti has developed a differentiated platform proposition that enables the brightest minds in security to detect the broadest and most critical set of risks. We believe this team can drive this fast-growing category forward with their modern and data-compliant approach.”

Read more news:

BreachBits Launches BreachRisk, a New Cyber Risk Scoring Standard

Trend Micro Introduces a New Security Platform