NIBS (credit image/Pixabay/ Ryan McGuire)Last week the RSA conference was held and several firms made announcements around product and other matters, with Invicti rebranding. ManageEngine also announced that it is opening up two data centres in the UK, its first in the country.

Adaptiva

Adaptiva published a case study from a large Canadian bank that conducted an internal compliance audit on 100,000+ endpoints. It revealed failures of over 2,800 previously unknown issues with their endpoint management and SCCM.

Experian

Experian has launched Aidrian, a new cloud-based fraud solution powered by adaptive Machine Learning, which enables businesses to prevent fraud without impacting the customer experience.

Malin Holmberg, CEO EMEA & APAC, Experian, commented, “57% of the business leaders we surveyed find it challenging to strike the right balance between growing revenue and reducing fraud losses. To combat increasingly sophisticated fraud threats, many firms are looking to utilise AI, and in particular Machine Learning technology, to improve the accuracy of their fraud decisions whilst providing a seamless customer experience.”

IBM

IBM unveiled its new security suite designed to unify and accelerate the security analyst experience across the full incident lifecycle. The IBM Security QRadar Suite represents a major evolution and expansion of the QRadar brand, spanning all core threat detection, investigation and response technologies, with significant investment in innovations across the portfolio.

Invicti

Invicti announced a new corporate brand that underscores its mission of application security with zero noise.

Alex Bender, Chief Marketing Officer, Invicti, commented, “Today, cybersecurity is a noisy environment – lots of vendors, false alerts, promises, and jargon. Our new corporate brand embodies Invicti’s mission toward AppSec with zero noise and our commitment to accuracy, automation, and scalability while being clean, powerful, and customer-focused.”

ManageEngine

ManageEngine announced the launch of the MSSP Edition of its cloud-based SIEM solution, Log360 Cloud.

  • Log360 Cloud’s MSSP Edition offers the following capabilities:
  • Data segregation with multi-tenancy:
  • Commitments to data security compliance:
  • Guaranteed around-the-clock availability of services
  • Role-based access controls (RBACs
  • High-end security features
  • Performance unaffected by granular retention configurations
  • A fast time to value with quick deployment

Mimecast

Mimecast appointed two executives last week, Jeff Hess as Chief Customer Officer and Purnima Jandial as SVP of Global Operations.

Noname Security

Noname Security announced its collaboration with IBM to potentially help further protect customers from vulnerabilities, misconfigurations, and design flaws. With the new Noname Advanced API Security for IBM, customers can leverage Noname Security’s API security solution, combined with the standing enterprise security capabilities of IBM DataPower, to provide an additional layer of protection for IBM API Connect.

Noname Security also announced that it had been accepted by Accelerated by Intel.

Qualys

Qualys and Cowbell, a leading cyber insurance provider, announced they are expanding their partnership, adding a real-time attack surface intelligence feed from Qualys’ External Attack Surface Management (EASM) to assess cyber customer risk for cyber insurance purposes.

Pinkesh Shah, chief product officer of Qualys, noted, “Our collaboration with Cowbell brings additional innovation to the cyber insurance industry. By leveraging high accuracy and comprehensive security signals from Qualys EASM, cyber insurance companies like Cowbell can assess the risk posture for any organization in real-time, which could reduce payouts and reward clients by optimizing their cyber insurance premiums.”

Secureworks

Secureworks appointed Alpana Wegner as its new Chief Financial Officer (CFO), effective June 9, 2023, and Allan Peters as its new Chief Revenue Officer (CRO), effective May 8, 2023.

Sonatype

Sonatype unveiled new product capabilities and refined product names as part of a strengthened platform. These enhancements are designed to give organizations greater customization capabilities, a clearer security context, and more organizational control, empowering developer teams and their organizations to deliver innovative software safer, faster, and at scale.

The enhancements include:

  • Enhancements include:
  • Boosted Security Policy Management
  • Deeper Insights and Benchmarking
  • Easier Management at Enterprise Scale
  • Enhanced User Experience
  • Platform High Availability (HA)
  • Containers for Air-Gapped Environments

Mitchell Johnson, Chief Product Development Officer at Sonatype, said, “Recent cybersecurity regulatory efforts, issuance of new rules and software liability guidance from governments and agencies around the world prove just how critical software supply chain management is.

“Organizations cannot innovate without full visibility into their software supply chains. By offering deeper intelligence and enhanced functionality, we’re empowering developers and engineering teams to find and fix risk earlier and innovate faster with safer open source. We’re proud to offer a state-of-the-art platform that is proactively evolving to address the needs of our customers, and are thrilled for what’s ahead.”

Sophos

Sophos released its Active Adversary Report for Business Leaders. The report is an in-depth look at the changing behaviours and attack techniques that adversaries used in 2022. The data analyzed came from more than 150 Sophos Incident Response (IR) cases. It Identified more than 500 unique tools and techniques, including 118 “Living off the Land” binaries (LOLBins).

Unlike malware, LOLBins are executables naturally found on operating systems, making them much more difficult for defenders to block when attackers exploit them for malicious activity.

John Shier, field CTO Sophos, commented, “When today’s attackers aren’t breaking in, they’re logging in. The reality is that the threat environment has grown in volume and complexity to the point where there are no discernible gaps for defenders to exploit.

“For most organizations, the days of going at it alone are well behind them. It truly is everything, everywhere, all at once. However, there are tools and services available to businesses that can alleviate some of the defensive burden, allowing them to focus on their core business priorities.”

Sophos announced that it has expanded its Managed Detection and Response (MDR) service with a dedicated team of threat experts in Germany.

Sophos also announced that its industry-first vendor-agnostic Managed Detection and Response (MDR) service had grown its customer base by 33% in the first six months since introducing the service’s ability to ingest and analyze telemetry from third-party security vendors.

VMware

VMware, Inc announced new capabilities that deliver strong lateral security across multi-cloud environments so customers can better see and stop more threats. VMware Contexa, a threat intelligence cloud powering VMware’s suite of security solutions, finds that cybercriminals make only 2-3 lateral moves to reach their target. Preventing lateral movement requires an end-to-end view across users, devices, networks, apps, and data. The enhancements included:

  • DPU-based acceleration using SmartNICs for accelerated VMware NSX performance.
  • VMware Carbon Black Workload and Cloud Configuration for security designed for cloud-native architecture.
  • An Enhanced Firewall Service offering to bring NSX Security capabilities to VMware SD-WAN edge appliances for simplified operations at the enterprise branch.
  • VMware Secure App IX for more secure application connectivity across applications and clouds.
  • VMware Workspace ONE updates for phishing and content protection, secure access, and patch management.

Sumit Dhawan, president of VMware, commented, “As the cyber threat landscape evolves, our customers require their infrastructure to play a more active role in protecting their enterprise. VMware is deeply committed to driving innovation in infrastructure, delivering enhanced protection against threats of today and tomorrow.

“I am proud of the innovations we are announcing at the RSA Conference to provide our customers with rich contextual visibility and greater protection against cyberattacks targeting their multi-cloud environments.”

Zimperium

Zimperium announced the launch of the Zimperium Mobile-First Security Platform™. This single platform unifies Zimperium Mobile Threat Defense (MTD) – formerly known as zIPS – and Mobile Application Protection Suite (MAPS), unleashing powerful new features designed for teams who bear security responsibility across the entire mobile security spectrum.

Through a ‘single pane of glass’, customers now have centralized access to and management of Zimperium’s mobile application security and endpoint security solutions, providing them full mobile coverage to dynamically adapt to emerging threats.

Shridhar Mittal, Chief Executive Officer at Zimperium, said, “Today’s CISOs need to prioritize a mobile-first security strategy to stay ahead of attacks. There are a host of point solutions on the market for securing devices and applications, but none come together to provide an end-to-end platform to unlock the power of a mobile-powered business strategy.

“The Zimperium Mobile-First Security Platform uniquely provides the most comprehensive mobile capabilities for risk reduction, global visibility, threat detection and response for both endpoints and apps.”

Security news from the week beginning 17th April

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here