The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of September 1. This curated list features endpoint security and network monitoring vendors such as Infovista, Fianu Labs, the FBI, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Endpoint Security and Network Monitoring News for the Week of September 1

Infovista and BT Proof-of-Concept Aims to Reduce Troubleshooting Time

Infovista, a global leader in network lifecycle automation, has announced a collaborative effort with BT on a proof of concept aimed at developing a new automated Root-Cause Analysis (RCA) use case for its fixed voice services. The use case, which will be showcased for the first time at TM Forum’s DTW23, demonstrates how CSPs such as BT can realize substantial operational efficiencies. Infovista predicts that the technology will be able to reduce resolution times for CSPs by more than two-thirds allowing for enhanced customer satisfaction.

Read on for more.

NordVPN Launches NordLabs to Encourage Innovation in Experimental Technologies

NordVPN, a VPN solutions provider, launches NordLabs – a platform for experimental projects and cutting-edge innovations. It will explore emerging technologies, such as AI, to create new tools and services. NordLabs will work in two main directions. First, it will provide a broader space for NordVPN’s team of engineers and developers to experiment with new ideas and emerging technologies and encourage creative thinking to explore novel approaches to online privacy and security. Secondly, the platform will allow early adopters and tech enthusiasts to gain exclusive access to innovative projects before they become mainstream. To access upcoming NordLabs experimental projects, users must register on the waiting list. Once new experimental projects are released, registered users can test and provide feedback on features and services developed by NordVPN. Signed up users can expect the first products to test in September.

Read on for more.

Fianu Labs Secures $2 Million in Seed Funding from DataTribe

Fianu Labs, a software governance automation solutions provider, this week secured a $2 million seed investment from DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies. Fianu’s platform captures evidence across the DevSecOps toolchain mapped to internal policy during real-time, continuous audits against established risk controls and compliance frameworks. Each software release is accompanied by a Software Bill of Attestations (SBOA) designed to transmit immutable, audit-worthy evidence.

Read on for more.

U.S. Army Selects BackBox to Automate Multi-Vendor Network Environment

BackBox, a network automation solutions provider, this week announced the U.S. Army has selected BackBox’s Network Automation Platform to automate Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) compliance of their multivendor network environment. BackBox integrates with all major network monitoring platforms and has added new features to enable customers to easily migrate to BackBox.

Read on for more.

Aqua Security Threat Alert: “Kinsing Malware Exploits Novel Openfire Vulnerability”

Aqua Nautilus discovered a new campaign that exploits the Openfire vulnerability (CVE-2023-32315), that was disclosed in May of this year, to deploy Kinsing malware and a cryptominer. This vulnerability leads to a path traversal attack, which grants an unauthenticated user access to the Openfire setup environment. This then allows the threat actor to create a new admin user and upload malicious plugins. Eventually the attacker can gain full control over the server. In this blog, we explain the vulnerability, Kinsing’s campaign, and quantify the extent of instances potentially exposed to this specific vulnerability.

Read on for more.

FBI and Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown

This week, the FBI and the Justice Department announced a multinational operation to disrupt and dismantle the malware and botnet known as Qakbot. The action, which took place in the U.S., France, Germany, the Netherlands, Romania, Latvia, and the United Kingdom, represents one of the largest U.S.-led disruptions of a botnet infrastructure used by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Contributed Content Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry thought leaders together to publish the web’s leading insights for enterprise technology practitioners.

Finding Business Value in the Vast Sea of Threat Intelligence

Delilah Schwartz of Cybersixgill crosses over the vast sea of threat intelligence, in search of added value by combining the right tools. The continued acceleration of highly sophisticated cyber-attacks impacts countless organizations, their brand’s reputation, and their bottom line. This situation puts growing pressure on security leaders to effectively and successfully reduce organizational threat exposure across a rapidly proliferating attack surface. Without the means to identify the threats that pose the most significant risk to their organizations, security teams continue to fight cyber warfare like playing a game of whack-a-mole, addressing issues as they occur without successfully getting ahead of malicious actors. Cyber threat intelligence plays a vital role in cyber warfare and is no longer a “nice-to-have” but a “need-to-have” weapon. With the right intelligence tools, teams can derive critical insights into the emerging tactics, techniques, vectors, and procedures that could expose their network to attack. But selecting the right threat intelligence products and services to maximize business value is not easy.

Read on for more.

Home Grown: How to Fill the Cybersecurity Talent Gap from the Inside

Pieter Danhieux of Secure Code Warrior discusses how filling the cybersecurity talent gap starts with getting everyone on board with security familiarity. The universal corporate culture still generally believes that outside hiring represents the primary way to fill in talent gaps. However, given the mounting hiring costs and the severe consequences of cyber threats, CISOs would greatly benefit from re-evaluating how they address the situation by looking within. Instead of the traditional recruitment of outside candidates, we should leverage proven, internal performers. Those performers may not be highly skilled security professionals. But by providing proper learning pathways and support, leaders can empower them to take on critical roles in cyber defense.

Read on for more.

The post Endpoint Security and Network Monitoring News for the Week of September 1; Infovista, Fianu Labs, the FBI, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of August 11. This curated list features endpoint security and network monitoring vendors such as Entara, EY, Cloudflare, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Endpoint Security and Network Monitoring News for the Week of August 11

Entara Announces Launch of Vulnerability Management as a Service

Entara, a cybersecurity solutions provider, this week announced the launch of a new cybersecurity offering, Vulnerability Management as a Service (VMaaS). The offering allows Entara’s clients increased hardening against evolving cyber threats through consistent identification and remediation of vulnerabilities and risks. Entara VMaaS is a long-term service that regularly scans client environments, including workstations, servers, and networking appliances, to identify risks and vulnerabilities that may expose an environment to an attack. The firm identifies, prioritizes, remediates, and reports on vulnerabilities that can be caused by things such as updates in systems and software not being correctly patched, Zero Day vulnerability exploits, misconfigured security settings, and changes in vendor or community security standards.

Read on for more.

Appdome Launches Cyber Community Program with Pen Testers Around the World

Appdome, a mobile app security solutions provider, announced the launch of its new Mobile App Defense Project, a community program aimed at improving mobile DevSecOps through collaboration with more than 50 renowned mobile app penetration testers around the world. This initiative aims to foster a more secure mobile app economy, raise the bar on mobile app defense and provide rapid, validated, continuous cyber and anti-fraud solutions for all mobile applications globally.

Read on for more.

Menlo Security Introduces “Industry-First” AI-Powered Phishing and Ransomware Protection

Menlo Security, a browser security solutions provider, recently announced HEAT Shield and HEAT Visibility, the “industry’s first” suite of threat prevention capabilities designed to detect and block highly evasive threats targeting users via the web browser. Menlo Security HEAT Shield and HEAT Visibility are built on Menlo Security’s cloud-based Isolation Core, which monitors and analyzes over 400 billion web sessions annually. HEAT Shield leverages the Isolation Core to support dynamic security policies which can be applied to users based on web session events and behavior to prevent attackers from gaining access to the endpoint. Individuals are protected from potential threats without any impact on the end-user experience.

Read on for more.

EY launches Intelligent Extended Detection Response Solution

The EY organization announced this week the EY Intelligent Extended Detection & Response (IXDR) solution, in collaboration with cybersecurity provider Secureworks. IXDR is a service providing 24×7 threat monitoring, detection and response on an open XDR platform that leverages threat intelligence research, artificial intelligence (AI), machine learning (ML) algorithms and modern data pipelines to help organizations drastically reduce the response time to cyber threats, working to potentially bring it down to minutes. As part of the Enterprise Intelligent Cyber Resilience transformation life cycle, IXDR supports organizations to help achieve detailed visibility and control over their network and security fabric, helping them stay ahead of sophisticated cyber attacks and potential threats.

Read on for more.

Alkira and Itential Announce Platform Integration

Alkira and Itential, two names in cloud network security, this week announced the integration of their two platforms, bringing automation, simplicity, speed and control to cloud networking for enterprises. Together the two platforms give enterprises the ability to deploy, manage and operate enterprise grade networks for cloud and on-prem with full end-to-end automation, reducing time to market for business-critical services.

Read on for more.

NetSPI Debuts ML/AI Penetration Testing

NetSPI, a leader in cybersecurity solutions, this week debuted its ML/AI Pentesting solution to bring a more holistic and proactive approach to safeguarding machine learning model implementations. The “first-of-its-kind” solution focuses on two core components: Identifying, analyzing, and remediating vulnerabilities on machine learning systems such as Large Language Models (LLMs) and providing grounded advice and real-world guidance to ensure security is considered from ideation to implementation. NetSPI’s ML/AI Pentesting solution caters to organizations seeking to enhance the robustness, trustworthiness, and security of their ML systems, with a particular focus on LLMs.

Read on for more.

Cloudflare Announces Project Cybersafe Schools to Better Secure K-12 School Districts For Free

Cloudflare, a cybersecurity solutions provider, this week introduced a new initiative aimed at improving cybersecurity for K-12 public school districts at no cost: Project Cybersafe Schools. This new program will provide a suite of Zero Trust cybersecurity solutions to give small school districts faster, safer Internet browsing and email security– at no cost, and with no time limit. To be eligible, Project CyberSafe School participants must be K-12 public school districts located in the United States with up to 2,500 students in the district. The offerings to eligible school districts will be at no cost, with no time limit, and can be used as a technology protection mechanism for Children’s Internet Protection Act (CIPA) compliance.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Contributed Content Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

What to Expect at Solutions Review’s Spotlight with Cloudflare on September 19

With the next Solutions Spotlight event, the team at Solutions Review has partnered with network solutions provider, Cloudflare. Join this webinar to understand the profound impact DDoS attacks can have on an organization’s bottom line and how investing in proactive defenses can yield substantial returns.

Read on for more.

Is Your Security Stack Ready for Generative AI?

Ashley Leonard of Syxsense examines the current and future state of Generative AI, while posing the question, “Is your security stack ready?” Businesses are eager to unlock AI’s full potential to easily create new content (through text, audio, images, synthetic data, and more), and to some extent, quicken the technological evolution of their existing products and services. While the craze is understandable, there are also concerns about transformative technology – especially when it comes to cybersecurity. For example, there have already been reports of threat actors abusing generative AI through indirect prompt injections that compromise LLM-integrated applications. And Meta’s 65-billion parameter language model was also recently leaked, enabling threat actors to carry out more personalized spam and phishing attacks, and a host of other fraudulent cyber activities. But misusing technology is just one item on a long list of concerns associated with generative AI and cybersecurity. Sadly, integrating the technology could also leave your business susceptible to copyright infractions, efficacy issues, employee displacement, and ethical missteps. However, the upside of AI in security is too big to ignore and when applied responsibly, it can accelerate and enhance your security posture (or offering).

Read on for more.

The post Endpoint Security and Network Monitoring News for the Week of August 11; Entara, EY, Cloudflare, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of July 28. This curated list features endpoint security and network monitoring vendors such as Protect AI, Mimecast, EPAM, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Endpoint Security and Network Monitoring News for the Week of July 28

Protect AI Raises $35M in Series A Financing

Protect AI, an AI/ML security company, this week announced it has closed a $35M Series A round of funding led by Evolution Equity Partners with participation from Salesforce Ventures and existing investors Acrew Capital, boldstart ventures, Knollwood Capital and Pelion Ventures. To date, the company has raised a total of $48.5M to help organizations protect ML systems and AI applications from unique security vulnerabilities, data breaches and emerging threats.

Read on for more.

Palo Alto Networks Introduces CI/CD Security Module

This week, Palo Alto Networks introduced the CI/CD Security module to provide integrated software delivery pipeline security as part of their code-to-cloud capabilities in Prisma Cloud’s CNAPP platform. The CI/CD Security module enables DevOps and security teams to better collaborate and improve security outcomes throughout the application life cycle.

Read on for more.

Mimecast Announces Protection for Microsoft Teams

Mimecast Limited (Mimecast), an advanced email and collaboration security company, this week announced an August 2023 release of Protection for Microsoft Teams for its Email Security Cloud Integrated customers. Security solutions for additional collaboration channels, such as Microsoft SharePoint, Microsoft OneDrive, Slack, and Google Workspace will follow.

Read on for more.

DocuSign, PresentID, and Microsoft All Announce New Face Biometrics Capabilities

Among those launching verification products is DocuSign, the U.S. electronic signature and agreements management company. In a release, DocuSign said it has upgraded its Liveness Detection for ID Verification tool, which can now detect spoofing, “confirm signers are who they say they are, are physically present at signing and that their IDs are valid.” The software was developed with United Kingdom-based identity verification firm Onfido and compares video selfies to photo IDs. In France, deep-tech cybersecurity firm PresentID says it’s integrating face liveness and voice biometrics into its remote identity verification software. A company release says that its software works for financial institutions, marketplaces, dating apps and other platforms. A post on Microsoft’s documentation site outlines how its Azure AI Face provides face biometrics services and technologies across the verification industry. Azure AI Face performs ID-to-face matching for more efficient onboarding, verification and other identification processes. Its face detection API locates faces and analyzes landmarks and attributes, such as head position or the presence of jewelry or glasses. It also accounts for signal noise, occlusion and blur. The post specifies that “the values returned by the API for each attribute are predictions of the perceived attributes and are best used to make aggregated approximations of attribute representation rather than individual assessments.”

Read on for more.

EPAM Takes Home U.S. Migrate Partner of the Year Award

EPAM Systems, Inc., a leading digital transformation services and product engineering company, this week announced it has won the 2023 Microsoft U.S. Azure Migration Partner of the Year Award. The Company was honored among a global field of top Microsoft partners for demonstrating excellence in innovation and implementing customer solutions based on Microsoft technology. EPAM also secured the global finalist position in the Industry, Retail and Consumer Goods category for exceptional contributions at Estée Lauder Companies and Ahold Delhaize and placed as a U.S. finalist in the Global Retail and Consumer Goods category. Additionally, EPAM achieved the U.S. finalist position in Azure Modernize for its work at Ahold Delhaize.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Solutions Review Set to Host Infinidat for Exclusive Spotlight Webinar on August 15

With the next Solutions Spotlight event, the team at Solutions Review has partnered with leading enterprise data and cloud solution provider Infinidat. This session will demonstrate how easily enterprises can create cyber-resilient storage environments that can withstand and recover from cyber-attacks.

Read on for more.

Navigating Cyber Complexity with an Integration Mindset

Julian Martin of Mimecast takes the helm and helps navigate through the waves of cyber complexity by applying an integration mindset. The complexity afflicting cybersecurity teams far and wide is well-documented. From widespread staffing shortages to bloated tool sprawl, cloud-based hybrid enterprises are navigating a sea of complications when defending against highly sophisticated threats. In response, the concept of tool consolidation has emerged as a hot-button buzzword– the silver bullet for finding a simplified solution to the complexity problem. But beneath the surface and beyond the untrained eye, the situation isn’t really that simple.

Read on for more.

The MOVEit Effect: Protecting Public-Facing Applications

Kiran Chinnagangannagari of Securin looks at the impact of the MOVEit exploit for answers in protecting public-facing applications. Organizations globally use public-facing applications every day to keep their businesses running. Servers, virtual private networks (VPNs), and application programming interfaces (APIs) are all common forms of third-party, public-facing applications that make accessing a service or completing work more efficient — but less secure. Many of these web-based applications can be used as a point of entry by bad actors to exploit vulnerabilities, gain access to proprietary information, and hold systems for ransom. Organizations involving strict compliance laws – like healthcare or finance – can be at elevated risk of damages from a data breach.

Read on for more.

Widget not in any sidebars

The post Endpoint Security and Network Monitoring News for the Week of July 28; Protect AI, Mimecast, EPAM, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of July 21. This curated list features endpoint security and network monitoring vendors such as Postman, Actility, Sonar, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Widget not in any sidebars

Endpoint Security and Network Monitoring News for the Week of July 21

Postman Acquires Akita Software

Postman, an API Platform, this week announced it has acquired Akita Software, a monitoring and observability solutions provider. This is Postman’s first strategic acquisition since hitting a major milestone of 20M users. Postman will integrate Akita’s API discovery and monitoring capabilities into its platform to deliver tooling to help organizations “thrive in an API-first world.” Akita’s addition will make it easier than ever for users to manage their production APIs, even in the face of API sprawl. Managing too many APIs or microservices is a top obstacle to producing APIs, according to nearly one in four respondents in Postman’s 2023 State of the API Report, which surveyed over 40,000 professionals. At large enterprises, API sprawl is even worse: almost one in three respondents say it’s an obstacle. Akita’s capabilities for API discovery and monitoring make it possible to automatically manage APIs by simply allowing Akita’s agent to watch API traffic.

Read on for more.

Lookout Report: “Android Surveillanceware Attributed to China’s APT41”

Lookout, Inc., the endpoint-to-cloud security company, this week announced the discovery of two new advanced Android surveillanceware instances, WyrmSpy and DragonEgg, attributed to the high-profile Chinese threat group APT41. Despite being indicted on multiple charges by the U.S. government for its attacks on more than 100 private and public enterprises in the U.S. and around the world, APT41’s tactics have evolved to include mobile devices. Customers of Lookout Mobile Endpoint Security are protected from these threats.

Read on for more.

Actility Acquires Acklio

Actility, an IoT network infrastructure solutions provider, this week announced the acquisition of Acklio, a provider of SCHC (Static Context Header Compression) technology for LPWAN (Low Power Wide Area Network) networks. This acquisition will further strengthen Actility’s position as a leader of end-to-end IoT solutions and will enable the company to offer a broader range of IP-based IoT applications over LPWAN networks.

Read on for more.

Endor Labs Releases “State of Dependency Management 2023” Report

Endor Labs, creator of the Code Governance Platform, today released “State of Dependency Management 2023,” a new research report exploring emerging trends that software organizations need to consider as part of their security strategy, and risks associated with the use of existing open source software (OSS) in application development. In particular, as modern software development increasingly adopts distributed architectures and microservices alongside third party and open source components, the report tracks the astonishing popularity of ChatGPT’s API, how current large language model (LLM)-based AI platforms are unable to accurately classify malware risk in most cases, and how almost half of all applications make no calls at all to security-sensitive APIs in their code base. The report emphasizes how these issues need to be prioritized in every organization’s security strategy.

Read on for more.

New Research Released from Sonar on Cost of Technical Debt

This week, Sonar released a research report that examines the millions of dollars that businesses lose when they fail to implement an optimal approach for software development. The research, based on an examination of over 200 projects within a 12-month span, calculates that the attributed technical debt cost is $306,000 per year for a project of one million Lines of Code (LoC). This is equivalent to 5,500 developer hours spent on remediation, development time that could be put towards more innovative and valuable projects.

Read on for more.

Coursera Announces First Entry-Level Professional Certification

Earlier this week, Coursera announced that Microsoft launched its first entry-level Professional Certificate on Coursera, the Microsoft Cybersecurity Analyst Professional Certificate. This program is designed to help learners develop the in-demand skills needed for a successful career in cybersecurity. This program doesn’t require previous experience or education, and requires only six months for beginner-level learners to get hands-on practice in Microsoft Azure, network security, cloud computing security, computer security incident management, threat mitigation, and more.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Contributed Content Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

NDR: The Vital Ingredient For A Successful XDR Strategy

Mark Doering of NETSCOUT dons his chef’s hat and looks at why NDR is a vital ingredient when cooking up an XDR strategy.

In the world of enterprise security, numerous technology options are available, causing companies to make difficult decisions when it comes to designing their security strategies. Despite the options, security teams are constantly searching for the ‘secret sauce’ or the best and most effective way to integrate security tools that will achieve a strong ROI. One of those ingredients is a successful Extended Detection and Response (XDR) strategy, which offers visibility across multiple data in one platform. This strategy, however, can only exist with the inclusion of Network Detection and Response (NDR), which focuses on analyzing packet data in network traffic rather than logs, endpoints, or other data streams. In this article, we will explore the intricacies of designing a comprehensive XDR strategy, why packet-based NDR solutions must be a vital part of that strategy, and why combining both security solutions is the ideal posture for a more robust, real-time view of today’s rapidly-evolving threat landscape and dynamic attack surface.

Read on for more.

The post Endpoint Security and Network Monitoring News for the Week of July 21; Postman, Actility, Sonar, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of July 7. This curated list features endpoint security and network monitoring vendors such as Aqua Security, amazee.io, FPT Software, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Widget not in any sidebars

Endpoint Security and Network Monitoring News for the Week of July 7

Aqua Security Threat Alert: “Anatomy of Silentbob’s Cloud Attack”

Aqua Nautilus researchers identified an infrastructure of a potentially massive campaign against cloud native environments. This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials hijack, resource hijack and further infestation of the worm. Aqua believes that TeamTNT is behind this new campaign. This investigation was prompted by an attack on one of their honeypots.

Read on for more.

amazee.io Recognized with AWS DevOps Competency

amazee.io (a Mirantis company), a DevOps solutions provider, announced this week that it has achieved Amazon Web Services (AWS) DevOps Competency status. This prestigious recognition confirms amazee.io’s expertise and technical proficiency in providing end-to-end solutions in the field of DevOps. AWS DevOps Competency is a highly sought-after accolade that distinguishes providers that have demonstrated a deep understanding of DevOps practices and the ability to provide innovative solutions in this field. It is a testament to its robust capability in delivering solutions and services that help businesses accelerate their time to market and achieve their business objectives more efficiently. Earning the AWS DevOps Competency sets amazee.io apart as an AWS Partner Network (APN) member with expertise in Continuous Integration, Continuous Delivery, and Infrastructure as Code, backed by demonstrated technical proficiency and proven customer success.

Read on for more.

Axio Global Unveils Cyber-Physical Attack Quantifier at Lloyd’s Lab Demo Day

Axio Global, a cybersecurity solutions provider, this week showcased a new product concept for quantifying cyber-physical attacks. The event was held at Lloyd’s in front of a live audience and streamed globally. The demonstration was the culminating activity of the Lloyd’s Lab 10th Cohort, a 10-week incubator program for the development of new solutions for the insurance industry. The global program received over 200 applications from 32 countries in which Axio was one of 13 chosen by an expert panel of Lloyd’s and market stakeholders. Axio’s participation in Lloyd’s Lab is a natural progression of Axio’s dedication to helping quantify cyber risk for critical infrastructure organizations. Axio has deep roots in the insurance industry and in securing the world’s most critical assets. Co-founder Scott Kannry was closely involved in developing the first commercial cyber insurance products as an executive at Aon. While co-founder David White was the security architect for the C2M2 model and helped author and contribute to many of the world’s most widely used cybersecurity assessment frameworks, which are available in Axio’s SaaS platform Axio360.

Read on for more.

Cyble Launches Global Partner Program “Cyble Partner Network”

Cyble, a threat intelligence solutions provider, is excited to announce the launch of the Cyble Partner Network (CPN) this week. CPN aims to foster collaboration, expand market reach, and provide comprehensive cybersecurity solutions. By joining the network, businesses gain access to cutting-edge threat intelligence, enabling knowledge exchange, innovation, and empowerment to stay ahead in the cybersecurity landscape.

Read on for more.

FPT Software Achieves AWS Security Competency Status

Global IT services provider FPT Software has officially obtained the Security Services Competency badge from Amazon Web Services (AWS). This recognition marks an important milestone for the company in delivering Cloud Transformation services, bringing differentiation to its offerings and unlocking positive prospects. For two consecutive years, the company has also been spotlighted in important reports of leading technology research firms such as Forrester and Gartner for its remarkable capability in cloud migration, managed security services, and more. The recognitions reinforce FPT Software’s position as Asia’s leading digital transformation service provider in both Cloud and Big Data services.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Plenty of Phish in the Sea

Aamir Lakhani of Fortinet looks at some of the different bait being dropped by hackers on phishing expeditions people are still falling for. As ransomware incidents continue to climb, we’re seeing that even as things change, there’s a lot that still stays the same. Bad actors are still using the same playbook – and it’s working. A recent survey on ransomware found that phishing remained the top tactic (in 56 percent of cases) that malicious actors used to infiltrate a network and launch a ransomware attack. If it’s not broke, don’t fix it, right? In a sea of possibilities, if the same tactic continues to work, bad actors will keep using it. And phishing has proven time and time again to be highly effective, especially when it’s based in social engineering. It’s also getting easier than ever. Sophisticated phishing tool kits are sold or given away for free on many hacker forums; they’re available to download on sites such as GitHub, and they’re available or distributed through TOR or BitTorrent.

Read on for more.

The Future of AppSec Depends on Force Multiplying Talent

Peter Morgan of Phylum predicts that the future of AppSec depends on successfully force-multiplying the talent pool. To plan for the future of Application Security (AppSec), we must rethink our ability to hire and retain talent. Ahead of the economic downturn of 2022, Application Security roles had double-digit negative unemployment rates. These roles were difficult to fill due to the number of roles open, and the challenging experience required by them. These variables caused compensation to skyrocket, and massive tech companies will scoop up more of this small skilled talent pool, leaving gaps for everyone else. This paints a picture of the future reality where application security programs cannot scale as they exist today. There simply is not enough talent to go around for everyone without change. To solve this, we need to consider how AppSec engineers can become force multiplied. One of the shifts AppSec will need to make is the proper use of tools to enable skilled AppSec engineers to cover many more developers than they currently can. To accomplish this, we’ll need to consider changes in the software development process to assist this effort.

Read on for more.

SBOM: Unlocking the Power of Software Bill of Materials in DevOps

Curtis Yanko of GrammaTech takes a closer look at the next killer app – the software bill of materials, or the SBOM — and unlocking its potential in DevOps. In the constant struggle against software vulnerabilities and supply chain attacks, the software bill of materials (SBOM) is often touted as a “killer app” that enables all sorts of best practices for secure software development. But even as SBOM use becomes an industry standard, there’s much discussion about why and how they should be used. Let’s start by agreeing to one basic tenet: a software bill of materials is very useful for development operations. In fact, it’s become a requirement since the federal government issued Executive Order 14028 and the Office of Management and Budget’s memo M-22-18, which made them a must for software developers doing business with the federal government. At its most basic, an SBOM is just like any bill of materials, a list of the components in a finished product— in this case, a software program or app. In case of trouble, software developers can zero in on the cause and remediate the issue. After large-scale supply chain attacks like the SolarWinds incident, the government was pressed to act, but meeting a government mandate can turn into a box-ticking exercise if users don’t grasp the fine points of the practice. At the recent SBOM-a-Rama meeting held by the government’s Cybersecurity and Infrastructure Security Agency (CISA), industry professionals remarked the development of government standards is slow, and industries will have to step in to develop data naming quality standards that will enable establishing best practices and automate the production of SBOMs. Some attendees at the CISA meeting even pondered forcing the government’s hand by neglecting to meet the SBOM requirements until the authorities issue standards. But SBOMs are already helpful to DevOps in use cases that go far beyond regulatory compliance.

Read on for more.

Widget not in any sidebars

The post Endpoint Security and Network Monitoring News for the Week of July 7; Aqua Security, amazee.io, FPT Software, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of June 23. This curated list features endpoint security and network monitoring vendors such as Zayo, Tanium, Cyware, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Widget not in any sidebars

Endpoint Security and Network Monitoring News for the Week of June 23

Zayo Awarded $92.9M from NTIA to Extend Middle-Mile Connectivity

Zayo Group Holdings, Inc., a global communications infrastructure provider, announced it has been awarded $92.9 million from the National Telecommunications and Information Administration (NTIA) Middle Mile Grant Program as a part of the overall national efforts to close the digital divide and bring reliable network infrastructure to all. As the only national provider awarded in this latest round of grants from NTIA, the funds will be directed towards three separate projects from Zayo to bring network infrastructure to communities in need across eight states and over 2,100 route miles. Locations were selected on a needs-based criterion including current broadband speeds, rurality, and socio-economic indicators to identify opportunities where network investments could make the largest impact to the communities they serve.

Read on for more.

Orange Business, Orange Cyberdefense and Palo Alto Networks Join Forces

Orange Business, Orange Cyberdefense and Palo Alto Networks, the global cybersecurity leader, have joined forces to offer a managed Secure Access Service Edge (SASE) solution that meets enterprise customers’ most demanding networking and security challenges with high performance, simplicity, and Zero Trust Network Access 2.0. By combining Palo Alto Networks Prisma SASE (Prisma Access + Prisma SD-WAN), with the connectivity and digital integration capabilities of Orange Business, along with the Managed Secure Access service by Orange Cyberdefense, customers can meet the challenge of a rapidly evolving threat landscape with a fully managed SASE solution that delivers a secure foundation for agile, cloud-enabled organizations.

Read on for more.

Tanium Announces New Platform Enhancements

Tanium, an endpoint security solutions provider, this week released major enhancements to the Tanium Software Bill of Materials (SBOM) that now include Common Vulnerability and Exposures (CVE) information. Tanium’s SBOM identifies software components on endpoints, including open-source software embedded in libraries within native and third-party software, enabling organizations to prioritize and remediate software supply chain risks with unmatched speed and scale. In addition to several new Risk & Compliance features, Tanium also announced the expansion of support for ARM-Based endpoints to help IT teams minimize blind spots and drastically reduce the need for separate endpoint tools.

Read on for more.

Globe Telecom Chooses Traceable AI to Improve API Security Capabilities

Traceable AI, an  API security company, this week announced that it has been selected from amongst multiple API Security vendors by Globe, to strengthen its API security capabilities. Only recently, selected providers in the global telecommunications industry have reported large scale data breaches as a direct result of exposed APIs. This partnership showcases the value of cybersecurity in an important but vulnerable field. With Traceable’s comprehensive API Security Platform, Globe is taking a proactive step to strengthen its security infrastructure, gaining valuable insight through API discovery and security posture, protection against sensitive data exfiltration, and threat management.

Read on for more.

Orca Security Expands Partnership with Google Cloud

Orca Security, an agentless cloud security platform, this week announced an expansion of its partnership with Google Cloud to safeguard cloud workloads, data, and users across multi-cloud development and runtime environments. The two companies collaborated to integrate the Orca Cloud Security platform with several Google security products, including Google Chronicle, Security Command Center and VirusTotal. Through its partnership and integration, Orca Security provides comprehensive coverage and mission-critical contextual analysis for joint customers’ Google Cloud estates, including infrastructure, workload, and data with full protection from any risk type.

Read on for more.

Cyware Announces Technology Partnership with Mimecast

Cyware, a provider of threat intelligence management and cyber fusion solutions, announced this week a strategic technology partnership with Mimecast, an advanced email and collaboration security company. This technology alliance brings together Mimecast’s advanced secure email gateway with Cyware’s security automation and collaboration platform. The joint solution will provide customers with proactive defense against ransomware, malware, phishing, and other evolving cyberthreats.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Beyond the App: Why NPM is Key to Unlocking User Satisfaction

Pavel Minarik of Progress looks beyond simple appsec and network monitoring, and into why NPM is the key to unlocking user satisfaction. To the user, an application is simply a website or an app that they expect to work. However, for IT professionals, applications consist of various components, including infrastructure, networking, server architecture, application code, databases, and storage. Typically, two to five different teams are responsible for managing these components and ensuring their smooth operation. Regardless of which team handles resolving application experience (AX) and user experience (UX) issues, the network is the interconnecting element that can reveal the root cause and help solve it before the impact becomes irreversible.

Read on for more.

Widget not in any sidebars

The post Endpoint Security and Network Monitoring News for the Week of June 23; Zayo, Tanium, Cyware, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of June 9. This curated list features endpoint security and network monitoring vendors such as Auvik, Snyk, Onymos, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Widget not in any sidebars

Endpoint Security and Network Monitoring News for the Week of June 9

Auvik Partners with Delcom Group to Support Next-Generation Digital Education Networks

Auvik, a network management solutions provider, announced this week a new partnership with Delcom Group, a technology services and consulting company catering to K-12 schools. Together, Auvik and Delcom will help drive digital transformation and support automated network management for educational institutions. The new partnership between Auvik and Delcom helps customers in the education industry by providing the tools necessary to ensure complete visibility into their networks, understand what devices live on their network, proactively address performance issues, reduce mean time to resolution (MTTR) and keep networks operating smoothly and efficiently.

Read on for more.

Google Cloud Launches Cryptomining Protection Program

Google Cloud has launched its Cryptomining Protection Program for Security Command Center (SCC) Premium customers with up to $1 million to cover unauthorized Google Cloud compute expenses associated with undetected cryptomining attacks. SCC Premium customers will have access to the new product for free. SCC Premium works with a pay-as-you-go pricing, and as one-year and multi-year fixed-price subscriptions. All SCC Premium customers are eligible for this financial protection program as long as they follow the program terms and conditions including Cryptomining Detection Best Practices. Once a customer has raised the issue, Google will work with them to determine the compute engine costs incurred due to the cryptomining attack.

Read on for more.

Snyk Acquires AppSec Provider, Enso Security

Snyk, a DevSecOps solutions provider, announced this week it agreed to acquire Enso Security, an Application Security Posture Management (ASPM) platform. The acquisition is subject to customary closing conditions and is expected to close in Q2 2023. Snyk will now leverage Enso’s ASPM capabilities, together with Insights to offer “the first and only” developer security platform providing a holistic view of application security posture. Regardless of the security tooling currently in place, developer-first ASPM will orchestrate coverage throughout the entire software development lifecycle, with prioritization that powerfully combines both business impact and risk.

Read on for more.

Immersive Labs and Accenture Announce Partnership; Launch Cyber Million Program

Immersive Labs, a cybersecurity solutions provider, and Accenture are working together to launch the Cyber Million program that aims to solve the cybersecurity talent deficit by increasing access to one million entry-level cybersecurity operations jobs over the next decade. Cyber Million will help fill these open roles by reducing barriers for entry job seekers by increasing access to opportunities and uncovering hidden talent. The beta version of the program, which rolled out earlier this week, will be powered by the Immersive Labs platform with Accenture Security serving as the first foundational partner.

Read on for more.

Onymos Expands Features-as-a-Service Platform to IoT Development

Onymos, developer of the “world’s first” Features-as-a-Service platform, this week announced they are extending their platform to support the creation of Internet of Things (IoT) and Internet of Medical Things (IoMT) ecosystems and applications. Immediately available, enterprises can access the IoT capabilities through the Onymos Features-as-a-Service platform. With Onymos, enterprises can realize the value of this technology by arming their engineering teams with the foundation for their IoT and IoMT ecosystems. This foundation includes local storage, security, and user applications for device administration and customer insights.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Remote Work is Here to Stay: Here’s How to Make it More Secure

Steve Benton of Anomali says “remote work is here to stay,” and takes a closer look at how to keep it secure. Post Covid, flexible working has become the new norm and, for many organizations, has netted huge productivity gains. Covid also drove an accelerated digital transformation that put a majority of organizations’ infrastructure well and truly into the cloud and, hence, much of what employees interacted with (software, applications, services) on the internet. Supply chains and marketplaces followed suit. Put simply, it has become a fact that much of what employees connect with is remote to where they are – whether they are sitting in the organizations’ office, their own homes, or a coffee house nearby– so it may be a good time to start treating your employees as remote. Now, that may sound a tad weird but, honestly, when you look at the bigger threat landscape and the risk to organizations in terms of compromise– putting all your office workers and their offices ‘on the internet’ is a smart move because you now have only one work mode to manage and secure.

Read on for more.

CNAPPs: The Business Case For Automating Cloud Security

Shai Morag of Ermetic presents an overview of CNAPPs, as he makes the case for automating enterprise cloud security. Security professionals agree that protecting cloud-based systems is more challenging and costly than keeping on-premises environments safe. According to one report, more than three-quarters of organizations are utilizing two or more cloud providers, which means increased complexity, security risk, and opportunities for errors. This is where automation can help. Automated cloud security tools can detect risks and threats more accurately and quickly, remediate them in a fraction of the time, perform the analysis needed for regulatory compliance, and improve defenses against future attacks. They can easily prove their return on investment to any organization willing to do the homework to understand how they work and their advantages.

Read on for more.

Widget not in any sidebars

The post Endpoint Security and Network Monitoring News for the Week of June 9; Auvik, Snyk, Onymos, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of May 26. This curated list features endpoint security and network monitoring vendors such as Perception Point, Datadog, SecureIQLab, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Widget not in any sidebars

Endpoint Security and Network Monitoring News for the Week of May 26

Perception Point Report: Phishing Attacks Grew by 356 Percent in 2022

A report published this week by Perception Point, a cybersecurity solutions provider, has identified a 356 percent growth in the amount of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of attacks increased by 87 percent, highlighting the growing threat that cyber attacks now pose to organizations. Perception Point’s ‘2023 Annual Report: Cybersecurity Trends & Insights’ examines cyber threats based on intelligence gathered from the company’s Advanced Threat Prevention solutions, which intercept attacks across email, web browsers, and cloud collaboration apps.

Read on for more.

New OT Malware Possibly Related To Russian Emergency Response Exercises

Mandiant, a cybersecurity solutions provider, identified novel operational technology (OT) / industrial control system (ICS)-oriented malware, which they track as COSMICENERGY, uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. The malware is designed to cause electric power disruption by interacting with IEC 60870-5-104 (IEC-104) devices, such as remote terminal units (RTUs), that are commonly leveraged in electric transmission and distribution operations in Europe, the Middle East, and Asia. COSMICENERGY is the latest example of specialized OT malware capable of causing cyber physical impacts, which are rarely discovered or disclosed. What makes COSMICENERGY unique is that based on Mandiant’s analysis, a contractor may have developed it as a red teaming tool for simulated power disruption exercises hosted by Rostelecom-Solar, a Russian cyber security company. Analysis into the malware and its functionality reveals that its capabilities are comparable to those employed in previous incidents and malware, such as INDUSTROYER and INDUSTROYER.V2, which were both malware variants deployed in the past to impact electricity transmission and distribution via IEC-104.

Read on for more.

Datadog Announces New Capabilities and Integrations with Microsoft Azure

Datadog, Inc., a cloud app monitoring and security platform, announced new capabilities and integrations for Microsoft Azure at Microsoft Build today. The announcements include support for Azure OpenAI Service, Azure Arc, Cloudcraft for Azure and Cloud Cost Management for Azure.

Read on for more.

Appdome Launches Build-to-Test, A New Automated Testing Option for Mobile Apps

Appdome, a mobile app security solutions provider, this week announced Build-to-Test which enables mobile developers to streamline the testing of cybersecurity features in mobile apps. The new capability allows Appdome-protected mobile apps to recognize when automated mobile app testing suites are in use and securely completed without interruption by a vendor, logging all security events for the developer to track and monitor. The Build-to-Test service is part of Appdome’s Dev2Cyber initiative and will accelerate the delivery of secure mobile apps globally.

Read on for more.

SecureIQLab Announces Partnership with Omdia

SecureIQLab, a cloud validation provider, this week announced its partnership with global technology research organization, Omdia, to provide enterprises with evaluations of comprehensive extended detection and response (XDR) solutions beginning in June 2023. By combining the power of analyst research and third-party test validation, the collaboration will produce richer data sets for XDR solutions with deeper insights than ever before.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Cybersecurity in 2023: Look Back to Look Forward

Candid Wüest of Acronis walks us through cybersecurity in 2023, and why sometimes we need to look back to move forward. In today’s modern cyber threat landscape, keeping up with the latest cyber threats can feel like a full-time job, and getting ahead can seem like an impossible task. Revaluating your security strategy is no small feat, but with recent reports showing that new threats are constantly emerging, it remains a crucial step for businesses this year. Specifically for enterprises, due to the growing frequency, sophistication, and magnitude of cyber-crime, it’s becoming more difficult to safeguard from breaches and ransomware attacks. As a result, security teams on the frontlines need to look to the past to create a more secure future – or they’ll be actively courting danger.

Read on for more.

Widget not in any sidebars

The post Endpoint Security and Network Monitoring News for the Week of May 26; Perception Point, Datadog, SecureIQLab, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of May 12. This curated list features endpoint security and network monitoring vendors such as the US Department of Justice, Coalfire, Xtract One, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Widget not in any sidebars

Endpoint Security and Network Monitoring News for the Week of May 12

US Justice Department Announces Disruption of Russian-Controlled Malware Network 

The US Justice Department this week announced the completion of a court-authorized operation, code-named MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake”, that the U.S. Government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB). For nearly 20 years, this unit, referred to in court documents as “Turla,” has used versions of the Snake malware to steal sensitive documents from hundreds of computer systems in at least 50 countries, which have belonged to North Atlantic Treaty Organization (NATO) member governments, journalists, and other targets of interest to the Russian Federation. After stealing these documents, Turla exfiltrated them through a covert network of unwitting Snake-compromised computers in the United States and around the world. Operation MEDUSA disabled Turla’s Snake malware on compromised computers through the use of an FBI-created tool named PERSEUS, which issued commands that caused the Snake malware to overwrite its own vital components. Within the United States, the operation was executed by the FBI pursuant to a search warrant issued by U.S. Magistrate Judge Cheryl L. Pollak for the Eastern District of New York, which authorized remote access to the compromised computers. This morning, the court unsealed redacted versions of the affidavit submitted in support of the application for the search warrant, and of the search warrant issued by the court. For victims outside the United States, the FBI is engaging with local authorities to provide both notice of Snake infections within those authorities’ countries and remediation guidance.

Read on for more.

Europol Report: “The Criminal Use of ChatGPT”

In response to the growing public attention given to ChatGPT, the Europol Innovation Lab organized a number of workshops with subject matter experts from across Europol to explore how criminals can abuse large language models (LLMs) such as ChatGPT, as well as how it may assist investigators in their daily work. Their insights are compiled in Europol’s first Tech Watch Flash report published today. Entitled ‘ChatGPT – the impact of Large Language Models on Law Enforcement’, this document provides an overview on the potential misuse of ChatGPT, and offers an outlook on what may still be to come. The aim of this report is to raise awareness about the potential misuse of LLMs, to open a dialogue with Artificial Intelligence (AI) companies to help them build in better safeguards, and to promote the development of safe and trustworthy AI systems. A longer and more in-depth version of this report was produced for law enforcement only.

Read on for more.

Coalfire Compliance Report Unveils the Next Horizon in Compliance

Earlier this week, Coalfire released its new Securealities 2023 Compliance Report developed in partnership with Informa’s Omdia research division. The report captures the changes in today’s world of compliance, detailing how 300+ security leaders are addressing compliance investments, organization governance, framework updates, tooling, automation, and more. Coalfire reveals that companies are struggling more than ever in managing multiple compliance frameworks within complex, hybrid-cloud environments and are increasingly turning to automation to meet the challenge.

Read on for more.

Mimecast Announces Appointment of New Chief Financial Officer

Mimecast Limited (Mimecast), an advanced email and collaboration security company, this week announced the executive appointment of David Call as Chief Financial Officer. Call joins Mimecast on the heels of two new executive appointments in April as part of its organizational focus on customer centricity. With more than 20 years of experience leading finance teams in high tech and enterprise software environments, Call will help shape the company’s strategic roadmap during a period of transformative growth. He will report directly to Peter Bauer, Mimecast Chief Executive Officer.

Read on for more.

Malwarebytes Launches Mobile Security for OneView MSP Platform

Malwarebytes, a global leader in cybersecurity solutions, this week launched Malwarebytes Mobile Security for OneView, enabling MSPs to safeguard Chromebooks, Android and iOS devices against the latest mobile threats such as ransomware and malicious apps. MSPs can now use the Malwarebytes OneView multi-tenant platform to monitor their customers’ mobile phones and tablets alongside their servers, workstations and laptops. With real-time protection, MSPs also can prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads and enable a secure mobile experience for their customers.

Read on for more.

Xtract One Technologies Selected to Secure All Entrances at Cross Insurance Center

Xtract One, an IoT security for public spaces solutions provider, this week announced its SmartGateway patron screening solution was selected by Cross Insurance Center in Bangor, Maine to secure all entrances for concerts, conferences, and other live events at the venue. The facility is owned by City of Bangor and is managed by global sports and entertainment company Oak View Group (OVG), which announced a strategic partnership with Xtract One in October 2022. The SmartGateway system delivers fast, reliable, and accurate screening for high throughput venues, leveraging AI-powered sensors to detect threats without invading guests’ sense of privacy and comfort. SmartGateway unobtrusively scans patrons for weapons and other prohibited items as they enter the space, optimizing their experience by reducing time spent in security lines and enhancing safety.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Edge Computing: Three Keys to a Secure Future

Theresa Lanowitz of AT&T Business discusses three keys enterprises shifting to edge computing should follow to secure the edge. According to a recent cybersecurity report, 57 percent of organizations are either in proof of concept mode, partial implementation, or full implementation with their edge use cases. With faster, more distributed computing, security is no longer confined to legacy models or ways of thinking – it is a critical component for delivering strong business differentiators. With this, securing the edge is one of the most significant efforts businesses can take to protect themselves, their assets, and their data in the face of increasing cyber-attacks.

Read on for more.

RMM: The Increased Use of Legal Malware by Threat Actors

David Rushmer of Blackpoint Cyber offers a deep dive into the ways RMM software is being exploited by threat actors, and what can be done. Today’s threat landscape is constantly evolving as malicious threat actors continue to find ways to circumvent trusted security measures. Most recently, cyber-criminals are leveraging enterprise software, like remote monitoring and management (RMM) tools, to gain access to networks and wreak havoc on companies, their employees, and their clients. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint cybersecurity advisory in January 2023, warning organizations about the use of these tools in cyber campaigns. While the exploitation of legitimate software is not new, threat actors are increasingly deploying this tactic. According to Blackpoint Cyber’s Security Operations Center (SOC) team, 15 percent of all its responses in 2022 involved an RMM.

Read on for more.

Widget not in any sidebars

The post Endpoint Security and Network Monitoring News for the Week of May 12; US Department of Justice, Coalfire, Xtract One, and More appeared first on Solutions Review Technology News and Vendor Reviews.

The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of April 28. This curated list features endpoint security and network monitoring vendors such as Invicti Security, ThreatX, Uptycs, and more.

Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.

Widget not in any sidebars

Endpoint Security and Network Monitoring News for the Week of April 28

Invicti Security Unveils Corporate Rebrand at RSA

Acunetix and Netsparker, two web application security companies, announced they are now one under the name Invicti Security. This announcement was made earlier this week at the 2023 RSA Conference. This rebrand introduction came with a new logo, brand colors that pay homage to the two companies that now make up Invicti, and the appsec platform Invicti Helix. Invicti also released the findings of its 2023 Spring AppSec Indicator report, which examined data from more than 1,700 Invicti customers to assess the impact and prevalence of modern web vulnerabilities. The report shares insights and trends to guide best practices in vulnerability identification and remediation.

Read on for more.

Criminal IP Launches Official New Service

Criminal IP, a OSINT-based search engine, provided by AI Spera Inc., made their appearance at the RSA Conference. This came shortly after their Cyber Threat Intelligence (CTI) search engine exited beta and launched officially. The new CTI search engine collects and analyzes IP addresses from around the world on a daily basis to detect cyber threats. Additionally, Criminal IP also showcased Criminal IP ASM (Attack Surface Management), an automated SaaS solution that identifies, detects, and monitors all Internet-connected assets while assessing their vulnerabilities.

Read on for more.

Tenable Makes Generative AI Security Tools Available to the Research Community

Tenable, an exposure management and cybersecurity solutions provider, this week published a new report outlining the use of generative AI to build new security research tools. The report, titled “How Generative AI is Changing Security Research,” highlights four new tools developed by the Tenable Research team that create efficiencies in processes such as reverse engineering, code debugging, web app security and visibility into cloud-based tools. The tools demonstrate ongoing experimentation by Tenable Research with generative AI applications like ChatGPT, and have been made available publicly to the security research community through a GitHub repository.

Read on for more.

ThreatX Expands Platform  With New Botnet Console and  API Catalog 2.0

ThreatX, an API and application protection platform, this week announced the expansion of its platform offering with the release of a new Botnet Console and API catalog 2.0. These features made their debut at the 2023 RSA Conference. With the release of Botnet Console and API catalog 2.0, ThreatX offers information security teams the ability to defend APIs and applications from rapidly evolving threats. With the new dashboards, users will have the ability to monitor all bot activity at scale, track API usage with new metrics, analyze key traffic trends, investigate threats, and improve accuracy of bot protection as attack patterns evolve.

Read on for more.

NCC Group Appoints Its first Strategy and Transformation Director

NCC Group, a provider of global cyber security and resilience services, is pleased to announce the appointment of Diji Akinwale to the role of Director of Strategy and Transformation with immediate effect. This new role has been created as the Group looks to implement and execute the updated strategy announced on 2 February, and Diji will report directly to Chief Executive Mike Maddison. Diji joins the Group from The Guardian where he served as Group Strategy Director. In this role, Diji successfully supported the media group’s international growth whilst increasing recurring revenue and accelerating the development of its digital offering and capabilities. In his time at The Guardian, Diji was responsible for developing and delivering a plan to generate positive cashflow – a key objective and a milestone The Guardian achieved for the first time in many years in Diji’s final full year at the group. Before The Guardian, Diji spent several years at McKinsey where he led digital strategy and transformation projects for clients across sectors including technology, financial services and the public sector.

Read on for more.

Uptycs Launches “Industry First” Cloud Security Early Warning System

Uptycs, a cybersecurity solutions provider, this week announced the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD) to reveal suspicious behavior as the developer moves code in and out of repositories and into production. The result is an “early warning system” that allows security teams to identify and stop threat actors before they can access crown jewel data and services in the cloud.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

The 8 Best Coursera Courses for Cybersecurity in 2023

The editors at Solutions Review compiled and curated this shortlist for the best Coursera courses on cybersecurity in 2023 to give the aspiring cybersecurity expert a strong starting point in their career. The Coursera cybersecurity courses listed below are entry-level and can be a great starting point for anybody trying to kick-off their learning this year. They’re also a great reference point for established experts looking to brush up on their knowledge. Whatever your motivation to learn more, Coursera will provide.

Read on for more.

Edge Computing: Confronting the Biggest Cyber Threats in 2023

2023 has presented companies of all sizes with a slew of concerning cybersecurity challenges, ranging from data breaches to a massive talent gap to DDoS attacks as acts of warfare. Yet simply understanding what those threats are isn’t sufficient to address them, as it can be hard to plan defenses against all of them individually. Companies need to figure out how to address many threats at once in order to be most effective. Making the shift to edge computing infrastructure can serve as precisely this kind of defensive juggernaut, allowing companies to protect against many major concerns in one fell swoop. While not a panacea for all concerns, making edge computing part of your tech stack can improve security and leave your organization much better prepared for what 2023 has in store.

Read on for more.

Widget not in any sidebars

The post Endpoint Security and Network Monitoring News for the Week of April 28; Invicti Security, ThreatX, Uptycs, and More appeared first on Solutions Review Technology News and Vendor Reviews.