Security News

Qualys today announced Qualys Multi-Vector EDR. Taking a new multi-vector approach to Endpoint Detection and Response, Qualys now brings the unifying power of its highly scalable cloud platform to EDR. Traditional EDR solutions singularly focus on endpoints' malicious activities to hunt and investigate cyberattacks. Multi-Vector EDR enables security teams to unify multiple context vectors like asset and software inventory, end-of-life visibility, vulnerabilities and exploits, misconfigurations, network traffic summary, MITRE ATT&CK tactics and techniques, malware, endpoint telemetry, and network reachability by leveraging the Qualys backend to correlate with threat intelligence for accurate detection, investigation and response - ALL, in a single, cloud-based app with a single lightweight agent.

Attivo Networks introduced new capabilities to its Endpoint Detection Net solution that prevent attackers from fingerprinting an endpoint to identify security weaknesses and from conducting reconnaissance. Attackers use fingerprinting to identify targets, decide which vulnerabilities to exploit, and determine how to successfully interact with them.

A 2019 study found that most companies allow mobile devices to access between 1/3 and 3/4 of their most business-critical information. Cybercriminals know that mobile devices are less secure, so it's no surprise that last year Verizon found that 4 in 10 companies were breached through a mobile device.

There's a massive amount of complexity plaguing today's enterprise endpoint environments. The number of agents piling up on enterprise endpoint devices - up on average - is hindering IT and security's ability to maintain foundational security hygiene practices, such as patching critical vulnerabilities, which may actually weaken endpoint security defenses, Absolute reveals.

If a compromise is not contained within the endpoint, it can rapidly spread to other endpoints and across the network. Segmentation firm Illumio is closing this gap with the release of Illumio Edge - segmentation for the endpoint.

Absolute announced new platform capabilities enabling customers to strengthen sensitive data and endpoint device protections in remote or hybrid work environments. Enhancements allow IT and Security teams to gain a richer understanding of their endpoint device environments; more quickly and effectively assess data or device risk; and take swift action to freeze or erase data on dark endpoints, even without physical device access.

Various factors such as growing e-commerce industry, increasing number of IoT devices, emergence of disruptive digital technologies across the industry verticals, and increasing demand for endpoint security are expected to boost the demand for endpoint security solutions and services across the globe. In order to protect endpoint devices and information from security breaches and cyber -attacks, the implementation of endpoint security solutions is increasing across various business verticals, which is ultimately driving the growth of endpoint security.

Today, Siemens and industrial AI-firm, SparkCognition, announced a new cybersecurity solution for industrial control system endpoints. According to a joint study conducted by the Ponemon Institute and Siemens that surveyed global energy industry executives, 67% of respondents said industrial control systems are more at risk today from cyberattack than ever before.

These centred on the apparent difficulty in provisioning Intel AMT to endpoint devices and the management of some use cases such as remote wake-up and remote KVM. Such difficulties might easily arise when attempting to activate Intel AMT on new machines that may have been delivered to remote branch offices with no IT staff on-site, for example, or to workers that are connecting to the corporate network from outside the firewall. To address these issues, Intel has extended the Intel vPro® platform with a new software service known as Intel® Endpoint Management Assistant, which builds on and modernises the capabilities of Intel® AMT. Intel® EMA has been designed as a cloud-based point of control for managing endpoint devices wherever they may be, inside and outside the corporate firewall.

Qualys has added malware detection to its cloud-based Remote Endpoint Protection offer, which is free for 60 days. Powered by the Qualys Platform and Cloud Agent, malware detection in Remote Endpoint Protection uses file reputation and threat classification to detect known malicious files on endpoints, servers, and cloud workloads.