Cyber Security Institute

Sunday, April 22, 2018

OEM Security News - 22-Apr-2018

Table of Contents

  • Teramind Prevents Insider Threats Combining New Data Loss Prevention Features with User Behavior Analytics & Forensic Insights
  • Symantec Analytics Enables Customers to Uncover the Most Dangerous Cyber Attacks
  • 1Cisco Fights Malware, Email Intrusions with New Services
  • Cybersecurity Companies Demo Support for STIX and TAXII Standards for Automated Threat Intelligence Sharing at RSA 2018
  • Could FireEye Be a Millionaire Maker Stock?
  • Intel is offloading virus scanning to its GPUs to improve performance and battery life
  • Microsoft unveils new security tools for Internet of Things, edge devices
  • CrowdStrike Falcon X takes aim at incident response
  • Latest Release of Unisys Stealth® Security Software Extends Microsegmentation Protection for Data Centers, Clouds and Mobile Devices to Include Medical and Internet of Things Devices
  • Gemalto to protect 5G networks from cyber-attacks with Intel Software Guard Extensions
  • Mimecast Offers Cyber Resilience for Email with New Detection, Remediation and Threat Intelligence Capabilities
  • Fortinet Receives Recommended Rating in NSS Labs Latest Advanced Endpoint Protection Test Report
  • The cloud has caused 'pretty negative byproducts' - Cisco
  • 'Local option' ESET on hunt for 700 partners
  • Centrify Offers Free Security Software, Services to Election Boards
  • ZeroFOX Names Industry Thought Leader Dr. Sam Small as Chief Security Officer
  • Microsoft brings its antivirus protection to Google’s Chrome browser
  • CounterSnipe Systems releases its most powerful Version of IDS/IPS Software
  • Cisco nudges partners towards intellectual property with $100,000 prize
  • 8 Security Products That Made News at RSA Conference 2018
  • Keeper Security forms vulnerability disclosure program with Bugcrowd
  • Cybersecurity Market Advancement In Technology 2018 to 2025
  • ForeScout Stock: Chart Pointing to a Big Breakout 1
  • Microsoft Floods RSA Conference with Security Announcements
  • Cofense moves to a 100% channel sales model
  • Securonix Unveils Strategic Alliance to Combat Cyberattacks in the Cloud
  • In preparation for the GDPR, CoSoSys launches Endpoint Protector 5.1
  • Infrastructure-agnostic web app protection with virtual patching option
  • Intel announced the new Threat Detection Technology and Security Essentials
  • Grant Thornton and Anomali Partner for Threat Intelligence Solutions
  • Anomali partners with Visa to offer global payment breach intelligence
  • BluVector and SS8 Deliver the First Product Suite for Advanced Threat Detection and Network Visibility Across the Entire Kill Chain
  • Citrix Analytics Service Proactively Addresses Security Threats
  • Saviynt Announces $40 Million Series A Funding Round with Carrick Capital Partners
  • Cyber Security Specialist emt Distribution Takes on ThreatConnect Threat Intelligence Platform in Australia and New Zealand
  • BigID is this year’s most innovative startup at RSA Conference
  • RedLock Enhances Visibility, Compliance Assurance, and Threat Detection Capabilities With Microsoft Azure



https://www.sfgate.com/favicon.ico Teramind Prevents Insider Threats Combining New Data Loss Prevention Features with User Behavior Analytics & Forensic Insights
Teramind Inc. (RSA booth #5110), a provider of insider threat solutions, today announced a new approach to data loss prevention that will continue to help organizations from healthcare to banking, legal, energy and customer service teams and more address their internal cyber security and data breach vulnerabilities.
Teramind brings organizations the latest in preventional security software after another year of global data breaches.
The new software features a comprehensive platform that combines technology supporting traditional data loss prevention (DLP) software capabilities coupled with behavioral data analytics.
This unique approach brings forth the next generation of forensic insight to keep companies’ data safe. 
Teramind provides a user-centric security approach to monitor employee behavior, with software that streamlines employee data collection in order to identify suspicious activity, detect possible threats, monitor employee efficiency, and ensure industry compliance.
Teramind’s new file anti-exfiltration analysis combined with the software’s traditional DLP software capabilities and behavioral data analytics brings forth a stronger layer of protection against data breaches.
File anti-exfiltration analysis targets and tags sensitive file repositories as well as sensitive content.
Link: https://www.sfgate.com/business/press-releases/article/Teramind-Prevents-Insider-Threats-Combining-New-12836775.php



https://www.albawaba.com/favicon.ico Symantec Analytics Enables Customers to Uncover the Most Dangerous Cyber Attacks
Symantec (Nasdaq: SYMC), the world's leading cyber security company, announced today that the powerful threat detection technology used by its own world-class research teams to uncover some of the most notable cyber-attacks in history are now available to its Advanced Threat Protection (ATP) customers.
The Symantec Targeted Attack Analytics (TAA) technology enables ATP customers to leverage advanced machine learning to automate the discovery of targeted attacks – the most dangerous intrusions in corporate networks.

TAA is the result of an internal joint-effort between Symantec’s Attack Investigation Team, responsible for uncovering Stuxnet, Regin, Lazarus as well as links to SWIFT and WannaCry attacks among others, and a team of Symantec’s top security data scientists on the leading edge of machine learning research.
Unlike traditional solutions, TAA takes the process, knowledge and capabilities of the world’s leading security experts and turns it into artificial intelligence, providing companies with elite “virtual analysts,” to allow security experts to devote their limited time and resources to the most critical attacks, instead of spending time sifting through false positives.
The TAA technology implements machine learning to analyze a broad range of data, including system and network telemetry from Symantec’s global customer base which forms one of the largest threat data lakes in the world.
Symantec’s cloud-based approach to this technology also enables the frequent re-training and updating of analytics to adapt to new attack methods without the need for product updates.
This new approach provides ATP customers with automated targeted threat detection, identifying sophisticated attacks where other solutions may fail.
TAA is now available as part of Symantec’s Integrated Cyber Defense Platform for Symantec Advanced Threat Protection (ATP) customers.
Link: https://www.albawaba.com/business/pr/symantec-targeted-attack-analytics-enables-customers-uncover-most-sophisticated-and-dang



https://www.channelpartnersonline.com/favicon.ico 1Cisco Fights Malware, Email Intrusions with New Services
Lynn Haber
Cisco on Monday announced upgrades to its Advanced Malware Protection (AMP) for Endpoints, new investments in email security, and an expanded security partnership with ConnectWise.
The enhancements to AMP for Endpoints security, called Cisco Visibility, are designed to stop malware, eliminate blind spots and discover unknown threats.
The new Cisco Visibility shows the extent of a compromise that spans the endpoint, the network and the cloud.
Cisco also made new investments in two email security services: Cisco Domain Protection and Cisco Advanced Phishing Protection.
Cisco Domain Protection automates the manual process of analyzing, updating and taking action against senders misusing their domain to send malicious email.
Cisco Advanced Phishing Protection adds machine-learning capabilities to Cisco Email Security to evaluate the risk associated with inbound email by assessing its threat posture.
The Cisco cloud-based service, which provides multi-tenant management, monitoring and billing, is in pilot but expected to be generally available soon.
Building on its initial ConnectWise partnership, the networking giant announced new enhancements to ConnectWise Unite with Cisco, including several new Cisco security integrations and the ConnectWise Advanced Security Dashboard for MSPs.
The new Cisco security integrations with ConnectWise include Advanced Malware Protection for Endpoints, Adaptive Security Appliance and Next Generation Firewall.
The ConnectWise Advanced Security Dashboard for MSPs integrates with the ConnectWise Manage business management solution.
It features global policy management, security event correlation, and security reporting — or what Cisco calls the building blocks to monitor advanced managed security services around Cisco’s portfolio of Meraki MX firewalls, Umbrella, Stealthwatch Cloud, Adaptive Security Appliances, Next Generation Firewall and AMP for Endpoints.
It’s being introduced as a pilot with select partners in May.
Link: https://www.channelpartnersonline.com/2018/04/16/cisco-fights-malware-email-intrusions-with-new-services/



https://software.einnews.com/favicon.ico Cybersecurity Companies Demo Support for STIX and TAXII Standards for Automated Threat Intelligence Sharing at RSA 2018
Products from Anomali, EclecticIQ, Fujitsu, Hitachi, IBM Security, New Context, NC4, ThreatQuotient, and TruSTAR are demonstrating how STIX and TAXII are being used to prevent and defend against cyberattack by enabling threat intelligence to be analyzed and shared among trusted partners and communities.
In addition to seeing the demos, RSA attendees are learning more about how the major new version of STIX and TAXII making it much easier to automate cyber threat intelligence sharing.
Link: https://software.einnews.com/pr_news/441548758/cybersecurity-companies-demo-support-for-stix-and-taxii-standards-for-automated-threat-intelligence-sharing-at-rsa-2018?n=2&code=UK5CzDEXUdFuR8be



https://www.fool.com/favicon.ico Could FireEye Be a Millionaire Maker Stock?
Nicholas Rossolillo
Shares of cybersecurity company FireEye (NASDAQ:FEYE) have struggled since going public back in 2013.
The stock has been cut in half from its debut price in spite of the fact that its revenue has doubled several times during that same period.
It looks like a great growth story waiting to happen, but there are a few factors cautious investors should weigh first.
The cybersecurity industry is growing, but FireEye's product is viewed as more of an add-on to a company's existing threat-detection system rather than a comprehensive plan.
As a result, some of its larger peers like Palo Alto Networks (NYSE:PANW), Juniper Networks (NYSE:JNPR), and tech giant Cisco (NASDAQ:CSCO) have fared much better the last few years.
In response to its slowdown, FireEye has begun offering additional services and features to create a more well-rounded menu for its customers.
The good news is that revenue growth accelerated to 10% year over year in the last reported quarter.
Management thinks that 2018 sales will be $815 million to $825 million, at least a 10% annual increase.
That pales in comparison to growth a few years back, but it's nevertheless an improvement over the last 12 months, if those numbers transpire as forecast.
Expenses on R&D and marketing are being trimmed, too, bringing profitability a little closer.
Losses in 2017 were $1.71 per share compared with $2.94 the year prior.
Management again struck an upbeat tone for 2018 as it expects losses to continue decreasing. 
Though cybersecurity is in high demand and likely to stay that way for some time, FireEye's current growth trajectory is underwhelming and lagging behind the competition.
Link: https://www.fool.com/investing/2018/04/16/could-fireeye-be-a-millionaire-maker-stock.aspx?source=iedfolrf0000001



Intel is offloading virus scanning to its GPUs to improve performance and battery life
Tom Warren
Intel is planning to allow virus scanners to use its integrated graphics chipsets to scan for malicious attacks.
The change could see performance and battery life improve on some systems. “With Accelerated Memory Scanning, the scanning is handled by Intel’s integrated graphics processor, enabling more scanning, while reducing the impact on performance and power consumption,” explains Rick Echevarria, Intel’s platform security division VP. “Early benchmarking on Intel test systems show CPU utilization dropped from 20 percent to as little as 2 percent.”
Intel’s Threat Detection Technology will be available on 6th, 7th, and 8th generation Intel processors, allowing a variety of machines to take advantage of moving some virus scanning activity to the GPU instead of the CPU.
Virus scanners currently use the CPU to detect against memory-based attacks, but a machine takes a performance hit as a result.
Intel hopes by moving this way from the CPU that performance and power consumption will improve, as typical machines do not fully utilize onboard graphics cards most of the time.
“” 
Intel is partnering with Microsoft to support this initially, with the change coming to Windows Defender Advanced Threat Protection (ATP) this month.
Intel is also working with other antivirus vendors so others can take advantage of this silicon-level change.
Link: https://www.theverge.com/2018/4/16/17244996/intel-virus-scanning-integrated-gpus-memory



Microsoft unveils new security tools for Internet of Things, edge devices
The company introduced “Azure Sphere”, the industry’s first holistic platform to create secured, connected microcontroller unit (MCU) devices on the “intelligent edge”.
The company also unveiled several new intelligent security features for its Microsoft 365 commercial Cloud offering — designed to help IT and security professionals simplify how they manage security across their enterprises.
Link: https://www.financialexpress.com/industry/technology/microsoft-unveils-new-security-tools-for-internet-of-things-edge-devices/1135678/



CrowdStrike Falcon X takes aim at incident response
Rob Wright
At RSA Conference 2018 on Monday, the cybersecurity vendor launched CrowdStrike Falcon X, a new offering that automates threat analysis in order to quicken enterprise responses to cyberattacks.
CrowdStrike—which is appearing in several sessions at RSA Conference on new exploits, adversaries and response techniques this week—has become one of the more visible cybersecurity vendors in the industry following its investigative work on the Democratic National Committee's 2016 data breach.
Now, the company is broadening its reach with new initiatives around incident response.
With Falcon X, Alperovitch said the process takes about three minutes.
When malware is detected on an endpoint, CrowdStrike Falcon X automatically "detonates" the sample and then runs it through CrowdStrike's malware search engine to compare it against other samples. 
In addition to CrowdStrike Falcon X, the company also introduced a new product geared toward small and medium-sized businesses.
Dubbed CrowdStrike Falcon Endpoint Protection Complete, the product includes the endpoint security module of the Falcon platform, as well as dedicated security professionals to assist customers with incident response.
Link: https://searchsecurity.techtarget.com/news/252439123/CrowdStrike-Falcon-X-takes-aim-at-incident-response



https://www.pharmiweb.com/favicon.ico Latest Release of Unisys Stealth® Security Software Extends Microsegmentation Protection for Data Centers, Clouds and Mobile Devices to Include Medical and Internet of Things Devices
BLUE BELL, Pa., April 17, 2018 /PRNewswire/— Unisys Corporation (NYSE: UIS) today announced a new version of its award-winning Unisys Stealth® security software suite, including upgrades to extend protection to purpose-built Internet of Things (IoT) devices and other connected equipment such as medical monitoring machines, baggage scanners, industrial control systems and surveillance cameras.
The new release of Stealth™ microsegmentation software now protects IoT devices, isolating them from untrusted network segments within a Stealth-protected network to help prevent intrusion and remote tampering on the devices while protecting the corporate network from potential compromises initiated from unsecured devices.
By joining a Stealth-defined secure Community of Interest, high-value devices are shielded from unauthorized access, reducing the attack surface.
This new capability can be delivered as a virtual or physical gateway to protect devices where Stealth cannot be installed and with no hardware or software changes required to the purpose-built devices.
Link: https://www.pharmiweb.com/pressreleases/pressrel.asp?ROW_ID=273792



Gemalto to protect 5G networks from cyber-attacks with Intel Software Guard Extensions
Gemalto launched a platform that stops cyber-attacks from affecting cloud-based virtualised networks being planned and deployed with Intel technology.
This new initiative combines the Intel Software Guard Extensions (Intel SGX) trusted 'enclave', deployed in the company's cloud server CPUs, with Gemalto's advanced SafeNet Data Protection On Demand security software services to create a processor-level security platform for virtualised networks.
Link: https://www.telecompaper.com/news/gemalto-to-protect-5g-networks-from-cyber-attacks-with-intel-software-guard-extensions—1240500



https://software.einnews.com/favicon.ico Mimecast Offers Cyber Resilience for Email with New Detection, Remediation and Threat Intelligence Capabilities
Nasdaq Global Newswire
SAN FRANCISCO, April 17, 2018 (GLOBE NEWSWIRE)—Mimecast Limited (NASDAQ:MIME), a leading email and data security company, today announced enhancements to its Targeted Threat Protection services - Impersonation Protect, URL Protect, and Internal Email Protect – engineered to combat and remediate the evolving threat landscape.
New features include supply chain impersonation protection, similar domain detection, the integration of new automated intelligence feeds, as well as the introduction of automated threat remediation capabilities.
New research from Mimecast and Vanson Bourne revealed that organizations are not only facing a variety of different threats, but the volume and frequency of these attacks continue their upward trajectory.
In fact, 53 percent expect a negative business impact from these email-borne threats in 2018.
Impersonation attacks commonly use social engineering, and are designed to trick users such as finance managers, executive assistants, and HR representatives into making wire transfers or providing information which can be monetized by cybercriminals. 
Lookalike domains are also increasingly becoming a problem, as recently publicized in top media outlets, like KrebsonSecurity. 
New real-time data feeds have also been added to Impersonation Protect engineered to better identify newly observed and registered domains to further enhance Mimecast’s ability to detect security threats.
Additionally, using Mimecast’s global threat intelligence network, Internal Email Protect can help customers more quickly remediate security threats that originate from any email account inside or outside the organization. 
Available in June 2018
Link: https://software.einnews.com/pr_news/442535502/mimecast-offers-cyber-resilience-for-email-with-new-detection-remediation-and-threat-intelligence-capabilities?n=2&code=oFvCCJC2r-jYysMo



https://software.einnews.com/favicon.ico Fortinet Receives Recommended Rating in NSS Labs Latest Advanced Endpoint Protection Test Report
Nasdaq Global Newswire
FortiClient has received NSS Labs' coveted 'Recommended' rating since this test’s inception in 2017, this year with an overall security effectiveness rating of 97.3%. 
• Several Fortinet Fabric-Ready technology alliance partners are also among the “Recommended” vendors in this report, including Carbon Black and SentinelOne.
These solutions are among those certified compatible with FortiClient Fabric Agent to provide integration and intelligence sharing with the Security Fabric.
The broad Fortinet Fabric-Ready Partner Program ecosystem of complementary technologies enables customers to maximize their existing technology investments and get even more value from their security deployments.
AEP Test Report Highlights for FortiClient
• 100% block rate on exploits
• 100% block rate on document and script-based malware
• 100% block rate for web, 99.4% for email, and 100% for offline threats
• 97.2% detection rate for evasions
• 97.3% overall security effectiveness rating
• Zero false positives
Link: https://software.einnews.com/pr_news/442541712/fortinet-receives-recommended-rating-in-nss-labs-latest-advanced-endpoint-protection-test-report?n=2&code=oFvCCJC2r-jYysMo



The cloud has caused 'pretty negative byproducts' - Cisco
Tom Wright
Cisco has called on partners to help customers address the "negative byproducts" of moving to the cloud by adopting its multi-cloud approach.
Speaking at Cisco's Partner Connection Week in the Bahamas, Cisco VP of growth initiative Ruba Borno said that customers have been caught off guard by the challenges of moving to the cloud.

Borno told partners that currently four in five Cisco customers use more than one cloud, but need more assistance when it comes to managing these infrastructures.
But Cisco says that the cloud - and new technologies such as artificial intelligence and machine learning - require partners to position themselves differently in the market.
Wendy Bahr, senior vice president of Cisco's Global Partner Organisation, said partners should specifically be adapting to target three key areas.
"I would suggest the three biggest opportunities we have are core networking, security and multi-cloud.
When you couple in the life-cycle value and that services revenue, these are the three big tickets."
Link: https://www.channelweb.co.uk/crn-uk/news/3030393/the-cloud-isnt-as-simple-as-we-thought-it-would-be-cisco



'Local option' ESET on hunt for 700 partners
Marian Mchugh
End-point security vendor ESET says it can provide UK resellers with a "local" alternative to its competitors as it hunts for 700 new partners.
The Slovakia-based outfit has launched a partner recruitment push in this country after moving to a two-tier channel model last year.

Last year, ESET took on its first two UK distributors in the shape of Exertis and Distology.
The recruitment push and distributor appointments are part of ESET's plan to enter the competitive enterprise market, and to do that the company wants to recruit a wider range of resellers.
Link: https://www.channelweb.co.uk/crn-uk/news/3030435/local-option-eset-on-hunt-for-700-partners?utm_medium=email&utm_content=&utm_campaign=CRN.Daily_RL.EU.A.U&utm_source=CRN.DCM.Editors_Updates&utm_term=&



Centrify Offers Free Security Software, Services to Election Boards
Chris Preimesberger
Centrify, a proponent of a relatively new approach to enterprise security called Zero Trust, on April 16 at the RSA Security Conference revealed the industry’s first IT campaign to Secure the Vote for the 2018 elections.
The initiative involves the free distribution of Centrify software to election boards that includes multi-factor authentication and validation of device access for voters in their jurisdictions.


Centrify’s package is called Identity-as-a-Service and Privileged Access Management leadership Effective April 16, the company is providing its access solutions to eligible election boards at no cost for the first eight months of a 12-month (or more) SaaS subscription, representing a 66 percent discount on MSRP.
Centrify is also offering a 10 percent discount to new election board customers to take advantage of its Jump Start professional services program to ensure a smooth deployment of Centrify Zero Trust Security.
Link: http://www.eweek.com/security/centrify-offers-free-security-software-services-to-election-boards



http://www.oaoa.com/favicon.ico ZeroFOX Names Industry Thought Leader Dr. Sam Small as Chief Security Officer
BALTIMORE—(BUSINESS WIRE)—Apr 18, 2018—ZeroFOX, the social media security category leader, today announced the hiring of Dr.
Sam Small as Chief Security Officer (CSO).
In his new role, Dr.
Small will work with ZeroFOX’s rapidly-growing enterprise customer portfolio to develop, execute and maintain strategies that address the security threats intertwined with social media platforms.
This strategic hire comes on the heels of several other important company milestones, including major organizational wins such as The National Hockey League Players' Association (NHLPA).
Additionally, ZeroFOX recently hired Todd Laughman as Head of U.S.
Sales and Brian Cyr as the company’s first General Counsel earlier this year.
As one of the country’s foremost experts on intellectual property (IP), Dr.
Small will continue to invest, build upon and protect ZeroFOX’s proprietary platform and continued growth.
At ZeroFOX, Dr.
Small will drive ZeroFOX’s security vision both internally and externally for customers.
Dr.
Small will work directly with customers at the CXO level to deliver the company's services and technology as well as infusing the ZeroFOX Platform with his expertise.
Finally, Dr.
Small will help oversee all ZeroFOX’s IP and internal security operations.
Link: http://www.oaoa.com/news/us_news/article_a7995813-d26a-5b7c-b37e-f8046480190b.html



Microsoft brings its antivirus protection to Google’s Chrome browser
Tom Warren
Microsoft is releasing its Windows Defender antivirus scanner for Google Chrome this week.
The software giant has released a Chrome extension, that includes a list of malicious URLs that will be blocked in Chrome.
The extension is designed to stop malware being loaded onto PCs from malicious sites, and to prevent phishing emails from being successful.
Link: https://www.theverge.com/2018/4/18/17250906/microsoft-windows-defender-google-chrome-extension



https://www.prlog.org/favicon.ico CounterSnipe Systems releases its most powerful Version of IDS/IPS Software
CounterSnipe V11 includes a cleverly designed firewall which offers total flexibility for driving the Intrusion Prevention functionality.
The ability to easily manage and direct required data streams towards the IDS engine stands CounterSnipe way ahead of any other IPS product on the market.
Today CounterSnipe stands in a league of its own by offering such powerful software that will run in private cloud, on a physical server, in virtual environment, as a stand-alone system or as a cluster of IDS sensors.
CounterSnipe therefore makes a perfect choice for a small, medium or a multi national large enterprise.
Link: https://www.prlog.org/12703610-countersnipe-systems-releases-its-most-powerful-version-of-idsips-software.html



Cisco nudges partners towards intellectual property with $100,000 prize
Tom Wright
The vendor launched an innovation challenge at its Partner Connection Week in the Bahamas, with the partner deemed to have developed the best application on top of Cisco's platform being awarded $100,000.

Price said that bespoke software will help partners differentiate themselves beyond pricing, explaining that the traditional way of beating a competitor - undercutting another firm on a deal - doesn't provide any real benefit to any of the parties involved.
Neil Pemberton, director at Cisco partner ITGL, said that developing IP is a way for resellers to install value into their own business, rather than just relying on the products that a vendor produces.
By making its software open to developers, Pemberton said that Cisco has made it easier for partners to develop applications - something that the channel would not typically have considered in the past.
Link: https://www.channelweb.co.uk/crn-uk/news/3030589/cisco-nudges-partners-towards-intellectual-property?utm_medium=email&utm_content=&utm_campaign=CRN.SP_01.Daily_RL.EU.A.U&utm_source=CRN.DCM.Editors_Upd



8 Security Products That Made News at RSA Conference 2018
Sean Michael Kerner
At the RSA Conference, Barracuda announced PhishLine Levelized Programs, an effort to measure user resistance to phishing attacks.
Fidelis rolled out an update of its Elevate platform, adding new cyber-deception capabilities and improved detection and analysis features.
Trend Micro announced at the RSA Conference its new Writing Style DNA capability, which uses machine learning techniques to help reduce email fraud and business email compromise (BEC) attacks.
VMware announced that it is extending its AppDefense application security technology to now also include containers.
Forcepoint unveiled its new Dynamic Data Protection effort at the RSA Conference, providing what it calls a risk- based approach to automatically provide the appropriate level of enforcement.
Tripwire announced new capabilities for its Cloud Management Assessor offering at the RSA Conference.
GuardiCore unveiled new capabilities for its Centra Security Platform to help secure container deployments.
IBM announced at the conference improvements to its Resilient Incident Response Platform, including new intelligent orchestration capabilities.
2.6 Billion Data Records Compromised in 2017, Gemalto Reports
Link: http://www.eweek.com/security/8-security-products-that-made-news-at-rsa-conference-2018



Keeper Security forms vulnerability disclosure program with Bugcrowd
Rob Wright
Following its controversial lawsuit against an Ars Technica security reporter, Keeper Security has teamed with Bugcrowd on a formal vulnerability disclosure program.
Now Keeper is attempting to repair its image in the infosec community and fix the perception that it's waging a war against security researchers and reporters.
A source close to the situation said Keeper Security teamed with Bugcrowd on a formal vulnerability disclosure program in an effort to improve relationships with the security research community following the lawsuit.
The program, which has not been formally announced yet, was confirmed by Keeper Security in a Tweet Thursday evening.
It's unclear how much Keeper's Bugcrowd program will alleviate concerns in the infosec community.
Matthew Green, cryptography expert and professor at Johns Hopkins University's Information Security Institute, said the company's actions last year have turned researchers away from the vendor.
Link: https://searchsecurity.techtarget.com/news/252439690/Keeper-Security-forms-vulnerability-disclosure-program-with-Bugcrowd



https://theanalystfinancial.com/favicon.ico Cybersecurity Market Advancement In Technology 2018 to 2025
The Global Cybersecurity Market was valued at USD 122.53 billion in 2016 and is projected to reach USD 325.10 billion by 2025, growing at a CAGR of 11.45% from 2018 to 2025.
Global Cybersecurity Market by Top Manufacturers (2018-2025) : IBM Corporation, Sophos , Trend Micro , Cisco Systems , HPE, Fortinet , Check Point Software Technologies Ltd. , Juniper Networks, Inc., Symantec Corporation , Palo Alto Networks , McAfee LLC , Fireeye.
Link: https://theanalystfinancial.com/251440/cybersecurity-market-advancement-in-technology-2018-to-2025/



https://www.profitconfidential.com/favicon.ico ForeScout Stock: Chart Pointing to a Big Breakout 1
George Leong, B.Comm.
FSCT stock debuted at $22.00 in its initial public offering (IPO) in October 2017 and traded as high as $37.79 on March 12, 2018.
While the easy money may have been made, ForeScout stock could still provide some above-average returns for patient investors.
The fact that ForeScout is steadily increasing revenues, cutting its losses, and improving the FCF picture bodes well for the FSCT stock price going forward.
While a breakout for FSCT stock will drive the price toward $40.00, the actual upside target will depend on how well ForeScout performs over the next few years.
If FSCT delivers strong numbers and the stock market holds, a move to above $50.00 would be likely.
Link: https://www.profitconfidential.com/stock/forescout-stock/fsct-stock-chart-pointing-breakout/



Microsoft Floods RSA Conference with Security Announcements
Kurt Mackie
The announcements spanned Microsoft's Security Graph, Advanced Threat Protection (ATP), Information Protection and Conditional Access products, and beyond.
Here's a rundown of the news.
Developers working with Microsoft's security products got a preview of a new "Security API" for accessing the Intelligent Security Graph.
The Intelligent Security Graph is a search service that typically underlies Microsoft's various security solutions.
The Microsoft Secure Score solution reached "general availability" (GA) this week, meaning that it's deemed ready for use in production environments.
This product, which graphically scores an organization's security position, expands on the Office 365 Secure Score product that reached GA status last year.
Attack Simulator, which is part in the Office 365 Threat Intelligence service, reached GA status this week after getting previewed in February.
It's available to "all Office 365 E5 or Office Threat Intelligence customers," according to a Tuesday Microsoft announcement.
Windows Defender ATP rolled out a couple of years ago and was initially billed as a post-breach security analysis tool, using integrated Hexadite technology.
Later, Microsoft indicated that the service would get autoremediation capabilities.
This week, Microsoft explained in an announcement that Windows Defender ATP now has added automation capabilities that let the service expand investigations and fix security issues across an organization:
New passwordless sign-in support, using FIDO2, will be coming to the spring Windows 10 release, Microsoft also announced this week.
Microsoft had much more RSA security news.
It announced that Microsoft Cloud App Security has an improved "ransomware and terminated-user activity." The ransomware detection capability can now detect anomalies and more sophisticated attacks.
For terminated employees, Microsoft is previewing the ability to detect when they continue to use SaaS apps.
Another preview is the ability to set granular controls for actions to take when end users have "come from a risky session."
Link: https://rcpmag.com/articles/2018/04/20/microsoft-rsa-security-announcements.aspx



Cofense moves to a 100% channel sales model
Clare Hopping
Cofense has re-launched its reseller channel programme as part of its shift to become a 100% channel sales company.
The firm explained it wants to move towards an all-channel model in order to deepen its relationships with distributors, resellers, and value-added resellers around the globe and streamline the process for customers to obtain enhanced security products and services. 
Cofense already has 300 partners distributing its products worldwide, forming the basis for the next step of its business growth.
Offering a more attractive offering to partners will no doubt attract more businesses to its roster.
Link: http://www.channelpro.co.uk/news/10820/cofense-moves-to-a-100-channel-sales-model



https://globenewswire.com/favicon.ico Securonix Unveils Strategic Alliance to Combat Cyberattacks in the Cloud
ADDISON, Texas, April 18, 2018 (GLOBE NEWSWIRE)—Securonix, the industry leader in big data security analytics and user entity behavior analytics (UEBA), announced the launch of a strategic alliance with top cloud security vendors to protect against cyber & insider attacks.
Customers of Securonix Cloud benefit from rapid deployment and comprehensive coverage across modern cloud applications:
• Frictionless deployment, agility, and reduction in infrastructure management costs
• Complete data security with a SOC2 Type 2 certified environment
• Bi-directional cloud-to-cloud integrations with a strong partner eco-system
• Detection, investigation, and response to threats across all modern cloud platforms
Securonix’s cloud integration strategy is further enabled through the Fusion Partner Program.
The Fusion Partner Program is an ecosystem of over 25 technology partners, including several strategic cloud partners, who have fully integrated their solution with Securonix.
Partners include Netskope, Anomali, CrowdStrike, Demisto, Okta, Qualys, and ServiceNow.
Link: https://globenewswire.com/news-release/2018/04/18/1480815/0/en/Securonix-Unveils-Strategic-Alliance-to-Combat-Cyberattacks-in-the-Cloud.html



https://www.helpnetsecurity.com/favicon.ico In preparation for the GDPR, CoSoSys launches Endpoint Protector 5.1
CoSoSys announced the latest update of its award-winning flagship Data Loss Prevention product, Endpoint Protector 5.1, which brings added functionalities to key features and a boost for GDPR compliance.
Endpoint Protector 5.1 thus has an extended list of predefined PIIs to cover additional EU countries.
Through them, companies can easily track and control data across a larger spectrum.
Optical Character Recognition (OCR) has been added so sensitive data can be searched for in images as well.
eDiscovery scans, which search data at rest for sensitive information stored on endpoints network-wide and then allow for remediation actions, can now be scheduled to run automatically for a single, one-time scan or for re-occurring scans, on a weekly or monthly basis.
New features include time-based and network-based access rights for computers.
While the first allow admins to choose working days and hours and set different access rights according to them, the second defines a company’s network through its DNS and ID and grants access rights depending on whether a computer is on them or not.
Link: https://www.helpnetsecurity.com/2018/04/18/gdpr-endpoint-protector/



https://www.helpnetsecurity.com/favicon.ico Infrastructure-agnostic web app protection with virtual patching option
Signal Sciences announced the latest innovations for its Web Protection Platform.
Its patented architecture provides security, operations and development teams with the visibility, security and scalability needed to protect against the full spectrum of threats their web applications now face, from OWASP Top 10 to account takeovers, API misuse and bots.
The software can be deployed as a next-gen web application firewall (WAF), reverse proxy for comprehensive application coverage, or for runtime application self-protection (RASP).
Link: https://www.helpnetsecurity.com/2018/04/18/infrastructure-agnostic-web-app-protection/



https://securityaffairs.co/favicon.ico Intel announced the new Threat Detection Technology and Security Essentials
Pierluigi Paganini
Intel continues to innovate its products, the tech giant announced two new technologies, the Threat Detection Technology (TDT) and Security Essentials.
The Threat Detection Technology leverages the silicon-level telemetry and functionality to allow security products detect sophisticated threats.
The new Intel Threat Detection Technology (TDT) includes two main capabilities, the Accelerated Memory Scanning and Advanced Platform Telemetry.
Microsoft will integrate the Accelerated Memory Scanning feature into Windows Defender Advanced Threat Protection (ATP) within a couple of weeks.
Link: https://securityaffairs.co/wordpress/71481/security/intel-threat-detection-technology.html



Grant Thornton and Anomali Partner for Threat Intelligence Solutions
Through this alliance, Grant Thornton can provide its clients a suite of threat-intelligence capabilities – providing earlier detection of attacks from adversaries, helping security teams better prepare for intrusions and share threat assessments with key partners.
In addition, Grant Thornton’s team of cyber-risk professionals will counsel organizations on solution design and engineering, program development and use-case integration when implementing Anomali solutions.
Link: http://www.cpapracticeadvisor.com/news/12408370/grant-thornton-and-anomali-partner-for-threat-intelligence-solutions



https://www.helpnetsecurity.com/favicon.ico Anomali partners with Visa to offer global payment breach intelligence
Threat management and collaboration solutions provider Anomali announced a partnership with Visa to provide cyber security teams with intelligence on indicators of compromise (IoCs) drawn from Visa Threat Intelligence, to better detect and manage breaches involving payment information in retail, hospitality, restaurant and other sectors.
Delivered to the Anomali platform through an API from the Visa Developer Platform, Visa Threat Intelligence enables merchants to collaborate within and across sectors to proactively mitigate threats and work to secure critical access points to protect payment card and personally identifiable information.
Link: https://www.helpnetsecurity.com/2018/04/18/anomali-payment-breach-intelligence/



https://pilotonline.com/favicon.ico BluVector and SS8 Deliver the First Product Suite for Advanced Threat Detection and Network Visibility Across the Entire Kill Chain
SAN FRANCISCO—(BUSINESS WIRE)—Apr 18, 2018—RSA CONFERENCE USA – Hunting sophisticated threats is a daunting task requiring a dizzying array of data, tools, and talent.
Companies of all sizes need a simpler, more efficient approach to sensing and responding to those threats originating inside or outside the network.
To address this need, BluVector and SS8 Networks today announced a partnership that delivers a new solution called BluVector® IRIS™, the only suite on the market that offers this visibility across the entire kill chain.
Organizations can now quickly identify and replay anomalous network behaviors that represent movement by infected hosts or malicious insiders seeking to exfiltrate proprietary data.
An add-on to BluVector® Cortex™, BluVector IRIS provides an unprecedented ability to construct a 360 degree view of the entire cyber threat kill chain, enabling organizations to detect, analyze and contain any threats originating from outside or inside the network.
The combined platform examines more than 4,000 network protocols for potential malicious events and performs machine learning, network-based forensic detection, speculative code execution, and behavioral analysis on all communications.
Link: https://pilotonline.com/business/ports-rail/article_6a797b91-6370-54fb-8eb4-16f42520ced7.html



http://markets.businessinsider.com/favicon.ico Citrix Analytics Service Proactively Addresses Security Threats
New Citrix Analytics Service will provide visibility into company-wide user and entity behavior, system security, performance and operations, and simplify IT infrastructure.
Using machine learning and artificial intelligence to detect anomalous behavior and potential threats, Citrix is now able to deliver actionable intelligence from the information gathered via our cloud services and on premises products to help customers proactively identify and manage internal and external threats.
Citrix Analytics uniquely enables customers to adopt a risk-based security model, allowing them to dynamically balance the needs of users to have rapid access to data with IT’s need to secure and govern the environment.
This new service securely aggregates and correlates user interaction with applications, devices, networks and data across our suite of products and cloud services to help detect and prevent malicious activity and data exfiltration.
With an end-to-end view of the location of and access to data, Citrix Analytics also allows organizations to monitor and manage data movement across endpoints, datacenter, mobile, hybrid and multi-clouds.
This visibility into data logging and access requests helps our customers understand data flows to meet their security and oversight obligations under several security standards and regulations, including HIPAA, Sarbanes-Oxley (SOX), and GDPR.
Link: http://markets.businessinsider.com/news/stocks/citrix-analytics-service-proactively-addresses-security-threats-1021441506



http://www.citizentribune.com/favicon.ico Saviynt Announces $40 Million Series A Funding Round with Carrick Capital Partners
SAN FRANCISCO—(BUSINESS WIRE)—Apr 18, 2018—Saviynt, a leading global provider of Identity Governance and Administration (IGA) solutions, announced today that Carrick Capital Partners ("Carrick"), an investment firm with a focus on technology-enabled businesses, including enterprise software, has committed $40 million to its Series A financing round.
The announcement was made from RSA Conference 2018 taking place April 16 th to 20 th in San Francisco.
Saviynt delivers next-generation IGA solutions for organizations to secure their most critical assets, manage data privacy and risk, meet continuous compliance needs and securely adopt new technologies with confidence.
Saviynt’s unique approach provides Identity Governance, Cloud Security and Application GRC capabilities as an integrated platform delivered as an efficient cloud-based service.
With some of the largest global corporations now relying on Saviynt’s solution to ensure the security of their company’s applications, data, and infrastructure, Saviynt is poised for a new chapter of exponential growth.
An Identity Governance solution is fundamental to organizations’ cyber security strategy, with more enterprises opting for a cloud-based delivery model than on-premise solutions.
According to Gartner “By 2021, IGA as a service becomes the dominant delivery model for new deployments, where 40% of new buyers will opt for cloud-architected IGA and 15% for cloud-hosted IGA software, up from 5% and less than 5%, respectively, in 2018.”
Link: http://www.citizentribune.com/news/business/saviynt-announces-million-series-a-funding-round-with-carrick-capital/article_128828ca-674b-5d89-af8d-95cefa4437b8.html



Cyber Security Specialist emt Distribution Takes on ThreatConnect Threat Intelligence Platform in Australia and New Zealand
Adelaide, Australia – 18 April 2018: Cyber security software specialist, emt Distribution today announced it has been appointed as Australian and New Zealand distributor for Arlington, Virginia-based security firm, ThreatConnect.
Link: https://www.cso.com.au/mediareleases/31409/cyber-security-specialist-emt-distribution-takes/



https://www.helpnetsecurity.com/favicon.ico BigID is this year’s most innovative startup at RSA Conference
Based in New York and Tel Aviv, BigID uses advanced machine learning and identity intelligence to help enterprises better protect their customer and employee data at petabyte scale.
Using BigID, enterprises can better safeguard and assure the privacy of their most sensitive data, reducing breach risk and enabling compliance with emerging data protection regulations like the EU GDPR.
Using data supplied by Crunchbase, RSAC calculates that in the past five years alone, the contest’s top 10 finalists have collectively seen 15 acquisitions and have received more than $1.25 billion in investments.
Past winners include successful security veterans Phantom, Waratek, Red Owl Analytics and UnifyID.
Link: https://www.helpnetsecurity.com/2018/04/17/bigid-is-this-years-most-innovative-startup-at-rsa-conference/



https://www.businesswire.com/favicon.ico RedLock Enhances Visibility, Compliance Assurance, and Threat Detection Capabilities With Microsoft Azure
SAN FRANCISCO—(BUSINESS WIRE)—RSA Conference – RedLock, an industry leader in Cloud Threat Defense, today announced enhanced capabilities to help Microsoft Azure customers identify security and compliance risks in their cloud environments.
RedLock’s recent integration with Azure Network Watcher provides a richer understanding of network traffic patterns and is another valuable data source for the RedLock Cloud 360™ platform.
Azure Network Watcher is a network monitoring and diagnostic service that collects Network Security Group (NSG) Flow Logs.
The integration enables customers to monitor virtual machines, network security and security group views, as well as topologically visualize their network traffic in their Azure environment to detect advanced threats such as cryptojacking, lateral movement, and data exfiltration.
RedLock serves the needs of enterprises seeking to ensure compliance, govern security, and enable security operations across Azure environments.
Link: https://www.businesswire.com/news/home/20180417005504/en/RedLock-Enhances-Visibility-Compliance-Assurance-Threat-Detection