Security News

Code42, the leader in insider threat detection, investigation and response, announced it has advanced its cloud data security solution with the second in a series of new capabilities designed to help companies defend against the rising tide of insider threats. The newest enhancements equip security teams to closely monitor, detect and investigate data threats caused by high-risk employees.

In a RSA 2020 simulation, the Red Team compromised email accounts, created deepfake videos and spread disinformation on Election Day in Adversaria. At RSA 2020, Cybereason assembled a group of journalists and other conference attendees to be the Red Team, in charge of creating just enough chaos to cause residents of the fictional city Adversaria to doubt the results of the election.

Organizations around the world are observing this Shadow IoT phenomenon, where employees are bringing unauthorized devices into the enterprise. Key findings Unauthorized IoT devices on the rise: The top unauthorized IoT devices include digital home assistants, TV set-top boxes, IP cameras, smart home devices, smart TVs, smart watches, and even automotive multimedia systems.

Elastic released its integrated security offering, Elastic Security 7.6.0, which builds on the strengths of Elastic Endpoint Security and Elastic SIEM to deliver unparalleled visibility and threat protection through a unified interface. With Elasticsearch at its core, Elastic Security reduces security investigations from days to minutes with near-real-time security monitoring and incident response capabilities.

Eliminate guesswork and get in-depth insights and practical recommendations for navigating the ever-changing cybercrime landscape. This data-laden, incident-rich report delivers insider information on the players, their motivations, tactics and targets so you can make informed security strategy decisions.

Building on a decade of significant investment in innovation, partnerships, acquisitions, customer research and open- source standards, Cisco is now offering customers the broadest, most integrated cloud-native security platform in the industry, Cisco SecureX. Cisco SecureX provides a comprehensive user experience across the breadth of Cisco's integrated security portfolio and customers' existing security infrastructure. Cisco SecureX unifies visibility, identifies unknown threats, and automates workflows to strengthen customers' security across network, endpoint, cloud, and applications.

The new AI/ML behavior analytics for guided proactive hunting of unknown threats, enriched with MITRE ATT&CK Framework tactics and techniques as well as risk scoring, pre-built playbooks and case management capabilities reduce detection and response times by 67%. Gurucul provides prebuilt threat libraries that include models, queries, data features and playbooks to support a wide-range of threat hunting uses cases like insider threat detection, data exfiltration, phishing, endpoint forensics, malicious processes, ransomware detection and network threat analytics, as well as cyberthreat, human centric and entity related threat scenarios. These prepacked libraries help analysts prioritize base activities and focus on the proactive investigation of new and unknown threat patterns using contextual data.

BlueVoyant, a global analytics-driven cybersecurity firm, announced the availability of its Managed Detection and Response Service for Microsoft Defender Advanced Threat Protection, a unified next-generation anti-virus and endpoint detection and response platform. "The addition of Microsoft Defender Advanced Threat Protection to BlueVoyant's 100% cloud-based technology portfolio furthers BlueVoyant's goal of bringing best-of-breed technologies and services to companies of all sizes," said Jim Rosenthal, CEO of BlueVoyant.

"We are seeing increasingly complex threat techniques being used across cloud applications, spanning from cloud phishing and malware delivery, to cloud command and control and ultimately cloud data exfiltration," said Ray Canzanese, Threat Research Director at Netskope. "Our research shows the sophistication and scale of the cloud enabled kill chain increasing, requiring security defenses that understand thousands of cloud apps to keep pace with attackers and block cloud threats. For these reasons, any enterprise using the cloud needs to modernize and extend their security architectures."

Cyware Labs, provider of advanced cyber fusion solutions, announced the release of version 2.0 of the company's product suite. To keep up with the increasing volume of sophisticated threats, security teams must be able to move faster and with more accuracy while achieving greater visibility into their environment and threat landscape.