About Us

Index Engines Introduces CyberSense Dashboard

Index Engines’ CyberSense detects the most sophisticated attack vectors by scanning backup and snapshot data with over 200 content-based analytics and machine learning to identify corruption and the most recent good version of files and databases, enabling intelligent and rapid recovery to minimize downtime. There is no other product on the market that offers the same level of depth and breadth of analytics across files, databases, and core infrastructure.

Jim McGann, Vice President of Index Engines said, “Ransomware attacks are becoming more sophisticated and more challenging to recover from. In the ongoing battle against cybercriminals, organizations need to arm themselves with the most powerful and insightful capabilities on the market today.

Therefore, CyberSense stands alone in delivering full content analytics which will uncover even the most advanced data corruption along with a new powerful and intuitive post-attack dashboard which will allow customers to quickly recover from disruption and minimize business downtime.”

Index Engines introduced a new dashboard for its CyberSense security analytics product to provide intuitive post-attack forensic reports that provide insights into data corruption caused by a ransomware attack. The new CyberSense interface streamlines the user experience by providing detailed information about who, what, where, and when an attack occurs. If signs of an attack are discovered, analytics are provided to help cyber security specialists in the recovery process. High-level information on why machine learning generated an alert and the scope of the attack.

To streamline the recovery process, exportable analytics are required to scope and analyze attacks independently/on their own. In a single dashboard, pre-programmed and customizable reports are required to investigate the attack. Who was affected, and which servers were affected? How much harm was done?

Listing of corrupted files, as well as the last good version. Capability to analyze corrupted files to determine the user account and executable used to corrupt data. When did the corruption happen, and what backups should be recovered? Customers of CyberSense will be able to access this new interface in the third quarter of 2022, with the first release focusing on post-attack recovery.

Read more articles:

The benefits of cyber threat intelligence!

Intigriti Raised €21 Million to Help Ethical Hackers

Intigriti integrates over 15,000 ethical hackers from 130 countries with businesses to test and improve their security. Through continuous pen-testing, bug bounty, and asset monitoring solutions. Intigriti transforms traditional testing techniques into a more flexible and data-driven approach. This method represents the evolution of security testing and is better suited to today’s dynamic environment.

Intigriti has managed to grow by 650 per cent since its initial funding round in 2020, establishing itself as the European pioneer and the world’s fastest-growing crowdsourced security platform. Integriti has sealed the largest funding round for a crowdsourced security platform in Europe, raising €21,133,700 million in a Series B round. Octopus Ventures, one of Europe’s largest investors, led the round. EnBW New Ventures, based out of Germany, is also a participant in the round, as is ETF Partners, a previous investor and Intigriti’s largest shareholder. Intigriti’s sole financial adviser was Results.

Stijn Jans, CEO at Intigriti said, “We anticipate crowdsourced security to be a default career option for talented cybersecurity graduates by 2026, surpassing consultancy in popularity. While the remote working culture introduced new security risks, it also provided companies with the opportunity to work with international talent that was previously out of reach.”

Intigriti has released its ‘hybrid pentest’ offering to help with the transition from traditional consulting to the new way of working. Companies will be able to work with selected researchers in individual engagements within an agreed-upon timeframe but at a result-based rate, similar to bug bounty programs. The hybrid pentest, just like all Intigriti offerings, will include triage services, a critical in-house validation process that ensures clients only receive valid, unique, and in scope vulnerability reports. Penetration testers who tried out the new service earned more than €100,000 during a successful pilot phase that led to the release.

Holger Wagner, Investment Director at EnBW New Ventures, commented, “Critical infrastructures are subject to change in the context of digitalisation. Here we still see a lot of potential in the area of security solutions and their utilisation. Technology won’t be the only answer, it is a combination with the intelligence of the crowd.”

Remy de Tonnac, Partner, ETF partners stated, “Intigriti’s commitment to a more sustainable and secure world is incredibly inspiring and we’re proud to support the business on the next phase of this tremendous journey. As the team has demonstrated over the years, ethical hackers are the future. This large and talented pool of cyber experts is perfectly positioned to address the needs of a sustainable economy by future-proofing critical sectors such as smart cities, IoT systems, smart grids, autonomous vehicles, and the sharing economy.”

Paul Davidson, Investor at Octopus Ventures stated, “Cybersecurity companies can create a certain level of automation, but human intelligence still ranks ahead when it comes to identifying security threats. Intigriti has developed a differentiated platform proposition that enables the brightest minds in security to detect the broadest and most critical set of risks. We believe this team can drive this fast-growing category forward with their modern and data-compliant approach.”

Read more news:

BreachBits Launches BreachRisk, a New Cyber Risk Scoring Standard

Trend Micro Introduces a New Security Platform

Immersive Labs Acquires Snap Labs To Improve Cyber Simulations With New Depth And Realism

Immersive Labs, the firm empowering enterprises to constantly monitor and optimise their whole workforce’s cyber capabilities, announced the acquisition of Snap Labs. The deal gives enterprises seeking to enhance their cyber knowledge, skills, and decisions, allowing them to create multi-player simulations tailored to certain situations and roles.

The acquisition emphasizes the importance of developing human capabilities that represent the unique characteristics of each firm, from executive to technical teams. Cyber risk is effectively mitigated by gaining cyber knowledge, skills, and judgement customized to individual elements such as technical environments and regulatory requirements.

Clients will be able to run labs and cyber crisis practices in a cloud-based replica of their own business with specific vendors using the newly integrated platform. This also gives technical teams the chance to collaborate in a large virtual environment as part of larger exercises including executive decision-makers.

When combined with the rest of the Immersive Labs platform, enterprises will be able to build a continuous cycle of human cyber capacity improvement. The cyber knowledge, skills, and judgement of the entire staff can keep pace with risk, empowering them to be employed strategically for the first time, with frequent exercising and evidencing against internal and anonymised peer benchmark data.

“From day one we have believed in the power of immersive experiences. Whether you are a CEO wrestling with the wicked problems of a cyber crisis exercise or a malware analyst decompiling the latest APT, nothing is better for building and evidencing cyber knowledge, skills and judgement,” said James Hadley, CEO of Immersive Labs.   

“The acquisition of Snap Labs doubles down on this, allowing customers to build better cyber workforces with richly detailed realistic experiences pinpointed to the risk they face. We welcome the team to Immersive Labs and look forward to building on our joint vision together.”  

Chris Myers, Co-Founder, said, “Snap Labs has always strived to provide the most realistic environments and training experiences for cybersecurity teams. Immersive Labs’ vision to build cyber knowledge, skills, and judgement across the entire workforce is remarkably aligned with our own, and we’re extremely excited to bring our technology into their platform. The two platforms are a natural fit, and by combining them we hope to help our customers build even more resilience against cyber threats.” 

Huntsman Security Introduced SmartCheck for Ransomware

Huntsman Security introduced new solution SmartCheck for Ransomware, an automated, on-demand diagnostic application developed to analyse the risk of a ransomware outbreak. The application captures data directly from security activities in order to report on an organization’s security posture in comparison to a set of security measures. These measures are similar to those recently recommended by the UK National Cyber Security Centre (NCSC) and the US National Institute of Science and Technology (NIST), and will provide users with assurance that they are adhering to known cyber security best practice.

SmartCheck for Ransomware tests an organization’s ransomware readiness quickly and effectively, providing a numeric score for each of the 12 security controls. As a result, companies can findout their risk exposure and modify any security policies that are needed to enhance their security posture and ransomware preparation. At the same time, the verifiable report gives higher security trust levels to third parties, such as insurers or potential partners, at a time when supply chain security is a big issue.

“To protect against ransomware and effectively manage their security risks, it is vital that senior executives have clear visibility of their cyber posture. This goes beyond annual audits to having the relevant information available whenever the organisation needs it – whether to modify security settings to improve readiness; or to verify their posture to partners or insurers. By making assessments automated and in line with established best practice, we have given organisations access to reliable security information that they can use with confidence to improve their risk management processes,” said Peter Woollacott, CEO, Huntsman Security.

SmartCheck for Ransomware is developed with much the same precision and reliability as Huntsman Security’s other defence-grade SIEM and Scorecard products, and is meant to be simple to install and use. It assesses the effectiveness of important cyber-attack prevention, containment, and restoration mitigation tactics across the course of a cyber-attack.

“As the threat of ransomware grows everywhere, organisations need to regularly assess their state of readiness. With insurers such as AIG tightening terms and raising premiums in response to the ransomware threat, organisations that can’t demonstrate adequate security precautions will find insurance terms increasingly difficult to negotiate. At the same time, organisations need to take steps to ensure that ransomware will not disrupt their operations or those of their supply chains – making assessing partners’ security posture just as important as assessing their own. Updating ransomware risk management efforts to include SmartCheck for Ransomware to better address their ever changing risk environment will put organisations in a much better position to combat the threat of ransomware,” said Woollacott.

Confluera Introduces Cloud eXtended Detection and Response solution

Confluera, the leading provider of next-generation cloud detection and response, has launched Cloud eXtended Detection and Response (CxDR) solution to secure cloud-native systems from new threats. Confluera CxDR is a SaaS-based next-generation detection and response solution that is specifically designed to address the new advanced threats that exist in the cloud.‍

Threat detection, threat analytics and cloud security all are part of the company’s CxDR solution, which brings together the finest security features from the otherwise silo-ed category of solutions. Confluera’s verified signal analytics from numerous sources, such as APIs, third-party intelligence and Confluera’s patented real-time threat storyboarding capability, are all part of the tiered solution. Confluera CxDR decreases the time to detect and mitigate advanced cyberattacks from months to hours, decreasing the requirement for highly experienced cyber security professional.

“Navigating the modern threat landscape requires a modern approach to cloud security. With rapid detection and response built on cloud-native architecture, Confluera gives us confidence that we can mitigate cyberattacks before they can do any harm,” said Jack Roehrig, Chief Information Security Officer at Turnitin.

“Despite the recent innovations in the detection and response industry, organizations continue to play catch up to protect themselves against modern cloud cyberthreats. With Confluera CxDR, we are evolving cloud security beyond other solutions today, providing organizations the intelligence, accuracy and context – all in real-time – to stop threats,” said John Morgan, CEO of Confluera.

“The cybersecurity market has evolved in a very siloed manner and threat detection functions have often been pushed out to the edge of the network mimicking legacy perimeter security models. Recent detection and response categories offer enhanced capabilities but continue to evolve isolated from other solutions. This is where CxDR comes into play. By providing extended detection and response in the cloud, enterprises seeking cyber-attack mitigation will now have the ability to quickly and accurately detect modern cloud cyberattacks. Confluera is leading the charge in this market, allowing their customers to have sufficient time, and forewarning to keep attacks at bay within the cloud,” said Chris Steffen, Research Director, EMA.

GBA introduced Subsidiary for Cyber Supply Chain Threat Mitigation

GBA Sentinel, a wholly-owned subsidiary of the Global Business Alliance (GBA), is launched to assist global enterprises in promptly identifying and addressing potential supply chain and cyber risks.

“Given the scale of threat vectors, combined with the velocity of recent regulatory activity, international companies in the U.S. want to lead the way in safeguarding critical governmental systems and services. GBA Sentinel will give global companies access to the cutting-edge tools they need to efficiently audit and monitor their supply chains and digital assets. We believe this initiative will help rapidly advance our nation’s effort to prevent future attacks and underscores how seriously world-class companies take protecting America’s supply chains,” said Nancy McLernon, president and CEO of GBA.

International corporations understand how critical it is for the private sector to collaborate with federal agencies in order to maintain a safer environment. Global firms can access Fortress Information Security’s industry-leading supply chain risk management compliance solutions through GBA Sentinel. Fortress provides actionable risk insights on the supply chain ecosystem of assets and vendors, allowing businesses to intelligently mitigate cybersecurity risks while maintaining regulatory compliance.

“Understanding new supply chain security requirements and regulations can be time consuming and costly without partners that grasp both the threat and regulatory environment and have done this at scale in U.S. critical infrastructure. By partnering with GBA Sentinel, we are helping to proactively address many of the pain points GBA members will face in navigating this complex and evolving regulatory and cyber threat landscape,” said Peter Kassabov, executive chairman and cofounder of Fortress Information Security.

The Fortress now protects critical infrastructure supply chains for more than 40% of the US power grid and collaborates closely with key federal agencies to improve supply chain cyber resilience.

The Global Business Alliance, which represents 200 of the world’s largest foreign corporations operating in the United States, is launching this effort for the first time.

Bitdefender and ThreatQuotient have teamed up to improve Threat Detection capabilities through Shared Intelligence

Bitdefender, a leading cybersecurity company, announced a strategic partnership agreement with ThreatQuotient, a leading security operations platform innovation, to integrate Bitdefender Advanced Threat Intelligence with the ThreatQ™ Platform. ThreatQuotient customers, such as enterprises with a security operation centre (SOC), managed security service providers (MSSPs), and managed detection and response (MDR) providers, will benefit from the partnership because it will give them greater visibility across the global threat landscape, allowing for more accurate detection and faster response to threats.

“The proprietary real-time threat intelligence provided by Bitdefender strengthens our clients’ ability to accurately detect, assess and validate emerging threats so they can take faster actions to eliminate them from environments. Bitdefender is recognized globally for having best-in-class threat intelligence and threat detection capabilities validated by MITRE and other leading independent testing organizations. ThreatQ customers will have contextualized insights on advanced persistent threats (APTs), malicious email campaigns and other dangers under one centralized view to quickly assess, validate and respond. Our collaboration has proved invaluable to our customers by increasing visibility into malicious campaigns as threat frequency and sophistication continues to rise,” said Jonathan Couch, senior vice president, strategy at ThreatQuotient.

Bitdefender’s threat intelligence feeds, such as file hashes, IP addresses, and domains connected with advanced persistent threats (APTs); malware domains; IP addresses associated with attacker command and control (C&C) servers and phishing campaigns, all are integrated with ThreatQuotient’s ThreatQ™  Platform. These feeds are incorporated into the ThreatQ platform by security teams based on unique threat detection needs, thanks to easy-to-use and  integration. All of the newest threat updates are delivered to SOCs and internal security teams without the need to modify configurations or build new software code.

“Our collaboration with ThreatQuotient helps organizations become more cyber resilient as methods for evading detection become increasingly advanced. Threat intelligence platforms like ThreatQ greatly improves detection capabilities and situational awareness across the entire operation while prioritizing SOC activities based on threat risk and potential impact,” said Andrei Florescu, vice president of product management, Bitdefender Business Solutions Group

Insider Threat Management – An Overview

An insider threat occurs when employees, vendors, or business associates who have access to an organization’s information, network, or premises use that access intentionally or unintentionally to compromise the security and perform malicious activities like theft, fraud and damaging systems.

Types of Insider Threats are –

  • Malicious Insider – A malicious insider is an employee who intentionally steals information for monetary or personal gain. Since they are very well acquainted with the company’s security policies and procedures, they have an advantage over other attackers.
  • Negligent Insider – Insiders do not want to put the company at risk, but they do so unintentionally by acting recklessly. An employee who does not adhere to IT security policies or make mistakes due to poor judgement. e.g., an administrator who does not install a security patch.
  • Compromised Insider – An employee whose computer is infected with malware is a typical example of a compromised insider. This usually occurs as a result of phishing scams or clicking on links that lead to malware downloads.

Some Key Features of Insider Threat Management Solutions are –

  • Privileged Access Management (PAM) – ITM solution determines who has access to systems and applications at any given time. PAM apps can do this by creating and deleting user identities. It employs password vaulting, encryption techniques and access control for mission-critical technologies and applications. For password and data sharing PAM uses encryption which is a secure way of communication and it prevents attackers from reading data. A compromised credential is at the heart of the majority of security breaches. As a result, Privileged Access Management (PAM) is an essential component of ITM (Insider Threat Management) solution.
  • User Activity Monitoring with Big Data Analysis – Security threats have increased and become more complex as work-from-home and remote-work activities have expanded. As a result of remote work, security priorities have shifted, and security protocols have been changed. Insider security management tools create models of user behaviour and assign risk scores. Creating behavioural baselines based on various factors like timing of activity, data accessed and actively learning what is acceptable behaviour is the most effective way to detect insider threats without producing a large number of false-positive warnings. To detect privilege misuse, sophisticated machine learning models and data science is used to track and analyse vast quantities of data from a variety of sources. This helps in the detection of multiple attacks spanning multiple alarms, allowing for rapid detection and response.
  • Investigation and Threat Mitigation – In case an intruder breaches the perimeter and gains access to the organization’s network, security teams can search for multiple compromised credentials or abuse indicators to confirm the threat. ITM’s machine learning is used by security teams to generate security-relevant signals. These techniques will help in visibility and detailed forensic analysis.

A successful Insider Threat Management solution requires an understanding of what organization values and what could potentially harm or threaten those assets. A complete understanding of an organization’s assets allows for proper coordination and risk management. A tried-and-true ITM solution starts with figuring out where an organization’s properties are kept and who has access to them. This allows for a more comprehensive classification of each asset’s risk and the implementation of risk-based mitigation strategies.