Securonix and Opora deliver automated action to prevent adversary attacks and contain threats

Securonix announced it signed an OEM agreement with Opora, a next-generation cybersecurity provider that uses pre-attack adversary behavior analytics to protect organizations from emerging threats.

The partnership provides customers Securonix Adversary Behavior Analytics (ABA), an advanced capability that helps organizations protect mission critical assets by monitoring adversary behavior and delivering automated, preemptive actions that prevent attacks and help contain adversary threats.

Securonix’s Next-Gen SIEM combines log management, user and entity behavior analytics (UEBA) and security incident response into a complete, end-to-end security operations platform. It leverages patented machine learning algorithms to detect threats and provide incident response capabilities for fast remediation.

Opora’s Adversary Behavior Analytics provides a continuous view of cyber adversaries, exposing and monitoring their attack infrastructure and delivering proactive action to thwart attacks at the source.

“Threat actors are constantly shifting their methods to find new ways to compromise organizations and monetize their efforts,” said Nanda Santhana, Senior VP of Cybersecurity Solutions, Securonix.

“By proactively monitoring this behavior and taking the right preventative measures, cybersecurity teams can maintain an incredible advantage in protecting their assets. This partnership with Opora brings a new, preemptive threat intelligence capability to our customers to help them understand tomorrow’s attacks today, and proactively respond based on that information.”

The joint solution combines Opora’s Adversary Behavior Analytics with Securonix’s Next-Gen SIEM to deliver customers end-to-end visibility into adversary behavior, helping preempt attacks before they happen, contain attacks in progress, and deter the adversaries behind the attacks.

Securonix’s SIEM ingests data from Opora’s platform, providing the context needed to deliver rapid alert prioritization, resulting in fewer false positives and accelerating targeted and orchestrated adversary attack counter measures.

This unique combination of capabilities empowers joint customers to secure remote employees and defend against the most common attack methods, such as business email compromise, ransomware and fraud.

“The majority of adversaries are uncontested and free to explore new ways to penetrate organizations and compromise valuable assets,” said Chris Bell, Co-founder & CEO, Opora.

“By combining Opora’s Adversary Behavior Analytics with Securonix’s SIEM, customers gain the level of visibility needed to maintain a preemptive advantage over malicious actors and benefit from next-level protection against sophisticated attacks.”

Securonix’s platform products approved for Department of Homeland Security’s CDM program

Securonix, a leader in Next-Gen SIEM, announced that multiple Securonix Security Operations & Analytics Platform products have been approved for Network Security Management of the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) program’s Approved Products List.

The CDM program provides cybersecurity tools, integration services, and dashboards to participating agencies to support them in improving their respective security posture. CDM program objectives include:

  • Reducing agency threat surface
  • Increasing visibility into the federal cybersecurity posture
  • Improving federal cybersecurity response capabilities
  • Streamlining Federal Information Security Modernization Act (FISMA) reporting

Securonix Next-Gen SIEM and Security Data Lake products were approved for Network Security Management, which aims to provide tools for incident response and monitoring, ongoing assessment monitoring, and auditing data collection.

“Government organizations are notoriously under-resourced in combating the sophistication of modern cyber threats,” said Sachin Nayyar, CEO of Securonix.

“With limited budgets for robust security operations from a personnel standpoint, access to best-in-class technology solutions is the most direct path to optimal security posture. We are honored to be part of the CDM’s Approved Products List and do our part in making government organizations more secure.”

Securonix delivers unlimited scale across its product portfolio, powered by advanced behavior analytics, detection, threat modeling and machine learning in a cloud-based solution. Securonix Next-Gen SIEM combines log management, user and entity behavior analytics (UEBA), and security incident response into a complete, end-to-end security operations platform.

Securonix Security Data Lake delivers real-time enrichment, rapid search and threat hunting, and data insights and compliance reporting in an open data platform for maximum scalability and data retention.

Securonix partnered with Trusted Government IT Solutions Provider, Carahsoft to be added to the CDM’s Approved Products List.

“Securonix Next-Gen SIEM and Security Data Lake products provide the finest available analytics-driven capabilities for enhancing cyber-defense strategies,” said Ryon Williams, Sales Director at Carahsoft. “Securonix’s addition to the CDM Approved Products List is well deserved and will be a tremendous benefit to government organizations.”

Photos: RSA Conference 2020, part 2

RSA Conference 2020 is underway at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Part one of the photos is available here.

Here are a few photos from the event, featured vendors include: Tenable, Ping Identity, PKWARE, eSentire, Deloitte, Securonix, and Futurex.

photo gallery RSA Conference 2020

photo gallery RSA Conference 2020

photo gallery RSA Conference 2020

photo gallery RSA Conference 2020

photo gallery RSA Conference 2020

photo gallery RSA Conference 2020

photo gallery RSA Conference 2020

Securonix Analytics Sandbox: An isolated test environment for security operations teams

Securonix, a leader in next-gen SIEM, announced at RSA Conference 2020 the launch of the Securonix Analytics Sandbox capability. The new capability provides an isolated test or QA environment within the production setup for security operations teams to test, tune, and validate new use cases prior to pushing them to live production.

Across teams, security operations face a common challenge – testing and deploying use cases without impacting efficiency. The process of fine-tuning use cases and adding team-created content or algorithms to live production environments is time consuming and creates excess “noise” – in the form of unverified alerts, false positives, and violations – for already under-resourced security operations and response teams to handle.

With Securonix Analytics Sandbox, the teams responsible for developing SIEM content can test and fine-tune use cases against real production data without impeding SOC efficiency.

Securonix unveiled its industry-first Analytics Sandbox capability at Securonix Spark 2020, the company’s third annual conference, coinciding with RSAC 2020.

Spark 2020 focuses on combating multi-cloud threats, with presentations by Sachin Nayyar, CEO of Securonix; Felipe Boucas, Director of Product for Managed Security Services at Verizon; Rohit Gupta, Global Segment Leader for Security at AWS; Anil Markose, SVP at Booz Allen Hamilton; as well as several other industry CISOs and subject matter experts.

“Security operations teams are in a catch 22 – they must update use cases rapidly to stay ahead of evolving threats, but must do so in a way that does not add false positive noise or require additional response resources for data storage or compute,” said Sachin Nayyar, CEO of Securonix.

“Leveraging the elasticity of its cloud-based architecture, Securonix is able to provide customers the Securonix Analytics Sandbox capability that satisfies these needs.”

How Securonix Analytics Sandbox works

Securonix Analytics Sandbox allows multiple teams – including data scientists, detection engineers, blue teams, and others – to create multiple test beds to test use cases at scale against production data and analyze the impact in isolation. The use cases tested in the sandbox can be tuned, validated, and then pushed to production.

Securonix Analytics Sandbox enables users to keep entity risk scores intact until the new use cases are pushed to live production. Use cases moved from the sandbox to production provide three options to testers:

  • Delete violations (risk sore) and delete meta-data (behavioral profile)
  • Delete violations (risk score) and keep meta-data (behavioral profile)
  • Keep violation (risk score) and keep meta-data (behavioral profile)

Securonix uses the dynamic resource allocation capability within the AWS cloud platform and the Spark application to allocate resources on-demand for the sandbox environment. This allows Securonix to enable the Analytics Sandbox for its SaaS customers at production scale without impacting performance.