CrowdStrike announced the new CrowdStrike Falcon X Recon module that will provide customers an increased level of situational awareness through the deep, broad collection of data from digital sources. Falcon X Recon will help uncover potential malicious activity so security teams can better protect their brand, employees and sensitive data.
CrowdStrike Falcon X Recon is designed to go beyond the dark web to include forums with restricted access on the deep web, breach data, source code repositories, paste sites, mobile greyware stores, unsecured cloud storage, public social media posts and messaging apps.
In today’s evolving threat landscape, malicious actors may use one or more of these resources to more effectively target their victims and monetize their efforts. These sites are virtual watering holes, where adversaries congregate and underground digital economies thrive.
Falcon X Recon is being introduced to proactively collect and inform CrowdStrike customers about fraudulent activity, stolen data, threats to enterprises, and identified exploits and tools in the adversaries’ arsenals.
Falcon X Recon will automate the collection of data from thousands of forums, marketplaces, messaging platforms and more, bringing scalability to network defenders so they can stay ahead of threats. By delivering situational awareness with relevant, real-time warnings, organizations can instantly identify data exposure and threats to the enterprise.
“Falcon X Recon is an important addition to our CrowdStrike Intelligence product suite. It will advance organizations along the threat intelligence maturity curve to go beyond threat feeds generated from past attacks,” said Adam Meyers, senior vice president of Intelligence, CrowdStrike.
“With the addition of Falcon X Recon, CrowdStrike will broaden its delivery of automated industry-leading threat intelligence, allowing companies to more easily find that needle in the haystack.”
Falcon X Recon provides the following features:
- Data collection: At the heart of Falcon X Recon is a deep and broad collection of data from the cyber underground. Users will be able to quickly search and automatically monitor in real-time thousands of clandestine forums, markets, paste sites, messaging and chat rooms.
- Situational awareness (SA) dashboards: This unified control center is designed to provide visibility into alerts that are the most relevant to the organization. The dashboards contain high-priority alerts and trends, and enable users to drill down into additional details. Custom dashboards can also be created by users to track and monitor the threats that are the most relevant to their remediation and response activities.
- Universal search: This feature will enable users to perform on-demand searches across all licensed modules of the Falcon platform, returning results in easy-to-read cards where users can view the original threat actor posts with additional context about the actor and the site. In addition, results will be automatically translated from many other languages using augmented translation with hacker slang dictionaries.
- Selectors: These define important information about an organization, including its executives and assets. Users will be immediately alerted when a selector matches with information found in the hidden web.
Falcon X Recon will join CrowdStrike’s award-winning family of threat intelligence solutions. Built on the CrowdStrike Falcon platform, CrowdStrike Falcon X brings endpoint protection to the next level by combining malware sandboxing, malware search and threat intelligence into an integrated solution.
Falcon X Premium adds threat intelligence reporting and research from CrowdStrike experts — enabling organizations to get ahead of nation-state, eCrime and hacktivist attacks.
Protegrity Data Protection Platform enhancements help secure sensitive data across cloud environments
Protegrity announced a significantly transformed Protegrity Data Protection Platform, offering enterprises the flexibility to easily secure sensitive data across cloud environments from a single platform.
Built for hybrid-cloud and multi-cloud serverless computing, Protegrity’s latest platform enhancements allow companies to deploy and update customized policies across geographies, departments, and digital transformation programs.
Protegrity enables businesses to quickly and safely turn sensitive data – wherever it resides – into intelligence-driven insights to deliver better customer experiences, monetize data responsibly, and support vital artificial-intelligence (AI) and machine-learning initiatives.
With sophisticated new data-security capabilities, including data anonymization, enterprises can confidently protect sensitive data as it moves outside of an organization’s perimeter and is shared with third parties.
Protegrity’s expanding cloud-protection ecosystem gives customers the ability to easily deploy the security methods that best fit their needs, so businesses can embrace emerging technologies and new computing environments without slowing the speed of innovation.
This latest version of the Protegrity Data Protection Platform builds on a legacy of innovation, spanning 87 U.S. patents and more than two decades of experience delivering data security and protection to the world’s largest enterprises.
“Too often, data protection can create huge barriers that diminish customer experience and businesses’ ability to pivot quickly,” said Rick Farnell, President and CEO of Protegrity.
“Enterprises that try to run their data protection through disparate systems have gaps in protection, requiring more resources to manage these systems. Also, enterprises are often stymied by their own governance teams that won’t let sensitive data out of their vault.
“Protegrity enables data to be everywhere businesses need it to be. We support the world’s largest enterprises to have confidence on their journey to the cloud and ability to leverage AI.
“Protegrity is purpose-built to uphold privacy and comply with evolving global data regulations, while helping businesses realize the value of sensitive data as they accelerate digital transformation and AI initiatives.
“We don’t believe that ‘good enough’ data protection is adequate for tomorrow’s digital businesses,” continues Farnell. “What we do believe is that standardizing on Protegrity’s Data Protection Platform allows leaders to avoid risk to their brand.”
The platform allows enterprises to build data security into the fabric of their business through a combination of protection methods, APIs, policy management, and ecosystem integrations.
It offers superior performance across hybrid-cloud environments and optimizes corporate resources while enabling businesses to future-proof against the constant changes to privacy and data-security regulations.
With 60 percent of organizations using cloud technology to store confidential data, Protegrity offers customers freedom to select where, when, and how data is used and enables previously unusable sensitive data to flow securely throughout the organization and drive value.
Purpose-built data protection for hybrid- and multi-cloud environments
According to recent research, the vast majority of enterprises today are operating in a multi-cloud environment. However, two-thirds of companies are not using any multi-cloud security tools, which means that enterprises are moving to the cloud dangerously and unprotected, or with too many disparate systems to manage.
As business demands for agility and continuity increase, organizations will require greater flexibility as they move more sensitive data to cloud environments, thus requiring a heterogeneous solution to cloud data security.
“Companies are increasingly moving data to the cloud to accelerate their operational and analytics agility, but data security remains the top concern slowing these initiatives,” said Jeffrey Breen, EVP of product and strategy at Protegrity.
“The expansion of data ecosystems beyond the traditional boundaries of on-premises systems brings additional complexity, higher management overhead, and the risk of unintended gaps in data protection.
“Protegrity’s Data Protection Platform helps customers tame this complexity by defining and enforcing enterprise-wide data security policies across all their systems, wherever they are.”
Protegrity’s innovative platform capabilities give enterprises the flexibility to move from one cloud to another without being locked into a particular public cloud environment or data-security method.
By tokenizing data in a cost-effective, high-performance, and cloud-friendly way, Protegrity anonymizes sensitive data so it’s no longer visible under any circumstances. This reduces the risk of data exposure by protecting a multitude of sensitive data types, with role-based permissions that give appropriate users the access they need to work with that data.
Data anonymization enables businesses to innovate with AI
With AI, machine learning, containerization, and other technologies and applications that are revolutionizing business, companies are now racing to extract the full value out of data. The promise of AI, in particular, has spurred enterprises to find new ways to unlock data’s potential.
The new Protegrity platform capabilities build on its extensive catalog of security capabilities with new data anonymization technology, which protects data as it leaves the corporate perimeter. Examples include data anonymization’s ability to protect machine learning training data, data marketplaces, and data sharing into third-party technology solutions.
“Protegrity equips businesses to be AI-ready by providing faster access to critical analytics data and dramatically shortening the time to business insights,” said Eliano Marques, EVP of data and AI at Protegrity.
“The platform propels enterprises to take advantage of analytics by anonymizing data that’s used in AI and machine learning models. With Protegrity, businesses can finally tap into the value of their data – without jeopardizing privacy.”
Protegrity protects data with an expanding cloud ecosystem
Over the last decade, Protegrity has expanded its trusted network of security-conscious technology providers, allowing data to flow freely and securely for businesses wishing to drive innovation and operational excellence. This ecosystem offers companies the ability to implement the right data-protection methods to meet the needs of their unique environments.
Protegrity’s ecosystem includes support for numerous databases (Oracle, SQL, Teradata) and cloud-managed databases (Snowflake), big data tools (Cloudera, Databricks, PySpark), and file systems (HDFS, zOS Mainframe, Linux kernel), as well as application protection languages (Java, Python) and other data systems (Yellowbrick Data, Confluent, Exasol).
Protegrity’s new software development kit also allows developers to up-level innovation by directly integrating data protection into cloud-based AI offerings.
Pricing and availability
The Protegrity Data Protection Platform is now available. Subscription pricing depends on the type of program and amount of protection. For implementations solely in the cloud, subscriptions will be available on cloud marketplaces soon and pricing will vary depending on the cloud performance level in use.
In addition to the latest enhancements to the Protegrity Data Protection Platform, the company today announced its vision for the Secure AI Era, in which businesses and governments can harness the potential of AI and machine learning without jeopardizing privacy.
Protegrity also unveiled its newly assembled leadership team to accelerate the company’s growth and innovation as a global leader in data security.
Alcide announced the company’s security solutions are now integrated with AWS Security Hub, sending real-time threat intelligence and compliance information to Amazon Web Services (AWS) for easy consumption by Security and DevSecOps teams. Alcide’s SaaS and container-based solutions for Kubernetes security are available in AWS Marketplace.
AWS Security Hub gives AWS customers a comprehensive view of security posture across all their AWS accounts. As a single place that aggregates, organizes, and prioritizes security information from multiple sources, AWS Security Hub helps identify security findings and remediate security threats. AWS Security Hub supports AWS-native applications and AWS Partner solutions, such as Alcide’s.
“In order to provide a comprehensive security posture assessment for each of our diverse customers, we recognize that AWS Security Hub must bring together a comprehensive set of industry-leading security AWS Partners,” said Dan Plastina, Vice President, Security Services, Amazon Web Services, Inc.
“Today, we’re pleased to add the Alcide Kubernetes Security Platform to the list of security integrations for AWS Security Hub.”
The Alcide Kubernetes Security Platform sends Kubernetes security alerts to AWS Security Hub, highlighting security events derived from Kubernetes audit logs. The Alcide kAudit module continuously monitors Kubernetes audit logs to detect known threats using pre-set rules, and detects unknown threats by applying Alcide’s unique ML-based anomaly engine.
The Alcide Platform also provides Kubernetes security best practices and compliance checks. It allows AWS customers to determine if their Kubernetes deployments are configured correctly and whether there is any security drift between developer, testing, and production.
Alcide Platform also supports threat intelligence, detecting malicious network activity such as crypto-mining, and more down to the pod level. Lastly, Alcide’s anomaly engine also detects advanced network attacks such as low-and-slow evolving network attacks and DNS tunneling.
“Integrating with the AWS Security Hub is an important strategic achievement for Alcide. Our Kubernetes Security Platform enables continuous audit and compliance for Kubernetes clusters, and integrating with AWS Security Hub will make our software even easier to deploy for DevOps teams using AWS,” said Amir Ofek, CEO of Alcide.
The rapid adoption of Kubernetes has left many companies struggling to find developers experienced with Kubernetes, and security has suffered as a result. In 2019, Alcide conducted an industry study with the Alcide Advisor by scanning over 5,000 Kubernetes deployments and found that 89% were not leveraging the Kubernetes secrets functionality, potentially exposing sensitive data to the internet and malicious actors.
Subsequently, the Alcide kAudit module was selected as one of the 10 hottest Kubernetes technologies in 2019 by CRN magazine for the threat intelligence it could extract from real-time monitoring of Kubernetes audit logs.
Reciprocity announced new capabilities within ZenGRC Risk Management. When it comes to risk management, remediating and controlling vulnerabilities proactively is a great way to reduce the likelihood that risks will occur in the first place.
ZenGRC combines risk and compliance management to allow customers to identify, monitor, and mitigate risks. Expanding on the ZenGRC core risk functionality, customers now gain a powerful new set of tools in their efforts to manage risks and mitigate business exposure.
This ZenGRC Risk insight release delivers innovative Benchmark Reporting, giving customers competitive insights on their compliance and risk programs as compared with their peers and the larger market.
Benchmark Reporting was designed to give CISOs deeper information on not only how they are doing, but if their results are good enough and how to improve on their risk and compliance posture post-audit or risk assessment. This enhanced insight will offer a look at best practices and the most effective Risk Controls to implement.
This release also includes expanded workflow capabilities simplifying automation of activities and customization of workflows. Additionally, significant reporting enhancements allow greater customization enabling quicker calculation results for multiple objects.
“Reciprocity is committed to working with our customers to deliver a solution that helps them understand, operationalize, visualize, and prioritize risks to their business,” said Scott Nash, Vice President of Product at Reciprocity.
“With ZenGRC, we’ve delivered a robust risk management solution, helping CISOs stay ahead of ever-evolving security threats and giving them the critical information they need to accept, mitigate, transfer or avoid risk.”
ZenGRC Risk insight is available immediately. ZenGRC helps companies from all vertical markets, particularly those facing strict governance and compliance standards and complex risk management, and has seen rapid growth and adoption across mid-market and enterprise organizations in technology and technology-enabled industries.
ZenGRC provides exceptional value, including best-in-class time to value and total cost of ownership, with a flexible platform that fits unique program requirements, pre-loaded with content and templates, and white-glove onboarding from our team of industry experts.
Current customers can contact their customer success manager, and access educational materials at ZenUniversity.
Dynatrace and ServiceNow allow customers to increase efficiency, reduce risk, and digitally transform faster
With precise topology and service mapping for dynamic multicloud environments, joint customers can increase efficiency through intelligent automation and reduce the risk of disruptions with predictive problem identification and automatic remediation, giving BizDevOps teams more time to innovate and accelerate digital transformation.
By combining automatic and intelligent observability from Dynatrace with the intelligent automation capabilities of the ServiceNow Platform, customers and partners can speed their path to autonomous cloud operations.
“Dynatrace is a great partner for ServiceNow,” said Jeff Hausman, Vice President and General Manager of IT Operations Management, Security and CMDB/ServiceGraph at ServiceNow.
“Using the combination of ServiceNow and Dynatrace, customers gain a deeper understanding of digital services, deriving signals from noise to pinpoint root cause, and deliver resilient operations for all applications and microservices in hybrid or multicloud environments.”
“Both ServiceNow and Dynatrace are strategic platforms for managing our cloud-native environment, and it is great to see this tight integration between the two,” said Mervyn Lally, Global Chief Enterprise Architect at Experian.
“Together, they provide a complete service map of our environment, smarter AI-driven answers, and closed-loop, automated workflows to ensure any changes or fixes that we’ve implemented are successful. This enables our teams to focus on the value-added tasks of digital transformation, and deliver simple, easy, and seamless experiences that help our clients operate and consumers thrive.”
Through the Dynatrace and ServiceNow partnership, customers can transform how they work, and accomplish more with less time, resources, and money. Some of the outcomes they can realize include:
- Greater efficiency – Automatic, real-time topology spanning hybrid, multicloud environments with rich context to understand potential issues in digital services and their precise root-cause.
- Reduced risk of disruptions – Proactive identification of issues affecting the roll-out or operation of cloud services, prioritized by business impact to reduce noise and ensure application and digital business continuity.
- Faster innovation – Combining the intelligence built into each platform reduces time spent on low-value, time-consuming tasks, freeing up resource-constrained IT teams to refocus on innovation and driving better business outcomes faster.
“As they execute their digital transformation projects in dynamic multicloud environments, customers are looking for ways to tame cloud complexity and gain more time for innovation,” said Steve Tack, SVP of Product Management at Dynatrace.
“We are thrilled that through close collaboration with ServiceNow and our joint customers, we can now provide the closed-loop, predictive problem identification and automatic remediation customers have been clamoring for. Together, we are enabling an AIOps-approach for autonomous cloud operations.”
The partnership provides customers Securonix Adversary Behavior Analytics (ABA), an advanced capability that helps organizations protect mission critical assets by monitoring adversary behavior and delivering automated, preemptive actions that prevent attacks and help contain adversary threats.
Securonix’s Next-Gen SIEM combines log management, user and entity behavior analytics (UEBA) and security incident response into a complete, end-to-end security operations platform. It leverages patented machine learning algorithms to detect threats and provide incident response capabilities for fast remediation.
Opora’s Adversary Behavior Analytics provides a continuous view of cyber adversaries, exposing and monitoring their attack infrastructure and delivering proactive action to thwart attacks at the source.
“Threat actors are constantly shifting their methods to find new ways to compromise organizations and monetize their efforts,” said Nanda Santhana, Senior VP of Cybersecurity Solutions, Securonix.
“By proactively monitoring this behavior and taking the right preventative measures, cybersecurity teams can maintain an incredible advantage in protecting their assets. This partnership with Opora brings a new, preemptive threat intelligence capability to our customers to help them understand tomorrow’s attacks today, and proactively respond based on that information.”
The joint solution combines Opora’s Adversary Behavior Analytics with Securonix’s Next-Gen SIEM to deliver customers end-to-end visibility into adversary behavior, helping preempt attacks before they happen, contain attacks in progress, and deter the adversaries behind the attacks.
Securonix’s SIEM ingests data from Opora’s platform, providing the context needed to deliver rapid alert prioritization, resulting in fewer false positives and accelerating targeted and orchestrated adversary attack counter measures.
This unique combination of capabilities empowers joint customers to secure remote employees and defend against the most common attack methods, such as business email compromise, ransomware and fraud.
“The majority of adversaries are uncontested and free to explore new ways to penetrate organizations and compromise valuable assets,” said Chris Bell, Co-founder & CEO, Opora.
“By combining Opora’s Adversary Behavior Analytics with Securonix’s SIEM, customers gain the level of visibility needed to maintain a preemptive advantage over malicious actors and benefit from next-level protection against sophisticated attacks.”
Source Defense announced its new offering of Website in Page Protection (WiPP), as well as product enhancements and performance improvements to the VICE sandboxing technology within the Source Defense Platform.
WiPP’s added security benefits protecting eCommerce and other web interfaces from data-stealing threats arrive at a critical time, as online shopping is expected to increase dramatically this holiday season, along with online banking and demand for telehealth services.
The Source Defense Platform protects online businesses and their customers from automated attacks and client-side threats, and improves operational efficiency.
The latest platform release focuses on maximizing performance and effectiveness in protecting online customers’ website journeys and providing an additional layer of protection from malicious code and intrusions exploiting vulnerable software and third-party services behind the web storefronts of major retailers, banks and healthcare services.
As these sites rely on ever more third-party code to drive efficiency, data analytics and the user experience, it becomes increasingly difficult to detect and isolate attackers infiltrating web page supply chains to illicitly steal personal and financial information at scale.
Analyzing consumer buying habits during COVID-19, eMarketer research predicts a 10.5% decline in total 2020 U.S. retail sales, with a 14% drop in brick-and-mortar sales – but forecasts an 18% surge in eCommerce.
eMarketer’s online growth outlook expects increases in both the number of digital shoppers and the average spending per buyer. These gains also reflect the pandemic’s impact on how different age groups shop online, predicting a 12.2% increase for shoppers 65 and over, who may be less familiar with security threats and online scams.
Greater reliance on digital and contactless shopping during an ongoing pandemic creates vast opportunities for criminals following the money, as FBI cybercrime alerts continually illustrate.
“Every organization wants reliable threat intel that provides proof of their security tools performing, protecting, and delivering value,” said Source Defense CTO and Co-founder Hadar Blutrich.
“Monitoring and alerting are no longer sufficient ways to prevent Magecart attacks. By having the ability to detect and protect, Source Defense has made it easier for any business in any industry to implement our products and harness its power, allowing users to better fortify their websites from malicious threats today.”
The release of WiPP strengthens the Source Defense arsenal protecting websites from attacks originating from first-party code, insider threats, and vulnerabilities introduced by open source libraries.
Key benefits of WiPP include:
- Protects websites from attacks originating within businesses’ own first-party code, vulnerable open source software libraries, embedded third-party integrations and more
- Real-time detection & protection defeating efforts to escalate privileges and covertly manipulate site forms and data
- Detailed analysis of script behavior, actions taken, and necessary permissions
- Extension of organizations’ security perimeter across web properties, driving additional value from other existing security products, while protecting web apps from client-side attacks such as Magecart or formjacking threats.
“There is a large gap in security that’s formed in the protection chain that ought to extend to end users. As more of a website’s work is done within a user’s browsers, those applications are now more exposed in a no man’s land that attackers are all too ready to exploit,” said 451 Group Analyst Eric Hanselman.
Source Defense is an analyst-recognized pioneer and innovator of technologies that leverage machine learning, industry regulations and best practices to improve website security and efficiency.
The Source Defense Platform is a SaaS offering that monitors, detects and projects all aspects of Magecart attacks. WiPP sits alongside Source Defense’s VICE product and the ADMIN management console.
Ubiq Security unveils API-based encryption platform for developers, reducing encryption complexities
Ubiq Security announced the launch of its API-based encryption platform for developers. The United States Army, Department of Homeland Security, Verizon, and Hitachi are among the first customers to streamline data protection and security using the Ubiq platform.
Ubiq has eliminated the traditional complexities of encryption, allowing developers and information security teams – even those without encryption or cryptography expertise – to integrate data encryption directly into applications in minutes, with nothing more than a few lines of code and two API calls.
Teams can encrypt data effortlessly across diverse applications and programming languages, cloud environments, and storage types.
“Encryption is a critical part of security that’s historically been one of the hardest things to get right,” said Wias Issa, CEO of Ubiq.
“There are very few true encryption and cryptography experts in the market, so most organizations lack the domain expertise to implement encryption effectively.
“Simplifying encryption down to a few lines of code and two API calls enables organizations to very quickly integrate encryption directly into their applications and empower their developers to build encryption directly into the software development lifecycle, reducing downstream costs and risk, and enabling them to spend their time and resources building fantastic products.”
Behind the platform’s APIs is a SaaS-based software layer that eliminates the guesswork, jargon, and complexity of cryptography and encryption, through a simple dashboard, so developers can be up and running in just minutes.
The dashboard allows developers (or members of their security teams) to select from proven, best-practice encryption models and policies for all their applications in a central location, provides key management and FIPS 140-2 Type 3 compliant key storage, and a complete log of key access and activity.
“Implementing data encryption methods and practices across large enterprises can be fragmented or lead to one-off implementations,” said Rick Stewart, chief software technologist, DLT Solutions, a Tech Data company.
“Ubiq’s platform strengthens our cybersecurity portfolio and provides our channel partners and their U.S. public sector customers with a centralized key management and storage solution with the ability to have a standard data encryption practice.”
Why should I worry about entropy? Entropy, also known as randomness, is the anchor beneath much of the world’s security. Poor-quality entropy compromises security, while low speed entropy compromises performance, and all too often organizations must make a Solomon’s choice between the two.
Fortunately, this critical security challenge has a solution, and with over 75% of global value at risk from direct and indirect cyberattacks, according to Raconteur, it’s high time to tackle it.
QuintessenceLabs formally expanded their suite of quantum security solutions, introducing the qStream Plus entropy enhancer to their growing portfolio.
qStream Plus combines the power of the world’s fastest quantum random number generator qStream, with software that seamlessly and automatically enhances the level of entropy in your network. qStream Plus solves entropy starvation once and for all, and delivers true Entropy as a Service (EaaS) within your network.
What is quantum entropy?
Randomness is surprisingly difficult to generate, and yet is needed in large quantities to secure the world’s data. Since computers are deterministic, i.e. completely predictable, they cannot generate real randomness.
Instead they fill and maintain a pool of high-entropy random bits, fed from external activities such as mouse or keyboard movement. Entropy matters a lot: if you were to generate a 2048-bit long private key from an entropy pool that only has 20 bits, your 2048-bit private key may be 2048-bits long, but would be “only as good” as a 20-bit key.
All too often, entropy pools do not contain enough entropy to meet the security needs of the system, resulting in delays, security compromises, or both when deterministic random numbers are used instead.
Access to highest quality entropy, seamlessly
QuintessenceLabs developed the concept for the qStream Plus entropy enhancer appliance while working with one of their partners, whose large number of systems — virtualized and physical — struggled to get entropy, impacting performance and security.
The QuintessenceLabs team were able to leverage its world leading quantum random number appliance qStream, delivering 1 Gbit/sec of full entropy true random, and pair it with novel entropy enhancer software. This entropy enhancer constantly monitors the level of entropy in your network and tops it up to safe levels, that you define, whenever needed.
With qStream Plus, there is no longer the need to compromise between safety and speed, and you will never run out of entropy — making entropy starvation a thing of the past.
Entropy in practice
QuintessenceLabs’ qStream Plus entropy enhancer appliance is currently in commercial evaluation by a number of large international corporations in the financial sector, telecommunications, IT services and cloud sectors.
“QuintessenceLabs has deep expertise in driving quantum innovation, to make sensitive information safer today and prepare our cyber infrastructure for the threat of quantum computers,” said Dr. Vikram Sharma, Founder and CEO of QuintessenceLabs.
“We are delighted to be announcing our qStream Plus offering, making it easy for organizations around the globe to access the world’s fastest quantum random number technology.”
Without strong and fast entropy, networks such as these cannot be truly secure. Solving the challenge of entropy starvation is the next vital step in building a quantum-safe and high-performance information infrastructure.
Ethernity Networks announced it has developed a solution that both aggregates 5G traffic and provides virtual routing directly within the 5G Distributed Unit (DU). The solution is based on the company’s existing ACE-NIC100 FPGA SmartNIC, which offers Ethernity’s exclusive Router-on-FPGA-NIC feature.
With many mobile operators planning to employ disaggregated CPU-intensive Network Function Virtualization (NFV) software to handle the primary DU functions, the vast majority of the server’s CPU cores will be occupied, leaving no capacity for a virtual router.
The addition of an external cell site router (CSR) to the data path increases both capital and operating expenses. Ethernity’s solution eliminates the need for a CSR by integrating the virtual routing software with the FPGA SmartNIC within the DU server.
Furthermore, using its six 10G/25G eCPRI ports, a single ACE-NIC100 can aggregate up to 150Gbps of data burst arriving from the 5G Radio Units (RU) toward the DU functions running on the server.
The integrated router function then enables connectivity toward the rest of the cloud Radio Access Network (RAN). The ACE-NIC supports all mandatory clock synchronization options for DU (such as Sync-E and IEEE1588) to accurately insert time stamps recovered from the network as backup to the GPS signal.
In addition, the ACE-NIC100 offers built-in hardware-based traffic management features, including packet classification, deep buffering with HQoS, and OAM, on top of the router data plane functions like L2/L3 VPN , MPLS, and segment routing.
The ACE-NIC100 offers Ethernity’s fully integrated Router-on-FPGA-NIC software capabilities or, alternatively, can integrate and fully offload any 3rd-party vRouter software using standard DPDK APIs.
“By utilizing our vast experience and field-proven router data plane on FPGA with our unique Router-on-FPGA-NIC offering, Ethernity is in a strong leading position to assist and optimize the building of 5G networks,” said Oded Bergman, VP of Products and Business Development at Ethernity Networks.
“Ethernity’s ACE-NIC100 enables software DU solutions to make optimal use of our FPGA SmartNIC capabilities, providing an innovative, cost-effective, high-speed solution that overcomes these challenges and, in the process, supports the trend toward true hardware disaggregation of the 5G infrastructure.”
Avatier promises to simplify identity access management (IAM) by empowering organizations with greater control over enterprise access requests, compliance access certifications, single sign-on (SSO) to reduce SaaS license cost and self-service password management, all for a better value than buying individual point solutions.
Avatier’s new mobile experience is designed for the modern workforce, giving employees, customers, contractors and vendors a single mobile app that enables self-service business agility for time-sensitive security requests.
Now anyone in the company can be alerted on their mobile device to approve business requests to access data and assets. Change management for the entire business can run through Avatier’s new mobile workflow experience, reducing overhead for IGA, streamlining provisioning and ensuring security compliance.
The new mobile platform is secure and frictionless because Avatier’s password-less authentication automatically integrates with third-party multifactor authentication (MFA) solutions already deployed in most enterprises.
Avatier has MFA support for Duo Security, Google Authenticator, Okta Verify, Ping Identity, Radius, RSA SecureID, Symantec VIP and any FIDO2-compliant solution. Additionally, Avatier provides one-time passcode (OTP) support for SMS and email as well as biometric MFA solutions.
“IT staffs spend an inordinate amount of time managing user access requests and conducting access audits,” said Nelson Cicchitto, founder and CEO of Avatier.
“Research from HDI shows that 30 percent of help desk calls are for access requests at an average cost of 17 dollars per call. Avatier’s user experience changes the game with push notifications and a touch interface that can save companies millions of dollars by streamlining security controls and authorization while enabling their entire workforce to approve access immediately when needed.
“With Avatier’s mobile application support, CSOs, IT personnel, security and compliance teams save time and resources by simplifying identity management and truly enabling enterprise-wide self-service.”
Avatier’s mobile platform includes a complete set of self-service identity management solutions, including:
- Universal workflow: For the first time, the workflow interface used for all business requests and change control is now also the same interface used to conduct certification campaigns and verify access. Push notifications call attention to urgent business requests that need to be approved or denied. All role, access, assets, change control and user management is controlled through Avatier’s Universal Workflow Platform. Access governance is part of workflow support, streamlining verification of granular access/assets, roles, direct reports, self-certification and native system security controls., including empowering attestors to allow, deny, allow exceptions, reassign attestor, or even return to the certification campaign owner.
- Self-service group management: Enable self-service group membership requests with push notification for workflow approvals, including group creation, deletion, renaming and modifying group ownership.
- User management: User access can be granted, disabled, or deleted either in real-time or as a scheduled task. As part of user management, Avatier Mobile makes it easy to manage data assets and software licenses to reallocate seats as needed.
- Single sign-on: Onboard mobile and remote workers faster with Just-in-Time (JIT) cloud app user provisioning and de-provisioning to provide secure remote access to assets by simply adding users to your active directory groups. Avatier SSO supports leading industry standards like SAML, oAuth, OpenID and SCIM for JIT provisioning.
- Self-service password management: Eliminate help desk calls by giving users secure control over password reset and synchronization using leading MFA providers to verify identity. Avatier’s Password Policy Manager enforces enterprise password policy to maintain strong passwords across all systems.
Deepwatch announced deepwatch Lens Score, a fast, easy to use application for CISOs and those who are accountable for measuring, monitoring, and improving their company’s overall security operations maturity.
Deepwatch Lens Score is available immediately on all mobile devices and via web browser and can be accessed and utilized by all security professionals at no cost.
“We collaborate closely with our customers’ CISOs and have a comprehensive understanding of the challenges they face. CISOs are universally accountable for answering three questions,” explained Charlie Thomas, CEO.
“How mature is my Security Program? How do I compare to my peers? What one thing should I do next to better secure my business?” deepwatch created deepwatch Lens Score to provide security leaders with an ongoing view into their security posture and precisely what they can do to improve it over time.
“Deepwatch Lens Score allows CISOs to quickly understand data source collection, active analytics, and what their Maturity Score is today and how to improve it. The powerful app is intuitive and delivers valuable data and insights to CISOs in a few minutes in the palm of their hand,” elaborated Thomas.
“The unique thing about deepwatch Lens Score is that it instantly visualizes data collection coverage with a maturity score calculated by our patented Maturity Model algorithms,” described Corey Bodzin, CTO.
“The deepwatch Maturity Model is the industry’s first scientific way to measure SOC effectiveness. The Maturity Model Score gives CISO’s the immediate ability to benchmark their security program maturity against that of their peers, and quickly uncover gaps and how to address them. CISOs can then track their improvements and estimate the impact of different improvements they might pursue.”
Deepwatch designed Lens Score to ease the pain of making difficult cyber security business investment decisions. Over the last twenty years, security leaders have followed a “gut feel” or “educated guess” approach to fortifying their networks and enhancing their SOC.
With deepwatch Lens Score, they now have an application that immediately and continuously provides recommendations based on data science to help them stay ahead of cyber threats.
Hitachi ID has unveiled the Hitachi ID Bravura Security Fabric and version 12.0 of its identity and privileged access management solution.
“Executives making strategic decisions about identity and access vulnerabilities need to solve fundamental cybersecurity problems with a robust platform not a menagerie of siloed products,” says Kevin Nix, Chief Executive Officer, Hitachi ID Systems.
“Our Hitachi ID Bravura Security Fabric lets organizations frame and optimize their cybersecurity programs with one singular platform across identity, group, password, privilege access.
“Organizations can weave the identity and access services in various patterns to protect, manage and govern their digital identity and access infrastructure from attacks with the scalability, flexibility and integration they need as their roadmaps evolve.”
Proven patterns combined with more than two decades of security expertise
The Hitachi ID Bravura Security Fabric creates a centralized view to weave patterns of functionality an organization needs to protect against continual threats and cover all aspects of your identity and access security program.
As you uncover new identity and access threats or your roadmap evolves, turn services on or off as without installing other products to improve IT security, support internal controls and regulatory compliance, and lower access administration and costs.
Only platform spanning identity, privileged access and passwords
Organizations evaluating their identity and access maturity will now be able to reveal risks and threats with the most accurate, fastest, and in-depth risk and threat assessment report for both identity and privileged access with the new Hitachi ID Bravura Discover.
Unlike similar tools typically limited to identity applications on Windows and Linux, Hitachi ID Bravura Discover works across platforms and for both identity and privileged access applications.
According to industry analyst Martin Kuppinger, founder of KuppingerCole in his paper on Modern Identity Fabrics: A Cornerstone of your Digital Strategy, “Identity Fabrics are a cornerstone of every Digital Transformation strategy.
“They help in rapidly delivering unified identity services, providing the services and the agility needed for success in the Digital Transformation, while allowing for migration, integration, and re-use of existing legacy IAM.
“Businesses need a multi-speed IAM that serves both emerging requirements and the gradual migration of legacy IAM into a modern Identity Fabric, at their own pace.”
Modern usability that scales to hundreds of thousands of systems
Version 12.0 delivers modern usability and integration with intelligent bots for better self-service. Its enhanced configurability with powerful grouping constructs can manage thousands to millions of identities with robust policy and rule verifications.
It’s the only platform that spans identity, privileged access and password management and also scales to hundreds of thousands of systems and tens of millions of identities.
“Hitachi ID’s great technical skill and brilliance in identity, privileged access and password management was the impetus for our new naming strategy,” says Nix.
“I am incredibly excited to lead the company to a singular platform approach with a sharp focus on making the solution work smarter and faster for organizations while we extend our key capabilities with strategic partners.”
Socure announced DocV, a fully-automated omnichannel document verification service that expedites onboarding, reduces fraud, and works to eliminate costly manual reviews. Combining the power and scale of machine learning to accurately verify the authenticity of government-issued IDs, DocV produces auto-decisioning rates as high as 98%, in seconds.
The most scalable and accurate document verification service available, DocV applies advanced analytics and computer vision to quickly confirm the authenticity of any government-issued ID, including more than 3,500 document types from around the world.
The image capture tool built into DocV automatically adjusts for and offsets user-error, and the back-end forensic analysis technology is fully-automated—eliminating the need for human intervention and manual checks. An additional layer of security checks for liveness, matching the photo on a consumer’s ID with a selfie in under 15 seconds.
“As more sophisticated fraud attacks are on the rise, financial institutions and other organizations are bolstering identity verification protocols, including KYC/CIP, fraud prevention, and sanction screening,” said Johnny Ayers, Founder & Chief Product Officer of Socure.
“DocV, now a central pillar of Socure’s integrated identity engine (ID+), drastically reduces the operational burden and cost associated with manually verifying identities while accelerating revenue growth, reducing identity fraud, and reducing friction during the authentication process.”
Unlike most document verification services where only a physical ID and selfie photos are authenticated, Socure’s forward-thinking approach to DocV is unmatched.
Companies count on Socure to deliver the most robust, holistic, and accurate approach to fraud prevention and KYC, not only by the authentication of an ID card and selfie, but also by seamlessly analyzing other dimensions of an identity such as device risk, phone and email correlation, sanctions screening, and correlating the data on the ID against authoritative data sources.
DocV is designed to quickly and accurately assess the validity of users when applying for new accounts and services, providing access to customers locked out of existing accounts, detecting account takeover attempts, and processing high-dollar transactions for a broad range of industry verticals, including financial services, healthcare, telecommunications, online gaming, real estate, digital currencies, sharing economies, and more.
In its initial beta phase, DocV delivered 25% higher conversions, significantly reduced user drop-offs during the onboarding process because of its user-friendly image capture technology, and was proven to deliver auto-decisioning rates up to 98%.
Ayers continued, “Fraudsters are becoming craftier, so companies that are doing identity proofing must introduce additional measures to combat deep fakes and synthetic fraud at the speed of consumer expectations.
“Our official launch of DocV underscores Socure’s commitment to eliminate identity fraud as we continue to provide customers with superior levels of security, trust, and growth.”
With the addition of DocV, there is less of a need to leverage multiple vendors for KYC/CIP and fraud decisioning workflows, which decreases accuracy and efficiency, and drives up costs.
Socure works with clients to assess their risk tolerance for every use case across product lines and recommends DocV when needed, as a top of funnel step-up method. Furthermore, Socure developed a modern SDK to simplify costly integrations and speed up deployment.
The advanced, no-code dashboard for business managers is easily configurable for options such as minimum age criteria, document expiration grace period, matching thresholds and overall authentication strategies.
Socure also developed a customizable interface that allows clients to design the look and feel of the SDK via a no-code graphical interface with the simple action of point and click—no development required.
DocV, which can be integrated via mobile and web SDKs or a RESTful API, is available as a standalone product or as a part of the overall Socure ID+ product suite, a fully integrated identity fraud and compliance platform providing organizations with a single, unified identity fraud and verification solution.
DocV delivers an enhanced security layer at account onboarding and as needed throughout the end-user lifecycle.
Incognia announced the launch of its fraud detection solution designed for retailers, restaurants and payment providers leveraging QR codes for contactless payments.
This comes at a critical time; according to Gartner’s Consumer Pandemic Attitudes and Behaviors Survey, “40% agreed with the statement ‘I’m more willing to do business with stores or other commercial premises that offer contactless payment options.’ ”
With consumers ready to re-engage with vendors using contactless methods, health and security are top of mind as businesses push for faster adoption of contactless QR payments. U.S. merchants continue to be on high-alert for fraudulent transactions. In fact, for U.S. merchants, the cost of fraud is up 7.3% in 2020 from 2019. Every dollar of successful fraud now ends up costing U.S. retailers an astonishing $3.36.
“By 2024, 80% of ordering and replenishment will be touchless for most organizations. Customers have become more conscious about their health and safety, leading to changes in their consumption behavior in both their personal life and their work. One obvious change is the increasing popularity of contactless commerce, which enables end-to-end contactless self-service,” according to Gartner.
Incognia’s fraud detection solution for QR code contactless payments uses location behavioral biometrics to verify buyer’s and seller’s real-time and historical location behavior to protect against fake QR codes, account takeovers and use of fake synthetic identities during transactions.
The solution works for physical in store, remote and peer to peer QR code contactless payments. For consumers, Incognia’s technology creates a private digital identity that enables a user’s device to produce a unique location fingerprint, without compromising any of the user’s personally identifiable information.
The digital identity is also matched to the recent behavior of the device and the known behavior of the account.
“The year 2020 has seen a surge in contactless commerce as retailers rapidly adapt to keep consumers and staff safe,” said André Ferraz, CEO and Founder of Incognia.
“QR code contactless payments are seeing rapid adoption because of ease of use. QR codes can be easily integrated into retailer apps and scanned by consumers using a smartphone. We’re proud to provide our fraud detection solution to enable safer ways of doing business that are secure and frictionless.”
Incognia’s proprietary location technology uses network signals from GPS, Wi-Fi and Bluetooth along with on-device signals to identify precise locations without capturing any PII.
Incognia provides both real-time location verification and also builds an anonymous location behavioral pattern, unique for each user, that creates a location fingerprint for user authentication.
Incognia location technology is used in more than 90 million devices in the Americas, and analyzes more than 20 TB of anonymized location signals every day. Incognia provides an SDK for rapid integration into iOS and Android mobile apps.
MariaDB announced a major expansion of MariaDB SkySQL cloud database. With this update, SkySQL now runs the latest version of MariaDB Platform X5, which most notably added distributed SQL capabilities for global scale.
With the ability to be deployed as clustered or distributed, MariaDB SkySQL addresses customers’ specific needs all within one powerful, indestructible cloud database.
“We built MariaDB SkySQL to reduce the complexities introduced by first-generation cloud databases,” said Michael Howard, CEO, MariaDB Corporation.
“The current landscape requires a smorgasbord of cloud services to get a single job done – AWS RDS for simple transactions, Aurora for availability and performance, Redshift for cloud data warehousing and Google Spanner for distributed SQL.
“SkySQL gives you all these capabilities in one elegant cloud database that delivers a consistent MariaDB experience regardless of the way you deploy it.”
A cloud database that grows with you
For organizations, with success and growth come new requirements and challenges. Standard transactions with high availability is a good starting place for any business but as a company grows, a cloud data warehouse for fast data analysis may be necessary or massive scalability may be required to keep up with worldwide demand.
With MariaDB SkySQL, customers can start small and have a path to expand to meet any future requirement – adaptively, pragmatically and with extreme ease.
Open book pricing reflects open source integrity
MariaDB is taking a cloud database pricing approach that is transparent and predictable for customers. Rather than upcharge for high availability setup, failover, backups or a database proxy for a single connection point, SkySQL is all-inclusive.
Unlike with other cloud providers, failover replicas can be fully utilized for read scale rather than existing as an insurance policy only.
Expanded SkySQL features
SkySQL now supports MariaDB Platform X5, including the latest versions of MariaDB Enterprise Server, advanced database proxy MaxScale and smart engines ColumnStore and Xpand for new and expanded cloud capabilities, and offers:
- MariaDB Platform for distributed SQL: Xpand is a new smart engine that delivers distributed SQL through MariaDB Enterprise Server. This functionality is now also available in SkySQL with elastic scale, making it easy to increase or decrease capacity to handle anticipated usage spikes, such as increased shopping around Black Friday and Cyber Monday. Xpand in SkySQL also automatically rebalances data hotspots for optimum performance.
- MariaDB Platform for analytics: SkySQL includes a fully distributed cloud data warehouse that now provides massively parallel processing (MPP) for scalability and high availability on large datasets.
- End-to-end security: All SkySQL databases are secure by default, built from the ground up to provide the ultimate security in the cloud. SkySQL now also enforces secure SSL/TLS connections for any database access, avoiding exposure of data due to insecure defaults or configuration choices.
- Radically reduced complexity for application development: SkySQL provides a single connection point for applications rather than exposing individual database instances, primaries or high availability replicas. SkySQL manages read/write-splitting, seamless failover and application session migration. The result is fault tolerance and efficient use of resources that is completely transparent to developers and end users.
- Expanded monitoring: SkySQL monitoring shows the status and all vital metrics for database instances and is highly customizable. The monitoring tool is updated to support the new topologies enabled in this new release of SkySQL such as Xpand for distributed SQL.
Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks
Agile1 has launched Predictive Analytics Risk Scoring to provide technology executives the foresight to understand cyber risk exposure. The platform is designed to help organizations identify, prioritize and quantify cybersecurity risks with 78% fewer false positives.
Agile1’s Predictive Risk Scoring is a tremendously accurate predictive security score because the platform aggregates and analyzes all consolidated security data in an organization. This includes the cloud, devices, network, SaaS applications, API’s and anomalous human behavior.
Measuring cyber risk is complex because there are no accepted norms. Agile1 creates a scoring model based on 13 unique factors that combine security data, anomalous behavior, policies, configurations, historical record, forecasting and criticality.
Agile1’s Predictive Cyber Risk Scoring uses machine learning scoring techniques based on empirical modeling. We combine machine learning with user behavior analytics to create accurate models to evaluate predictive features embedded in the data. All this while minimizing the false-positives.
“The mid-market is in need of a managed 24×7 Managed Breach Detection Platform so they can experience complete visibility and total security driven by a deep analytics foundation to understand their security gaps,” says Tony Pietrocola, president, Agile1.
Pietrocola added, “If you are a valued channel partner who utilizes Agile1 technology to run your SOC, you now have predictive scoring and analytics to grow your cyber consulting services around.”
Agile1 monitors millions of security events every day world-wide. Agile1 is redefining the MDR space with modern technology that simplifies the process, reduces false positives and actually shows technology executives where they have security gaps.
SlashNext announced the on-device AI mobile phishing defense for iOS and Android with natural language and link-based detection to protect users from the exponential increase in mobile-based SMS phishing (‘SMishing’) attacks.
Now SlashNext, customers and partners can benefit from the industry’s fastest and most accurate, 2.0 mobile AI phishing defense, protecting users from all forms of phishing across all their communication channels – SMS, email, social networking, gaming, collaboration and search – without compromising user privacy or performance.
In addition, telecom carriers can now offer a complete SMS phishing defense service to protect their subscribers from the onslaught of SMishing attacks.
“Bad actors know that SMS is one of the most popular ways to communicate in the new remote working and learning world,” said Patrick Harr, CEO of SlashNext.
“Our mobile app now brings the power of on device AI and natural language processing to protect against text-based SMishing attacks in addition to link-based and the significant damage that can arise. This is a perfect service for consumers, carriers and businesses alike.”
Moving from 1.0 human defense to 2.0 AI phishing defense
Today’s threat actors are leveraging new AI phishing methods, while most phishing detection services use legacy, 1.0 tactics like domain reputation, URL inspection, and human forensics to detect phishing attacks.
Organizations must start looking at next-generation, 2.0 phishing defense methods that utilize AI and dynamic analysis to detect threats. SlashNext exclusively focuses on 2.0 AI phishing defense by inspecting billions of URLs at cloud scale with virtual browsers that overcome sophisticated evasion techniques.
By leveraging natural language processing, computer vision, and behavioral analysis, SlashNext detects and blocks threats hours and sometimes days before vendors using 1.0 phishing techniques.
SlashNext Mobile AI Phishing Defense
SlashNext Mobile AI Phishing Defense offers anywhere, anytime, zero-hour protection against the broadest range of phishing threats with lightweight, cloud-powered apps for iOS and Android devices. A simple, intuitive user experience blocks threats, alerts users with a warning page and offers a safe preview with information about the threat.
Additional key features and benefits:
- Broadest range of protection: Protects against attacks on corporate and personal email, SMS, social media, messaging, and collaboration platforms by detecting credential stealing, rogue browser extensions, and more.
- Lightweight app: Negligible impact on battery consumption and device performance.
- No personal identifiable information (PII) or privacy risks: No network traffic or personally identifiable information leaves the device, so PII and user privacy remain secure.
- Real-time training: Simultaneously detects, blocks, and educates at the point of click to reinforce training and remind users about real threats.
- Easy deployment and management: Easily deployed and managed with leading UEM and Single Sign-On (SSO) solutions or SlashNext’s Endpoint Management System for complete, real-time visibility to phishing attacks across the user base.
Phishing database with unparalleled detection and predictive protection
The SlashNext AI phishing detection cloud with patented SEER technology, has the industry’s largest phishing database, delivering 99.07% accuracy and one in one million false positives.
SlashNext inspects billions of internet transactions and millions of suspicious URLs daily using virtual browsers to detect zero-hour phishing attacks across all communication channels– email, SMS, collaboration, messaging, social networking, and search services – up to 30 days before they are live.
So, when phishing campaigns launch, the threats are already blocked by SlashNext, and users are protected immediately.
AI Phishing Defense for PCs and MACs
The same level of phishing protection is also available with SlashNext Browser Phishing Protection.
Deployed as lightweight browser extensions for all popular desktop browsers (Chrome, Firefox, Safari, and Edge), it can be managed via leading UEM solutions or leading SSO solutions for simple user provisioning and management.
SureView Systems is launching SureView Operations (Ops), a subscription-based version of its respected command center management system. The Ops platform optimizes operational processes and team response to radically improve the coordination and management of security events, creating better security outcomes.
“Over the last few months, our customers have shared with us how Covid-19 has caused a rethink in their security operations. Overwhelmingly, they are looking for flexible solutions that can be implemented immediately, to support remote working, wider team collaboration, and the ability to adapt quickly to changing needs. In response, we developed SureView Ops.
“We understand it’s difficult for security leaders to embark on large projects to overhaul their operations in today’s uncertain climate. SureView Ops resolves this by making the software available as a fully hosted service that supports existing systems and services, making the deployment simple.
“We offer a 30-day trial and engineering support so customers can get started today and be operational within the trial period,” says Simon Morgan, Chief Product and Marketing Officer.
Ops has been developed to support organizations of any size, and in any sector, that operate a security control center. The platform is built on the world’s leading infrastructure provider AWS, delivering the security, scale, and resilience organizations need to run 24/7 operations.
Blackpoint Cyber launches Blackpoint RISK, a cyber liability insurance solution for existing and new clients
Blackpoint Cyber launched Blackpoint RISK – a cyber liability insurance solution created specifically for its partners and their customers. Blackpoint RISK is available to existing and new clients and provides an additional layer of protection against cyber incidents, including cyber-crime, ransomware, and malicious attacks.
A common phrase in cyber security is, “It’s not a question of if, but when.” Cyber security programs traditionally focus on awareness, prevention, and response – but many are unprepared for an unexpected cyber incident and the financial implications.
Blackpoint Cyber used its foundation in cyber operations for the US Government to build its true 24/7 Managed Detection and Response (MDR) service for MSPs and their customers.
While Blackpoint prides itself on its quick detection and response times and its ability to streamline the security stack, they wanted to arm MSPs and their customers with the next line of defense.
Cyber liability insurance is becoming a required component of risk management for all business sizes and industries, particularly MSPs and their customers. A cyber incident can include forensic investigations, data recovery, hardware replacement, customer notifications, regulatory filings, and even lawsuits.
Many businesses, especially small- and medium-sized ones, can face financial hardship, including bankruptcy, if not properly insured against such devastating incidents.
MSPs face cyber risk on two fronts: attacks or incidents on their own infrastructure and any resulting liabilities as well as attacks against their managed clients.
Blackpoint’s MSProtect program already provides MSPs with special 24/7 MDR pricing to keep their infrastructure safe, and now they can further reduce their risk by pairing it with Blackpoint RISK for themselves and their MDR customers.
Blackpoint designed RISK’s offerings to match the needs of its partners and their customers. The offerings are affordable, comprehensive, and include first- and third-party coverage, which helps recover internal business operations as well as protect against outside liability claims.
All offerings include access to breach response consultants and a dedicated claims advocacy practice. Depending on the coverage selected, additional benefits may also include dark web/data leakage monitoring and alerting, periodic external threat assessments, access to online risk and cyber training, and even an incident response and claims mobile app.
“We built our MDR technology and service on an assume-a-breach mentality. Our MDR service has successfully detected and stopped numerous breaches, but cyber risk is always present,” said Jon Murchison, CEO and founder of Blackpoint Cyber.
“We spent 3.5 years perfecting the breach detection and response model, but cyber security requires a layered approach. And cyber insurance is a critical layer in the fight against cyber incidents. At Blackpoint, we are continuously working to help our partners, so we spent over a year developing a tailored insurance solution just for them: Blackpoint RISK.”
With CASA, eSentire brings its MDR leadership and expertise from over 10 years of threat hunting to Microsoft users.
CASA offers customers a single place within Microsoft Teams to actively manage alerts, engage eSentire experts on demand, and launch automated threat configurations for Microsoft Cloud Application Security, Microsoft 365, Microsoft Defender for Endpoint, Microsoft Azure, and Microsoft Graph Security API.
CASA, delivered on the eSentire Atlas Extended Detection and Response (XDR) platform, aggregates and enriches alerts to prioritize what matters and provides customers with the information needed to make security decisions, all within their existing Microsoft Teams app. The entire deployment process takes less than five minutes with the Microsoft products you already have.
Clicking “Ask eSentire” in Teams allows customers to ask eSentire security specialists questions about high-risk alerts. These specialists can then assist in further investigation, and provide recommendations for remediation and threat containment.
The Atlas XDR platform natively integrates endpoint, network, log, asset, and vulnerability data into a cohesive security operations system that supports nearly 1,000 MDR customers today.
Microsoft customers can benefit from the visibility and learnings eSentire has from stopping threats from its global customer base across 60 different countries with over $6 trillion in assets under protection. Atlas XDR platform now supports the entire Microsoft 365 security suite alongside the company’s existing detection and response products.
“CASA simplifies the daily operational life for security teams by providing alert consolidation, expert advice, and automated configuration. We are excited to make this capability broadly available in the market to users looking to leverage the Microsoft security ecosystem,” said Dustin Hillard, CTO for eSentire.