Security News

DFLabs announces that starting from Q1/2021, its IncMan SOAR solution will be available both on-premise and as a cloud package. Both solutions offer access to the same IncMan SOAR capabilities, with DFLabs' novel IncMan SOAR SaaS Cloud solution providing extra scalability to customers and access to automation and orchestration for small and medium enterprises, as well as MSSPs.

Because many organizations already have a SIEM, it seemed reasonable for the SOAR providers to start with automating the output from the SIEM tool or security platform console. So: Security controls send alerts to a SIEM > the SIEM uses rules written by the security team to filter down the number of alerts to a much smaller number, usually 1,000,000:1 > SIEM events are sent to the SOAR, where playbooks written by the security team use workflow automation to investigate and respond to the alerts.

ThreatConnect announced that it has joined the Microsoft Intelligent Security Association and will integrate Microsoft solutions with the ThreatConnect Threat Intelligence and Security Orchestration Automation and Response Platform using the Microsoft Graph Security API. This integration allows ThreatConnect clients to connect with nearly any piece of Microsoft technology, including Azure Sentinel, O365, and Microsoft Defender ATP, using the Microsoft Graph Security API. The integration allows clients to retrieve alerts, perform data enrichment, gain relevant threat intelligence, and carry out incident response actions. The Microsoft Graph Security API is a single interface that connects to Microsoft security products.

This story is about the victims of a particularly aggressive business ID theft ring that's spent years targeting small businesses across the country and is now pivoting toward using that access for pandemic assistance loans and unemployment benefits. In 2019, Dun & Bradstreet saw more than a 100 percent increase in business identity theft.

DFLabs announces the launch of its new capabilities for OT and IoT. Thanks to its interactive nature, IncMan SOAR acts as a bridge between IT and OT SecOps, all-the-while offering its clients and partners improved means of running their security operations. Using DFLabs' Patent Pending Machine Learning to identify similar incidents and use deduplication to merge them, applying proper countermeasures.

"Swimlane has a track record of success in the SOAR market, as well as a clearly demonstrated dedication to the cybersecurity industry as a whole," said Syncurity Founder JP Bourget. "Syncurity is thrilled to join the Swimlane team, and we look forward to continuing to provide our customers with access to innovative solutions and deep domain expertise."

Not unexpectedly, enterprise VPN use has also greatly increased, and so has the use of the Remote Desktop Protocol, a popular and common means for remotely managing a computer over a network connection. The number of devices exposing RDP to the internet on standard ports has grown by 41.5 percent over the past month.

If each of your security controls is a segment of your overall security strategy, you can't have one segment be an extremely weak one. The security solutions in your environment, the intelligence sources at your disposal, the infrastructure your company utilizes is going to be constantly changing, and a lot of times those decisions are not made by the CISO. Acquisitions, mergers, and partnerships are driven by the business, which will force the security team to adapt and integrate with a whole variety of security apparatus, and you need to be leveraging a platform that supports the largest variety of integration points but also the most diverse set of use cases because what you need today is not what you'll need tomorrow.

Delta Risk, a leading provider of SOC-as-a-Service and security services, announced the integration of Microsoft Defender Advanced Threat Protection with its cloud-native Security Orchestration and Automation platform, ActiveEye. Delta Risk provides Managed Detection and Response for both new and existing Defender ATP customers who need an experienced partner to help them quickly identify and respond to endpoint threats with a 24×7 security operations center.

With infinite security posture combinations and use cases, Swimlane's SOAR solution was built from the ground up to transform an analyst's critical day-to-day responsibilities from insurmountable to exciting and effective. "Organizations are coming to the realization that staffing up to solve for the overwhelming amount of security and intelligence data they see daily is an unsustainable path. Applying automation broadly across every security use case is the only way organizations will be able to battle technology sprawl and protect their rapidly expanding attack surface," says Cody Cornell, CEO of Swimlane and patent co-inventor.