About Us

FireMon launched FireMon Policy Analyzer 

FireMon launched FireMon Policy Analyzer, a free firewall assessment tool. It offers organizations a detailed diagnostic report outlining the health of a firewall policy, complete with best practices and recommendations to strengthen their security posture. 

Jody Brazil, CEO of FireMon stated, “The potential for misconfiguring a firewall in a rapidly expanding organizational environment poses real risk to organizations today. Understanding firewall policy security posture and minimizing the potential for human errors when it comes to setting up and managing this complexity cannot be overstated. 

The financial and reputational repercussions of a firewall compromise can potentially result in fines, lost revenues, lawsuits, and long-term damage to the health of the business. Visibility is key to identifying and addressing weaknesses in firewalls and other network security elements. With FireMon Policy Analyzer we provide organizations with an intuitive, powerful and insightful free tool to strengthen their operational environment almost immediately.” 

According to Gartner, configuration mistakes are to blame for 99% of firewall and cloud security failures. Misconfigurations, particularly with regard to a company’s firewalls, are a well-documented cause of the widening cybersecurity gap. Small configuration errors and out-of-date rules can quickly accumulate, making it difficult to manage traditional rules-based firewall setups effectively as environments grow. If these errors are not found and fixed, they can lead to catastrophic network vulnerabilities. 

Organizations can reduce security risks brought on by improperly managed firewall policies by using FireMon Policy Analyzer, which gives security teams a potent tool without the need for setup, installation, or specialized hardware. For typical firewall configurations, Policy Analyzer safely collects the necessary configuration data from a firewall, analyzes the firewall policy, and provides security posture results in seconds. 

Action1 Partnered With Brigantia To Provide Real-Time Visibility And Security Risk Mitigation

Action1 Corporation, the provider of the simple and secure remote monitoring and management (RMM) cloud platform has announced a partnership with Brigantia.  Through enhanced remote IT administration, the alliance will enable local managed service providers (MSPs) to improve their business performance by assuring secure and efficient operations for their clients.

Brigantia is a managed services channel distributor that offers a full suite of cybersecurity solutions, as well as secure, enterprise-class data communications and cloud services. Brigantia is based in Ripon, North Yorkshire, and works with hundreds of channel partners throughout the United Kingdom and Ireland. Brigantia can now address local MSP demand for a modern, secure, and easy-to-use cloud RMM solution with the addition of Action1 RMM to its portfolio.

“Brigantia take great pride in helping next-generation vendors break into the UK and Ireland MSP channel markets, and Action1 RMM is a true disruptor in what has been a rather stale RMM space,” said Angus Shaw, Sales Director at Brigantia. “This cloud-based platform enables MSPs to mitigate security risks for their clients, manage their endpoints, comply with security standards, and support users — from anywhere. It is an exciting addition to our portfolio in a space that is crying out for innovation, and we are looking forward to introducing Action1 RMM to our channel community throughout 2022 and beyond.”

“We are excited to expand our distribution footprint in the UK with such a strong market player as Brigantia,” said Alex Vovk, CEO and co-founder of Action1. “This partnership will help meet market demand for a modern cloud-based RMM solution that empowers IT service providers to effectively secure and support today’s hybrid workforces.”

Sophos Acquires Braintrace to enhance Adaptive Cybersecurity Ecosystem with Braintrace’s Network Detection and Response (NDR) Technology

Sophos, a worldwide leader in next-generation cybersecurity, announced the acquisition of Braintrace, which will add Braintrace’s unique Network Detection and Response (NDR) technology to Sophos’ Adaptive Cybersecurity Ecosystem. Eliminating the need for Man-in-the-Middle (MitM) decryption, Braintrace’s NDR enables comprehensive visibility into network traffic patterns, including encrypted communication. 

Braintrace’s developers, data scientists, and security analysts have joined Sophos’ global Managed Threat Response (MTR) and Rapid Response teams as part of the acquisition. With over 5,000 active clients, Sophos’ MTR and Rapid Response services market has grown quickly, making it one of the world’s largest and rapidly-growing MDR suppliers.

Through integration into the Adaptive Cybersecurity Ecosystem, which supports all Sophos products and services, Braintrace’s NDR technology will help Sophos’ MTR and Rapid Response analysts, as well as Extended Detection and Response (XDR) clients. The Braintrace technology will also be used to capture and forward third-party event data from firewalls, proxies, VPNs, and other sources. Threat identification, threat hunting, and responding to suspicious activity all will benefit from these added layers of visibility and event ingestion.

“You can’t protect what you don’t know is there, and businesses of all sizes often miscalculate their assets and attack surface, both on-premises and in the cloud. Attackers take advantage of this, often going after weakly protected assets as a means of initial access. Defenders benefit from an ‘air traffic control system’ that sees all network activity, reveals unknown and unprotected assets, and exposes evasive malware more reliably than Intrusion Protection Systems (IPS). We’re particularly excited that Braintrace built this technology specifically to provide better security outcomes to their Managed Detection and Response (MDR) customers. It’s hard to beat the effectiveness of solutions built by teams of skilled practitioners and developers to solve real world cybersecurity problems,” said Joe Levy, chief technology officer, Sophos

“NDR is critical to successful threat hunting. Braintrace’s competitive differentiation is its unique NDR technology that our MDR analysts leveraged for finding, interrupting and remediating cyberattacks. With our own NDR technology, the team responds faster and more accurately because of the real-time, automated visibility and threat verification they have into encrypted traffic. We built Braintrace’s NDR technology from the ground up for detection and now, with Sophos, it will fit into a complete system to provide cross-product detection and response across a multi-vendor ecosystem,” said Bret Laughlin, CEO and co-founder of Braintrace.

NDR technology from Braintrace is a critical component in protecting against cyberattacks today and in the future. According to Sophos research, hackers shift strategies frequently to avoid detection and carry out their operations. Braintrace’s technology detects malicious C2 traffic from malware like ColbaltStrike, BazaLoader, and TrickBot, as well as zero-day exploits, which could lead to ransomware and other attacks. This visibility allows threat hunters and analysts to anticipate any prospective ransomware attack, such as REvil and DarkSide’s recent attacks.

In the first half of 2022, Sophos plans to release Braintrace’s NDR technology for MTR and XDR.

BOTS subsidiary, Cyber Security Group LLC, announced Web Application Firewall (WAF) solution to target global cybersecurity market

BOTS, Inc., a global tech firm that specialises in Blockchain-based solutions such as decentralized finance applications for the financial industry, consulting, mining equipment repair, cybersecurity solutions, crypto mining and insurance, announced that its subsidiary, Cyber Security Group LLC, has launched Web Application Firewall (WAF), a proprietary software solution to protect web applications.

The cybersecurity market is being driven by rising cybersecurity events and rules demanding their reporting. Cybercrime, which includes data damage and destruction, stolen money, lost property, intellectual property theft, and other sectors, costs the globe around USD 600 billion each year, according to the Center for Strategic and International Studies (CSIS) and McAfee.

WAF protects against application vulnerabilities and data breaches. The following are some important advantages:

  •     Protection from web attacks and DDoS
  •     Controls access and authentication
  •     Automates and orchestrates security
  •     Protects applications and APIs
  •     Protects against business logic attacks
  •     Protects ecosystem around Blockchain
  •     Blocks malicious bots and automated attacks
  •     Protects from XSS & SQL injections

BOTS’ Cyber Security Group LLC subsidiary is an ISO/IEC 27001:2013 certified Information Security Management System that seeks to capitalise on the fast-growing worldwide cyber security market with its exclusive range of SaaS products. WAF has been successfully battle-tested by financial services and e-commerce enterprises over a two-year pilot program and is now available to businesses all across the world.

Web Application Firewall – Everything You Need to Know

Web Application Firewall – Web Application Firewall (WAF) is a form of application firewall that protects web service from various attacks. Application protection is a security layer that can defend against a variety of application layer security threats that aren’t normally covered by a traditional network layer Intrusion Detection Systems. By inspecting HTTP/HTTPS request packets and web traffic patterns, the WAF ensures that the web service is not jeopardized. It defends web applications against cross-site scripting (XSS), file inclusion and SQL injection attacks. The WAF prevents attacks by blocking HTTP requests and IP addresses when it detects some kind of security threat in compliance with the configuration file.

Why Web Application Firewall ?

Web applications are easily available and provide a convenient entry point to useful data, hence they are a prime target for cyber-attacks. These online services must be protected from current and emerging cyber-threats without compromising efficiency and quality. Because of the consistent changes in applications, security teams struggle to keep up with updating security rules that properly protect web services. This can lead to security flaws and vulnerabilities that cybercriminals can take advantage of, resulting in expensive data breaches. Additionally, businesses seek out security technologies that can scale with their applications to meet rising consumer demand, ensuring that the web as a service remains viable and are adequately protected without compromising the customer’s experience.

Features of Web Application Firewall are –

  • Configuration and Control – Administrators can use the Web Application Firewall to build policies for compliance, regulatory, and security purposes. Administrators can build comprehensive and flexible policies as required, including URL rewriting, SSL/TLS validation and compliance, using the WAF policy engine. WAF detects attack chains automatically, from eavesdropping to data theft and backdoor setup. Instead of working through thousands of possible attacks, security experts are only alerted to the most critical threats. Security teams can specify the protection level for each program, and WAF can determine what to do in various scenarios. In the event, if the device configuration fails, previously saved settings can be restored automatically eliminating the manual work.
  • Reporting and Analytics – WAF provides real-time insight into your web traffic and can be used to generate new dashboard reporting rules or warnings. It gives security teams fine control of how the metrics are displayed, allowing them to track anything from individual rules to all inbound traffic. In addition, WAF provides detailed logging by collecting the header data of each inspected web request that can be used in analytics and security automation. WAF takes a large number of warnings and condenses them into a limited, manageable collection of security events, this gives security professionals a frictionless operating experience.
  • Integration and Security – WAF virtual application can be installed and scaled up easily on-premises with no special hardware to purchase or maintain. WAF can easily integrate into a company’s information security management system, which aids in the provision of advanced multilayer security. Administrators can develop special rules to detect confidential data like account numbers, passwords, financial transactions and insurance records. In addition, rules may be used to hide information from third parties, including administrators that use WAF. WAF aids in the monitoring of all traffic.

The majority of previous time-consuming and physical activities are automated with online services in all enterprise sectors like IT, finance, manufacturing, telecom, media to government. With the rise in cyber-attacks, these organizations must secure their online applications and the safest and most commonly used solution is a Web Application Firewall.