About Us

Check Point Infinity Spark safeguards SMBs against security threats 

Check Point Infinity Spark is a threat prevention solution that provides AI security and integrated connectivity to small and medium-sized businesses (SMBs). Infinity Spark provides enterprise-grade security for networks, email, the office, endpoints, and mobile devices. It protects SMBs against advanced threats such as phishing, ransomware, credential theft, and DNS attacks, with a malware detection rate of 99.7%. 

Pete Finalle, Security Research Manager at IDC stated, “Hybrid work has complicated SMB security and created demand for a simplified and consolidated security platform. Check Point Software offers a unique comprehensive security suite specifically built to enable SMBs and MSSPs to protect networks, devices, and applications against cyber-attacks, while reducing the complexity of deployment and management. The Infinity Spark security suite is designed to provide SMBs with a simple, affordable, and integrated security solution right out of the box. This solution spans network, cloud, mobile and endpoint security, including advanced threat prevention to make it easy to protect SMBs from security risks.” 

The Check Point Infinity Spark suite includes the following features: 

  • Threat Prevention: Check Point Infinity Spark protects SMBs against phishing, ransomware, credential theft, and DNS attacks with a 99.7% prevention catch rate. 
  • All-in-one SMB Security Suite of Enterprise Grade: Small and medium-sized businesses (SMBs) are struggling to properly secure their critical assets, making them a growing target for cybercriminals. Designed to protect small and medium-sized businesses (SMBs) across the network, mobile, endpoint, email, and office. 
  • Next-Generation Quantum Spark SMB Firewalls: Check Point’s Quantum Spark 1500 Pro Series gateway with integrated artificial intelligence security, 5G, SD-WAN, and Wi-Fi 6 are featured in Infinity Spark. Point of Contact Quantum Spark Pro provides three times faster Wi-Fi, a high-speed 1 Gbps WAN connection with 5G, and integrated SD-WAN for improved application performance and uptime. 

Emiel Harbers, CTO at Harbers ICT commented, “Infinity Spark is a great and affordable way to offer end-to-end security for our small and midsized business customers. It provides complete protection for their employees both in and outside of the office. We have seen a significant reduction in our operational overhead with Check Point’s unified management console.” 

N-able Managed EDR streamlines threat event investigation 

N-able introduced N-able Managed Endpoint Detection and Response (Managed EDR), a threat monitoring, hunting, and response service designed for managed service providers (MSPs) who have standardized on N-able Endpoint Detection and Response (EDR). 

Managed EDR augments EDR by providing dedicated managed security services. Managed EDR, powered by SentinelOne Vigilance Respond, uses SentinelOne’s 24×7 security operations center (SOC) and Vigilance security experts to monitor, review, and respond to every product-identified threat that puts your network at risk. 

Troels Rasmussen, GM of security products at N-able stated, “We are delighted to continue building our relationship with SentinelOne; we recognize how much our partners value important world-class cybersecurity solutions, and the ability to overcome the day-to-day challenges they face to keep themselves and their customer endpoints secure. 

Managed EDR can help bridge the current security skills gap we are facing, providing elite security experts as an extension to an existing security team. It also provides global, 24×7 peace of mind by offloading day-to-day operations, allowing teams to focus on more strategic initiatives. Whether you have a well-established SOC in place or you are looking to expand your security practice, enlisting the help of SentinelOne’s security experts can help you meet your specific security and business needs.” 

For MSPs that have standardized on EDR, N-able’s Managed EDR functions as an extension of their IT or SOC teams, with security analysts available 24/7/365, allowing them to refocus time and resources on higher-value initiatives. 

The industry is facing challenges, such as historically high labor shortages. According to the (ISC)2 2022 Cybersecurity Workforce Study, the global security workforce gap has grown by 26%, with 3.4 million more people required to effectively secure businesses. 

Building an internal security team can be difficult: finding staff, paying for staff, and providing 24-7 coverage are all challenges. The introduction of Managed EDR enables N-able partners to scale their security operations, which are supported by an enterprise grade SOC, while supplementing their current security team with native EDR technology and expertise to help navigate the challenges of hiring and retaining talent. 

This enables MSPs to reduce time-consuming staff efforts and divert the costs of developing a new technology stack, while also providing the opportunity to add net new capabilities, such as revenue from advanced security services. 

Schneider Electric collaborates with BitSight 

Schneider Electric, a global leader in digital transformation of energy management and automation, has announced a collaboration with BitSight, a leading provider of security ratings, to enhance its operational technology (OT) exposure detection capabilities. The partnership will allow Schneider Electric to leverage BitSight’s real-time threat intelligence, risk management and analytics platform to identify and mitigate potential vulnerabilities in its industrial control systems. 

OT systems are responsible for controlling critical infrastructure such as power plants, water treatment facilities, and manufacturing sites. They play a crucial role in the functioning of these facilities, but their exposure to cyber threats can have severe consequences. 

The collaboration will allow Schneider Electric to use BitSight’s platform to continuously monitor and analyze the security posture of its industrial control systems and identify any potential vulnerabilities. The platform will also provide Schneider Electric with real-time threat intelligence that will help the company proactively defend against known and emerging cyber threats. 

“We are excited to collaborate with BitSight to enhance our OT exposure detection capabilities,” said Jean-Pascal Tricoire, Chairman and CEO of Schneider Electric. “By leveraging BitSight’s real-time threat intelligence and analytics platform, we will be able to better protect our customers’ critical infrastructure and ensure the continuity of their operations.” 

As part of the collaboration, Schneider Electric will also have access to BitSight’s security ratings service, which will provide the company with a detailed understanding of the cybersecurity performance of its suppliers and partners. This will help Schneider Electric to identify potential vulnerabilities and take action to mitigate them. 

“Schneider Electric is a leader in the digital transformation of energy management and automation, and we are honored to collaborate with them to enhance their OT exposure detection capabilities,” said Stephen Boyer, Co-Founder and CTO of BitSight. “By providing them with real-time threat intelligence, we will help ensure the continuity of their operations and the protection of their customers’ critical infrastructure.” 

The collaboration will help Schneider Electric to improve the security of its industrial control systems and better protect its customers’ critical infrastructure from cyber threats. It highlights the growing importance of cybersecurity in the industrial sector and the need for companies to continuously monitor and analyze their systems for potential vulnerabilities. 

Christophe Blassiau, SVP, Cybersecurity & Global CISO at Schneider Electric stated, “With the enriched data and insight collected by BitSight, Schneider Electric is developing an OT threat intelligence capability to notify and work with customers who have exposed assets or insecure Internet facing deployments.” 

Trustwave Announces Enterprise Pen Testing for Global Threat Prevention! 

Trustwave  launched its new Enterprise Pen Testing (EPT) offering. It has been created to meet the complex testing needs of large organizations with an extensive breadth and depth of vulnerability identification, the ability to deliver scaled programs of work, and extremely competitive pricing. 

“With over two decades of global industry leadership in vulnerability research and findings, we thoroughly understand the threat landscape of known, unknown, and emerging threats,” said Nick Ellsmore, SVP of Worldwide Consulting and Professional Services at Trustwave. “Our proven methodologies performed in accordance with industry standards, allow us to find even the most difficult vulnerabilities and provide a world-class testing solution to global enterprises.” 

Ad-hoc testing can provide valuable point-in-time insights but having a security testing program in place offers a more comprehensive perspective of corporate risk over time. Additionally, clients who have a dedicated TAM have a professional to consult with as they examine findings, create corrective action plans, and oversee ongoing validation testing. 

The Enterprise Penetration Testing service from Trustwave is created to satisfy client needs. 

Regulatory: Businesses that must comply with regulations (such PCI DSS, CPS234, and MAS) and the financial services industry need ongoing, unbiased third-party testing services. With a professional TAM guide, Trustwave delivers extensive work plans and streamlines the management of testing programs. 

Affordability and Flexibility: Because of its global reach, Trustwave can provide clients with “best-shore” delivery by combining on-, near-, and offshore delivery models. This makes it possible for Trustwave to offer the organization the best pentesting at value-based pricing. 

Scale: Trustwave is a global provider with the scale and availability of testers required to perform tests, delivered with the range and depth of pentesting skills accessible, given the international nature of EPT clients. 

High Quality: Trustwave’s holistic method uncovers the potential commercial enterprise impact, similarly to the distinct technical findings. Trustwave allows customers efficiently prioritize and observe remediation movements and is one of simplest a handful of Global CREST licensed businesses capable of do this. 

Read More : LookingGlass Suite For Cyber & Threat Intelligence

Commvault launched Metallic ThreatWise

Commvault  launched Metallic ThreatWise, an early warning system that proactively surfaces unknown and zero-day threats to minimize compromised data and business impact. According to Enterprise Strategy Group, only 12% of the IT directors polled expressed confidence in having the necessary tools and location-neutral security to equally secure data both on-premises and in the cloud. 

Jon Oltsik, Senior Principal Analyst and Fellow at Enterprise Strategy Group stated, “In surveying enterprise IT directors with direct knowledge and influence on their company’s data security strategies, the results we found were eye-opening. It is very clear that many IT teams do not have adequate tools in place to detect ransomware attacks on production environments early enough in the attack chain to neutralize stealthy cyber-attacks before they cause harm. Ransomware has revolved around encryption for a long time, but newer extortion techniques like exfiltration go beyond rapidly spreading malware, and data recovery alone cannot help if sensitive business data is leaked to the Dark Web.” 

ThreatWise from Commvault adds an early warning system that no other vendor in this market offers, further defining data security. It employs decoys to foresee threats in production environments, lure malicious actors into using fake resources and equip businesses with tools to protect data. In addition, Commvault is expanding the capabilities of its wider platform, which is already available, in terms of machine learning, critical threat detection, and security. 

Ranga Rajagopalan, Senior Vice President, Products, Commvault commented, “Data recovery is important, but alone it’s not enough. Just a few hours with an undetected bad actor in your systems can be catastrophic. By integrating ThreatWise into the Metallic SaaS portfolio, we provide customers with a proactive, early warning system that bolsters their zero-loss strategy by intercepting a threat before it impacts your business.” 

ThreatQuotient introduces New ThreatQ TDR Orchestrator Features!

ThreatQuotient announced a new version of ThreatQ TDR Orchestrator, which is known to be the industry’s first solution for a simplified, data-driven approach to security operations. The expanded automation, analysis, and reporting capabilities of ThreatQ TDR Orchestrator speed up threat detection and response across several platforms. 

Leon Ward, Vice President of Product Management at ThreatQuotient stated that “Leveraging automation to do the heavy lifting and cut through the noise is vital to helping cybersecurity teams thrive under pressure. ThreatQuotient continues to innovate in a way that drives meaningful operational benefits to customers. Many process-based SOAR platforms are designed such that only security engineers and analysts have the skills necessary to use them directly; making these traditional platforms hard to implement and maintain which drives higher costs over time. This ThreatQ TDR Orchestrator release reinforces the need for no-code solutions that empower operators to adapt to dynamic threat landscapes faster and focus their energy on security operations workflows that provide critical business context.” 

ThreatQuotient’s most recent study, whose complete release is scheduled for later in 2022, reveals indications that security automation adoption is progressing as 98% of businesses increase their budgets in this area. The study also shows that firms are more confident in automation itself, with over 88% of businesses expressing some level of confidence in the results of automation, up from only 59% the year before. However, 98% of respondents claim that implementation issues plagued them. ThreatQuotient has prioritized the development of ThreatQ TDR Orchestrator to enable more effective operations that can be directly measured by time savings and FTEs gained, improved risk management, and easier-to-use security automation solutions that are less expensive than traditional automation tools and learn over time. 

The latest version of ThreatQ TDR Orchestrator provides the following benefits: 

  1. Prioritize automation on the most important events/alerts 
  1. Playbooks are easier to maintain  
  1. Less training is required upfront  

Secureworks partners with Netskope and SCADAfence

Secureworks has announced that it will expand its alliances program into new solution areas. Threats are moving into crucial production environments and the service edge, so detection tools must advance as well. Through two new partners, Netskope and SCADAfence, Secureworks expands the scope of potential security vulnerabilities addressed by Secureworks Taegis XDR to include Secure Access Service Edge (SASE), Operational Technology (OT), and Industrial Control Systems (ICS). Better detection with a higher value is now more accessible to organizations than ever. 

Chris Bell of Secureworks commented, “We’re bringing together the best-of-breed detection and response capabilities across domains where we see the threat landscape most exposed to adversary attacks. As part of our mission to help secure human progress, we will continue to forge new alliances that can deliver technology innovation while incorporating new threat intelligence into the methods and intentions of the adversary.” 

Secureworks is focusing on Secureworks Taegis as a unifying XDR platform by announcing two new and rapidly expanding partnerships across new alliance domains. Taegis’ broad integration capabilities offer the best detection and quickest response times without vendor lock-in, and continuously expanding open technology makes it simple for customers to integrate with Taegis. 

As a pioneer in the Secure Access Service Edge (SASE) framework for converged networking and security, Netskope has developed a distinctive method for safeguarding data and people across devices and applications, inside and outside the conventional company network. Customers will be able to conduct all investigations and apply detectors using Secureworks Taegis thanks to the integration between Netskope and Secureworks, allowing for a more comprehensive view of threats and business risks and opening cyber environments to the edge. 

Secureworks extends Taegis XDR into the industrial environment in collaboration with SCADAfence, bringing OT intelligence into a unified view with all other security telemetries across the IT landscape. Security analysts now have more context about the threats they are looking into thanks to SCADAfence’s extension of market-leading insights, awareness, and asset discovery into a truly open XDR platform. 

Avast Introduces a New Ransomware Shield for Businesses!

Avast, a market leader in digital security and privacy, today introduces a new ransomware shield for companies, giving businesses an additional layer of defense against ransomware assaults. This will guarantee that organizations can secure their most vital documents and, most importantly, client data, with proactive protection that bars illegal access. As part of the Avast Essential, Premium, and Ultimate Business Security packages for businesses using Windows and MacOS, the new feature is now accessible and free of charge. 

Filip Hlinka, VP of Product, Avast Business, stated that “Small businesses are facing a growing threat from ransomware, with cybercriminals increasingly targeting smaller organizations to encrypt crucial business data and disrupt operations. The results can be devastating for small businesses that lack the financial and technical resources to rebound from such attacks. Avast’s antivirus has always offered consumers and business users powerful protection against cyber threats including ransomware, and Ransomware Shield offers a purpose-built, additional layer of protection which helps to secure businesses’ most crucial files against these highly damaging attacks.” 

While Web Shield, File Shield, and Behavior Shield, which are currently available to Avast clients, provide ransomware protection, Ransomware Shield complements these features to offer multi-layered security, guaranteeing businesses can continue to access their systems and data without interruption. For Ransomware Shield to function, files and folders must be protected from being changed, destroyed, or encrypted by unidentified apps. The most sensitive and vital information held by businesses is further protected by the ability of users to decide which programs have access to their files. Moreover, users have the option to modify the policy’s list of protected files and folders in the Avast Business Hub, where the new feature is immediately enabled by default. 

Read More : ActZero Announces the Release of Blueprint for Ransomware Defense

Anomali announced new updates to its Platform

Anomali announced quarterly updates to its platform to strengthen its customers and partners in profiling adversaries. The update enhances Anomali’s threat intelligence and extended detection and response (XDR) capabilities with new features, allowing enterprise organizations to stay one step ahead of adversaries and avoid business disruptions while optimizing security expenses. 

Anomali has been working on incorporating attack flows into The Anomali Platform. This release pushes the platform closer to an Attack Flow Library for Anomali ThreatStream, which will serve as a gateway for new Attack Flows that sequence cyberattack techniques. This capability will add new context to adversary behavior and assist security teams in profiling the adversary. It will also allow them to better protect the organization prior to an attack, detect an attack in real-time, and respond post-attack. 

Mark Alba, Chief Product Officer at Anomali stated, “Anomali’s August release offers new capabilities and enhancements for security operations teams struggling to identify not only who’s targeting them, but how and why they are being targeted.” 

CISOs and security professionals can leverage this predictive visual mapping to align attacks with potential gaps in their security posture in order to get ahead of the threat. In the macroeconomic environment, customers are looking for capabilities that will increase the impact of their existing investments. The new extensible framework to the platform will enable the automation of routine tasks. The first implementation in this release is available to automate enrichments in the investigation’s workbench. A drag-and-drop process for configuring a multi-stage enrichment task can be easily set up and run as needed, saving analysts time performing repetitive tasks. 

  • This platform release also includes support for MITRE ATT&CK Mobile & ICS: intelligence aggregation, contextualization, and analysis for Mobile and ICS attack surfaces to strengthen overall security posture.  
  • MITRE ATT&CK Enterprise v11 in Anomali Lens Scheduled retrospective search Aids the SOC in automating the correlation of historical events with newly available intelligence in order to generate reports and learn about other adversary behavior, threat actors, and TTPs. This allows CISOs to detect real-time threats in their local IT environment. 

Jon Oltsik, Senior Principal Analyst and Fellow, ESG Research stated, “ESG research found that 97% of security professionals believe that MITRE ATT&CK is important to their organization’s security operations strategy. Anomali’s commitment to integrating the MITRE ATT&CK Framework into its solutions and participating in the MITRE Engenuity Center for Threat Informed Defense can help security teams adopt the framework and better understand cyber adversaries.” 

SECURITY ANALYTICS

 

Security analytics is a method of threat detection and security monitoring that employs data collecting, aggregation, and analysis technologies. Security analytics technologies enable organizations to evaluate security events to discover possible attacks before they have a detrimental impact on the company’s infrastructure and bottom line.

To detect, evaluate, and mitigate internal risks, as well as persistent cyberthreats and targeted attacks from external bad actors, security analytics integrates big data skills with threat intelligence.

Cybersecurity analytics are significant because they allow IT, security teams to take control of cybersecurity monitoring. Security analytics can help your organization get insight across its whole IT ecosystem, enabling faster threat detection and the automation of more manual security activities.

The Role of Security Analytics

Security analytics is a developing field with a lot of potential for enterprises that want to remain on top of vulnerabilities and stay one step ahead of cybercriminals.

A number of factors are driving the expansion of security analytics, including:

Transitioning from protection to detection: Hackers deploy a variety of attack strategies to exploit numerous vulnerabilities. For months, certain risks can go undiscovered. Security analytics systems can monitor common threat trends and send notifications when anomalies are identified.

A unified perspective of the enterprise: Security analytics organizes data in such a way that it can be viewed in real-time as well as in the past. This enables smarter planning, faster resolution, and better decision-making by providing a unified view of risks and security breaches from a central console.

Seeing outcomes and getting a return on investment: IT teams are under increasing pressure to convey their findings to senior management and stakeholders. Security analytics enables analysts to quickly identify risks and respond to security breaches by providing time-to-resolution metrics and fewer false positives.

 

BENEFITS OF SECURITY ANALYTICS

Organizations benefit from security analytics technologies in numerous ways:

1. Early detection and response to security incidents. To detect threats or security issues in real-time, security analytics solutions analyze data from a variety of sources, connecting the dots between various events and alerts. The security analytics software does this by analyzing log data, combining it with data from other sources, and identifying correlations between events.

2. Adherence to regulatory standards. Compliance with government and industry laws is a primary motivation for security analytics technologies. Security analysis tools integrate a wide range of data types to give companies a single, unified view of all data events across devices, as required by regulations like HIPAA and PCI-DSS.

3. Improved forensics capabilities. For performing forensic investigations into occurrences, security analytics technologies are extremely useful. Security analytics tools can reveal the source of an attack, how a compromise occurred, what resources were affected, what data was lost, and more, as well as a timeline for the incident. Being able to recreate and analyze an incident might assist to inform and enhance organizational defenses in the future, ensuring that similar incidents do not occur.

Uses of SECURITY ANALYTICS

From boosting data visibility and threat detection to network traffic analysis and user behavior tracking, security analytics offers a wide range of applications. The following are some of the most common security analytics use cases:

  • Employee monitoring
  • Detecting data exfiltration by attackers
  • Detecting insider threats
  • Identifying compromised accounts

Above all, through the correlation of actions and alarms, security analytics aims to turn raw data from various sources into actionable insights in order to identify situations that require prompt attention. Security analytics technologies do this by adding a critical filter to the massive amounts of data provided by people, apps, networks, and other security solutions.