About Us

Deepwatch Introduced MXDR for Cybersecurity

Deepwatch launched managed extended detection and response (MXDR) service that provides an automated response to threats at the RSA Conference. Deepwatch protects enterprise networks and secures their digital economy. It has transformed the modern SOC through a cloud security platform backed by exceptional engineers, developers, and security experts.

Deepwatch’s MXDR service enhances detection capabilities by providing high-fidelity, contextualized alerts that enable rapid response and containment of cyber threats.

Wes Mullins, chief technology officer at Deepwatch stated, “Deepwatch MXDR automates response capabilities that help security operations teams contain threats and mitigate risk faster and more confidently than ever before. Automation delivers accelerated response times when powered by robust and accurate information on detected threats. High-fidelity alerts, enriched with information across endpoint, network, cloud, email, and identities correlated over a while, enables security teams to swiftly identify and contain threats before they disrupt business.”

Deepwatch MXDR reduces the risk of business-impacting security incidents by responding at machine speed, allowing analysts to complete the rest in human time. Deepwatch produces the most comprehensive high-fidelity alerts by leveraging the Deepwatch SecOps platform to collect, process, and analyze security telemetry from data sources.

Dave Gruber, Principal ESG Analyst stated, “Security leaders considering XDR should focus on security outcomes, including fast and efficient alert triage and prioritization, advanced threat detection, and rapid detection and response times, all aimed at supporting a growing attack surface. ESG research shows that half of the security teams prefer a fully managed XDR solution, with 52% of organizations believing that an MDR service provider can do a better job at threat detection and response than they can. Other MDR use cases reported in support of XDR deployments include the need for more expert security skills, staffing augmentation, and off-hours coverage.”

Deepwatch enhances threat detection while reducing alert overload by correlating related threat activity for a single entity and escalating only alerts that exceed the customer-defined risk threshold. Deepwatch MXDR automates response actions through advanced detection capabilities, reducing lag time and reliance on security personnel and cross-departmental resources.

Read more news:

OVO Energy and Noetic Cyber Collaborated for Critical Cybersecurity

OVO Energy and Noetic Cyber Collaborated for Critical Cybersecurity

OVO Energy has chosen Noetic Cyber as a solution partner to assist them in gaining greater visibility and insights into their current cybersecurity posture. OVO is deploying the Noetic platform to better understand and contextualize their cyber risk. OVO Energy, the UK’s third-largest energy supplier, has adopted a cloud-first approach enabled by implementing a culture of technical autonomy in which OVO teams select the cloud platforms and services best suited to their specific needs.

Paul Ayers, CEO, and co-founder at Noetic Cyber commented, “OVO is known as an innovator in the UK energy market in its business model and approach to technology. Our partnership with them showcases that innovation as we’re working together to address a fundamental cybersecurity challenge in finding and securing unknown and unprotected assets.”

OVO’s security team requires an automated way to understand their cybersecurity landscape across cloud platforms, SaaS applications, on-premises systems, and others.  The team adopted a data model that supports multiple business units and product teams, allowing them to maintain their current agility while also ensuring that central visibility of security control coverage and configuration. It will secure the organization and meet the regulatory requirements of the UK’s critical national infrastructure.

The collaboration with Noetic will provide OVO with the integration of Noetic’s existing security and IT management tools to ingest security data, creating a multi-dimensional map of all assets in the organization and their cyber relationships. OVO team can identify security coverage gaps, cloud service misconfigurations, and security control violations, all of which are prioritized based on business criticality and potential impact.

The Noetic platform integrates with OVO’s existing tooling for EDR, vulnerability management, device control, application security, network monitoring, cloud management, and more to continuously discover, inventory, and manage all assets in OVO’s environment.

The Novetic platform can assist OVO in identifying and correcting security coverage gaps in common cloud and endpoint use cases. By mapping business criticality, asset exposure, and exploitability to the existing vulnerability process, critical insights into patching and vulnerability management. Providing more detailed information and context on affected assets to the security operations team for incident investigation. Working with GRC to ensure that all aspects of the OVO business build and manage controls based on a common understanding of security data.

Read more articles:

thatDot Launched Novelty Detector for Cybersecurity

Nozomi and Siemens Collaborated for Cybersecurity

Nozomi Networks and Siemens have expanded their collaboration by incorporating Nozomi Networks’ Guardian Remote Collector software into the Siemens Scalance LPE local processing engine, a hardware platform tailored to process data for edge and cloud applications in manufacturing environments. Customers can now deploy the leading OT & IoT continuous monitoring solution to their industrial networks with ease, thanks to the power and simplicity of the Siemens Scalance LPE hardware.

Maximilian Korff, Lead, Business Development for Scalance at Siemens commented, “This is the first distributed cybersecurity data collection and analysis software embedded in the Scalance LPE platform and is a vital part of our defense-in-depth concept for OT cybersecurity. This integration offers our customers a non-intrusive and powerful solution to detect threats in real-time and gain deeper visibility of their OT network.”

The Scalance LPE hosts a Docker containerized version of the Guardian Remote Collector, that brings local data collection, pre-processing, and analytics to operational technology deployments. It enables more efficient analysis and data aggregation by any centralized application, including Nozomi Networks Vantage cloud-hosted security platform, and provides an effective way to distribute processing power across large manufacturing operations.

Sid Snitkin, Vice-President of Cybersecurity Advisory Services at ARC Advisory Group stated, “This is a significant milestone for the Siemens partnership with Nozomi Networks. Embedding Nozomi Networks solutions into Siemens Scalance LPE eliminates integration cycles and gives users an efficient and reliable solution with cybersecurity capabilities baked in.”

The Scalance LPE solution delivers highly scalable continuous monitoring and intrusion detection to the network edge. Data is sent from the edge to the Nozomi Networks Remote Collector, which is hosted on the Scalance LPE, to monitor and analyze industrial network protocols for anomalous behavior and potential threats. This integration is unique and can collect traffic from parallel PROFIsafe production cells using the Siemens reference network architectures.

Chet Namboodri, Vice President of Business Development at Nozomi Networks stated, “Supporting the Scalance LPE with a docker container version of our Remote Collector will streamline deployment options for our customers and follows on our existing support for the Siemens Ruggedcom APE platform. Siemens helps customers get the most out of the Nozomi Networks platform at any scale for these critical manufacturing and industrial control customers.”

Read more articles:

Kroll and Armis Have Partnered for Cyber Resilience

Onapsis Assess Baseline to Safeguard SAP

Onapsis Assess Baseline facilitates businesses of all sizes to accelerate time-to-value by simplifying deployment with a new SaaS-based, zero-footprint model and focusing on a core, targeted set of critical vulnerabilities as the first steps on their journey to ensure SAP application cybersecurity, compliance, and availability. When organizations are ready to expand, Onapsis Assess Baseline provides a simple expansion to additional scope for vulnerability management, as well as capabilities for continuous threat monitoring and application security testing.

Onapsis launched Onapsis Assess Baseline, a new offering that helps organizations jumpstart their SAP vulnerability management programs by better aligning with the SAP Security Baseline. Organizations must re-evaluate how they secure their most critical systems considering the exponential growth of targeted ransomware and the increased threat of cyber warfare as a result of global conflict. Companies are struggling to keep up with the growing number of vulnerabilities exploited by threat actors to gain access to their business-critical applications as the threat landscape evolves and becomes more aggressive.

Mariano Nunez, CEO of Onapsis stated, “Securing business-critical applications have always been challenging, but there’s a larger bullseye on the backs of organizations today – more than ever before – as sophisticated threat actors increasingly target Enterprise Resource Planning (ERP) systems. We have successfully helped the world’s largest and most sophisticated organizations integrate their business applications into their cybersecurity and compliance programs. Now, Assess Baseline makes it easy for customers who are getting started with their SAP application security programs to jumpstart quickly and effectively protecting the applications that power their businesses.”

Key organizational advantages of Onapsis Baseline assessment include reduced implementation costs through faster deployment.  Assess Baseline provides quick deployment and implementation with zero footprint scanning, whether in their cloud, on-premises, or via Onapsis’ SaaS platform. Users can scan with Assess Baseline against the SAP-recommended security baseline requirements for an organization’s SAP systems within hours, resulting in a faster time-to-value for SAP vulnerability management. The scans provide powerful context about critical vulnerabilities, mitigation instructions, and assurance that patches were applied, saving valuable resource time.

Steve Biskie, national ERP risk, and automation services leader with RSM US LLP said, “Today’s threat landscape requires a holistic approach to securing business-critical SAP applications such as ERP software. It is exciting to see Onapsis continuing to innovate its solutions to assist companies on their security maturity journey. The new Baseline license can help pave the way for more organizations to have an entry point into vulnerability management for SAP applications that could help keep their critical data and applications safe and compliant.”

Read more articles:

Privacy Management 

Kroll and Armis Have Partnered for Cyber Resilience

Kroll and Armis have partnered to expand cyber preparedness and response services for operational technology (OT) and industrial control systems (ICS) to secure clients far beyond the traditional endpoint. Armis is a market leader in unified asset visibility and security, with a knowledge base of over two billion connected devices, particularly in the health care industry. Asset discovery, network configuration, and traffic flow capabilities provide Kroll incident responders with visibility into ICS and OT environments, which are continuously secured using Kroll Responder, a managed detection and response (MDR) solution.

Marc Brawner, Managing Director, and Global Head of Managed Services for Cyber Risk at Kroll commented, “Identifying and protecting difficult-to-manage OT and IoT devices is an increasingly critical aspect of a modern cyber security program. The proliferation of these devices and related vulnerabilities is opening new avenues of attack by threat actors. By bringing together our extensive experience in responding to thousands of incidents every year with the Armis platform, together we can significantly reduce these risks. We look forward to working with Armis to further strengthen our client’s cyber resiliency.”

Kroll’s experience responding to over 3,200 incidents per year, combined with Armis’ technical visibility and expertise, will drive threat intelligence, detection, and response capabilities. Kroll can reduce the risk exposure of OT and ICS environments for clients, make informed recommendations to improve resilience, and respond in the event of suspicious activity because of the partnership.

Kroll expanded its MDR capabilities by acquiring Redscan in 2021. Armis enhances Kroll’s MDR solution by incorporating Armis’ agentless architecture to secure clients’ environments far beyond the traditional endpoint.

David Creed, Vice President, Worldwide Service Providers at Armis stated, “By leveraging Armis’ industry-leading platform, this partnership will help both Kroll and Armis clients stay better protected against cyber risks. Together, Armis and Kroll are uniquely positioned with their capabilities and offerings to serve organizations across industries, providing enhanced preparedness, response, and unmatched visibility.”

Read more articles:

What is IoT Security?

AT&T and Meraki Launched SASE

AT&T SASE with Cisco Meraki is a new managed service designed to help businesses improve network performance, enable resilient access, and protect sensitive data. The service also aids in the prevention of unauthorized use and loss. It accomplishes this while providing customers with flexibility as their networking environments change due to business growth, location expansion, and strategy changes.

AT&T has introduced AT&T SASE with Cisco Meraki to provide powerful networking and security offering to businesses of virtually any size and industry.

Danessa Lambdin, Vice President of AT&T Cybersecurity stated, “In-network connectivity and security, there is often little margin for error. For many businesses, the expertise to get it right is hard to come by. AT&T SASE with Cisco Meraki is a completely managed service that puts our experts in the driver’s seat giving growth-oriented businesses an integrated solution that can address their needs today and scale up right alongside them going forward.”

The need for dependable, high-performance connectivity is imminent. Because of the rise of hybrid work environments, organizations are connecting people, places, and devices, allowing users to connect and collaborate at nearly any time and from nearly any location.

Organizations also rely on a variety of Internet of Things (IoT) devices to increase efficiency, ranging from security cameras to medical devices and manufacturing equipment. Because of the explosion of connectivity, preparing for and responding to cybersecurity threats has become a critical challenge, particularly for sophisticated enterprises.

The managed security service enables almost any business to connect, protect, manage, and scale its network without the in-house expertise typically required. The solution’s scalability is critical for growing businesses that need to rapidly expand to new data centers and branch locations or add more devices to their network. This solution also assists businesses in protecting sensitive data from unauthorized use and theft. Customers also get access to AT&T Managed Services and specialists who can help with deployment, policy design, configuration, and 24/7 monitoring and support.

Lawrence Huang, Vice President of Product Management at Cisco Meraki commented, “Businesses looking to deploy cloud security across distributed locations must be able to do so in a simple, scalable, and reliable way. The AT&T SASE with Cisco Meraki service offers customers a seamless onramp to their SASE journey with a fully integrated networking and security offering, ultimately protecting users against internet-based threats both on and off the network.”

Read more articles:

Cyber Threat Intelligence!

Evergreen Services Group Enters MSSP Market With Agreement to Acquire VirtualArmour

Evergreen Services Group, a family of leading managed IT services firms said that it has signed a deal to buy VirtualArmour with acquisition of all assets under management. VirtualArmour is a leading worldwide managed security services provider (MSSP). The deal is likely to finish in the second quarter or early in the third quarter of 2021, after which the firm will operate independently under its current leadership team, led by CEO Russ Armbrust.

Jeff Totten, Evergreen’s CEO said, “We are excited to expand our cybersecurity capabilities by joining forces with VirtualArmour,” “From our first interaction, we were impressed by Russ, the VirtualArmour team and the company they have built. We look forward to partnering with the VirtualArmour team to bring a comprehensive managed cybersecurity offering to Evergreen’s customers.”

“Evergreen is a proven growth partner which will bring long-term vision and resources to support our growth while we continue independent operations. Evergreen will enable us to continue providing great service to our customers while we expand our capabilities in furtherance of our mission to be the industry’s leading provider of managed security services,” said Armbrust.

Evergreen sees VirtualArmour as a way to improve its capabilities in the fast developing cybersecurity services industry, which is highly complementary to Evergreen’s MSP offering. VirtualArmour manages the whole security lifecycle, from initial assessment through implementation and remediation, through its Security Operations Center as a Service (SOCaaS) offering, professional services, and best-in-class cybersecurity capabilities.

“VirtualArmour’s success stems from our absolute dedication to client satisfaction and world-class service. With Evergreen’s investment, we are further affirmed in the quality of our company, our team, and our abilities as a premier cybersecurity managed services provider. It will be exciting to continue building VirtualArmour with our new partner Evergreen!” said CTO Andrew Douthwaite.

“With the ever-increasing importance of cybersecurity for all businesses, we knew we wanted to find an MSSP to partner with, and we think VirtualArmour is a perfect fit. We’re excited to support VirtualArmour in growing its business alongside our MSPs and expanding the company’s partner program,” said Ramsey Sahyoun, Evergreen’s Head of M&A.