About Us

Forescout Frontline to Combat Ransomware and Threats

Forescout Frontline is a new threat hunting service from Forescout Technologies. It leverages a team of expert cybersecurity analysts to support cybersecurity teams by proactively identifying risks, enabling accelerated incident response, and maturing security posture. Forescout is providing this complimentary service to organizations that lack the internal resources and visibility required to defend themselves against cybersecurity attacks such as ransomware and advanced persistent threats.

Many organizations employ multiple security tools across teams to assist in the identification of threats and risks. However, due to siloed views of IT, IoT, IoMT, or OT assets, insights may be limited. A variety of these asset types typically exist across an organization’s digital terrain and are frequently interconnected, implying that cybersecurity risk must be identified and addressed holistically.

Shawn Taylor, vice president of Threat Defense at Forescout, “Cybersecurity attacks are on the rise. Simultaneously, cybersecurity teams are perennially understaffed and under-resourced. This has created a perfect storm. Organizations are under immense pressure to cope with the scale and speed of attacks and the havoc caused by adversaries. Forescout is launching this new service to help organizations defend against attacks by providing a complete and holistic view of their assets.”

The Threat Hunting and Risk Identification Service, delivered by Forescout Frontline analysts, overcome staffing resource and asset visibility challenges to uncover threats and identify risks that would otherwise go unnoticed. Frontline will assist organizations against cyber threats and vulnerabilities, and help them to discover, validate, and prioritize all assets, including IT, IoT, IoMT, and OT. It will examine the context and risk factors for all findings along with effective risk mitigation and remediation strategies.

Forescout Frontline levels cybersecurity by operationalizing vulnerability research and threat intelligence produced by Forescout’s Vedere Labs and enhancing it with the Forescout Continuum Platform to provide threat hunting services across multiple dimensions. Forescout Frontline analysts are former public and private sector threat hunters with training in threat detection and incident response.

Read more articles:

The benefits of cyber threat intelligence!

Nebulon TimeJump Features Lenovo ThinkSystem

Nebulon TimeJump offers complete ransomware recovery in less than four minutes. Nebulon TimeJump will feature on the Lenovo rack servers to provide all-around ransomware protection. Lenovo ThinkSystem will have instant recovery capabilities for their edge data centres with this integration, it will also provide Lenovo-based 2-server cluster alternative.

Nebulon TimeJump is the only Lenovo storage and server solution that offers all-around ransomware recovery in less than 4- minutes. TimeJump is available for small 2-servers clusters and ensures significant savings and availability against the 3-node HCI solutions. It is built on Nebulon’s smartInfrastructure cloud control plane, Nebulon ON. Nebulon ON utilizes multi-factor authentication to restrict unauthorized login, a feature offered to all users.

Lenovo ThinkSystem offers efficiency, flexibility, and value to ensure the essential requirements at the enterprise edge. With the integration of TimeJump with ThinkSystems, rapid cyber recovery can be easily ensured with a smaller footprint at the edge.

Siamak Nazari, CEO of Nebulon commented, “Data at the edge faces higher security risks and cost pressures than core data centre deployments. With Nebulon, enterprises can reduce costs while improving cyber resilience at the edge—and if attacked by ransomware, they can recover in under four minutes.”

Ransomware, malware, and wiper attacks are on the rise, they can infect the servers, and the need for ransomware protection is imminent. Cyber resilience for infrastructure at the edge is a solution that administrators are desperate to have. To survive the worse, companies need to have an effective ransomware recovery solution in place.

Nebulon ON also offers integrated role-based access control (RBAC) to let organizations handle who has remote or local access to the data and operating environment. Nebulon’s smartInfrastructure enhances the data security with always active encryption for data at-rest and in-flight. It helps in minimizing the risk of human error with its hardware-generated encryption key.

TimeJump is cost-effective and occupies less space than the traditional 3-node-minimum hyper-converged infrastructure (HCI) solutions. It offers ransomware recovery in less than four minutes.

Read more articles:

cyber threat intelligence!

Nebulon to Support Dell PowerEdge Servers

Nebulon TimeJump safeguards both the operating system and application data, preventing the need for manual server and operating system rebuilds and saving valuable time. Furthermore, Nebulon data security software works in an isolated domain within the server, protecting critical data even if the management servers are compromised. Nebulon TimeJump offers users access to the only combined server and storage solution available. It provides a 4-minute ransomware recovery solution. It can deploy ransomware protection for small, two-node management infrastructure clusters, which reduces server purchases, data center space, power, and cooling costs by 33%.

Nebulon offers enterprises a 2-node alternative for their management infrastructure, with near-instant recovery capabilities and a 33% smaller footprint than 3-node-minimum hyper-converged infrastructure solutions, which also take hours or even days to fully recover from ransomware attacks.

Many mid-sized businesses rely on small management infrastructure clusters, which include services like PXE, DNS, DHCP, LDAP, NTP, Radius, VPN, and license servers, to quickly recover their production application environment after a ransomware attack. Since the infrastructure is on a network it can be compromised by a ransomware attack, malware, or wiper attacks, delaying production environment recovery by hours or even days.

Nebulon TimeJump 4-minute ransomware recovery solution with extended support from Dell PowerEdge-based 2-node management clusters restores the management infrastructure back online.

Siamak Nazari, CEO of Nebulon commented, “Ransomware attacks are inevitable. Many enterprises today are focused on protecting their production systems against ransomware attacks, but few have a strategy in place to quickly recover their management clusters. This can be a costly mistake as management infrastructure is critical to recovering production servers. Enterprises need a simple, fast way to ‘recover so they can recover’ – recover their management infrastructure so they can recover their production environment.”

Nebulon smartInfrastructure includes cybersecurity and ransomware protection as a core component, to prevent unauthorized login. Nebulon ON, the smartInfrastructure cloud control plane, employs mandatory multi-factor authentication (MFA). Furthermore, Nebulon’s service includes role-based access control (RBAC), which limits a malicious user’s privileges and access to the server’s data. smartInfrastructure takes data security a step further by providing always-on data encryption at rest and in-flight via a hardware-generated encryption key, rather than user-generated keys, reducing the risk of keys being lost or misappropriated.

Read more articles:

Developers’ interest in cybersecurity grows

cyber threat intelligence!

 

Resilience Raised $80 Million In Series C Round

Resilience, a leading cyber insurance and security solutions firm, announced the completion of  $80 million Series C funding round led by General Catalyst and Corey Thomas of Rapid7, with participation from Founders Fund, Charles River Ventures, Lightspeed Venture Partners, Shield Capital, and Intact Ventures.

The investment comes as Resilience moves forward with plans for mid market expansion and international expansion. Middle-market businesses – manufacturing, universities, agriculture, hospitals, and construction – are the backbone of the American economy. As ransomware attacks are rising, the hardened cyber insurance market has allowed newcomers with a fresh perspective to make it to the top.

“We took a deliberate approach entering the middle market. Our clients are discerning buyers with sophisticated infrastructure. We proactively connect their security posture with their insurance policy, not as vendors, but as partners. That personal, integrated approach of transparency and action is what makes us so. This funding round signals that the market is ready for our insure + secure model different,” said Vishaal “V8” Hariprasad, CEO of Resilience.

Resilience has created an Insure + Secure business model that offers its clients with both tailored insurance and security solutions. From risk assessment to post-bind vulnerability monitoring, a team of in-house security engineers works with clients.

“Resilience is building the leading cyber risk and response platform for the insurance industry, helping mid-market enterprises identify and integrate the best insurance and security solutions for their business needs. It’s more than risk mitigation – it’s bespoke security solutions combined with an insurance policy that provides clarity and certainty. General Catalyst is proud to co-lead this funding round with Corey Thomas as we believe Resilience’s integrated model is the future of cyber risk,” said David Fialkow, Managing Partner and Founder at General Catalyst.  

“Resilience’s expertise, combined with an innovative approach to cyber risk, deliver unparalleled value for clients. The team has seen tremendous progress in the past year, setting the course for responsible and profitable growth. Intact Insurance Specialty Solutions is pleased to be a carrier partner,” said Michael Miller, CEO, Global Specialty Lines, Intact.

“At Intact Ventures, we are thrilled to increase the size of our commitment and to invest in a world-class team building a category-defining business,” said Justin Smith-Lorenzetti, Intact Ventures.

This financing enables Resilience to accelerate delivery of Insure + Secure solutions more broadly in North America and now globally.

Huntsman Security Introduced SmartCheck for Ransomware

Huntsman Security introduced new solution SmartCheck for Ransomware, an automated, on-demand diagnostic application developed to analyse the risk of a ransomware outbreak. The application captures data directly from security activities in order to report on an organization’s security posture in comparison to a set of security measures. These measures are similar to those recently recommended by the UK National Cyber Security Centre (NCSC) and the US National Institute of Science and Technology (NIST), and will provide users with assurance that they are adhering to known cyber security best practice.

SmartCheck for Ransomware tests an organization’s ransomware readiness quickly and effectively, providing a numeric score for each of the 12 security controls. As a result, companies can findout their risk exposure and modify any security policies that are needed to enhance their security posture and ransomware preparation. At the same time, the verifiable report gives higher security trust levels to third parties, such as insurers or potential partners, at a time when supply chain security is a big issue.

“To protect against ransomware and effectively manage their security risks, it is vital that senior executives have clear visibility of their cyber posture. This goes beyond annual audits to having the relevant information available whenever the organisation needs it – whether to modify security settings to improve readiness; or to verify their posture to partners or insurers. By making assessments automated and in line with established best practice, we have given organisations access to reliable security information that they can use with confidence to improve their risk management processes,” said Peter Woollacott, CEO, Huntsman Security.

SmartCheck for Ransomware is developed with much the same precision and reliability as Huntsman Security’s other defence-grade SIEM and Scorecard products, and is meant to be simple to install and use. It assesses the effectiveness of important cyber-attack prevention, containment, and restoration mitigation tactics across the course of a cyber-attack.

“As the threat of ransomware grows everywhere, organisations need to regularly assess their state of readiness. With insurers such as AIG tightening terms and raising premiums in response to the ransomware threat, organisations that can’t demonstrate adequate security precautions will find insurance terms increasingly difficult to negotiate. At the same time, organisations need to take steps to ensure that ransomware will not disrupt their operations or those of their supply chains – making assessing partners’ security posture just as important as assessing their own. Updating ransomware risk management efforts to include SmartCheck for Ransomware to better address their ever changing risk environment will put organisations in a much better position to combat the threat of ransomware,” said Woollacott.

Stellar Cyber’s Open XDR strengthens security operations for Barracuda users

Stellar Cyber has announced the integration of its security platform with Barracuda CloudGen Firewall, Barracuda Total Email Protection, and Barracuda Web Application Firewall, offering managed security service provider (MSSP) clients and prospects with improved visibility, cyber threat hunting, automated incident correlation, and remediation.

“Our customers know that Barracuda delivers best-of-class email, network, and web application security solutions. When it comes to defending against today’s sophisticated cyber threats like ransomware and data breaches, they are looking for full visibility and automation,” said Fleming Shi, CTO at Barracuda Networks.

“We already offer Barracuda SKOUT Managed XDR optimized for our MSP customers. This new integration with Stellar Cyber gives our enterprise customers a holistic view of their infrastructure and the capabilities to coordinate incident response to attacks in real time.”

The Stellar Cyber platform integrates the XDR Kill Chain and AI-driven correlation of detection techniques and warnings into automatically generated incidents on an incredibly simple dashboard with visibility all over the attack surface, so analysts know precisely what to look into and how to look into it.

Furthermore, the inbuilt multi-tenant functionalities of Stellar Cyber find things simpler for Barracuda’s MSSP partners to offer SOC-as-a-service to its end-user customers.

“The Stellar Cyber Open XDR platform brings additional value to existing Barracuda product investments by ingesting their logs, enriching the captured data, analyzing that data for threats, and then automatically remediating attacks through the firewall as well as other systems,” said Zeus Kerravala, principal analyst at ZK Research. “It’s great to see this level of integration to protect customers.”

“By integrating our Open XDR AI-powered cybersecurity platform with Barracuda’s popular solutions, we deliver a new level of visibility and SOC capabilities, such as correlated threat analysis, threat hunting, and automated remediation, to Barracuda customers,” said Paul Jespersen, Senior Vice President of Global Business Development at Stellar Cyber.

“Our purpose-built platform collects and ingests data from all existing security tools and presents a single dashboard that clearly identifies and prioritizes security threats, all the way from individual alerts to sophisticated incidents or attack stories, in a way that maximizes efficiency in SOC operations.”

Barracuda is focusing on strengthening its integrations with Open XDR systems such as Stellar Cyber. Clients of Barracuda will be able to more effectively block ransomware and stay ahead of attackers that use credential theft and account takeover in email security to stop further penetration.

Mitiga Launched Cloud Incident Readiness and Response Solution for Ransomware Attacks

Mitiga, a cloud incident management firm, announced the launch of the first Ransomware Readiness solution for the cloud, which aims to improve ransomware protection. This technology and services solution allows businesses to improve their cloud ransomware readiness and resilience, as well as respond and recover quickly when attacks occur.

Ransomware attacks are on the rise around the world, and they’re becoming more complex as cybercriminals adapt to defensive tactics. Attackers encrypt and erase backups, exfiltrate and sell information, and even sell access to vulnerable systems. Because of this growing complexity, ransomware discussions necessitate a thorough investigation to identify the scale of the attack, the optimal response, and how to prevent perpetrators from repeating the attack.

Mitiga built Ransomware Readiness in response to this increasing threat, based on studies on cloud service providers, including how data is accessed, stored, and encrypted. Ransomware Readiness assists businesses in better preparing for and responding to ransomware attacks in cloud settings, allowing for quicker recovery and a faster return to business as normal. Clients can be certain that if cybercriminals attack their critical cloud services, incident response and investigation may begin in hours, not days, thanks to Ransomware Readiness.

“As with all cybersecurity threats, ransomware has become more sophisticated over the last two decades. And as more and more companies migrate to the cloud, it becomes increasingly complex for them to navigate today’s dangerous threat landscape,” said Ariel Parnes, Mitiga Co-Founder and COO.

It’s critical to swiftly analyse the magnitude of a ransomware attack so that executive teams may make informed decisions and handle any associated risks, such as informing regulatory authorities, clients, and the general public if necessary.

Making those judgments without enough knowledge makes it difficult to keep the trust of the board of directors, shareholders, and clients, and may result in expensive ransomware payments and notifications. Giving leadership teams the information and response experience they need to make timely choices through readiness exercises can make the difference between a small event and a crisis.

AI Phishing Defense Firm SlashNext Raised $26 Million Series B Funding

SlashNext, the SaaS leader in spear-phishing and human hacking defence stated it has raised $26 million in venture capital funding Series B. The round brings total SlashNext funding to $ 43 million, thanks to new investors Tom and Matt Gallo, Telia Group and the Ayala Group ACTIVE fund, as well as early investor participation by Norwest, Wing and Alter Ventures. 

Majority of cyber breaches are successful like ransomware and theft of data. SlashNext’s patented AI cloud and device protection extends over and across popular communication and collaboration applications to stop spear phishing, the social engineering industry and other targeted human threats. SlashNext protects companies from the malignant user threats from legitimate, trustful sites that easily escape current SEG, proxy, SASE and endpoint security tools, with its pinnacle accuracy and 48 hour detection time.

“When cybercriminals launch successful multi-channel phishing and social engineering attacks, the results are massively disruptive to people, organizations, and the economy. This is the number one cyber challenge that organizations face globally, and bad actors are only increasing their attacks in Linkedin, MS Teams, Messenger and Slack and becoming more sophisticated at taking advantage of the most vulnerable part of organizations – its people. This is why we saw considerable growth this past year with over 600% increase in customers and a 750% growth in ARR since the introduction of our multi-channel AI defense service,” said Patrick Harr, SlashNext CEO.”

SlashNext will scale-up its domestic and international acquisition and operations with new investments. Besides driving important distribution partnerships with MSSP, embedded OEMs and carriers, including their new strategic investors Telia Telecom and APAC Globe Telecom, representing over 40 million mobile subscribers in Europe. SlahNext will further lead the AI cloud and multi-channel, multi-language device detection of any type of phishing targeting — SMiShing, Vishing, BEC, fraudulent banking, scams, scam browsers, credential stealing, ransomware, social engineering or other malicious digital user attack from legally hosedt or trusted supply chain vendors.

SlashNext has the potential to prevent billions of dollars in damages to organizations by combatting the rise of spear phishing and other targeted attacks,” said Promod Haque, Senior Managing Partner at Norwest. “This funding will enable SlashNext to expand its footprint globally, making it the clear choice for organizations looking for protection against malicious digital attacks that current SEG, proxy, and endpoints solutions cannot defend.”

“The many recent headlines about ransomware attacks continue to confirm that no industry is immune to cybercriminal spear phishing attacks and the results of a successful attack are incredibly disruptive to operations. We consider these threats daily in all our operations – from transportation to production to growth. Our strategic investment in SlashNext strengthens our defenses, and we are excited to partner with them to grow and innovate to stop this multi-billion-dollar cybersecurity problem,” said Thomas Gallo.

“Unlike in the past, where cybersecurity breaches mainly focused on email through business devices, attacks now occur on different applications installed on endpoint devices like mobile phones and tablets, which can be personal and less protected. The ACTIVE Fund investment in SlashNext recognizes the evolving nature of communication for work and life – data-driven and digital, collaborative, and accessible anywhere any time and on any device. SlashNext’s superior technology will fortify enterprises’ defenses, allowing them to operate with speed, scale, and security, protecting both their customers and their shareholders. We’re keen to support SlashNext’s mission to stop this global problem,” said Minette Navarrete, President of Kickstart Ventures.

Involta Releases Air Gap Solution to Protect Crucial Data From Cybercrime

Involta, a provider of cloud computing, hybrid IT and data services firm, announced the launch of  Involta Air Gap to secure business backup, as digital migration continues to advance into the cloud. Involta Air Gap provides robust air security — the space between working and backup — to stop cyber criminals from accessing important information, significantly mitigating the severity of expensive ransomware attacks.

With increased cybercrime at corporate level, this solution is vital. Cybercrimes have increased significantly over the past year in terms of high-profile ranching campaigns and viruses, malware and DoS (denial of service). This has led to unprecedented cyber and information security spending among businesses. Research forecasts that the world will have a global cost of 11.4 million dollars every minute by the end of 2021.

“In the arena of cybersecurity, ransomware attacks target back-ups, crippling an organization’s ability to access its critical data. Involta Air Gap builds on cybersecurity measures that may already be in place and acknowledges that securing enterprise data in a separate location is critical. The premise is that a cybercriminal can’t access back-ups if there is no connection between environments. Involta Air Gap was developed to help enterprises win the war against cybercrime, especially those using AWS and Veeam cloud solutions,” said Mark Cooley, Vice President of Security and Compliance, Involta.

It continues to follow AWS’s elevated relations with AWS as the AWS Partner Network’s Advanced Consulting partner and its Veeam Cloud and Service Provider (VCSP) status in the AWS Partner Network (APN). 

SolCyber raised $20 Million in Series A Funding Introduces Modern MSSP

SolCyber, introduced the new modern MSSP for the mid-market, enabling firms to prevent, monitor, and respond to cybersecurity attacks with its distinctive, innovative, curated and high-fidelity security strategy. ForgePoint Capital raised a $20 million Series A round of funding for the startup. SolCyber will use this capital to expand its technological solutions, create market awareness, drive client growth, and support an ambitious hiring strategy, led by an experienced team of cybersecurity and channel professionals.

Cybersecurity and ransomware cyberattacks like Colonial Pipeline and Kaseya REvil have shown that cybercriminals don’t discriminate depending on a company’s size. Attackers use the same advanced techniques regardless of the target, making it even more difficult for mid-market companies with limited resources and finances to maintain control. Unlike competing products, SolCyber improves a company’s security posture quickly, allowing it to tackle modern threats.

“We know it is hard for mid-sized organizations to stay secure. There are thousands of security technologies and hundreds of providers. Trying to figure out how to build the right security stack is tough and time consuming. With attacks being ever more sophisticated we want to help simplify the challenge of securing an organization. We founded SolCyber to help companies significantly increase the probability of stopping attackers well before they wreak havoc. SolCyber delivers a modern and secure MSSP for the mid-market, giving organizations not only the technology but the cybersecurity expertise to dramatically increase their security posture in an incredibly easy to consume model. We are thrilled to partner with ForgePoint and look forward to our next phase of growth,” stated Scott McCrady, CEO.

In today’s dynamic environment and pervasive threat landscape, companies are very  concerned about increasing their security posture. Through decades of conversations with customers, SolCyber recognizes that companies typically look for the top five things they can do to be more secure. However, it’s extremely difficult to navigate today’s array of cybersecurity vendors for the best combined solution for their environment, especially as attackers are becoming more sophisticated. SolCyber responds to this problem by offering security solutions as part of a high-value fundamental product. It offers an MSSP offering that includes a curated technology stack with endpoints having EDR capabilities, lateral movement detection, enhanced email security, active directory and admin exploitation protection. SolCyber makes it simple for businesses to grow their security.

Don Dixon, Managing Director, ForgePoint Capital said, “We are dedicated to investing in companies that protect the digital future. Over the years we’ve spoken with hundreds of cybersecurity companies and end users. And one thing remains the same, cybersecurity for the mid-market is confusing and expensive, and today’s MSSPs are not addressing these issues. This presents a huge opportunity for SolCyber. SolCyber, which was incubated at ForgePoint, is a user-friendly, cloud based MSSP that delivers powerful cybersecurity solutions which keep companies and their employees safe from malicious activity. We are thrilled to partner with Scott McCrady, David Emerson and the entire SolCyber team as they launch the next phase of the company’s growth.”