New infosec products of the week: August 14, 2020

Ericom Application Isolator separates corporate apps from unauthorized users to prevent ransomware

Ericom Software announced the introduction of Ericom Application Isolator, a new solution that integrates with existing remote access VPNs and Next Generation Firewalls to secure corporate applications and data from the security risks associated with excessive access rights inside a network.

infosec products August 2020

SonicWall TZ: Desktop firewalls with multi-gigabit malware and ransomware protection

SonicWall announced new zero touch-enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console that helps streamline operations through fresh and modern user interfaces.

infosec products August 2020

RSA SecurID Access innovations support organizations struggling to protect their workforces

RSA SecurID Access minimizes identity risk with a unique hybrid model that now integrates all of the on-premises and cloud components into a unified solution, making it faster and easier for on-prem customers to connect to the cloud. This approach also protects SaaS and legacy applications, across public clouds and private networks, while providing a consistent user experience.

infosec products August 2020

KoolSpan launches TrustCall, a secure mobile comms app for defense, intelligence operatives

TrustCall, a secure mobile communications application, is available to all DoD and IC users for iOS and Android. Remote employees can easily take advantage of TrustCall’s high fidelity audio via a solution that installs in minutes and requires no user training.

infosec products August 2020

CyberSaint CyberStrong updates make cybersecurity resiliency an enabler of business strategy

CyberStrong platform updates allow security and risk leaders to deliver clear narratives around their cybersecurity and IT risk management strategies. New features combine quantitative and qualitative insights to help CISOs and CIOs communicate the program’s past, present, and future risk management initiatives and returns.

infosec products August 2020

RSA SecurID Access innovations support organizations struggling to protect their workforces

RSA announced the availability of RSA SecurID Access offerings that are designed to support organizations struggling to protect and optimize their workforces in this challenging environment.

RSA SecurID Access

The new solutions broaden protection and reduce friction for both administrators and users, particularly as organizations tap into the benefits of the cloud for remote workers.

“While interest in transitioning security management technologies to cloud environments has steadily increased over the past few years, the global pandemic has dramatically accelerated adoption plans,” noted Steve Brasen, Research Director with Enterprise Management Associates.

“Organizations are particularly feeling the urgency with enabling cloud-hosted solutions supporting identity and access management (IAM). With applications, data, and IT services broadly distributed across business networks and public cloud environments, organizations require unified solutions to centrally and consistently manage access to critical resources.

“RSA’s SecurID Access hybrid platform successfully meets modern and emerging requirements for minimizing IAM management efforts while enhancing security effectiveness.”

Faster path to digital with a secure, hybrid approach to the cloud

To survive and thrive in the current environment, organizations are seeking solutions that optimize processes by using cloud applications. However, a proactive approach to digital risk is required to ensure successful adoption.

RSA SecurID Access minimizes identity risk with a unique hybrid model that now integrates all of the on-premises and cloud components into a unified solution, making it faster and easier for on-prem customers to connect to the cloud.

This approach also protects SaaS and legacy applications, across public clouds and private networks, while providing a consistent user experience.

For customers already embracing the advantages of the cloud, RSA SecurID Access provides an additional layer of protection and availability with its new Failover Node Service.

If access to the cloud service slows or becomes unavailable, the on-prem component of RSA SecurID Access takes over authentication requests. This high-availability innovation provides 24×7 authentication and protection, reducing risk and instilling confidence to accelerate cloud adoption.

Broader protection with a frictionless experience

With the surge in standing up remote workforces, securing remote logins and providing a frictionless experience for users has become increasingly important.

RSA SecurID Access is the most-widely deployed multi-factor authentication solution, and offers the broadest range of authentication methods, including recent innovations in facial recognition for Android devices, biometrics for legacy apps, and FIDO2 for passwordless hardware, software and embedded authentication.

RSA SecurID Access simplifies and customizes the user experience by auto-detecting the device or method – wearables, proximity, fingerprint, face recognition, SMS, email, voice, and more – before prompting the user. Additionally, users can now be enrolled via one-time activation code to quickly onboard remote workers.

New RSA SecurID Access features for Microsoft Windows and macOS® devices extend powerful multi-factor authentication to enhance endpoint protection and remote logins, which are critical for the modern workforce.

Furthermore, RSA is the only vendor to offer true “no fail-open” offline authentication for both Microsoft Windows and macOS laptop users who are not connected to a network. While other solutions may provide limited offline access, RSA ensures that users are fully authenticated to sign in when offline, improving security, user experience and productivity.

“RSA was honored to be a trusted partner during the global work from home surge, helping our customers to rapidly provide a secure remote workforce for their employees. We continue to innovate to help them optimize in the ‘new world’ with features like macOS and high availability for the cloud,” said Jim Ducharme, VP of Identity and Fraud & Risk Intelligence, RSA.

“Customers trust RSA because we provide the whole package – the broadest range of authentication methods, an unrivalled hybrid approach, and the experience to not only simplify the journey to the cloud, but ensure that modern authentication protects organizations from ground to cloud.”

Next-generation capabilities to manage current and future risks

In today’s increasingly global and remote workforce, managing and monitoring user access across a hybrid IT environment is a critical security concern. The perimeter shift has elevated the need for detection, investigation and response to threats.

RSA’s new Threat-Aware Authentication enables security operations teams to detect abnormal user and machine activities inside or outside of the corporate premises, as well as network anomalies, and can share this information with RSA SecurID Access to enrich authentication policy decisions.

With threat intelligence, organizations can mitigate the risk of insider threat and data breach, and ensure stronger, continuous authentication.

To combat future risks, organizations need an efficient way to consume innovations, however, accessing those capabilities often requires cumbersome, multi-step upgrade processes.

RSA SecurID Access delivers new innovations on a monthly release schedule and now offers Direct Upgrade for on-prem capabilities, eliminating time-consuming, serial upgrades. With these in-place upgrades, organizations can benefit from the latest features and improved security, while saving time and costs.

NewDay selects RSA Adaptive Authentication for eCommerce to protect digital payments from fraud

RSA announces that NewDay has selected and deployed RSA Adaptive Authentication for eCommerce to deliver advanced fraud protection for digital payments and address the requirements of the EMV 3-D Secure protocol.

RSA Adaptive Authentication for eCommerce helps card issuers and payments processors prevent more than 95 percent of fraud in card-not-present (CNP) e-commerce transactions and provide a frictionless authentication and shopping experience for cardholders.

In an increasingly digital world, there is a growing consumer demand for secure and simple eCommerce transactions. As card issuers, payment processors and retailers rapidly evolve digital technologies to meet these demands they are faced with the challenge of managing innovation and security.

Ambitious digital transformation initiatives introduce new threats and vulnerabilities like CNP fraud, which is on the rise globally, and is expected to reach $6.4 billion by 20211 in the U.S., according to Aite Group.

With millions of daily CNP e-commerce transactions, NewDay has selected RSA’s fraud detection capabilities and expertise to help provide a consistent, convenient and secure online shopping experience for cardholders.

RSA implemented and delivered a flexible solution that catered to NewDay’s specific regulatory considerations, and also in line with the Second Payment Service Directive Strong Consumer Authentication (PSD2 SCA) regulation requirements.

Powered by the RSA Risk Engine, RSA Adaptive Authentication for eCommerce leverages advanced machine learning to analyze hundreds of risk indicators and silently authenticate genuine cardholders while challenging only the small number of transactions that are high-risk.

As a result, NewDay has achieved a close to 100 percent fraud detection rate and transaction approval rate, along with single-digit customer intervention rates.

“At NewDay, our customers are at the heart of everything we do, and as they continue to embrace eCommerce, we are committed to investing in innovation that provides the most secure and seamless experience,” said Allan Kite, Director of Architecture & Solutions.

RSA Adaptive Authentication for eCommerce eliminates the 100 percent challenge rate, static passwords and cardholder enrollment with approximately 95 percent of average transactions unimpeded by the EMV 3-D Secure verification process.

“At the forefront of eCommerce innovation, the solution delivers close to a 100 percent genuine transaction approval rate while keeping fraud rates low. It also addresses the requirements for the EU’s Second Payment Services Directive (PSD2), providing a paramount customer experience and an unparalleled level of fraud detection.

“As organizations continue to pursue digital transformation initiatives, they must also prepare to manage the digital risks that come with innovation,” said Jim Ducharme, VP Identity and Fraud & Risk Intelligence Products, RSA Security.

“eCommerce innovations like mobile pay and digital wallets provide convenient payment options but also create unprecedented risks. RSA Adaptive Authentication for eCommerce empowers card issuers and processors, like NewDay, to manage these digital risks and prevent fraud without compromising the customer experience.

“As PSD2 drives changes in technical infrastructure at financial institutions across Europe, RSA is working to help organizations meet not only the technical challenges but also secure the future of digital payments.”

New infosec products of the week: February 14, 2020

RSA Archer SaaS: An integrated approach to managing risk

RSA Archer SaaS can help reduce the time and resources dedicated to on-premise platform upgrades, patches, and maintenance activities, as well as enable customers to focus on maturing and expanding their integrated risk management programs.

infosec products February 2020

Farsight Security enhances its Security Information Exchange data-sharing platform

Farsight Security announced enhancements to its Security Information Exchange data-sharing platform to help security professionals measurably improve the prevention, detection and response of the latest cyberattacks.

infosec products February 2020

Tufin SecureCloud: Providing unified security policy management for the hybrid cloud

Tufin SecureCloud is a security policy automation service for enterprises needing to gain visibility and control of the security posture of their cloud-native and hybrid cloud environments.

infosec products February 2020

ZeroFOX launches AI-powered Advanced Email Protection for Google and Microsoft platforms

The ZeroFOX Advanced Email Protection suite includes capabilities that address Business Email Compromise Protection for Google’s G Suite and Microsoft’s Office 365 platforms, which identifies impersonation-based attacks targeting employees.

infosec products February 2020

Devo Security Operations: Transforming the SOC and scaling security analyst effectiveness

Devo Security Operations is the first security operations solution to combine critical security capabilities together with auto enrichment, threat intelligence community collaboration, a central evidence locker, and a streamlined analyst workflow.

infosec products February 2020

esCLOUD extends managed detection and response to cloud platforms

esCLOUD constantly monitors customer cloud environments to detect improper configurations and vulnerabilities that could lead to data loss and compromise. Automated policy enforcement, combined with response and remediation from eSentire’s expert security analysts, ensures that customers can operate in the cloud with confidence.

infosec products February 2020

RSA Archer SaaS: An integrated approach to managing risk

RSA, a global cybersecurity leader delivering Business-Driven Security solutions to help organizations manage digital risk, is now offering RSA Archer SaaS (software as a service) for customers seeking to implement the RSA Archer Suite in the cloud.

RSA Archer SaaS

This offering provides organizations with the speed and agility of an integrated approach to managing risk delivered with flexibility and scalability needed to navigate digital transformation and protect against loss while supporting strategic growth.

As organizations continue down the path of digital transformation, they not only see the benefits of expanded use of technology, but also encounter consequences of extending technology deep into parts of their business that haven’t traditionally been ‘digital.’

Processes or operations that have been more ‘analog’ or manual, are suddenly prone to impacts such as cybersecurity or IT risks around business continuity. Expanded use of big data or a desire to connect digitally with consumers brings enhanced customer experience and may come with implications around data privacy or new compliance requirements.

Effectively managing these digital risks enables organizations to mitigate the threats to business operations and more importantly, increase the speed and confidence with which they transform their business.

“The RSA Archer Suite helps organizations at any stage in their risk management maturity journey to more effectively and efficiently manage risk as they strive to keep up in today’s hyperconnected world,” said David Walter, Vice President, RSA Archer.

“RSA Archer SaaS can help reduce the time and resources dedicated to on-premise platform upgrades, patches, and maintenance activities, as well as enable customers to focus on maturing and expanding their integrated risk management programs.

“The velocity and innovation behind RSA Archer SaaS will allow us to accelerate value for our customers with a seamless, smart and secure platform.”

RSA Archer SaaS enables organizations to leverage the flexibility, availability, and scalability of the cloud, coupled with the depth and breadth of the RSA Archer Suite, to comprehensively and proactively manage risk.

With RSA Archer SaaS, organizations can quickly implement RSA Archer solutions and lower their total cost of ownership by removing operational burden and expenditures for capital hardware and ongoing IT-related activities.

Key benefits of RSA Archer SaaS include:

  • Quick time to value with the ability to stand up an instance in days/hours
  • Flexibility and scalability of the cloud to support organizations’ changing integrated risk management (IRM) and business requirements
  • Lower total cost of ownership
  • Faster access to the latest RSA Archer features and functionality
  • Mission-critical resiliency and committed SLA

RSA NetWitness Platform updates eliminate false-positive threats, improves response management

RSA, a global cybersecurity leader delivering Business-Driven Security solutions to help organizations manage digital risk, releases the latest version of RSA NetWitness Platform, which includes functionality updates for automated network detection and response, user and entity behavior analytics (UEBA) and threat intelligence.

RSA NetWitness Platform

The updates provide customers with an enhanced RSA NetWitness UEBA offering that leverages network meta data to accurately identify unknown threats. RSA also unveils new enhancements to the RSA NetWitness Orchestrator, built on the innovative ThreatConnect technology, to deliver confidence that tasks and decisions are based on vetted, relevant threat Intelligence.

As organizations continue down the path of digital transformation, they not only see the benefits of expanded use of technology, but also encounter consequences of extending technology deep into parts of their business that haven’t traditionally been ‘digital.’

Processes or operations that have been more ‘analog’ or manual, are suddenly prone to impacts such as cybersecurity or IT risks around business continuity. Expanded use of big data or a desire to connect digitally with consumers brings enhanced customer experience and may come with implications around data privacy or new compliance requirements.

Effectively managing these digital risks enables organizations to mitigate the threats to business operations and more importantly, increase the speed and confidence with which the transform their business.

According to a study by RSA , 82% of risk and security professionals say their organization considers security breaches a business risk rather than just an IT risk. With the scale of attacks increasingly overwhelming to organizations, many companies have begun simply adding more security tools to try and eliminate threats.

However, new tools do not always lead to better security as they can often make teams and critical information more disconnected than ever. With the latest edition of the RSA NetWitness Platform, organizations can leverage machine learning to minimize blind spots in the threat landscape and accurately identify true threats, while simultaneously improving incident response planning, management, and orchestration.

The only product on the market that leverages visibility across logs, endpoint process data, and network meta data, RSA NetWitness UEBA can provide customers with exceptional threat detection by identifying and remediating unknown threats.

Combined with the streamlined incident response and threat intelligence capabilities of RSA NetWitness Orchestrator, organizations will be able to automatically manage threat data by sending threat indicators and intelligence to defense tools for alerting or blocking, or looping in team members for systematic, automated actions to remediate threats.

“Organizations waste too much time chasing false-positives and inconsequential alerts,” says Michael Adler, Vice President, RSA NetWitness Portfolio.

“Applicable to any vertical going through digital transformation, the updated RSA NetWitness Platform streamlines operations to resolve cyber threats as quickly as possible and goes a step further to determine which issues require the most immediate attention. This will help reduce the scale of cyber-attacks and provide customers confidence in their digital journey.”

The same technologies companies need to stay competitive today – cloud applications, virtual infrastructure, mobile devices, etc. – subsequently provide attackers with more vulnerabilities to exploit and more ways to evade detection.

The RSA NetWitness Platform is designed to meet these challenges by giving organizations the visibility and insights needed to detect threats and protect what matters most.