Table of Contents
- Teramind Prevents Insider Threats Combining New Data Loss Prevention Features with User Behavior Analytics & Forensic Insights
- Symantec Analytics Enables Customers to Uncover the Most Dangerous Cyber Attacks
- 1Cisco Fights Malware, Email Intrusions with New Services
- Cybersecurity Companies Demo Support for STIX and TAXII Standards for Automated Threat Intelligence Sharing at RSA 2018
- Could FireEye Be a Millionaire Maker Stock?
- Intel is offloading virus scanning to its GPUs to improve performance and battery life
- Microsoft unveils new security tools for Internet of Things, edge devices
- CrowdStrike Falcon X takes aim at incident response
- Latest Release of Unisys Stealth® Security Software Extends Microsegmentation Protection for Data Centers, Clouds and Mobile Devices to Include Medical and Internet of Things Devices
- Gemalto to protect 5G networks from cyber-attacks with Intel Software Guard Extensions
- Mimecast Offers Cyber Resilience for Email with New Detection, Remediation and Threat Intelligence Capabilities
- Fortinet Receives Recommended Rating in NSS Labs Latest Advanced Endpoint Protection Test Report
- The cloud has caused ‘pretty negative byproducts’ – Cisco
- ‘Local option’ ESET on hunt for 700 partners
- Centrify Offers Free Security Software, Services to Election Boards
- ZeroFOX Names Industry Thought Leader Dr. Sam Small as Chief Security Officer
- Microsoft brings its antivirus protection to Google’s Chrome browser
- CounterSnipe Systems releases its most powerful Version of IDS/IPS Software
- Cisco nudges partners towards intellectual property with $100,000 prize
- 8 Security Products That Made News at RSA Conference 2018
- Keeper Security forms vulnerability disclosure program with Bugcrowd
- Cybersecurity Market Advancement In Technology 2018 to 2025
- ForeScout Stock: Chart Pointing to a Big Breakout 1
- Microsoft Floods RSA Conference with Security Announcements
- Cofense moves to a 100% channel sales model
- Securonix Unveils Strategic Alliance to Combat Cyberattacks in the Cloud
- In preparation for the GDPR, CoSoSys launches Endpoint Protector 5.1
- Infrastructure-agnostic web app protection with virtual patching option
- Intel announced the new Threat Detection Technology and Security Essentials
- Grant Thornton and Anomali Partner for Threat Intelligence Solutions
- Anomali partners with Visa to offer global payment breach intelligence
- BluVector and SS8 Deliver the First Product Suite for Advanced Threat Detection and Network Visibility Across the Entire Kill Chain
- Citrix Analytics Service Proactively Addresses Security Threats
- Saviynt Announces $40 Million Series A Funding Round with Carrick Capital Partners
- Cyber Security Specialist emt Distribution Takes on ThreatConnect Threat Intelligence Platform in Australia and New Zealand
- BigID is this year’s most innovative startup at RSA Conference
- RedLock Enhances Visibility, Compliance Assurance, and Threat Detection Capabilities With Microsoft Azure
Teramind Prevents Insider Threats Combining New Data Loss Prevention Features with User Behavior Analytics & Forensic Insights
Teramind Inc. (RSA booth #5110), a provider of insider threat solutions, today announced a new approach to data loss prevention that will continue to help organizations from healthcare to banking, legal, energy and customer service teams and more address their internal cyber security and data breach vulnerabilities.
Teramind brings organizations the latest in preventional security software after another year of global data breaches.
The new software features a comprehensive platform that combines technology supporting traditional data loss prevention (DLP) software capabilities coupled with behavioral data analytics.
This unique approach brings forth the next generation of forensic insight to keep companies’ data safe.
Teramind provides a user-centric security approach to monitor employee behavior, with software that streamlines employee data collection in order to identify suspicious activity, detect possible threats, monitor employee efficiency, and ensure industry compliance.
Teramind’s new file anti-exfiltration analysis combined with the software’s traditional DLP software capabilities and behavioral data analytics brings forth a stronger layer of protection against data breaches.
File anti-exfiltration analysis targets and tags sensitive file repositories as well as sensitive content.
Link: https://www.sfgate.com/business/press-releases/article/Teramind-Prevents-Insider-Threats-Combining-New-12836775.php
Symantec Analytics Enables Customers to Uncover the Most Dangerous Cyber Attacks
Symantec (Nasdaq: SYMC), the world’s leading cyber security company, announced today that the powerful threat detection technology used by its own world-class research teams to uncover some of the most notable cyber-attacks in history are now available to its Advanced Threat Protection (ATP) customers.
The Symantec Targeted Attack Analytics (TAA) technology enables ATP customers to leverage advanced machine learning to automate the discovery of targeted attacks – the most dangerous intrusions in corporate networks.
TAA is the result of an internal joint-effort between Symantec’s Attack Investigation Team, responsible for uncovering Stuxnet, Regin, Lazarus as well as links to SWIFT and WannaCry attacks among others, and a team of Symantec’s top security data scientists on the leading edge of machine learning research.
Unlike traditional solutions, TAA takes the process, knowledge and capabilities of the world’s leading security experts and turns it into artificial intelligence, providing companies with elite “virtual analysts,” to allow security experts to devote their limited time and resources to the most critical attacks, instead of spending time sifting through false positives.
The TAA technology implements machine learning to analyze a broad range of data, including system and network telemetry from Symantec’s global customer base which forms one of the largest threat data lakes in the world.
Symantec’s cloud-based approach to this technology also enables the frequent re-training and updating of analytics to adapt to new attack methods without the need for product updates.
This new approach provides ATP customers with automated targeted threat detection, identifying sophisticated attacks where other solutions may fail.
TAA is now available as part of Symantec’s Integrated Cyber Defense Platform for Symantec Advanced Threat Protection (ATP) customers.
Link: https://www.albawaba.com/business/pr/symantec-targeted-attack-analytics-enables-customers-uncover-most-sophisticated-and-dang
1Cisco Fights Malware, Email Intrusions with New Services
Lynn Haber
Cisco on Monday announced upgrades to its Advanced Malware Protection (AMP) for Endpoints, new investments in email security, and an expanded security partnership with ConnectWise.
The enhancements to AMP for Endpoints security, called Cisco Visibility, are designed to stop malware, eliminate blind spots and discover unknown threats.
The new Cisco Visibility shows the extent of a compromise that spans the endpoint, the network and the cloud.
Cisco also made new investments in two email security services: Cisco Domain Protection and Cisco Advanced Phishing Protection.
Cisco Domain Protection automates the manual process of analyzing, updating and taking action against senders misusing their domain to send malicious email.
Cisco Advanced Phishing Protection adds machine-learning capabilities to Cisco Email Security to evaluate the risk associated with inbound email by assessing its threat posture.
The Cisco cloud-based service, which provides multi-tenant management, monitoring and billing, is in pilot but expected to be generally available soon.
Building on its initial ConnectWise partnership, the networking giant announced new enhancements to ConnectWise Unite with Cisco, including several new Cisco security integrations and the ConnectWise Advanced Security Dashboard for MSPs.
The new Cisco security integrations with ConnectWise include Advanced Malware Protection for Endpoints, Adaptive Security Appliance and Next Generation Firewall.
The ConnectWise Advanced Security Dashboard for MSPs integrates with the ConnectWise Manage business management solution.
It features global policy management, security event correlation, and security reporting — or what Cisco calls the building blocks to monitor advanced managed security services around Cisco’s portfolio of Meraki MX firewalls, Umbrella, Stealthwatch Cloud, Adaptive Security Appliances, Next Generation Firewall and AMP for Endpoints.
It’s being introduced as a pilot with select partners in May.
Link: https://www.channelpartnersonline.com/2018/04/16/cisco-fights-malware-email-intrusions-with-new-services/
Cybersecurity Companies Demo Support for STIX and TAXII Standards for Automated Threat Intelligence Sharing at RSA 2018
Products from Anomali, EclecticIQ, Fujitsu, Hitachi, IBM Security, New Context, NC4, ThreatQuotient, and TruSTAR are demonstrating how STIX and TAXII are being used to prevent and defend against cyberattack by enabling threat intelligence to be analyzed and shared among trusted partners and communities.
In addition to seeing the demos, RSA attendees are learning more about how the major new version of STIX and TAXII making it much easier to automate cyber threat intelligence sharing.
Link: https://software.einnews.com/pr_news/441548758/cybersecurity-companies-demo-support-for-stix-and-taxii-standards-for-automated-threat-intelligence-sharing-at-rsa-2018?n=2&code=UK5CzDEXUdFuR8be
Could FireEye Be a Millionaire Maker Stock?
Nicholas Rossolillo
Shares of cybersecurity company FireEye (NASDAQ:FEYE) have struggled since going public back in 2013.
The stock has been cut in half from its debut price in spite of the fact that its revenue has doubled several times during that same period.
It looks like a great growth story waiting to happen, but there are a few factors cautious investors should weigh first.
The cybersecurity industry is growing, but FireEye’s product is viewed as more of an add-on to a company’s existing threat-detection system rather than a comprehensive plan.
As a result, some of its larger peers like Palo Alto Networks (NYSE:PANW), Juniper Networks (NYSE:JNPR), and tech giant Cisco (NASDAQ:CSCO) have fared much better the last few years.
In response to its slowdown, FireEye has begun offering additional services and features to create a more well-rounded menu for its customers.
The good news is that revenue growth accelerated to 10% year over year in the last reported quarter.
Management thinks that 2018 sales will be $815 million to $825 million, at least a 10% annual increase.
That pales in comparison to growth a few years back, but it’s nevertheless an improvement over the last 12 months, if those numbers transpire as forecast.
Expenses on R&D and marketing are being trimmed, too, bringing profitability a little closer.
Losses in 2017 were $1.71 per share compared with $2.94 the year prior.
Management again struck an upbeat tone for 2018 as it expects losses to continue decreasing.
Though cybersecurity is in high demand and likely to stay that way for some time, FireEye’s current growth trajectory is underwhelming and lagging behind the competition.
Link: https://www.fool.com/investing/2018/04/16/could-fireeye-be-a-millionaire-maker-stock.aspx?source=iedfolrf0000001
Intel is offloading virus scanning to its GPUs to improve performance and battery life
Tom Warren
Intel is planning to allow virus scanners to use its integrated graphics chipsets to scan for malicious attacks.
The change could see performance and battery life improve on some systems. “With Accelerated Memory Scanning, the scanning is handled by Intel’s integrated graphics processor, enabling more scanning, while reducing the impact on performance and power consumption,” explains Rick Echevarria, Intel’s platform security division VP. “Early benchmarking on Intel test systems show CPU utilization dropped from 20 percent to as little as 2 percent.”
Intel’s Threat Detection Technology will be available on 6th, 7th, and 8th generation Intel processors, allowing a variety of machines to take advantage of moving some virus scanning activity to the GPU instead of the CPU.
Virus scanners currently use the CPU to detect against memory-based attacks, but a machine takes a performance hit as a result.
Intel hopes by moving this way from the CPU that performance and power consumption will improve, as typical machines do not fully utilize onboard graphics cards most of the time.
“”
Intel is partnering with Microsoft to support this initially, with the change coming to Windows Defender Advanced Threat Protection (ATP) this month.
Intel is also working with other antivirus vendors so others can take advantage of this silicon-level change.
Link: https://www.theverge.com/2018/4/16/17244996/intel-virus-scanning-integrated-gpus-memory
Microsoft unveils new security tools for Internet of Things, edge devices
The company introduced “Azure Sphere”, the industry’s first holistic platform to create secured, connected microcontroller unit (MCU) devices on the “intelligent edge”.
The company also unveiled several new intelligent security features for its Microsoft 365 commercial Cloud offering — designed to help IT and security professionals simplify how they manage security across their enterprises.
Link: https://www.financialexpress.com/industry/technology/microsoft-unveils-new-security-tools-for-internet-of-things-edge-devices/1135678/
CrowdStrike Falcon X takes aim at incident response
Rob Wright
At RSA Conference 2018 on Monday, the cybersecurity vendor launched CrowdStrike Falcon X, a new offering that automates threat analysis in order to quicken enterprise responses to cyberattacks.
CrowdStrike — which is appearing in several sessions at RSA Conference on new exploits, adversaries and response techniques this week — has become one of the more visible cybersecurity vendors in the industry following its investigative work on the Democratic National Committee’s 2016 data breach.
Now, the company is broadening its reach with new initiatives around incident response.
With Falcon X, Alperovitch said the process takes about three minutes.
When malware is detected on an endpoint, CrowdStrike Falcon X automatically “detonates” the sample and then runs it through CrowdStrike’s malware search engine to compare it against other samples.
In addition to CrowdStrike Falcon X, the company also introduced a new product geared toward small and medium-sized businesses.
Dubbed CrowdStrike Falcon Endpoint Protection Complete, the product includes the endpoint security module of the Falcon platform, as well as dedicated security professionals to assist customers with incident response.
Link: https://searchsecurity.techtarget.com/news/252439123/CrowdStrike-Falcon-X-takes-aim-at-incident-response
Latest Release of Unisys Stealth® Security Software Extends Microsegmentation Protection for Data Centers, Clouds and Mobile Devices to Include Medical and Internet of Things Devices
BLUE BELL, Pa., April 17, 2018 /PRNewswire/ — Unisys Corporation (NYSE: UIS) today announced a new version of its award-winning Unisys Stealth® security software suite, including upgrades to extend protection to purpose-built Internet of Things (IoT) devices and other connected equipment such as medical monitoring machines, baggage scanners, industrial control systems and surveillance cameras.
The new release of Stealth™ microsegmentation software now protects IoT devices, isolating them from untrusted network segments within a Stealth-protected network to help prevent intrusion and remote tampering on the devices while protecting the corporate network from potential compromises initiated from unsecured devices.
By joining a Stealth-defined secure Community of Interest, high-value devices are shielded from unauthorized access, reducing the attack surface.
This new capability can be delivered as a virtual or physical gateway to protect devices where Stealth cannot be installed and with no hardware or software changes required to the purpose-built devices.
Link: https://www.pharmiweb.com/pressreleases/pressrel.asp?ROW_ID=273792
Gemalto to protect 5G networks from cyber-attacks with Intel Software Guard Extensions
Gemalto launched a platform that stops cyber-attacks from affecting cloud-based virtualised networks being planned and deployed with Intel technology.
This new initiative combines the Intel Software Guard Extensions (Intel SGX) trusted ‘enclave’, deployed in the company’s cloud server CPUs, with Gemalto’s advanced SafeNet Data Protection On Demand security software services to create a processor-level security platform for virtualised networks.
Link: https://www.telecompaper.com/news/gemalto-to-protect-5g-networks-from-cyber-attacks-with-intel-software-guard-extensions–1240500
Mimecast Offers Cyber Resilience for Email with New Detection, Remediation and Threat Intelligence Capabilities
Nasdaq Global Newswire
SAN FRANCISCO, April 17, 2018 (GLOBE NEWSWIRE) — Mimecast Limited (NASDAQ:MIME), a leading email and data security company, today announced enhancements to its Targeted Threat Protection services – Impersonation Protect, URL Protect, and Internal Email Protect – engineered to combat and remediate the evolving threat landscape.
New features include supply chain impersonation protection, similar domain detection, the integration of new automated intelligence feeds, as well as the introduction of automated threat remediation capabilities.
New research from Mimecast and Vanson Bourne revealed that organizations are not only facing a variety of different threats, but the volume and frequency of these attacks continue their upward trajectory.
In fact, 53 percent expect a negative business impact from these email-borne threats in 2018.
Impersonation attacks commonly use social engineering, and are designed to trick users such as finance managers, executive assistants, and HR representatives into making wire transfers or providing information which can be monetized by cybercriminals.
Lookalike domains are also increasingly becoming a problem, as recently publicized in top media outlets, like KrebsonSecurity.
New real-time data feeds have also been added to Impersonation Protect engineered to better identify newly observed and registered domains to further enhance Mimecast’s ability to detect security threats.
Additionally, using Mimecast’s global threat intelligence network, Internal Email Protect can help customers more quickly remediate security threats that originate from any email account inside or outside the organization.
Available in June 2018
Link: https://software.einnews.com/pr_news/442535502/mimecast-offers-cyber-resilience-for-email-with-new-detection-remediation-and-threat-intelligence-capabilities?n=2&code=oFvCCJC2r-jYysMo
Fortinet Receives Recommended Rating in NSS Labs Latest Advanced Endpoint Protection Test Report
Nasdaq Global Newswire
FortiClient has received NSS Labs’ coveted ‘Recommended’ rating since this test’s inception in 2017, this year with an overall security effectiveness rating of 97.3%.
• Several Fortinet Fabric-Ready technology alliance partners are also among the “Recommended” vendors in this report, including Carbon Black and SentinelOne.
These solutions are among those certified compatible with FortiClient Fabric Agent to provide integration and intelligence sharing with the Security Fabric.
The broad Fortinet Fabric-Ready Partner Program ecosystem of complementary technologies enables customers to maximize their existing technology investments and get even more value from their security deployments.
AEP Test Report Highlights for FortiClient
• 100% block rate on exploits
• 100% block rate on document and script-based malware
• 100% block rate for web, 99.4% for email, and 100% for offline threats
• 97.2% detection rate for evasions
• 97.3% overall security effectiveness rating
• Zero false positives
Link: https://software.einnews.com/pr_news/442541712/fortinet-receives-recommended-rating-in-nss-labs-latest-advanced-endpoint-protection-test-report?n=2&code=oFvCCJC2r-jYysMo
The cloud has caused ‘pretty negative byproducts’ – Cisco
Tom Wright
Cisco has called on partners to help customers address the “negative byproducts” of moving to the cloud by adopting its multi-cloud approach.
Speaking at Cisco’s Partner Connection Week in the Bahamas, Cisco VP of growth initiative Ruba Borno said that customers have been caught off guard by the challenges of moving to the cloud.
Borno told partners that currently four in five Cisco customers use more than one cloud, but need more assistance when it comes to managing these infrastructures.
But Cisco says that the cloud – and new technologies such as artificial intelligence and machine learning – require partners to position themselves differently in the market.
Wendy Bahr, senior vice president of Cisco’s Global Partner Organisation, said partners should specifically be adapting to target three key areas.
“I would suggest the three biggest opportunities we have are core networking, security and multi-cloud.
When you couple in the life-cycle value and that services revenue, these are the three big tickets.”
Link: https://www.channelweb.co.uk/crn-uk/news/3030393/the-cloud-isnt-as-simple-as-we-thought-it-would-be-cisco
‘Local option’ ESET on hunt for 700 partners
Marian Mchugh
End-point security vendor ESET says it can provide UK resellers with a “local” alternative to its competitors as it hunts for 700 new partners.
The Slovakia-based outfit has launched a partner recruitment push in this country after moving to a two-tier channel model last year.
Last year, ESET took on its first two UK distributors in the shape of Exertis and Distology.
The recruitment push and distributor appointments are part of ESET’s plan to enter the competitive enterprise market, and to do that the company wants to recruit a wider range of resellers.
Link: https://www.channelweb.co.uk/crn-uk/news/3030435/local-option-eset-on-hunt-for-700-partners?utm_medium=email&utm_content=&utm_campaign=CRN.Daily_RL.EU.A.U&utm_source=CRN.DCM.Editors_Updates&utm_term=&
Centrify Offers Free Security Software, Services to Election Boards
Chris Preimesberger
Centrify, a proponent of a relatively new approach to enterprise security called Zero Trust, on April 16 at the RSA Security Conference revealed the industry’s first IT campaign to Secure the Vote for the 2018 elections.
The initiative involves the free distribution of Centrify software to election boards that includes multi-factor authentication and validation of device access for voters in their jurisdictions.
Centrify’s package is called Identity-as-a-Service and Privileged Access Management leadership Effective April 16, the company is providing its access solutions to eligible election boards at no cost for the first eight months of a 12-month (or more) SaaS subscription, representing a 66 percent discount on MSRP.
Centrify is also offering a 10 percent discount to new election board customers to take advantage of its Jump Start professional services program to ensure a smooth deployment of Centrify Zero Trust Security.
Link: http://www.eweek.com/security/centrify-offers-free-security-software-services-to-election-boards
ZeroFOX Names Industry Thought Leader Dr. Sam Small as Chief Security Officer
BALTIMORE–(BUSINESS WIRE)–Apr 18, 2018–ZeroFOX, the social media security category leader, today announced the hiring of Dr.
Sam Small as Chief Security Officer (CSO).
In his new role, Dr.
Small will work with ZeroFOX’s rapidly-growing enterprise customer portfolio to develop, execute and maintain strategies that address the security threats intertwined with social media platforms.
This strategic hire comes on the heels of several other important company milestones, including major organizational wins such as The National Hockey League Players’ Association (NHLPA).
Additionally, ZeroFOX recently hired Todd Laughman as Head of U.S.
Sales and Brian Cyr as the company’s first General Counsel earlier this year.
As one of the country’s foremost experts on intellectual property (IP), Dr.
Small will continue to invest, build upon and protect ZeroFOX’s proprietary platform and continued growth.
At ZeroFOX, Dr.
Small will drive ZeroFOX’s security vision both internally and externally for customers.
Dr.
Small will work directly with customers at the CXO level to deliver the company’s services and technology as well as infusing the ZeroFOX Platform with his expertise.
Finally, Dr.
Small will help oversee all ZeroFOX’s IP and internal security operations.
Link: http://www.oaoa.com/news/us_news/article_a7995813-d26a-5b7c-b37e-f8046480190b.html
Microsoft brings its antivirus protection to Google’s Chrome browser
Tom Warren
Microsoft is releasing its Windows Defender antivirus scanner for Google Chrome this week.
The software giant has released a Chrome extension, that includes a list of malicious URLs that will be blocked in Chrome.
The extension is designed to stop malware being loaded onto PCs from malicious sites, and to prevent phishing emails from being successful.
Link: https://www.theverge.com/2018/4/18/17250906/microsoft-windows-defender-google-chrome-extension
CounterSnipe S