About Us

CriticalStart Announced Enhanced Abilities for Microsoft 365 Defender

A leading provider of Managed Detection and Response (MDR) services, CriticalStart announced enhanced abilities for Microsoft 365 defender, industry-unique capabilities around Managed Detection and Response (MDR) services to protect user credentials from phishing, brute force, and cloud application attacks. Other MDR providers make advice, while the Critical Start SOC acts on the customer’s behalf to prevent user account attacks, which are frequently a precursor to a breach.

The Vice President of Product at CriticalStart, Chris Carlson, stated, “By adding threat detection and response capabilities for credential and user account attacks into our MDR platform, Critical Start goes beyond the endpoint to protect against one of the most common attack vectors involved in the majority of breaches. This new expansion of capabilities was developed in direct response from customers that MDR providers need to go beyond giving recommendations for action and swiftly respond to stop attacks in progress.  Critical Start now grants our customers the ability to improve their organizations’ security postures as well as their overall readiness to face off against credential-based attacks.”

Customers can utilize the new CriticalStart announced Enhanced Abilities to strengthen their existing defenses and avoid breaches caused by user account-based assaults. As cybercriminals continue to focus their attacks on credentials that allow them to remain hidden when accessing networks rather than attacking the networks themselves, users must be able to detect and respond swiftly to these attacks.

Alerts from multiple Microsoft systems, such as user-reported email phishing attempts, Azure Active Directory identity alerts, and alerts triggered by anonymous login IPs to business applications running, can be brought in using the combined power of Critical Start’s existing MDR services and the Microsoft security suite from Defender for Cloud Apps. The extended service enables improved detection and response for a variety of threats that potentially compromise a user’s account.

LTI Partners with Securonix & Snowflake to Strengthen Cybersecurity Offerings

Larsen & Toubro Infotech, an international technology consulting and digital solutions firm, has partnered with Securonix, a leader in next-gen Security Information and Event Management (SIEM), and Snowflake, a leader in secure cloud computing.

LTI’s Active eXtended Detection & Response platform (Active XDR) will be used to detect internal and external risks early, contextualise and defeat threats with enhanced intelligence-led hunting operations, and automate incident response time thanks to the partnership. LTI Active XDR secures billions of critical alerts and records by storing them in a safe data lake.

“Guarding against cyber threats has become a top priority for every enterprise. LTI Active XDR, backed by the latest technologies from Securonix and Snowflake will strengthen our ability to combat ever-growing threats, responding to increasing ransomware attacks and phishing campaigns on critical infrastructure, large enterprises, and federal sector,” said Sanjay Jalona, CEO & Managing Director, LTI.

“‘Bring your own Snowflake’ is an ideal managed service program, significantly reducing the costs and complexity of scaling advanced threat detection and response services across multiple customer environments. We look forward to bringing additional solutions to market with LTI that more effectively secure today’s cloud and complex enterprise environment,” said Sachin Nayyar, CEO, Securonix.

“Chief Information Security Officers (CISO) are looking for alignment with the CIO to gain richer insights, improve scalability and drive savings. LTI is a strategic partner for Snowflake that has been recognized for its innovation and ability to help customers migrate from legacy solutions. We look forward to extending our partnership into cybersecurity together with industry-leader Securonix and its cloud-native ‘Bring your own Snowflake’ SIEM solution,” Said Christian Kleinerman, SVP of Product at Snowflake.

LTI’s cybersecurity strategy is built on assuring business continuity, brand equity, and managing external compliance. LTI is addressing to the need of the hour by scaling its advanced cyber security managed services to its enterprise customers around the world, equipped with state-of-the-art Cyber Defence Resiliency Centres (CDRCs), a centre-of-excellence (CoE) for cyber security.

SilverSky Acquired Cygilant, Expanding its UK Presence and Adding Renowned Data Research Talent

SilverSky, a cybersecurity service provider that offers professional managed detection and response (MDR) services, announced that it has completed the acquisition process of Cygilant, based in Burlington, Massachusetts.

ITOCHU International, Inc., the North American flagship company of Tokyo-based ITOCHU Corporation, made a strategic investment of $31.5 million in SilverSky in October 2021, according to SilverSky. In August 2021, SilverSky announced the completion of its acquisition process of New Jersey-based Advanced Computer Solutions Group, LLC (ACSG), which provided the firm a major client base in the US education sector and was the first in a series of planned acquisitions.

Cygilant, a major cybersecurity-as-a-service company, has a security operation centre (SOC) in Belfast, Northern Ireland, and employs some of the world’s top Ph.D.-level cybersecurity, advanced networks, and data science expertise. The acquisition of Cygilant’s UK-based delivery centre expands SilverSky’s access to European marketplaces while complementing the company’s current footprint in Asia and North America.

“Alongside our recent growth-related announcements, this acquisition of Cygilant, a cybersecurity-as-a-service and threat-intelligence powerhouse, helps to further galvanize our efforts to globally expand the SilverSky presence as well as retain and nurture some of the industry’s best cybersecurity and data science talent. Cygilant shares our commitment to rich-service offerings that are unmatched in the industry. We’re pleased to welcome the Cygilant team and their customers,” said Richard Dobrow, CEO at SilverSky.

“We are excited to join SilverSky. This represents a significant next-chapter of the Cygilant journey, as our innovative SOC capabilities and deep bench of cybersecurity expertise are combined with one of the industry’s most comprehensive MDR offerings. The outcome for our customers will be access to the collective set of broader managed services that will continue to enrich their cyber protections and strengthen their security posture,” said Rob Scott, CEO and President at Cygilant who will be joining SilverSky as its Chief Strategy Officer.

Claroty Completed The Acquisition Of Medigate, A Leader In Healthcare IoT Security

Claroty, a cyber-physical systems (CPS) security firm for industrial, healthcare, and enterprise sectors, announced that it has finished the acquisition of Medigate, a leading healthcare IoT security firm. Claroty is now in a unique position to secure the Extended Internet of Things (XIoT) by providing unrivalled visibility, protection, and threat detection for all linked enterprises through a single solution.

“Highly interconnected CPS have become pervasive in industrial and healthcare environments in recent years in order to drive innovation, resilience, sustainability, and better health outcomes. However, greater connectivity begets greater exposure to risks, with serious consequences for patient safety, public safety, and the environment. Together, Claroty and Medigate will combine our deep domain expertise and specialized technologies into a comprehensive platform that will extend across all types of CPS and connected devices to secure the XIoT. We envision a future where cyber and physical worlds safely connect to support our lives, and with Medigate’s talented team and powerful capabilities, we have what it takes to make this vision a reality,” said Yaniv Vardi, CEO of Claroty.

Across 2021, ransomware attacks targeting CPS in all industries hit new highs, with 82 percent of healthcare systems reporting IoT cyber intrusions in the last 18 months. As a result, a slew of new security legislation have emerged, pushing corporations to take action.

“By joining forces between Medigate and Claroty, we are forming the only cybersecurity company that can deliver a best-of-breed solution for all the critical assets across healthcare, industrial, and enterprise environments that comprise the XIoT. Our combined talent, technology, and IP empowers us to truly change the way organizations identify, secure, and manage these connected assets on a massive scale, thereby delivering even greater value for our customers,” said Jonathan Langer, co-founder and CEO of Medigate.

Claroty’s $400 million Series E round, announced in December 2021, was used to fund the transaction. SoftBank Vision Fund 2, Bessemer Venture Partners, Schneider Electric, Rockwell Automation, Standard Investments, Team8, and ISTARI were among the investors in the round (a global cybersecurity platform established by Temasek). 

Snapattack Raised $8M Funding To Strengthen Collaboration Among The Next Generation Of Threat Hunters

SnapAttack announced a $8 million fundraising round led by Volition Capital. SnapAttack recently announced a spinoff from Booz Allen Hamilton, and the funding was completed in conjunction with that announcement. Strategic Cyber Ventures (SCV) and Booz Allen Hamilton, which is maintaining its investment in the newly independent business, are among the investors in the round.

“Platforms that empower threat hunters and lead the cybersecurity industry to be more proactive will help turn the tide against the onslaught of attacks we’re seeing across the Federal government and commercial sectors. We believe SnapAttack can help lead the change from reactive to proactive,” said Roger Hurwitz of Volition Capital.

SnapAttack presently contains the world’s most comprehensive collection of labelled cyberattacks, allowing security companies to apply high-quality, validated analytics based on real hacker tradecraft. The platform’s user community is constantly improving and adding to analytic content, which can be confirmed, deployed, distributed, and shared right away.

SnapAttack is unlike anything else on the market since it combines offensive (red teaming) and defensive (blue teaming) tradecraft to find security flaws and strengthen advanced behavioural detections. The platform integrates SIEM, EDR/XDR, and cloud technologies and is vendor agnostic.

In today’s world, most businesses are constantly responding to incidents. SnapAttack is a proactive solution that consists of a security platform that focuses on attack emulation, detection-as-code, and the ongoing development and validation of sophisticated behavioural analytics. Organizations can use SnapAttack to give high-quality detection logic to their technology stacks, preventing assaults before they start.

“SnapAttack is poised to empower a new level of collaboration among the next generation of ethical hackers, threat hunters and security researchers providing advanced insights to stop attackers in their tracks,” said Fred Frey, CTO and founding member of the SnapAttack team.

The funding will be used to speed up platform development, allowing the company to better integrate security operations processes, manage the complete lifecycle of detection analytics, and improve reporting.

It also intends to integrate more threat intelligence and analytic content kinds into the platform in order to develop the most powerful and complete detections with the least amount of human input. To increase product adoption and build their customer base across Federal and Commercial markets, key team growth will be focused on product, engineering, and sales.

Stellar Cyber Raised $38 Million In Series B Funding Round To Grow Its Open XDR Success And Address Vital Demand To Provide 360-Degree Visibility Of Cyber Attack

Stellar Cyber, the maker of Open XDR, the only Everything Detection and Response platform, has raised $38 million in Series B funding round led by Highland Capital Partners, with active participation from all current investors Valley Capital Partners, SIG, and Northern Light Venture Capital, as well as new strategic investor Samsung. Stellar Cyber has already raised over $68 million in total funding.

“Today’s complex attacks are virtually impossible to rapidly detect with the traditional approach of using siloed, stand-alone tools, and our customers are tired of spending a fortune on tool collections that fail to cut off attacks. The Series B investment enables Stellar Cyber to continue leading the Open XDR market by driving innovation, increasing our market footprint, supporting partner expansion and hiring extraordinary talent,” said Changming Liu, CEO and co-founder of Stellar Cyber.

“Stellar Cyber offers the industry’s first Open XDR platform, and the only one that truly accepts security data from all tools and sources as well as its own sensors “A broad range of enterprises and MSSPs are deploying the Stellar Cyber platform at the center of their security operations because it shortcuts the time and effort to find in-progress cyberattacks or rogue insiders at work while fundamentally solving the problem of too many non-productive alerts,” said Corey Mulloy, partner at Highland Capital Partners.

“Today’s stone-cold reality requires a fundamentally different approach that breaks down traditional siloes of security to aggregate all data into a single plane for deep behavioral analysis that can find active attacks quickly and accurately. Stellar Cyber has taken the lead to break the necessary barriers to gain a proven 360-degree knowledge of attacks to get an upper hand on attackers,” said Raymond Liao, MD, Samsung Next.

“I am excited to see the tremendous growth Stellar Cyber has had since our initial investment. What we saw in Stellar Cyber’s early days is now clear to everyone. We welcome all the new investors to help Stellar Cyber reach its full potential to democratize cybersecurity for any enterprise,” said Raymond Choi, Managing Director at Valley Capital Partners and an existing board member of Stellar Cyber.

Palo Alto Networks Cortex XMDR Specialization Strengthens Customers’ Security Operations

Palo Alto Networks announced the launch of its Cortex eXtended Managed Detection and Response (XMDR) Partner Specialization, which will assist customers in detecting, investigating, and responding to cyberthreats across endpoint, network, and cloud assets.

The Cortex XMDR Specialization will facilitate MSSP partners to combine Cortex XDR with their managed services offerings, helping customers around the world streamline security operations centre (SOC) operations and rapidly mitigate cyberthreats, based on demand for Palo Alto Networks’ pioneering Cortex XDR 3.0 extended detection and response solution.

“Securing an enterprise is a massive undertaking. Organizations recognize the need for effective detection and response across the network, endpoint and cloud but often need help managing their deployment. The Cortex XMDR Specialization will give customers peace of mind that the services they are choosing will mitigate security gaps and alleviate churn to allow security teams to focus on the most critical threats,” said Karl Soderland, senior vice president, Worldwide Channel Sales at Palo Alto Networks.

“PwC is thrilled to have the opportunity to further expand our strong alliance with Palo Alto Networks through the delivery of best-in-class managed security services for our high value, joint customers.The Managed Cyber Defence service fuses the power of PwC’s global threat intelligence, thousands of hours of incident response expertise, and advisory services with Cortex XDR and XSOAR,” said Colin Slater, Partner at PwC UK

“We are excited to partner with Palo Alto Networks to help transform the MDR space together. As a Cortex XMDR Specialization partner we combine the power of best in class Cortex XDR with our MicroSOC services to relieve the day-to-day burden of security operations for customers with 24/7 coverage. Cortex XDR’s integration of endpoint, network, cloud and third-party data enables us to enhance the service that we provide to our customers as our analysts have visibility across an enterprise’s entire infrastructure and can more quickly focus on real threats,” said Laurent Lemaire, Chief Business Officer, Orange Cyberdefense.

“As a Cortex XMDR specialization partner, we are thrilled to be part of this launch. The powerful analytics and automation that Cortex XDR provides, combined with the cloud-native Trustwave Fusion platform, significantly enhances the capabilities of our detection, hunting and response teams to pinpoint anomalies quickly, provide deeper investigations, or if necessary, immediately eradicate the threat,” said Spencer Ingram, Senior Vice President of Operations, Trustwave.

“Cloud-delivered services on the Cortex platform allow us to reduce the time to deploy and configure our offerings while streamlining operations to focus on securing customers’ critical assets. As a Cortex XMDR Specialization partner, CRITICALSTART has the ability to provide our customers monitoring, analysis and coordinated response across network, endpoint and cloud environments, for a comprehensive view of an attack,” said Randy Watkins, Chief Technology Officer, CRITICALSTART.

Stellar Cyber’s Open XDR strengthens security operations for Barracuda users

Stellar Cyber has announced the integration of its security platform with Barracuda CloudGen Firewall, Barracuda Total Email Protection, and Barracuda Web Application Firewall, offering managed security service provider (MSSP) clients and prospects with improved visibility, cyber threat hunting, automated incident correlation, and remediation.

“Our customers know that Barracuda delivers best-of-class email, network, and web application security solutions. When it comes to defending against today’s sophisticated cyber threats like ransomware and data breaches, they are looking for full visibility and automation,” said Fleming Shi, CTO at Barracuda Networks.

“We already offer Barracuda SKOUT Managed XDR optimized for our MSP customers. This new integration with Stellar Cyber gives our enterprise customers a holistic view of their infrastructure and the capabilities to coordinate incident response to attacks in real time.”

The Stellar Cyber platform integrates the XDR Kill Chain and AI-driven correlation of detection techniques and warnings into automatically generated incidents on an incredibly simple dashboard with visibility all over the attack surface, so analysts know precisely what to look into and how to look into it.

Furthermore, the inbuilt multi-tenant functionalities of Stellar Cyber find things simpler for Barracuda’s MSSP partners to offer SOC-as-a-service to its end-user customers.

“The Stellar Cyber Open XDR platform brings additional value to existing Barracuda product investments by ingesting their logs, enriching the captured data, analyzing that data for threats, and then automatically remediating attacks through the firewall as well as other systems,” said Zeus Kerravala, principal analyst at ZK Research. “It’s great to see this level of integration to protect customers.”

“By integrating our Open XDR AI-powered cybersecurity platform with Barracuda’s popular solutions, we deliver a new level of visibility and SOC capabilities, such as correlated threat analysis, threat hunting, and automated remediation, to Barracuda customers,” said Paul Jespersen, Senior Vice President of Global Business Development at Stellar Cyber.

“Our purpose-built platform collects and ingests data from all existing security tools and presents a single dashboard that clearly identifies and prioritizes security threats, all the way from individual alerts to sophisticated incidents or attack stories, in a way that maximizes efficiency in SOC operations.”

Barracuda is focusing on strengthening its integrations with Open XDR systems such as Stellar Cyber. Clients of Barracuda will be able to more effectively block ransomware and stay ahead of attackers that use credential theft and account takeover in email security to stop further penetration.

Cado Security Partners with SentinelOne to Provide Cloud-Native Digital Forensics

Cado Security, provider of cloud-native digital forensics platform, has partnered with SentinelOne, an autonomous cybersecurity platform, to offer security teams with the breadth and depth they need to detect, analyse and respond to attacks with extraordinary speed.

Time is of the essence when it comes to attack management. As soon as malicious behaviour is noticed, security professionals must be able to dig deep to identify the root cause and scope. The SentinelOne Singularity XDR Platform gives the necessary visibility to identify the malicious activity as soon as it happens. Cado Response automates the process of obtaining critical forensic data and historical context, which gives an inquiry more depth.

“Using traditional DFIR approaches often means it can take security teams weeks to capture and process the data needed for a detailed forensic investigation. This is precious time that an adversary has free rein to inflict damage,” said James Campbell, Co-founder and CEO of Cado Security. “At Cado, we leverage the cloud in a way that allows for automation and rapid processing, removing many of the complexities associated with DFIR. We are thrilled to partner with SentinelOne to deliver the data and context security teams need to quickly identify the root cause of incidents and enable faster response.”

Security analysts can always use SentinelOne’s Remote Script Orchestration (RSO) functionality to run Cado Response in a single click to execute an in-depth forensic investigation across their SentinelOne Singularity Platform-protected endpoints, simplifying data collecting and speeding up triage. The Cado Response platform is built on a cloud-based system that scales up and down dynamically to deliver fast processing when it’s required and save money when it’s not, substantially lowering time to evidence and time to response.

“Our focus is to empower security teams to uplevel their approach to incident response and automation with speed, scale and simplicity. Cado Security’s integration with SentinelOne’s Singularity XDR enables security analysts to automate forensics investigations across the enterprise attack surface,” said Mike Petronaci, VP Product, Platform and Ecosystem, SentinelOne.

LogPoint completes acquisition of SecBI and added native SOAR to its core SIEM offering

LogPoint, a worldwide leader in cybersecurity, announced that the acquisition process of Tel Aviv-based SecBI is completed. LogPoint’s native integration with SecBI’s SOAR and XDR universal SOAR and XDR technology will create a foundational Security Operations platform. In December, SOAR and LogPoint 7.0 will be available together as a bundle.

“With the tidal wave of cyberattacks threatening businesses and societies across the globe, a disruption of the way organizations respond to cybersecurity incidents is required,” said Jesper Zerlang, CEO LogPoint. “Building on LogPoint SIEM and UEBA to effectively detect threats, orchestration and automation of the response to incidents is key to advancing cybersecurity. Consequently, SOAR will be a capability included in LogPoint to advance foundational cybersecurity.”

In addition, all current and future LogPoint clients will be able to use SOAR in their security operations with the release of LogPoint 7.0, automating repetitive tasks and orchestrating threat remediation workflows, as well as facilitating autonomous investigation, prioritisation and execution of playbooks to minimize human involvement and speed up response time. Clients will be able to use SOAR as part of their LogPoint Core SIEM license.

“LogPoint SOAR has been in production with select customers over the past few months and we’re thrilled with the overwhelmingly positive feedback that analysts have more confidence that incidents are dealt with appropriately thanks to the automatic playbooks. Our customers have reported a significant decrease in the time it takes to detect and respond to a phishing email – down from three hours with manual processes to 10 minutes with automated LogPoint SOAR playbooks,” said Christian Have, CTO, LogPoint.

“SOAR is not only about coping with the increasing number of cybersecurity incidents. By including SOAR in the LogPoint SIEM solution, we will enable organizations of all sizes, especially companies that do not have a fully-staffed 24/7 Security Operations Center (SOC), to establish proper and relevant incident-handling processes and dramatically increase quality and speed in their response capabilities. It also helps those organizations assess the efficiency of new cybersecurity tools and measures,” said Have.

“Already a strong SIEM player in Europe, LogPoint’s new SOAR and XDR offerings, combined with its own notable TDIR advancements, position the vendor to compete globally for a growing share of enterprise customers.”