About Us

Trustwave Announces Enterprise Pen Testing for Global Threat Prevention! 

Trustwave  launched its new Enterprise Pen Testing (EPT) offering. It has been created to meet the complex testing needs of large organizations with an extensive breadth and depth of vulnerability identification, the ability to deliver scaled programs of work, and extremely competitive pricing. 

“With over two decades of global industry leadership in vulnerability research and findings, we thoroughly understand the threat landscape of known, unknown, and emerging threats,” said Nick Ellsmore, SVP of Worldwide Consulting and Professional Services at Trustwave. “Our proven methodologies performed in accordance with industry standards, allow us to find even the most difficult vulnerabilities and provide a world-class testing solution to global enterprises.” 

Ad-hoc testing can provide valuable point-in-time insights but having a security testing program in place offers a more comprehensive perspective of corporate risk over time. Additionally, clients who have a dedicated TAM have a professional to consult with as they examine findings, create corrective action plans, and oversee ongoing validation testing. 

The Enterprise Penetration Testing service from Trustwave is created to satisfy client needs. 

Regulatory: Businesses that must comply with regulations (such PCI DSS, CPS234, and MAS) and the financial services industry need ongoing, unbiased third-party testing services. With a professional TAM guide, Trustwave delivers extensive work plans and streamlines the management of testing programs. 

Affordability and Flexibility: Because of its global reach, Trustwave can provide clients with “best-shore” delivery by combining on-, near-, and offshore delivery models. This makes it possible for Trustwave to offer the organization the best pentesting at value-based pricing. 

Scale: Trustwave is a global provider with the scale and availability of testers required to perform tests, delivered with the range and depth of pentesting skills accessible, given the international nature of EPT clients. 

High Quality: Trustwave’s holistic method uncovers the potential commercial enterprise impact, similarly to the distinct technical findings. Trustwave allows customers efficiently prioritize and observe remediation movements and is one of simplest a handful of Global CREST licensed businesses capable of do this. 

Read More : LookingGlass Suite For Cyber & Threat Intelligence

Kaspersky Wins the ‘Product Excellence Leader 2022’ Award in Threat Intelligence (TI) Management 

Kaspersky is recognized as the ‘Product Excellence Leader – threat intelligence domain – 2022’ under the ‘Best Practice Program’ by InfosecurityOutlook, part of Sceptertech.Digital. The ‘Best Practice Program’ highlights industry leaders in various technology domains and recognizes their extraordinary performance.  

With a sophisticated threat intelligence platform, Kaspersky offers a comprehensive threat intelligence solution for tracking, analyzing, interpreting, and mitigating evolving IT security threats. The platform distills and prioritizes massive amounts of security alerts, improves, and accelerates triage and initial response processes identify critical alerts for the enterprise, and makes more informed decisions about which should be escalated to IR teams while constructing a proactive and intelligence-driven defense. Kaspersky’s primary product offerings include CyberTrace, Threat Lookup, and Threat Data Feeds which provide detailed information about each indicator and more in-depth analysis and perform deep searches into threat indicators with a highly validated threat context, allowing the organization to prioritize attacks and concentrate on mitigating the threats that pose the most significant risk.  

Sceptertech Digital evaluated various nominations and case studies from IT software vendors, end-users, and consultants to evaluate organizations’ leadership, solutions, technology, best practices, and the associated business impacts and values as part of the judging process. The primary aim of this evaluation is to benchmark vendors’ performance against their competitors and identify industry leaders. Evaluated by a panel of editors and industry experts, ‘The Best Practice Program’ celebrates exceptional solutions, teams, and organizations. 

  The award recognized Kaspersky as a clear winner in the Threat intelligence domain.  

Shu En Liew, Manager of Corporate Communications at Kaspersky emphasized, “It is a pleasure to receive the Product Excellence Leadership Award by Sceptertech Digital under the threat Intelligence domain for 2022. This honor encourages our team to continue pursuing excellence by validating our efforts in the global cybersecurity market. With our cutting-edge advanced technology solutions, our customers can enjoy a safe and private Internet experience without compromising the performance of computer and mobile devices. Kaspersky’s knowledge, experience, and deep intelligence on every aspect of cybersecurity have made us the trusted partner of the world’s premier law enforcement and government agencies.”  

  “During this evaluation process, we had detailed and in-depth interactions with the Sceptertech Digital team. The team was thorough in their primary research and crisp in their technical discussions. We are extremely happy to get a chance to work with such an energetic team. We wish Sceptertech Digital huge success in years to come,” she concluded.   

About Sceptertech.Digital  

Sceptertech.Digital is the go-to space for market intelligence, strategy-driven content marketing, public relations, and brand building for B2B enterprises. With a vision to ensure the delivery of high-quality, consistent, value-adding content solutions Sceptertech focuses on establishing authority in the B2B communication space.  

More information – https://www.sceptertech.digital/  

Commvault launched Metallic ThreatWise

Commvault  launched Metallic ThreatWise, an early warning system that proactively surfaces unknown and zero-day threats to minimize compromised data and business impact. According to Enterprise Strategy Group, only 12% of the IT directors polled expressed confidence in having the necessary tools and location-neutral security to equally secure data both on-premises and in the cloud. 

Jon Oltsik, Senior Principal Analyst and Fellow at Enterprise Strategy Group stated, “In surveying enterprise IT directors with direct knowledge and influence on their company’s data security strategies, the results we found were eye-opening. It is very clear that many IT teams do not have adequate tools in place to detect ransomware attacks on production environments early enough in the attack chain to neutralize stealthy cyber-attacks before they cause harm. Ransomware has revolved around encryption for a long time, but newer extortion techniques like exfiltration go beyond rapidly spreading malware, and data recovery alone cannot help if sensitive business data is leaked to the Dark Web.” 

ThreatWise from Commvault adds an early warning system that no other vendor in this market offers, further defining data security. It employs decoys to foresee threats in production environments, lure malicious actors into using fake resources and equip businesses with tools to protect data. In addition, Commvault is expanding the capabilities of its wider platform, which is already available, in terms of machine learning, critical threat detection, and security. 

Ranga Rajagopalan, Senior Vice President, Products, Commvault commented, “Data recovery is important, but alone it’s not enough. Just a few hours with an undetected bad actor in your systems can be catastrophic. By integrating ThreatWise into the Metallic SaaS portfolio, we provide customers with a proactive, early warning system that bolsters their zero-loss strategy by intercepting a threat before it impacts your business.” 

ThreatQuotient introduces New ThreatQ TDR Orchestrator Features!

ThreatQuotient announced a new version of ThreatQ TDR Orchestrator, which is known to be the industry’s first solution for a simplified, data-driven approach to security operations. The expanded automation, analysis, and reporting capabilities of ThreatQ TDR Orchestrator speed up threat detection and response across several platforms. 

Leon Ward, Vice President of Product Management at ThreatQuotient stated that “Leveraging automation to do the heavy lifting and cut through the noise is vital to helping cybersecurity teams thrive under pressure. ThreatQuotient continues to innovate in a way that drives meaningful operational benefits to customers. Many process-based SOAR platforms are designed such that only security engineers and analysts have the skills necessary to use them directly; making these traditional platforms hard to implement and maintain which drives higher costs over time. This ThreatQ TDR Orchestrator release reinforces the need for no-code solutions that empower operators to adapt to dynamic threat landscapes faster and focus their energy on security operations workflows that provide critical business context.” 

ThreatQuotient’s most recent study, whose complete release is scheduled for later in 2022, reveals indications that security automation adoption is progressing as 98% of businesses increase their budgets in this area. The study also shows that firms are more confident in automation itself, with over 88% of businesses expressing some level of confidence in the results of automation, up from only 59% the year before. However, 98% of respondents claim that implementation issues plagued them. ThreatQuotient has prioritized the development of ThreatQ TDR Orchestrator to enable more effective operations that can be directly measured by time savings and FTEs gained, improved risk management, and easier-to-use security automation solutions that are less expensive than traditional automation tools and learn over time. 

The latest version of ThreatQ TDR Orchestrator provides the following benefits: 

  1. Prioritize automation on the most important events/alerts 
  1. Playbooks are easier to maintain  
  1. Less training is required upfront  

Secureworks partners with Netskope and SCADAfence

Secureworks has announced that it will expand its alliances program into new solution areas. Threats are moving into crucial production environments and the service edge, so detection tools must advance as well. Through two new partners, Netskope and SCADAfence, Secureworks expands the scope of potential security vulnerabilities addressed by Secureworks Taegis XDR to include Secure Access Service Edge (SASE), Operational Technology (OT), and Industrial Control Systems (ICS). Better detection with a higher value is now more accessible to organizations than ever. 

Chris Bell of Secureworks commented, “We’re bringing together the best-of-breed detection and response capabilities across domains where we see the threat landscape most exposed to adversary attacks. As part of our mission to help secure human progress, we will continue to forge new alliances that can deliver technology innovation while incorporating new threat intelligence into the methods and intentions of the adversary.” 

Secureworks is focusing on Secureworks Taegis as a unifying XDR platform by announcing two new and rapidly expanding partnerships across new alliance domains. Taegis’ broad integration capabilities offer the best detection and quickest response times without vendor lock-in, and continuously expanding open technology makes it simple for customers to integrate with Taegis. 

As a pioneer in the Secure Access Service Edge (SASE) framework for converged networking and security, Netskope has developed a distinctive method for safeguarding data and people across devices and applications, inside and outside the conventional company network. Customers will be able to conduct all investigations and apply detectors using Secureworks Taegis thanks to the integration between Netskope and Secureworks, allowing for a more comprehensive view of threats and business risks and opening cyber environments to the edge. 

Secureworks extends Taegis XDR into the industrial environment in collaboration with SCADAfence, bringing OT intelligence into a unified view with all other security telemetries across the IT landscape. Security analysts now have more context about the threats they are looking into thanks to SCADAfence’s extension of market-leading insights, awareness, and asset discovery into a truly open XDR platform. 

Avast Introduces a New Ransomware Shield for Businesses!

Avast, a market leader in digital security and privacy, today introduces a new ransomware shield for companies, giving businesses an additional layer of defense against ransomware assaults. This will guarantee that organizations can secure their most vital documents and, most importantly, client data, with proactive protection that bars illegal access. As part of the Avast Essential, Premium, and Ultimate Business Security packages for businesses using Windows and MacOS, the new feature is now accessible and free of charge. 

Filip Hlinka, VP of Product, Avast Business, stated that “Small businesses are facing a growing threat from ransomware, with cybercriminals increasingly targeting smaller organizations to encrypt crucial business data and disrupt operations. The results can be devastating for small businesses that lack the financial and technical resources to rebound from such attacks. Avast’s antivirus has always offered consumers and business users powerful protection against cyber threats including ransomware, and Ransomware Shield offers a purpose-built, additional layer of protection which helps to secure businesses’ most crucial files against these highly damaging attacks.” 

While Web Shield, File Shield, and Behavior Shield, which are currently available to Avast clients, provide ransomware protection, Ransomware Shield complements these features to offer multi-layered security, guaranteeing businesses can continue to access their systems and data without interruption. For Ransomware Shield to function, files and folders must be protected from being changed, destroyed, or encrypted by unidentified apps. The most sensitive and vital information held by businesses is further protected by the ability of users to decide which programs have access to their files. Moreover, users have the option to modify the policy’s list of protected files and folders in the Avast Business Hub, where the new feature is immediately enabled by default. 

Read More : ActZero Announces the Release of Blueprint for Ransomware Defense

Anomali announced new updates to its Platform

Anomali announced quarterly updates to its platform to strengthen its customers and partners in profiling adversaries. The update enhances Anomali’s threat intelligence and extended detection and response (XDR) capabilities with new features, allowing enterprise organizations to stay one step ahead of adversaries and avoid business disruptions while optimizing security expenses. 

Anomali has been working on incorporating attack flows into The Anomali Platform. This release pushes the platform closer to an Attack Flow Library for Anomali ThreatStream, which will serve as a gateway for new Attack Flows that sequence cyberattack techniques. This capability will add new context to adversary behavior and assist security teams in profiling the adversary. It will also allow them to better protect the organization prior to an attack, detect an attack in real-time, and respond post-attack. 

Mark Alba, Chief Product Officer at Anomali stated, “Anomali’s August release offers new capabilities and enhancements for security operations teams struggling to identify not only who’s targeting them, but how and why they are being targeted.” 

CISOs and security professionals can leverage this predictive visual mapping to align attacks with potential gaps in their security posture in order to get ahead of the threat. In the macroeconomic environment, customers are looking for capabilities that will increase the impact of their existing investments. The new extensible framework to the platform will enable the automation of routine tasks. The first implementation in this release is available to automate enrichments in the investigation’s workbench. A drag-and-drop process for configuring a multi-stage enrichment task can be easily set up and run as needed, saving analysts time performing repetitive tasks. 

  • This platform release also includes support for MITRE ATT&CK Mobile & ICS: intelligence aggregation, contextualization, and analysis for Mobile and ICS attack surfaces to strengthen overall security posture.  
  • MITRE ATT&CK Enterprise v11 in Anomali Lens Scheduled retrospective search Aids the SOC in automating the correlation of historical events with newly available intelligence in order to generate reports and learn about other adversary behavior, threat actors, and TTPs. This allows CISOs to detect real-time threats in their local IT environment. 

Jon Oltsik, Senior Principal Analyst and Fellow, ESG Research stated, “ESG research found that 97% of security professionals believe that MITRE ATT&CK is important to their organization’s security operations strategy. Anomali’s commitment to integrating the MITRE ATT&CK Framework into its solutions and participating in the MITRE Engenuity Center for Threat Informed Defense can help security teams adopt the framework and better understand cyber adversaries.” 

McAfee Extends its Partnership with Visa to Protect its Clients from Threats

McAfee, a US-based software development company that offers all-in-one protection with personal info removal, identity monitoring, VP, antivirus, ad more services has expanded its partnership Visa, a global leader in digital payments that allows Visa partners in the UK to provide online protection solutions to cardholders of Visa Business.

Pedro Gutierrez, SVP Global Consumer Sales & Operations at McAfee, commented, “With increasingly complicated global issues such as the ongoing impacts of the COVID-19 pandemic and difficulties stemming from the global supply chain, small businesses are increasingly reliant on their digital infrastructure, and it’s never been more important to ensure the proper protections have been implemented. We are proud to partner with Visa to offer solutions to their Visa Business cardholders and look forward to helping these organizations stay secure so they can focus on what matters most to their business.”

According to the Verizon Business 2021 Data Breach Investigations Report, small businesses will make up more than half of the data breaches in 2021, making them a prime target for hackers in a world that is becoming more and more digital. Small business owners are frequently unable to fully protect themselves and their clients from the rise in online threats due to a lack of financial and human resources. The increase in attacks highlights the necessity for small businesses to take precautions to protect their digital assets from the most recent dangers impacting businesses today.

According to the size and requirements of each business, the McAfee security solution will offer protection for a different number of PCs, Macs, iOS, and Android devices.

Helen Jones, Head of Visa Business Solutions, Visa, Europe, stated, “With more of us embracing digital commerce, businesses of all sizes deserve access to simple, secure and robust systems. Visa is focused on investing in its network, harnessing the most cutting-edge innovations to protect people and businesses from emerging threats. And with this offer, Visa Business cardholders can access McAfee Total Protection for additional peace of mind.”

LogRhythm Enhances Threat Detection Capabilities!

LogRhythm announced the release of it’s SIEM Platform version 7.9 and updates to the NDR and UEBA.

Kish Dill, chief product and customer officer at LogRhythm said, “LogRhythm arms security teams with intelligent analytics and automated responses to reduce cybersecurity exposure, eliminate blind spots, and quickly shut down attacks. The company is changing the way we work by becoming customer-centric throughout our whole organization. We are listening to our customers and promise to deliver quarterly innovations that address the challenges our customers face every day. We recognize that security teams don’t have time to spare on long processes and inefficient workflows. With these latest updates, security teams will have the tools they need to make operations more effective and efficient to defend their organization against today’s top threats.”

The new features in LogRhythm 7.9, LogRhythm NDR (previously Mistnet NDR), and LogRhythm UEBA (previously CloudAI) help security teams overcome common challenges by enhancing workflows, accelerating threat response, and streamlining procedures.

These features include:

Admin API-enhanced automation: LogRhythm 7.9 enhances the Admin API library by adding system monitoring management endpoints. This allows SIEM administrators to manage the SysMon agent via the Admin API, allowing for automated process batching.

Embedded Expertise: LogRhythm’s out-of-the-box SmartResponseTM reduces customer time to value. LogRhythm 7.9 adds and improves SmartResponses to its already robust library of over 120 integrations.

Enable packet capture in UI: Enable packet capture in the UI so that users of LogRhythm NDR can download PCAP files for incidents and cases to gather more information, aiding investigations and enhancing threat hunting.

Easier and faster event log filtering: Filtering event logs have been made simpler and quicker thanks to a new feature in LogRhythm 7.9. Now that users can pick which kinds of Windows event logs the agent searches, processing logs happens faster, and the collection pipeline isn’t put under as much stress.

Expanded threat detection capabilities:

Improved LogRhythm NDR detection models: With it’s NDR’s improved analytics capabilities, users can detect a broader range of ransomware attacks.

Advanced analytics models: The company’s UEBA provides advanced UEBA analytics as a cloud-native, easy-to-deploy add-on for the 7.9 users. To ensure that modern complex attacks can be stopped and anomalies needing urgent attention can be found, models have been enhanced and new models added, further reducing alert fatigue and speeding up response times.

Policy violation alerts Policy violation notifications: To provide more context for what might be a risk, LogRhythm NDR provides alerts about expired certificates, weak cyphers used in connections, and authentication activity occurring in clear text.

Extended flexibility

Controlled overages with powerful license metering reporting: The company introduced a new reporting feature to make licensing overages more visible and understandable by showing any overages in the previous 30 days. This feature will help teams manage licence usage and cost more effectively.

Endpoint integrations have been expanded: It’s EDR integrations now include Cisco Secure Endpoint (formerly AMP for Endpoints).

Read More: LookingGlass Suite For Cyber & Threat Intelligence

RangeForce Added Updates for Better Security Team Readiness

RangeForce revealed the addition of new capabilities to its team threat exercises platform, making it easier for organizations to accelerate the skill development of their security teams through multi-user detection and response exercises of simulated attacks.

RangeForce’s team threat exercises enable security teams to protect the security stack by configuring it, selecting an attack scenario, executing the threat exercise, reviewing post-exercise results, and developing a targeted training plan.

Ben Langrill, Senior Director of Product Engineering for RangeForce stated, “RangeForce threat exercises are based on years of running hundreds of live cyber events and deliver the most realistic experience for teams using headline-making attack scenarios and the same security tools they use every day. They provide participants the opportunity to acquire hands-on skills, so they build the muscle memory to meet threat actors head-on.”

The cyber environment used in RangeForce exercises goes beyond the conventional tabletop exercise, necessitating those participants to use well-known security tools like Splunk and Fortigate to find threats and take appropriate action. Events follow the NIST cybersecurity framework and include a combination of threat intelligence, threat hunting, digital forensics, and system hardening skills to mitigate threats based on current malware trends.

The new capabilities include a larger content catalog with dozens of scenarios covering advanced persistent threat (APT) behaviors like credential harvesting, exploitation of misconfigured AWS S3 buckets, ransomware, data exfiltration, and more. It also provides robust post-action reports for teams along with feedback on technical strengths and weaknesses; time to detect, respond, and mitigate; the number of hints required; and soft skill analysis. It provides support for developing custom post-exercise training plans based on team performance to address skill gaps and enable a continuous approach to cyber readiness development.

Read more articles:

Importance of Threat Intelligence in 2022!!